CN111050322B - GBA-based client registration and key sharing method, device and system - Google Patents
GBA-based client registration and key sharing method, device and system Download PDFInfo
- Publication number
- CN111050322B CN111050322B CN201910775078.3A CN201910775078A CN111050322B CN 111050322 B CN111050322 B CN 111050322B CN 201910775078 A CN201910775078 A CN 201910775078A CN 111050322 B CN111050322 B CN 111050322B
- Authority
- CN
- China
- Prior art keywords
- key
- user
- naf
- service server
- user terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/041—Key generation or derivation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/03—Protecting confidentiality, e.g. by encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/043—Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
- H04W12/0431—Key distribution or pre-distribution; Key agreement
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W60/00—Affiliation to network, e.g. registration; Terminating affiliation with the network, e.g. de-registration
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a GBA-based client registration and key sharing method, a GBA-based client registration and key sharing device and a GBA-based client registration and key sharing system, wherein the GBA-based client registration and key sharing method comprises the following steps: the user terminal running the third party application client performs security authentication with the guiding service server BSF based on the B-TID and the generated master key acquired in the GBA initialization process; after the security authentication is successful, the bootstrapping service server BSF provides secure registration information and services for the third party application client, and further generates a third party user identifier or/and a user token or/and an application key for the third party application client. The invention solves the problem that the third party application server imitates malicious request to consume the calculation and storage resources of the service server BSF and other third party application servers, and further solves the problem that the third party application client can calculate the application keys of other third party application clients on the same user terminal.
Description
[ field of technology ]
The present invention relates to the field of communications technologies and the field of internet technologies, and in particular, to a method, an apparatus, and a system for client registration and key sharing based on a generic bootstrapping architecture (Generic Bootstrapping Architecture, GBA).
[ background Art ]
The 3GPP specification TS 33.220 defines a generic security authentication mechanism-generic bootstrapping architecture (Generic Bootstrapping Architecture, GBA) for mobile networks, which is part of the generic authentication architecture (Generic Authentication Architecture, GAA).
GBA provides a generic mechanism for establishing application keys between a User Equipment (UE) and a network application server (network application function, NAF) based on an authentication and key agreement mechanism (authentication and key agreement, AKA).
The GBA architecture is mainly divided into two processes, GBA initialization and application key agreement:
the first process is GBA initialization process (GBA Bootstrapping): key negotiations between the UE and the bootstrapping service server (bootstrapping server function, BSF), BSF and the home subscriber server (home subscriber server, HSS)/home location register (home location register, HLR) are based on AKA mechanisms, and eventually the UE and BSF negotiate a GBA master key Ks and generate a bootstrapping transaction identity (bootstrapping transaction identifier, B-TID), and both master keys Ks and B-TID are stored on the UE and BSF, respectively.
The second procedure is an application key agreement procedure (Bootstrapping Usage Procedure): the UE negotiates an application key with the NAF, and the NAF acquires the application key and user information from the BSF according to an application key negotiation request sent by the UE, and then uses the application key to perform operations such as authentication, message encryption and the like between the UE and the NAF. More specifically, referring to fig. 7, the application key negotiation process includes the steps of:
And 1, the UE sends an application connection request to the NAF through a Ua interface, the request message carries the B-TID, and meanwhile, the UE generates an application key Ks_ (ext/int) _NAF by adopting the following formula. Before this step, a TLS link may be established in advance to ensure the communication security of the Ua interface.
Calculation formula in "gba_me" mode:
Ks_NAF=KDF(Ks,"gba-me",RAND,IMPI,NAF_Id)
alternatively, the calculation formula in "gba_u" mode:
Ks_ext_NAF=KDF(Ks,"gba-me",RAND,IMPI,NAF_Id)
Ks_int_NAF=KDF(Ks,"gba-u",RAND,IMPI,NAF_Id)
where Ks is a master key Ks generated during GBA initialization, "GBA-me" and "GBA-u" are fixed strings, RAND is a random number generated during GBA initialization, IMPI is an IP multimedia private identity (IP Multimedia Private Identity), naf_id is an identity of NAF, and KDF is an abbreviation for key derivation algorithm (also called key derivation function).
The naf_id is concatenated by the FQDN (Fully Qualified Domain Name ) of the NAF to be accessed and the protocol identification (UaID) on the Ua interface, the concatenation method can be expressed as: naf_id=fqdn||uaid.
After receiving the application connection request of the UE, the NAF sends an authentication request message to the BSF, wherein the authentication request message carries the B-TID and the naf_id.
3. Since the B-TID is already stored on the BSF after the first process (i.e., GBA initialization process) is completed, and IMPI, master key Ks, ks key validity period, GBA initialization time, GBA user security setting information (GUSS, GBA User Security Settings) and the like corresponding to the B-TID are stored.
After the BSF receives the authentication request of the NAF, the BSF verifies the identity of the sender according to the FQDN in the naf_id and looks up the corresponding master key Ks according to the B-TID.
If the BSF does not find the corresponding master key Ks or the Ks has expired, the BSF returns an authentication failure response message to the NAF and asks the UE to reinitiate the GBA initialization procedure.
If the corresponding master key Ks is found and the corresponding master key Ks is in the validity period, the BSF calculates an application key Ks_ (ext/int) _NAF by using the same application key calculation formula as the UE, then returns an authentication success response message to the NAF server, and sends Ks_ (ext/int) _NAF, ks_ (ext/int) _NAF validity period, GBA initialization time, corresponding user security setting information (user security settings, USS) and the like to the NAF in the authentication success response message according to the preset settings.
After NAF stores Ks_ (ext/int) _ NAF and Ks_ (ext/int) _ NAF validity period information, an authentication success response message is returned to UE, so that an application key Ks_ (ext/int) _ NAF is established between the UE and NAF and can be used for subsequent authentication, message encryption and other operations.
The GBA architecture has been applied to IMS services such as multimedia broadcast multicast services (multimedia broadcast/multicast service, MBMS), secure user plane location (secure user plane location, SUPL) and the like.
Along with the intellectualization of the user terminal (such as a mobile smart phone) and the wide use in the internet technical field, a large number of third party application clients are installed on the user terminal by the user, and in the use process of the third party application clients, the identity authentication of the user is usually required, and a shared secret key is negotiated with a corresponding third party application server so as to meet the requirements of data encryption and the like. If the GBA architecture can be applied in this field, the security and the user experience are greatly improved, however, the second process of the GBA architecture, namely the application key negotiation process, cannot meet the requirements in this respect, and the third party application server is illustrated as being equivalent to NAF, which has the following technical drawbacks:
defect one: since the third party application server is provided by a different third party application server, and since nafjd is a parameter that is easier to obtain by the public route or by the software in reverse. The third party application server generates an application connection request according to the B-TID and NAF_Id of other third party application servers by collecting the B-TID carried in the application connection request of the third party application client, so that the application connection can be initiated to the other third party application servers by the other third party application client in a imitated mode, the BSF can be enabled to perform unnecessary application key Ks_ (ext/int) _NAF generation calculation, and the other third party application servers can be enabled to store the unnecessary application key Ks_ (ext/int) _NAF, so that calculation and storage resources of the BSF and the other third party application servers can be consumed. Since each third party application server can collect B-TIDs, the more B-TIDs that are collected, the greater the potential hazard to other third party application servers.
Defect two: since a large number of third party application clients are installed on the user terminal and are provided by different third party application servers, but the calculation method of the application key Ks_ (ext/int) _NAF in the existing mechanism of GBA is that 'GBA-me', 'GBA-u' are fixed character string parameters, IMPI are all same fixed parameters in the same user terminal, ks and RAND are parameters which are all the same in the validity period of Ks, NAF_Id is a parameter which is easier to obtain through a public way or software reversely, so that the third party application client on the same user terminal can calculate the application key Ks_ (ext/int) _NAF of other third party application clients more easily, thereby impersonating the access of other third party application clients.
[ invention ]
The invention mainly aims to provide a GBA-based client registration and key sharing method, device and system, and aims to provide a safe registration method, device and system for a third party application client running in a user terminal, solve the problem that a third party application server imitates malicious requests to consume computing and storage resources of a guiding service server BSF and other third party application servers, further solve the problem that the third party application client can calculate application keys of other third party application clients on the same user terminal more easily, and enable GBA architecture to be applied to the technical field of Internet more safely and effectively.
In order to achieve the above purpose, the present invention provides the following technical solutions:
in a first aspect, a GBA-based client registration and key sharing method is provided, applied to a user terminal running a third party application client, and the method includes:
performing GBA initialization process, obtaining B-TID and generating a first master key Ks;
encrypting first authentication information based on the first master key Ks to generate a first encryption value, wherein the first authentication information is the same as a second authentication information generated by a boot service server BSF;
transmitting the B-TID and the first encryption value to the bootstrapping service server BSF;
registration information and services provided by the bootstrapping service server BSF are received, the registration information and services being provided after the bootstrapping service server BSF verifies that the first cryptographic value is valid.
Preferably, the user terminal is connected to the bootstrap service server BSF through a data network.
Preferably, the data network comprises the internet or the mobile internet.
Preferably, the user terminal accesses the mobile internet through a mobile data connection, a WiFi connection or/and a WLAN connection.
Preferably, the movement data includes 3G movement data, 4G movement data, 5G movement data, or 6G movement data.
Preferably, the encrypting the first authentication information based on the first master key Ks to generate a first encrypted value includes:
generating a first authentication key based on the first master key Ks, wherein the generation mode of the first authentication key is consistent with the generation mode of the second authentication key generated by the guiding service server BSF, so that the value of the first authentication key is the same as the value of the second authentication key generated by the guiding service server BSF;
generating the first verification information, wherein the generation mode of the first verification information is consistent with the generation mode of the second verification information generated by the guiding service server BSF, so that the value of the first verification information is the same as the value of the second verification information generated by the guiding service server BSF;
encrypting the first authentication information based on the first authentication key to generate a first encrypted value.
Preferably, the generating a first authentication key based on the first master key Ks includes:
taking the first master key Ks as the first authentication key; or alternatively, the process may be performed,
the first authentication key is generated based on information including the first master key Ks.
Preferably, the generating the first authentication key based on the information including the first master key Ks includes:
Generating a first authentication key based on information including the first master key Ks and a first fixed string or/and a first random string or/and a first timestamp or/and the B-TID or/and naf_id, the first fixed string being a string that is preconfigured and has the same value as a first fixed string preconfigured by the bootstrapping service server BSF, the first random string being a randomly generated string, the first timestamp being generated by acquiring a current system time, the naf_id being an identification of the third party application client;
and if the information for generating the first authentication key comprises the first random string or/and the first timestamp or/and the NAF_Id, transmitting the first random string or/and the first timestamp or/and the NAF_Id to the bootstrap service server BSF.
Preferably, the generating the first verification information includes:
generating the first verification information based on information including a second fixed string or/and a second random string or/and a second timestamp or/and the B-TID or/and naf_id, wherein the second fixed string is a string which is preconfigured and has the same value as a second fixed string preconfigured by the bootstrap service server BSF, the second random string is a randomly generated string, the second timestamp is generated by acquiring the current system time, and the naf_id is the identification of the third party application client;
And if the generation of the first verification information comprises the second random string or/and the second timestamp or/and the NAF_Id, transmitting the second random string or/and the second timestamp or/and the NAF_Id to the guiding service server BSF.
Preferably, the generating the first authentication information based on the information including the second fixed string or/and the second random string or/and the second time stamp or/and the B-TID or/and nafjd includes:
taking the second fixed character string or the second random character string or the second timestamp or one of the B-TID or the NAF_Id as the first verification information; or alternatively, the process may be performed,
taking a hash value generated by one of the second fixed character string or the second random character string or the second timestamp or the B-TID or the NAF_Id as the first verification information; or alternatively, the process may be performed,
the information comprising the second fixed character string or/and the second random character string or/and the second timestamp or/and the B-TID or/and the NAF_Id is combined and spliced to be used as the first verification information; or alternatively, the process may be performed,
and combining and splicing the information comprising the second fixed character string or/and the second random character string or/and the second timestamp or/and the B-TID or/and the NAF_Id, and then taking a hash value generated by hash calculation as the first verification information.
Preferably, the encrypting the first verification information based on the first authentication key to generate a first encrypted value includes:
generating the first encrypted value by signing and encrypting the first verification information based on the first authentication key by using a signature encryption algorithm; or alternatively, the process may be performed,
the first encrypted value is generated based on symmetric encryption of information including the first authentication information using a symmetric encryption algorithm.
Preferably, the method further comprises:
before receiving the registration information and service provided by the guiding service server BSF, transmitting NAF_Id to the guiding service server BSF, wherein NAF_Id is the identification of the third party application client;
the registration information and services are provided for the third party application client by the bootstrapping service server BSF.
Preferably, said transferring the naf_id to the bootstrapping service server BSF comprises:
transmitting a NAF_Id to the bootstrapping service server BSF in the process of transmitting the B-TID and the first encryption value to the bootstrapping service server BSF; or alternatively, the process may be performed,
after the bootstrapping service server BSF verifies that the first encryption value is valid and before the receiving of registration information and services provided by the bootstrapping service server BSF, the NAF Id is passed to the bootstrapping service server BSF.
Preferably, the receiving the registration information and services provided by the guiding service server BSF includes:
receiving a third party user identifier transmitted by the guiding service server BSF, wherein the third party user identifier is used for identifying a user identity in the third party application client; or/and the combination of the two,
generating a first application key based on the first master key Ks, wherein the generation mode of the first application key is consistent with the generation mode of the second application key generated by the boot service server BSF, and the first application key is used as an application key in the third party application client; or/and the combination of the two,
and receiving a user token transmitted by the guiding service server BSF, wherein the user token is used for the authentication and authorization of the third party application client to access the corresponding third party application server.
Preferably, the receiving the third party user identifier sent by the guiding service server BSF further includes:
generating a first user key based on the first master key Ks, wherein the generation mode of the first user key is consistent with the generation mode of the second user key generated by the guiding service server BSF, and the first user key is used as a key of the third party user identifier in the third party application client.
Preferably, the generating the first user key based on the first master key Ks includes:
generating a first user key based on information comprising the first master key Ks and a third fixed string or/and a third random string or/and a third timestamp or/and the B-TID or/and the NAF Id or/and the third party user identity, the third fixed string being a string that is preconfigured and has the same value as a third fixed string that is preconfigured by the bootstrapping service server BSF, the third random string or/and the third timestamp being communicated by the bootstrapping service server BSF.
Preferably, the generating the first application key based on the first master key Ks includes:
generating the first application key based on the first master key Ks and optional parameters; the optional parameters include one or more of Salt, RAND, IMPI and NAF Id, where,
salt is the same Salt value as the bootstrap service server BSF;
RAND is RAND generated during the GBA initialization process;
the IMPI is the IMPI of the user terminal;
nafjd is the nafjd;
the KDF is the same key derivation algorithm as the bootstrap service server BSF;
The optional parameters are consistent with the optional parameters when the bootstrapping service server BSF generates the second application key.
Preferably, after said transferring the naf_id to the bootstrapping service server BSF and before said receiving registration information and services provided by the bootstrapping service server BSF, further comprises:
and sending authorization information confirmed by the end user to the guiding service server BSF.
Preferably, the transmitting the authorization information confirmed by the end user to the bootstrapping service server BSF includes:
receiving an application authorization request message sent by the guiding service server BSF;
displaying an application authorization verification interface;
receiving authorization information input by a terminal user in the application authorization verification interface;
and if the authorization information indicates confirmation authorization, sending an application authorization response message to the guiding service server BSF, wherein the application authorization response message is an application authorization confirmation message.
In a second aspect, a GBA-based client registration and key sharing method is provided, applied to a bootstrapping service server BSF, and the method includes:
after the GBA initialization process is successfully executed with the user terminal, receiving the B-TID and the first encryption value sent by the user terminal;
Acquiring a corresponding second master key Ks according to the B-TID;
verifying the first encrypted value based on the second master key Ks and second verification information, the second verification information being the same value as the first verification information generated by the user terminal;
and if the first encryption value is verified to be valid, providing registration information and services for the user terminal.
Preferably, the guiding service server BSF is connected to the user terminal through a data network.
Preferably, the data network comprises the internet or the mobile internet.
Preferably, said verifying the first encrypted value based on the second master key Ks and second verification information includes:
generating a second authentication key based on the second master key Ks, wherein the generation mode of the second authentication key is consistent with the generation mode of the first authentication key generated by the user terminal, so that the second authentication key is the same as the value of the first authentication key generated by the user terminal;
generating the second verification information, wherein the generation mode of the second verification information is consistent with the generation mode of the first verification information generated by the user terminal, so that the second verification information is the same as the value of the first verification information generated by the user terminal;
The first encrypted value is verified based on the second authentication key and the second verification information.
Preferably, the generating a second authentication key based on the second master key Ks includes:
taking the second master key Ks as the second authentication key; or alternatively, the process may be performed,
the second authentication key is generated based on information including the second master key Ks.
Preferably, the generating the second authentication key based on the information including the second master key Ks includes:
generating a second authentication key based on information comprising the second master key Ks and a first fixed string or/and a first random string or/and a first timestamp or/and the B-TID or/and NAF Id, the first fixed string being a pre-configured string and having the same value as the first fixed string pre-configured by the user terminal, the first random string or/and the first timestamp or/and the NAF Id being communicated by the user terminal.
Preferably, the generating the second verification information includes:
generating the second authentication information based on a second fixed string or/and a second random string or/and a second timestamp or/and the B-TID or/and NAF Id, wherein the second fixed string is a string which is preconfigured and has the same value as a second fixed string preconfigured by the user terminal, and the second random string or/and the second timestamp or/and the NAF Id is transmitted by the user terminal.
Preferably, the generating the second authentication information based on the second fixed string or/and the second random string or/and the B-TID or/and naf_id includes:
taking the second fixed character string or the second random character string or the second timestamp or one of the B-TID or the NAF_Id as the second verification information; or alternatively, the process may be performed,
taking the hash value of the second fixed character string or the second random character string or the second timestamp or one of the B-TID or the NAF_Id as the second verification information; or alternatively, the process may be performed,
the information comprising the second fixed character string or/and the second random character string or/and the second timestamp or/and the B-TID or/and the NAF_Id is combined and spliced to be used as the second verification information; or alternatively, the process may be performed,
and combining and splicing the information comprising the second fixed character string or/and the second random character string or/and the second timestamp or/and the B-TID or/and the NAF_Id, and then taking a hash value generated by hash calculation as the second verification information.
Preferably, said verifying the first encrypted value based on the second authentication key and the second verification information includes:
If the user terminal generates the first encryption value by using a signature encryption algorithm, verifying the first encryption value by using the same signature encryption algorithm based on the second authentication key and the second verification information; or alternatively, the process may be performed,
and if the user terminal generates the first encryption value by using a symmetric encryption algorithm, verifying the first encryption value based on the second authentication key and the second verification information by using the same symmetric encryption algorithm.
Preferably, said verifying the first encrypted value based on the second authentication key and the second verification information using the same signature encryption algorithm includes:
using the same signature encryption algorithm as the user terminal, signature encrypting the second verification information based on the second authentication key to generate a second encryption value;
comparing whether the second encryption value is consistent with the first encryption value;
if so, determining to verify that the first encryption value is valid.
Preferably, said verifying the first encrypted value based on the second authentication key and the second verification information using the same symmetric encryption algorithm includes:
decrypting the first encryption value based on the second authentication key to obtain a plaintext by using the same symmetric encryption algorithm as the user terminal, and obtaining first verification information from the decrypted plaintext;
Comparing whether the second verification information is consistent with the first verification information;
if so, determining to verify that the first encryption value is valid.
Preferably, the method further comprises:
before providing registration information and service to the user terminal, acquiring NAF_Id transmitted by the user terminal, wherein the NAF_Id is an identifier of a third party application client running in the user terminal;
the registration information and services provided to the user terminal are registration information and services provided to the third party application client.
Preferably, the acquiring the naf_id transferred by the user terminal includes:
receiving NAF_Id transmitted by the user terminal in the process of receiving the B-TID and the first encryption value transmitted by the user terminal; or alternatively, the process may be performed,
and after the first encryption value is verified to be valid, and before the registration information and services are provided to the user terminal, receiving NAF_Id transmitted by the user terminal.
Preferably, the providing registration information and services to the user terminal includes:
acquiring a corresponding third party user identifier according to the B-TID and the NAF_Id, and transmitting the third party user identifier to the user terminal so that the third party user identifier is used for identifying a user identity in the third party application client; or/and the combination of the two,
Generating a second application key based on the second master key Ks, wherein the generation mode of the second application key is consistent with the generation mode of the first application key generated by the user terminal, and the corresponding relation between the B-TID and the NAF_Id and the second application key is established; or/and the combination of the two,
a user token associated with the NAF Id is generated and passed to the user terminal for authentication of the third party application client to access a corresponding third party application server.
Preferably, the obtaining the corresponding third party user identifier according to the B-TID and the naf_id includes:
acquiring corresponding IMPI according to the B-TID;
searching a corresponding third party user identifier according to the IMPI and the NAF_Id;
if the corresponding third party user identifier is found, determining the found corresponding third party user identifier as the third party user identifier;
if no corresponding third party user identifier is found, a unique third party user identifier is created, the unique third party user identifier is determined to be the third party user identifier, and a corresponding relation between the IMPI and the NAF_Id and the unique third party user identifier is established, so that the unique third party user identifier can be found according to the IMPI and the NAF_Id.
Preferably, after the obtaining the corresponding third party user identifier according to the B-TID and the naf_id, the method further includes:
generating a second user key based on the second master key, wherein the generation mode of the second user key is consistent with the generation mode of the first user key generated by the user terminal;
and establishing a corresponding relation between the third party user identifier and the second user key.
Preferably, the generating the second application key based on the second master key Ks includes:
generating the second application key based on the second master key Ks and optional parameters; the optional parameters include one or more of Salt, RAND, IMPI and NAF Id, where,
salt is the same Salt value as the user terminal;
RAND is the RAND corresponding to the B-TID;
IMPI is the IMPI corresponding to the B-TID;
nafjd is the nafjd;
the KDF is the same key derivation algorithm as the user terminal;
the optional parameters are consistent with the optional parameters when the user terminal generates the first application key.
Preferably, the generating the user token associated with the NAF Id includes:
using a randomly generated globally unique string as the user token;
And establishing an association relation between the user token and the NAF_Id.
Preferably, the generating the user token associated with the NAF Id further comprises:
establishing an association relation between the user token and the IMPI corresponding to the B-TID so that the IMPI corresponding to the B-TID can be obtained according to the user token; or alternatively, the process may be performed,
and establishing an association relation between the user token and a unique user identifier, wherein the unique user identifier is a unique user identifier corresponding to the IMPI corresponding to the B-TID which is established in advance.
Preferably, after said obtaining the naf_id delivered by the user terminal and said verifying that the first encryption value is valid, and before said providing registration information and services to the user terminal, further comprises:
acquiring the authorization information which is sent by the user terminal and confirmed by the terminal user, and if the authorization information which is sent by the user terminal and confirmed by the terminal user is acquired, executing the providing of the registration information and the service to the user terminal.
Preferably, the acquiring the authorization information sent by the user terminal and confirmed by the end user includes:
sending an application authorization request message to the user terminal;
receiving an application authorization response message sent by the user terminal;
And if the application authorization response message is an application authorization confirmation message, executing the provision of the registration information and the service to the user terminal.
Preferably, the application authorization request message includes:
a third party application name, wherein the third party application name is obtained according to the NAF_Id; or/and the combination of the two,
and the mobile user name is obtained according to the B-TID.
In a third aspect, there is provided a GBA-based client registration and key sharing apparatus, wherein the apparatus is applied to a user terminal running a third party application client, and includes: the system comprises a memory and a processor, wherein the processor is used for running a program stored in the memory, and the program executes the method comprising the first aspect applied to any one of user terminals running a third party application client.
There is provided a GBA-based client registration and key sharing apparatus, characterized in that the apparatus is applied to a bootstrapping service server BSF, comprising: a memory, a processor for running a program stored in the memory, which program when run performs a method comprising the application of the second aspect to any of the bootstrapping service servers BSFs.
There is provided a GBA-based client registration and key sharing system, characterized in that the system comprises: a user terminal and a bootstrapping service server (BSF); the user terminal comprises the device applied to the user terminal running the third party application client; the bootstrapping service server BSF comprises the above-mentioned means applied to the bootstrapping service server BSF.
There is provided a storage medium having stored therein a program for implementing a method comprising the above first aspect applied to any one of the user terminals running a third party application client.
There is provided a storage medium having stored therein a program for implementing the method of any one of the BSFs including the second aspect described above applied to a bootstrapping service server.
In summary, after the GBA initialization process, the present invention provides a secure registration environment for the third party application client running in the user terminal, and the guiding service server BSF provides corresponding registration information and services only for the authenticated user terminal, including obtaining the third party user identifier, generating the user key, generating the application key and generating the user token, so as to effectively solve the technical defect of the GBA architecture application in the internet technical field as described in the background art.
[ description of the drawings ]
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are required to be used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only embodiments of the present invention, and that other drawings can be obtained according to the provided drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic diagram of an implementation environment related to a GBA-based client registration and key sharing method according to an embodiment of the present invention;
fig. 2 is a schematic flow chart of a first embodiment of a GBA-based client registration and key sharing method according to the present invention;
fig. 3 is a schematic flow chart of a second embodiment of a GBA-based client registration and key sharing method according to the present invention;
fig. 4 is a schematic flow chart of a third embodiment of a GBA-based client registration and key sharing method according to the present invention;
fig. 5 is a schematic flow chart of a fourth embodiment of a GBA-based client registration and key sharing method according to the present invention;
fig. 6 is a schematic flow chart of a fifth embodiment of a GBA-based client registration and key sharing method according to the present invention;
Fig. 7 is a flow chart of GBA application key agreement procedure.
The achievement of the objects, functional features and advantages of the present invention will be further described with reference to the accompanying drawings, in conjunction with the embodiments.
[ detailed description ] of the invention
For the purpose of making the objects, technical solutions and advantages of the present invention more apparent, the embodiments of the present invention will be described in further detail with reference to the accompanying drawings. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
1. Related noun terminology
For ease of understanding, certain terms are referred to and described herein.
Naf_id: the NAF Id is used to uniquely identify the third party application server and to identify the corresponding third party application client to the third party application server. The NAF Id may be a fully qualified domain name (Fully Qualified Domain Name, FQDN), or may be formed by concatenating the FQDN and a protocol identifier (UaID) on the Ua interface, or may be a string.
Signature encryption algorithm: an encryption algorithm for encrypting the authenticity of the real information is meant, and only a sender of the information can generate a digital string which cannot be forged by others, and the digital string is also a valid proof for sending the authenticity of the information to the sender of the information, for example, a message authentication code (such as a hash-based message authentication code HMAC, a cipher block chaining message authentication code CBC-MAC, a galois message authentication code GMAC, and the like), a hash function containing key encryption, an RSA-based digital scheme (such as RSA-PSS), a Digital Signature Algorithm (DSA), an elliptic curve digital signature algorithm, and the like.
Symmetric encryption algorithm: refers to encryption algorithms that encrypt and decrypt using the same key, such as triple data encryption standard (Triple Data Encryption Standard, DES), advanced encryption standard (Advanced Encryption Standard, AES), etc.
2. Schematic diagram of implementation environment structure
Fig. 1 is a schematic structural diagram of an implementation environment related to a GBA-based client registration and key sharing method according to an embodiment of the present invention. The implementation environment comprises a bootstrapping service server BSF, a user terminal and a third party application client.
The bootstrapping service server BSF: the BSF is generally provided by a communication carrier, connects with a user terminal through a data network such as the internet, mobile internet, etc. to perform GBA initialization procedure, and provides registration information and services to the user terminal; connecting with HSS (Home Subscriber Server ) or/and HLR (Home Location Register, home location register) through a communications carrier network and a dedicated interface to perform GBA initialization procedure; it should be noted that the BSF in the present application may also be connected to a unified data management (unified data management, UDM) to perform GBA initialization procedure.
User terminal: the user terminal accesses a network including data networks such as the internet and the mobile internet in a wired or wireless mode through WLAN, wiFi, mobile data (including 3G/4G/5G/6G mobile data), LAN, fixed broadband and the like and performs data connection with the guiding service server BSF. The user terminal supports GBA functions, typically a smart phone, and may also be a smart tv, a set-top box, a tablet computer, a portable computer, a desktop computer, etc.
Third party application client: an application running in the operating system of the user terminal is provided by a third party application service provider.
It will be appreciated that in an actual implementation environment, one, multiple or a large number of user terminals may be included, where each user terminal may run one or more third party application clients provided by different third party application servers, and each third party application client may access a corresponding third party application server in a connection manner, so as to obtain service application data and services provided by the corresponding third party application server.
For brevity, other components in the GBA architecture, such as home subscriber server (Home Subscriber Server, HSS), home location register (Home Location Register, HLR), authentication proxy function (Authentication Proxy, AP), subscriber home function (Subscriber Locator Function, SLF), etc., are omitted from the implementation of the present invention without affecting the implementation of the present invention, however, it will be appreciated by those skilled in the art that these components have been used in the necessary application scenarios.
It should also be noted that in the actual business application environment, there should also be a third party application server. The third party application server is equivalent to NAF in GBA architecture, is provided by a third party application server and is used for being connected with a third party application client through a network, and providing the required business application data and services, such as information, shopping, social contact and the like, for a user to the third party application client; the system is used for connecting with the guiding service server BSF through a network, and acquiring or verifying verification information submitted by a third party application client, such as information of B-TID, application keys, user tokens and the like, from the guiding service server BSF.
Those skilled in the art will appreciate that the implementation environment configuration shown in fig. 1 is not limiting of the implementation environment and may include more or fewer components than shown, or certain components may be combined, or a different arrangement of components.
3. Precondition for implementation
Before implementing the embodiments of the present invention, the user terminal and the bootstrapping service server BSF have successfully executed to complete the GBA initialization process, and the user terminal has a B-TID and corresponding Ks (i.e., a first master key Ks) and RAND; the guiding service server BSF stores B-TID and corresponding Ks (namely second master key Ks) and RAND, and establishes the corresponding relation between B-TID and corresponding Ks (namely second master key Ks) and RAND, and meanwhile, the guiding service server BSF stores the corresponding relation between B-TID and IMPI (IP multimedia private identity ) of the user terminal, namely, corresponding IMPI can be searched and obtained through B-TID.
4. GBA-based client registration and key sharing method embodiment one
Referring to fig. 2, a flowchart of a first embodiment of a GBA-based client registration and key sharing method according to the present invention is shown, which may be used in the implementation environment shown in fig. 1. This embodiment includes:
after acquiring the operation instruction for starting the GBA-based client registration and key sharing process, the user terminal starts the GBA-based client registration and key sharing process, which may include the following three sub-processes and corresponding steps:
the first sub-process: the user terminal and the bootstrapping service server BSF generate authentication keys of the same value based on the same B-TID and the master key Ks of the same value. Specifically, the method comprises the following steps:
step 201, the user terminal acquires the B-TID and the first master key Ks.
The user terminal acquires the B-TID and the first master key Ks, and correspondingly, after the user terminal and the guiding service server BSF successfully execute GBA initialization process, the B-TID and the second master key Ks corresponding to the B-TID are stored on the guiding service server BSF.
Step 202. The user terminal generates a first authentication key based on the first master key Ks.
For example, the first master key Ks may be used as the first authentication key.
For another example, a first authentication key is generated based on information including the first master key Ks and a first fixed string (1) or/and a first random string or/and a first timestamp or/and the B-TID or/and NAF_Id; wherein the first fixed string (1) is a string that is preconfigured and has the same value as the first fixed string (2) preconfigured on the bootstrapping service server BSF, the first random string is a locally randomly generated string, and the first timestamp is generated by acquiring the current system time of the user terminal. Specifically, taking a key derivation algorithm formula as an example, it can be expressed as: dk=pbkdf 2 (passphrase, salt, c, dkLen), wherein: DK is the generated first authentication key, PBKDF2 is the key derivation algorithm, passphrase is the first master key Ks and concatenated with the first fixed string (1) or/and the first random string or/and the first timestamp or/and the B-TID or/and NAF Id combination; salt is a Salt value, in this case a fixed string; c is the number of iterations; dkLen is the key output length, and can be generated to meet the requirement of the key length according to the encryption algorithm used.
NAF Id is an identification of the third party application client running in the user terminal, e.g. already stored internally within the third party application client software installation package and in the configuration file after installation, from which the user terminal obtains the NAF Id; or the request is obtained after the third party application client sends the request to the corresponding third party application server, and the request is obtained from the third party application client by the user terminal or is sent to the user terminal by the third party application client.
Step 203, the user terminal sends the B-TID and the information for generating the first authentication key to the bootstrapping service server BSF.
The user terminal sends the B-TID to the bootstrapping service server BSF, so that the bootstrapping service server BSF can obtain the corresponding second master key Ks according to the B-TID.
In order for the bootstrapping service server BSF to generate a second authentication key having the same value as the first authentication key, if the information for generating the first authentication key further comprises a first random string or/and a first timestamp or/and a NAF Id, the first random string or/and the first timestamp or/and the NAF Id is transmitted to the bootstrapping service server BSF.
Accordingly, the bootstrap service server BSF receives the B-TID and the first random string or/and a first timestamp or/and the naf_id sent by the user terminal.
It will be appreciated that if the above information for generating the first authentication key further includes the first fixed string (1), since the first fixed string (2) of the same value may be preconfigured on the bootstrapping service server BSF, the first fixed string (1) may not be transmitted to the bootstrapping service server BSF.
Step 204, the bootstrapping service server BSF obtains a second master key Ks according to the B-TID.
The correspondence between the B-TID and the second master key Ks is stored on the bootstrapping service server BSF.
And the guiding service server BSF searches and acquires a corresponding second master key Ks in the corresponding relation according to the B-TID.
Step 205. The bootstrapping service server BSF generates a second authentication key based on the second master key Ks.
The bootstrapping service server BSF generates a second authentication key based on the second master key Ks using the same authentication key generation scheme as the user terminal, the same authentication key generation scheme including the same key derivation algorithm formula, the same input information, the same input parameters, the same string combination concatenation scheme, etc., so that the generated second authentication key is the same as the value of the first authentication key generated by the user terminal.
For example, taking the same authentication key generation manner as the user terminal of step 202 as an example, if the user terminal uses the first master key Ks as the first authentication key, the bootstrapping service server BSF uses the second master key Ks as the second authentication key.
For another example, taking the same authentication key generation manner as the user terminal in step 202 as an example, if the user terminal generates the first authentication key based on the information including the first master key Ks and the first fixed string (1) or/and the first random string or/and the B-TID or/and the naf_id, the bootstrapping service server BSF generates the first authentication key based on the information including the second master key Ks and the first fixed string (2) or/and the first random string or/and the first time stamp or/and the B-TID or/and the naf_id, and the generation manner of the second authentication key is identical to the generation manner of the first authentication key by the user terminal; wherein the first fixed string (2) is a string which is preconfigured and has the same value as the first fixed string (1) preconfigured by the user terminal, and the first random string or/and the first timestamp or/and the NAF_Id are transmitted by the user terminal. It will be appreciated that if the user terminal generates the first authentication key also comprises other input information or input parameters, the guiding of the service server BSF to generate the second authentication key also needs to comprise using the same input information or input parameters, so that the value of the generated second authentication key is the same as the value of the first authentication key generated by the user terminal.
Specifically, taking the example corresponding to step 202 as an example, the formula of the key derivation algorithm is: dk=pbkdf 2 (passphrase, salt, c, dkLen), wherein: DK is the generated second authentication key, PBKDF2 is the same key derivation algorithm as the user terminal, passphrase is the second master key Ks and is spliced with the first fixed string (2) or/and the first random string or/and the first timestamp or/and the B-TID or/and NAF Id combination; salt is a Salt value, which is a fixed string identical to the user terminal; c is the same number of iterations as in the user terminal; dkLen is the same key output length as in the user terminal.
So far, since the values of the first master key Ks corresponding to the same B-TID on the user terminal and the second master key Ks corresponding to the bootstrapping service server BSF are the same after the GBA initialization procedure is successfully performed, and since the first authentication key and the second authentication key are generated based on the same value master key Ks using the same key generation scheme, the values of the first authentication key and the second authentication key are also the same.
The second sub-process: the user terminal and the bootstrapping service server BSF generate authentication information with the same value. Specifically, the method comprises the following steps:
Step 206, the user terminal generates first verification information.
The user terminal generates the first authentication information such that the first authentication information is used for encryption and such that the first authentication information is identical to the value of the second authentication information generated by the bootstrapping service server BSF.
The user terminal may take one of the second fixed string (1) or the second random string or the second timestamp or the B-TID or the NAF Id as the first authentication information; or the user terminal may perform hash calculation on one of the second fixed string (1) or the second random string or the second timestamp or the B-TID or the naf_id by using a hash algorithm, and use the generated hash value as the first verification information; or the user terminal generates first verification information after combining and splicing the information comprising the second fixed character string (1) or/and the second random character string or/and the second timestamp or/and the B-TID or/and the NAF_Id; or the user terminal combines and splices the information comprising the second fixed character string (1) or/and the second random character string or/and the second timestamp or/and the B-TID or/and the NAF_Id to generate information, then uses a hash algorithm to perform hash calculation, and uses the generated hash value as the first verification information.
The second fixed character string (1) is a character string which is preconfigured and has the same value as a second fixed character string (2) preconfigured on the guiding service server BSF, the second random character string is a character string which is locally and randomly generated, and the second timestamp is generated by acquiring the current system time of the user terminal.
Step 207. The user terminal sends the information generating the first authentication information to the bootstrapping service server BSF.
After the user terminal generates the first authentication information, in order to enable the bootstrapping service server BSF to generate second authentication information with the same value as the first authentication information, if the generated first authentication information further includes a second random string or/and a second timestamp or/and the B-TID or/and the naf_id, the second random string or/and the second timestamp or/and the B-TID or/and the naf_id is transmitted to the bootstrapping service server BSF.
Correspondingly, the guiding service server BSF receives the second random character string or/and the second timestamp or/and the B-TID or/and the NAF_Id sent by the user terminal.
It will be appreciated that if the above information for generating the first authentication information further includes the second fixed string (1), since the fixed string (2) of the same value may be preconfigured on the bootstrapping service server BSF, the second fixed string (1) may not be transmitted to the bootstrapping service server BSF.
It will be appreciated that this step may also be implemented in combination with the above step 203, i.e. the user terminal may send the B-TID and the information for generating the first authentication key and the information for generating the first authentication information to the bootstrapping service server BSF simultaneously in one sending request, and correspondingly, the steps for generating the second authentication key and generating the second authentication information by the bootstrapping service server BSF are also implemented after the step of combining.
It will be appreciated that if the combination is performed as one step, if the information for generating the first authentication key and the information for generating the first verification information have the same information in the two steps, the same information may not be repeatedly transmitted.
Step 208. The bootstrapping service server BSF generates the second authentication information.
The bootstrapping service server BSF generates the second authentication information and is to make the value of the generated second authentication information the same as the value of the first authentication information generated by the user terminal.
Taking the same verification information generation manner as step 206 as an example, if the user terminal takes one of the second fixed string (1) or the second random string or the second timestamp or the B-TID or the naf_id as the first verification information, the bootstrapping service server BSF takes one of the second fixed string (2) or the second random string or the second timestamp or the B-TID or the naf_id as the second verification information.
Taking the same verification information generation manner as in step 206 as an example, if the user terminal uses the second fixed string (1) or the second random string or the second timestamp or the hash value of one of the B-TID or the naf_id as the first verification information, the bootstrapping service server BSF uses the same hash algorithm to perform hash calculation on the same one of the second fixed string (2) or the second random string or the second timestamp or the B-TID or the naf_id, and uses the generated hash value as the second verification information.
Taking the same way of generating authentication information as step 206 as an example, if the user terminal generates the first authentication information by including the second fixed string (1) or/and the second random string or/and the second timestamp or/and the B-TID or/and the NAF Id, the bootstrapping service server BSF generates the second authentication information by including the second fixed string (2) or/and the second random string or/and the second timestamp or/and the B-TID or/and the NAF Id. For example, if the user terminal uses the second fixed string (1) or/and the second random string or/and the second timestamp or/and the B-TID or/and the naf_id after being spliced in combination as the first authentication information, the bootstrapping service server BSF uses the second fixed string (2) or/and the second random string or/and the second timestamp or/and the B-TID or/and the naf_id after being spliced in combination in the same manner as the second authentication information.
Taking the same verification information generation manner as that of step 206 as an example, if the user terminal uses the hash value generated by the hash calculation after combining and splicing the information including the second fixed string (1) or/and the second random string or/and the second timestamp or/and the B-TID or/and the naf_id as the first verification information, the guiding service server BSF uses the information including the second fixed string (2) or/and the second random string or/and the second timestamp or/and the B-TID or/and the naf_id as the second verification information by combining and splicing the information including the second fixed string (1) or/and the second random string or/and the second timestamp or/and the B-TID or/and the information using the same hash algorithm to perform the hash calculation on the combined and spliced information, and uses the generated hash value as the second verification information.
Wherein the second fixed string (2) is a pre-configured string having the same value as the pre-configured second fixed string (1) on the user terminal, and the second random string or/and the second timestamp or/and the NAF_Id is/are sent by the user terminal.
It will be appreciated that if the user terminal generates the first authentication information also comprises other input information, the guiding of the service server BSF to generate the second authentication information also needs to comprise using the same input information, so that the value of the generated second authentication information and the value of the first authentication information generated by the user terminal are the same.
Since the second authentication information and the first authentication information are generated based on the same value information using the same authentication information generation method, the values of the second authentication information and the first authentication information are the same.
Further, if the information for generating the first verification information further includes a second timestamp, after receiving the second timestamp, the guiding service server BSF compares the second timestamp with the current system time of the guiding service server BSF, and determines whether the time difference between the second timestamp and the current system time is within a preset valid range: if the result is within the effective range, executing the subsequent steps; if not within the effective range, no subsequent steps are performed.
Third sub-process: the user terminal and the guiding service server BSF realize the security authentication based on the authentication key with the same value and the authentication information with the same value. Specifically, the method comprises the following steps:
step 209. The user terminal encrypts the first authentication information based on the first authentication key to generate a first encrypted value.
According to the first authentication key and the first verification information generated in the steps, the user terminal encrypts the first verification information based on the first authentication key to generate a first encrypted value. Depending on the encryption algorithm used, various embodiments may be included, at least:
In a first embodiment, the user terminal generates a first encrypted value by signing and encrypting the first authentication information based on the first authentication key using a signature encryption algorithm.
The user terminal uses a signature encryption algorithm to encrypt and calculate a generated first encryption value, namely a signature value, of the first verification information based on the first authentication key, the signature value can uniquely identify the first verification information, and the same signature value can be generated only by using the same signature encryption algorithm, the same signature key and the same information to be signed.
For example, taking the example of using a hash message authentication code by a signature encryption algorithm, the signature manner can be expressed as: signature=hmac_sha256 (k, m), where m is the information to be signed, i.e. the first authentication information, k is the signing key, i.e. the first authentication key, hmac_sha256 is the Signature encryption algorithm, and Signature is the Signature value, i.e. the first encryption value.
For another example, taking a hash function encrypted with a key as an example of a signature encryption algorithm, the signature manner can be expressed as: signature=sha256 (k||m), where m is the information to be signed, i.e., the first authentication information, k is the signing key, i.e., the first authentication key, "k||m" means that k and m are combined and spliced, sha256 is a hash function, and Signature is the Signature value, i.e., the first encryption value.
In a second embodiment, the user terminal generates a first encrypted value based on symmetric encryption of the information including the first authentication information using a symmetric encryption algorithm.
The user terminal uses a symmetric encryption algorithm to symmetrically encrypt the information comprising the first verification information based on the first authentication key to generate a first encryption value, wherein the first encryption value is a ciphertext of the information comprising the first verification information, and the ciphertext can be decrypted to obtain an original plaintext only by using the same symmetric encryption algorithm and the key with the same value.
For example, using AES for the symmetric encryption algorithm, the encryption scheme can be expressed as: s=aes_encryption (m, k), where m is a plaintext, the plaintext is the first authentication information or information including the first authentication information, k is an encryption key, that is, the first authentication key, aes_encryption is an encryption algorithm, and s is an encryption result, that is, a first encryption value.
The above information including the first verification information means that the generated information further includes the first verification information and other information, for example, the information generated by combining and splicing the first verification information and other information, and the other information is not limited in this embodiment unless otherwise specified.
Step 210. The user terminal sends a security authentication request to the bootstrapping service server BSF, the security authentication request comprising the first encryption value.
The user terminal sends a security authentication request to the bootstrapping service server BSF, the security authentication request comprising the first cryptographic value, such that the bootstrapping service server BSF implements a security authentication of the user terminal by verifying the first cryptographic value.
Accordingly, the bootstrapping service server BSF receives a security authentication request sent by the user terminal and obtains the first encryption value included in the security authentication request.
It will be appreciated that this step may also be implemented in combination with step 203 or/and step 207 described above, i.e. the user terminal may send the first encrypted value and the B-TID and the information for generating the first authentication key or/and the information for generating the first verification information to the bootstrapping service server BSF at the same time in a sending request, and correspondingly, the steps of generating the second authentication key and generating the second verification information by the bootstrapping service server BSF are also implemented after the step of combining.
Step 211. The bootstrapping service server BSF verifies the first cryptographic value based on the second authentication key and the second verification information.
Corresponding to various embodiments that may be included in the user terminal for generating the first encrypted value, the guiding service server BSF verifies the first encrypted value based on the second authentication key and the second verification information, including:
in a first embodiment, corresponding to the embodiment in which the user terminal generates the first encrypted value using a signature encryption algorithm, the bootstrapping service server BSF verifies the first encrypted value based on the second authentication key and the second verification information using the same signature encryption algorithm as the user terminal. Specifically, the method comprises the following steps:
step 211a, the bootstrapping service server BSF signature encrypts the second authentication information based on the second authentication key using the same signature encryption algorithm as the user terminal to generate a second encrypted value.
The guiding service server BSF uses the same signature encryption algorithm as the user terminal to carry out signature encryption on the second verification information based on the second authentication key to generate a signature value, wherein the signature value is the second encryption value.
For example, taking the example that the signature encryption algorithm uses the same hash message authentication code as in the user terminal of step 209, the signature manner can be expressed as: signature=hmac_sha256 (k, m), where m is information to be signed, i.e., second authentication information, k is a signing key, i.e., second authentication key, hmac_sha256 is the same hash message authentication code as the user terminal, and Signature is a Signature value, i.e., second encryption value.
For another example, taking the signing algorithm as using the same hash function with key encryption as in the user terminal of step 209, the signing method may be expressed as: signature=sha256 (k||m), where m is information to be signed, i.e., second authentication information, k is a signing key, i.e., second authentication key, SHA256 is the same hash function as the user terminal, and Signature is a Signature value, i.e., second encryption value.
So far, since the guiding service server BSF uses the same signature algorithm as the user terminal, the second authentication information and the first authentication information are the information to be signed with the same value, and the second authentication key and the first authentication key are the signature keys with the same value, the generated second encryption value is the same as the first encryption value.
Step 211b, the boot service server BSF compares whether the second encryption value is consistent with the first encryption value; if so, determining to verify that the first encryption value is valid.
The guiding service server BSF compares whether the second encryption value is consistent with the first encryption value, and executes corresponding operation according to the comparison result, including:
if the comparison results are consistent, it is determined that the first encryption value is verified to be valid.
If the comparison is inconsistent, it is determined that the first encryption value is not valid.
In a second embodiment, the bootstrapping service server BSF verifies the second encrypted value based on the second authentication key and the second verification information using the same symmetric encryption algorithm as the user terminal, corresponding to the user terminal generating the first encrypted value using the symmetric encryption algorithm. Specifically, the method comprises the following steps:
step 211i, the bootstrapping service server BSF decrypts the first encrypted value based on the second authentication key to obtain a plaintext by using the same symmetric encryption algorithm as the user terminal, and obtains the first authentication information from the plaintext.
The bootstrapping service server BSF decrypts the first encrypted value based on the second authentication key using the same symmetric encryption algorithm as the user terminal, thereby obtaining a decrypted plaintext.
For example, taking the symmetric encryption algorithm using the same AES as in the user terminal of step 209 as an example, the decryption manner can be expressed as: m=aes_denrypt (s, k), where m is the decrypted result value, i.e. the decrypted plaintext, k is the decryption key, i.e. the second authentication key, aes_denrypt is the decryption algorithm, s is the ciphertext, i.e. the first encrypted value.
Since the plaintext is the first authentication information or the information including the first authentication information, the decrypted first authentication information can be obtained from the plaintext.
Step 211ii, the guiding service server BSF compares whether the second verification information is consistent with the first verification information; if so, determining to verify that the first encryption value is valid.
The guiding service server BSF compares whether the second verification information is consistent with the decrypted first verification information, and executes corresponding operation according to the comparison result, including:
if the comparison results are consistent, it is determined that the first encryption value is verified to be valid.
If the comparison result is inconsistent, it is determined that the first encryption value verification is invalid.
Step 212, the guiding service server BSF determines whether the security authentication is successful or not according to the verification result of the first encryption value and executes corresponding operation.
The guiding service server BSF determines whether the security authentication is successful according to the verification result of the first encryption value, and executes corresponding operations, including:
and if the first encryption value is confirmed to be verified to be valid, the security authentication is confirmed to be successful.
If the first encryption value is determined to be invalid, the security authentication is determined to fail.
After determining that the security authentication is successful, the bootstrapping service server BSF may provide registration information and services to the user terminal, may also maintain a session state with the user terminal to receive information transferred by the user terminal, or generate an authentication token for the user terminal, etc. Accordingly, the user terminal receives registration information and services provided by the bootstrapping service server BSF, or transfers information to the bootstrapping service server BSF through a session state maintained with the bootstrapping service server BSF or a received authentication token, etc.
After determining the security authentication failure, the bootstrapping service server BSF sends a registration failure response message to the user terminal. Accordingly, the user terminal receives the registration failure response message sent by the bootstrapping service server BSF.
In summary, the method provided in this embodiment is mainly based on the B-TID and the first master key Ks in the user terminal, and based on the same B-TID and the corresponding second master key Ks stored in the bootstrap service server BSF, where the bootstrap service server BSF performs security authentication on the user terminal by using the same encryption algorithm as the user terminal, and after determining that the security authentication is successful, may securely provide corresponding registration information and services for the user terminal and the third party application client running on the user terminal.
5. GBA-based client registration and key sharing method embodiment II
Referring to fig. 3, a flowchart of a second embodiment of a GBA-based client registration and key sharing method according to the present invention is shown, and the method may be used in the implementation environment shown in fig. 1. As a further preferred embodiment provided by the GBA-based client registration and key sharing method embodiment, the present embodiment further provides registration information for the third party application client running in the user terminal, the registration information including the third party user identification and the user key.
In order for the bootstrap service server BSF to provide corresponding registration information and services for the third party application client running in the user terminal, the user terminal needs to transmit the naf_id corresponding to the third party application client to the bootstrap service server BSF.
In particular, the delivery of the naf_id by the user terminal to the bootstrapping service server BSF may comprise various embodiments, which may for example comprise:
in a first embodiment, the user terminal delivers the NAF Id to the bootstrapping service server BSF during the security authentication of the user terminal to the bootstrapping service server BSF.
The user terminal delivers the NAF Id to the bootstrapping service server BSF, which may be sent in a separate send request or combined in other send requests. For example, taking the GBA-based client registration and key sharing method embodiment as an example, the above-mentioned secure authentication request of step 210 may be combined, or the step of sending the B-TID and the information for generating the first authentication key, or/and the step of sending the information for generating the first authentication information, by the user terminal of step 203 or/and step 207 may be combined, so that the bootstrapping service server BSF receives and acquires the naf_id at the same time when receiving the information for generating the first authentication key or the information for generating the first authentication information.
In a second embodiment, after successful security authentication of the user terminal to the bootstrapping service server BSF and before the bootstrapping service server BSF provides registration information and services to the user terminal, the user terminal passes the naf_id to the bootstrapping service server BSF through a session state or authentication token maintained with the bootstrapping service server BSF.
For example, taking the above-mentioned GBA-based client registration and key sharing method embodiment as an example, after the user terminal and the bootstrapping service server BSF perform security authentication successfully, a session state or an authentication token is maintained between the user terminal and the bootstrapping service server BSF, and the user terminal transmits the naf_id to the bootstrapping service server BSF through the session state or the authentication token.
After the user terminal delivers the naf_id to the bootstrapping service server BSF and the bootstrapping service server BSF determines that the security authentication is successful, the bootstrapping service server BSF may provide registration information including the third party user identity and the user key for the third party application client running in the user terminal, i.e. the following steps of this embodiment are applied after GBA-based client registration and key sharing method embodiment one. Specifically, the method comprises the following steps:
Step 301, the guiding service server BSF obtains the corresponding third party user identification according to the B-TID and NAF_Id.
The guiding service server BSF obtains the corresponding third party user identifier according to the B-TID and NAF_Id, which specifically comprises the following steps:
step 301a, the guiding service server BSF obtains the corresponding IMPI according to the B-TID.
After the GBA initialization process is successfully executed, the corresponding relationship between the B-TID and the IMPI is stored in the BSF, i.e. the corresponding IMPI can be searched and obtained according to the B-TID.
And the BSF searches and acquires the corresponding IMPI in the corresponding relation according to the B-TID.
Step 301b. The bootstrapping service server BSF searches for a corresponding third party user identity according to the IMPI and the NAF Id.
And storing account corresponding relations between the IMPI and NAF_Id and the third party user identification on the guiding service server BSF, namely searching the corresponding third party user identification in the account corresponding relation according to the IMPI and NAF_Id.
And the guiding service server BSF searches the corresponding third party user identification in the account corresponding relation according to the IMPI and the NAF_Id.
If the corresponding third party user identity is found, it is indicated that the bootstrapping service server BSF has created a third party user identity for the NAF Id for the IMPI, and the bootstrapping service server BSF obtains the corresponding third party user identity and then performs step 302 or step 303 described below.
If no corresponding third party user identity is found, it is indicated that the bootstrapping service server BSF has not created a third party user identity for the NAF Id for the IMPI, and the following step 301c is performed.
Step 301c. The bootstrapping service server BSF creates a unique third party user identity.
The guiding service server BSF creates a new user identifier, which is a unique identifier in all the third party user identifiers on the guiding service server BSF, or may be a unique identifier in all the third party user identifiers corresponding to the naf_id in the account correspondence described in step 301a, and then uses the new user identifier as the third party user identifier.
Step 301d. The bootstrapping service server BSF establishes and stores the corresponding relation between the IMPI and the NAF Id and the third party user identity.
The guiding service server BSF adds the corresponding relation between the IMPI and the naf_id and the third party user identifier in the account corresponding relation described in step 301a, i.e. the third party user identifier can be found and obtained in the account corresponding relation according to the IMPI and the naf_id.
In step 301b, step 301c and step 301d, the bootstrap service server BSF may also pre-establish an application user relationship table for the naf_id, where a one-to-one correspondence between IMPI and the third party user identifier is stored in the application user relationship table. The BSF searches the third party user identifier in the application user relationship table according to the IMPI, if the third party user identifier is not found, a unique third party user identifier is created, the one-to-one correspondence between the IMPI and the third party user identifier is newly added in the application user relationship table, and if the third party user identifier is found, the third party user identifier is obtained.
In step 301b, step 301c and step 301d, the bootstrapping service server BSF may pre-establish a mobile subscriber relation table for the IMPI, where a one-to-one correspondence between naf_id and a third party subscriber identity is stored. The guiding service server BSF searches the third party user identifier in the mobile user relation table according to the NAF_Id, if the third party user identifier is not found, a unique third party user identifier is created, the one-to-one correspondence between the NAF_Id and the third party user identifier is newly added in the mobile user relation table, and if the third party user identifier is found, the third party user identifier is obtained.
Step 302. Optionally, the bootstrapping service server BSF generates a second user key corresponding to the third party user identity based on the second master key Ks.
The generating of the second user key may specifically include the steps of:
step 302a. The bootstrapping service server BSF generates a second user key based on the second master key Ks.
The bootstrapping service server BSF generates a second user key based on the second master key Ks.
Further, the bootstrapping service server BSF generates a second user key based on information comprising the second master key Ks and a third fixed string (2) or/and a third random string or/and a third timestamp or/and the B-TID or/and the NAF_Id or/and the third party user identification; wherein the third fixed string (2) is a string that is preconfigured and has the same value as the preconfigured third fixed string (1) on the user terminal, the third random string is a locally randomly generated string, and the third timestamp is generated by obtaining the current system time of the bootstrapping service server BSF. Specifically, taking a key derivation algorithm formula as an example, it can be expressed as: dk=pbkdf 2 (passphrase, salt, c, dkLen), wherein: DK is a generated second user key, PBKDF2 is a key derivation algorithm, passphrase is a second master key Ks and a third fixed character string or/and a third random character string or/and a third timestamp or/and the B-TID or/and NAF_Id or/and a character string spliced by the combination of the third party user identifier; salt is a Salt value, in this case a fixed string; c is the number of iterations; dkLen is the key output length, and can be generated to meet the requirement.
Step 302b, the guiding service server BSF establishes a correspondence between the third party user identifier and the second user key.
The guiding service server BSF establishes a corresponding relation between the third party user identifier and the second user key, so that the corresponding second user key can be obtained in the corresponding relation according to the third party user identifier.
If the third party user identifier is the unique identifier in all the third party user identifiers on the guiding service server BSF, the corresponding relation between the third party user identifier and the second user key is established.
If the third party user identifier is the unique identifier in all the third party user identifiers corresponding to the NAF_Id, the corresponding relation between the third party user identifier and the NAF_Id and the second user key is established.
For example, the bootstrapping service server BSF pre-establishes an account key relation table for the naf_id, in which a one-to-one correspondence of the third party user identity and the second user key is stored. The guiding service server BSF searches a second user key in the account key relation table according to the third user identification, if the second user key is not found, the one-to-one correspondence relation between the third user identification and the second user key is newly added in the account key relation table, and if the second user key is found, the second user key newly generated in the step is used for replacing the existing user key of the third user identification in the account key relation table.
Taking step 301 as an example, if an application user relationship table for the naf_id is pre-established on the bootstrapping service server BSF, or if a mobile user relationship table for the IMPI is pre-established on the bootstrapping service server BSF, a one-to-one correspondence between the third party user identifier and the second user key may also be established and updated on the application user relationship table or the mobile user relationship table, which is not described herein.
It should be noted that, the above step 302 may also be performed after the following step 303, which is not limited by the present invention.
The guiding service server BSF establishes the corresponding relation between the third party user identifier and the second user key, and the guiding service server BSF can locally store the corresponding relation, synchronously send the corresponding relation to the third party authentication server, or synchronously send the corresponding relation to the third party application server corresponding to the NAF_Id, so that the third party application server can realize the operations of identity authentication, data encryption and the like of the third party application client based on the corresponding relation.
Step 303, the bootstrapping service server BSF transmits the third party subscriber identity to the subscriber terminal.
The bootstrapping service server BSF communicates the third party user identity to the user terminal, e.g. the third party user identity is included in a registration success response message sent by the bootstrapping service server BSF to the user terminal.
Corresponding to step 302a, if the generated second user key further comprises a third random string or/and a third timestamp, the third random string or/and the third timestamp is also transferred to the user terminal.
Step 304, the user terminal receives the third party user identification transferred by the guiding service server BSF.
The user terminal receives the third party user identifier transferred by the guiding service server BSF, for example, receives a registration success response message sent by the guiding service server BSF, and acquires the third party user identifier in the registration success response message.
For another example, the steps 303 and 304 may also be that the user terminal and the bootstrapping service server BSF maintain a session state or an authentication token after the user terminal and the bootstrapping service server BSF perform security authentication successfully, and the user terminal sends a request for acquiring the third party user identifier to the bootstrapping service server BSF through the session state or the authentication token, and the bootstrapping service server BSF feeds back the third party user identifier, and the user terminal receives and acquires the third party user identifier.
And after the user terminal receives the third party user identification, the third party user identification is transmitted to the third party application client. If the above step 302 is implemented, the following step 305 is performed to generate a first user key and to simultaneously transmit the generated first user key to the corresponding third party application client.
Step 305. Optionally, the user terminal generates the first user key based on the first master key Ks using the same user key generation manner as the bootstrapping service server BSF.
The user terminal generates a first user key based on the first master key Ks using the same user key generation scheme as the bootstrapping service server BSF, corresponding to step 302 described above.
Accordingly, if the bootstrapping service server BSF generates a second user key based on the information comprising the second master key Ks and the third fixed string (2) or/and a third random string or/and a third timestamp or/and the B-TID or/and naf_id or/and the third party user identity in step 302, the user terminal generates a first user key based on the information comprising the first master key Ks and the third fixed string (1) or/and a third random string or/and a third timestamp or/and the B-TID or/and naf_id or/and the third party user identity; wherein the third fixed string (1) is a pre-configured string having the same value as the pre-configured third fixed string (2) on the bootstrapping service server BSF, the third random string or/and the third timestamp being communicated by the bootstrapping service server BSF. Specifically, taking the example of using the same key derivation algorithm as the bootstrapping service server BSF of step 502, the key derivation algorithm formula may be expressed as dk=pbkdf 2 (passphrase, salt, c, dkLen), where: DK is the generated first user key; the PBKDF2 is the same key derivation algorithm as the bootstrapping service server BSF; the passphrase is a character string which is spliced by the first master key Ks, a third fixed character string (1), a third random character string, a third timestamp, a B-TID, NAF_Id and a third user identifier in a combined way, and the combined way is consistent with the BSF; salt is a Salt value, which is a fixed string identical to the bootstrap service server BSF; c is the same number of iterations as the bootstrapping service server BSF; dkLen is the same key output length as the bootstrapping service server BSF.
Up to this point, since the first master key Ks generated on the user terminal and the second master key Ks generated on the bootstrapping service server BSF have the same value, and since the first user key and the second user key are generated based on the same master key using the same user key generation scheme, the values of the first user key and the second user key are also the same.
The user terminal transmits the third party user identifier and the first user key to a third party application client corresponding to the NAF_Id, and the third party application client can perform operations such as identity authentication, data encryption and the like to a corresponding third party application server according to the third party user identifier and the first user key; and because the third party application server is connected with the guiding service server BSF through a network, the third party application server can realize the operations of identity authentication, data encryption and the like of the third party application client based on the corresponding relation between the third party user identifier and the second user key established by the guiding service server BSF.
The above flow, based on the first embodiment of the GBA-based client registration and key sharing method, further generates, on the user terminal and the boot service server BSF, a third party user identifier and a user key for a third party application client running in the user terminal, which has the effects of the first embodiment, and the brought effects at least include: in the first aspect, the third party user identifier and the corresponding user key are automatically acquired for the third party application client, so that the input operation of a terminal user is reduced, and the use experience of the user is improved; in the second aspect, a third party application client running in the user terminal can realize operations such as quick and safe identity authentication, data encryption and the like to a corresponding third party application server according to the acquired third party user identifier and the generated user key; in the third aspect, the BSF generates the third party user identifier and the user key for the third party application client after the successful security authentication of the user terminal is determined, instead of generating the application key in response to the B-TID submitted by the third party application server, which effectively solves the first disadvantage in the background art, namely, the problem that the third party application server imitates malicious requests to consume computing and storage resources of the BSF and other third party application servers in the second process of application key negotiation of the GBA architecture.
6. GBA-based client registration and key sharing method embodiment III
Referring to fig. 4, a flowchart of a third embodiment of a GBA-based client registration and key sharing method according to the present invention is shown, and the method may be used in the implementation environment shown in fig. 1. As a further preferred embodiment provided by the GBA-based client registration and key sharing method embodiment one, the present embodiment further provides registration information for a third party application client running in the user terminal, the registration information comprising an application key.
In order for the bootstrap service server BSF to provide corresponding registration information and services for the third party application client running in the user terminal, the user terminal needs to transmit the naf_id corresponding to the third party application client to the bootstrap service server BSF. For the specific implementation, reference may be made to the second embodiment of the GBA-based client registration and key sharing method, which is not described herein.
After the user terminal delivers the naf_id to the bootstrapping service server BSF and the bootstrapping service server BSF determines that the security authentication is successful, the bootstrapping service server BSF may provide registration information including the application key to the third party application client running in the user terminal, i.e. the following steps of this embodiment are applied after GBA-based client registration and key sharing method embodiment one. Specifically, the method comprises the following steps:
Step 401. The bootstrapping service server BSF generates a second application key based on the second master key Ks.
The bootstrapping service server BSF generates a second application key based on the second master key Ks using a key derivation algorithm, and further the bootstrapping service server BSF generates a second application key based on the second master key Ks and/or the salt value, and/or RAND, and/or IMPI, and/or the NAF Id using a key derivation algorithm.
The key derivation algorithm formula can be expressed as: key=kdf (Ks, salt, RAND, IMPI, NAF _id). Wherein Key is a second application Key; ks is the second master key Ks; salt is a Salt value, which may be a fixed string or a random value, and when the Salt value is a random value, the BSF is directed to transfer the value to the ue; RAND is the RAND corresponding to B-TID; IMPI is the IMPI corresponding to B-TID; the NAF_Id is the NAF_Id obtained from the client registration request; the KDF is a key derivation algorithm. Ks is an optional parameter and Salt, RAND, IMPI, NAF _Id is an optional parameter.
Taking the Key derivation algorithm formula key=kdf (Ks, "gba-me", RAND, IMPI, NAF _id) as an example, the second application Key generation step is as follows:
step 401a. The bootstrapping service server BSF obtains the corresponding IMPI according to the B-TID.
After the GBA initialization process is successfully executed, the corresponding relationship between the B-TID and the IMPI is stored in the BSF, i.e. the corresponding IMPI can be searched and obtained according to the B-TID.
And the BSF searches and acquires the corresponding IMPI in the corresponding relation according to the B-TID.
Step 401B. The bootstrapping service server BSF obtains RAND from the B-TID.
After the GBA initialization process, the corresponding relationship between the B-TID and the RAND is stored in the BSF, i.e. the corresponding RAND can be found and obtained according to the B-TID.
And the BSF searches and acquires the corresponding RAND in the corresponding relation according to the B-TID.
In addition, since the generation format of the B-TID is "base64 encoding (RAND) @ BSF_servers_domains_name", the corresponding RAND may be obtained from the B-TID.
Step 401c. The bootstrapping service server BSF generates a second application key based on the second master key Ks and "gba-me", the RAND, the IMPI and the NAF Id.
The bootstrapping service server BSF generates a second application key based on the second master key Ks and "gba-me", the RAND, the IMPI and the NAF Id, with the calculation formula:
Key=KDF(Ks,"gba-me",RAND,IMPI,NAF_Id)
step 402, the guiding service server BSF establishes the corresponding relation between the B-TID and the NAF_Id and the second application key.
The bootstrapping service server BSF establishes a correspondence between the B-TID and the NAF Id and the second application key, so that the second application key can be found according to the B-TID and the NAF Id.
For example, the bootstrapping service server BSF has previously established an account key relation table for the naf_id in which a one-to-one correspondence of B-TID and the second application key is stored. The guiding service server BSF searches a second application key in the account key relation table according to the B-TID, if the second application key is not found, the one-to-one correspondence relation between the B-TID and the second application key is newly added in the account key relation table, and if the second application key is found, the newly generated second application key is used for replacing the second application key existing in the B-TID in the account key relation table.
It should be noted that, the above steps 401 and 402 may also be performed after the following step 403, which is not limited by the present invention.
Step 403. The bootstrapping service server BSF sends a registration reply message to the user terminal, the registration reply message being a registration success reply message.
Corresponding to step 401, if the parameter for generating the second application key further includes a Salt value, the registration success response message is sent to the user terminal, and the Salt value is further included.
Step 404, the user terminal receives the registration response message sent by the guiding service server BSF and performs the corresponding operation.
The user terminal receives a registration reply message sent by the bootstrapping service server BSF, the registration reply message being a registration success reply message.
The user terminal executes corresponding operations according to the client registration response message, including:
if the registration reply message is a registration success reply message, the following step 405 is performed.
Otherwise, the following steps are not performed.
Step 405. The user terminal generates a first application key based on the first master key Ks using the same application key generation manner as the bootstrapping service server BSF.
The user terminal generates a first application key based on the first master key Ks using the same application key generation scheme as the bootstrapping service server BSF.
Take the key derivation algorithm formula used by the bootstrapping service server BSF in step 401 as an example: key=kdf (Ks, salt, RAND, IMPI, NAF _id). Wherein: key is a first application Key; ks is the first master key Ks; salt is the same Salt as the bootstrap service server BSF, if the Salt of the bootstrap service server BSF is a fixed string, salt is the same fixed string, if the Salt of the bootstrap service server BSF is a random value, the user terminal receives the Salt transmitted by the bootstrap service server BSF; RAND is RAND generated during GBA initialization; the IMPI is the IMPI of the user terminal; the NAF_Id is the NAF_Id corresponding to the third party application client; the KDF is the same key derivation algorithm as the bootstrapping service server BSF. Ks is an mandatory parameter, salt, RAND, IMPI, NAF _Id is an optional parameter, and the optional parameter selected is consistent with the bootstrapping service server BSF.
Accordingly, taking the Key derivation algorithm formula key=kdf (Ks, "gba-me", RAND, IMPI, NAF _id) used by the bootstrapping service server BSF in step 401 as an example, the first application Key generation step is as follows:
step 405a. The user terminal obtains the IMPI of the user terminal.
The user terminal obtains the IMPI of the user terminal, and the IMPI is the same as the IMPI obtained in the GBA initialization process. The IMPI is obtained from an IP multimedia service identity module (ISIM, IP Multimedia Services Identity Module) using a method consistent with the GBA initialization procedure, for example.
Step 405b. The user terminal acquires RAND.
After the GBA initialization procedure, the B-TID and the corresponding RAND are stored on the ue, which the ue acquires.
In addition, since the generation format of the B-TID is "base64 encoding (RAND) @ BSF_servers_domains_name", the corresponding RAND may be obtained from the B-TID.
Step 405c. The user terminal generates a first application key based on the first master key Ks and "gba-me", the RAND, the IMPI and the NAF Id.
The user terminal generates a second application key based on the first master key Ks and the 'gba-me', the RAND, the IMPI and the NAF_Id, and the calculation formula is as follows:
Key=KDF(Ks,"gba-me",RAND,IMPI,NAF_Id)
so far, since after the GBA initialization procedure is successfully performed, the B-TID and the corresponding RAND, ks (i.e. the first master key Ks) stored on the user terminal are identical to the RAND, ks (i.e. the second master key Ks) corresponding to the B-TID stored on the bootstrapping service server BSF, and the IMPI acquired on the user terminal and the IMPI corresponding to the B-TID stored on the bootstrapping service server BSF are identical, and since the user terminal and the bootstrapping service server BSF use the same application key generation mode, the same naf_id and the same salt value, the generated values of the first application key and the second application key are identical. The user terminal transmits the B-TID and the first application key to a third party application client corresponding to the NAF_Id, and the third party application client can realize operations such as quick and safe identity authentication, data encryption and the like to a third party application server based on the B-TID and the first application key; and because the third party application server is connected with the guiding service server BSF through a network, the third party application server can realize the operations of identity authentication, data encryption and the like of the third party application client based on the corresponding relation between the B-TID and NAF_Id established by the guiding service server BSF and the second application key.
The above flow, based on the first embodiment of the GBA-based client registration and key sharing method, further generates, on the user terminal and the boot service server BSF, an application key for a third party application client running in the user terminal, which has the effects of the first embodiment, and the brought effects at least include: in the first aspect, the BSF generates the application key for the third party application client after the successful security authentication of the user terminal is determined, instead of generating the application key in response to the B-TID submitted by the third party application server, so that the first defect in the background art, namely the problem that the third party application server consumes the computing and storage resources of the BSF and other third party application servers by imitating malicious requests in the second process of application key negotiation of the GBA architecture, is effectively solved; in the second aspect, even if the process of providing the application key for the same third party application client is executed for a plurality of times after the same GBA initialization process, if the Salt uses a random value, the generated application key is different, so that the security is improved; in the third aspect, an application key can be automatically acquired for the third party application client, and the application key can be used for identity authentication, data encryption and other operations of the third party application client to the corresponding third party application server, so that input operations of a terminal user are reduced, and the use experience of the user is improved.
7. GBA-based client registration and key sharing method embodiment IV
Referring to fig. 5, a flowchart of a fourth embodiment of a GBA-based client registration and key sharing method according to the present invention is shown, and the method may be used in the implementation environment shown in fig. 1. As a further preferred embodiment provided by the GBA-based client registration and key sharing method embodiment, the present embodiment further provides registration information for the third party application client running in the user terminal, the registration information comprising generating a user token for the third party application client running in the user terminal.
In order for the bootstrap service server BSF to provide corresponding registration information and services for the third party application client running in the user terminal, the user terminal needs to transmit the naf_id corresponding to the third party application client to the bootstrap service server BSF. For the specific implementation, reference may be made to the second embodiment of the GBA-based client registration and key sharing method, which is not described herein.
After the user terminal delivers the naf_id to the bootstrapping service server BSF and the bootstrapping service server BSF determines that the security authentication is successful, the bootstrapping service server BSF may provide registration information including the user token to the third party application client running in the user terminal, i.e. the following steps of this embodiment are applied after GBA-based client registration and key sharing method embodiment one. Specifically, the method comprises the following steps:
Step 501. The bootstrapping service server BSF generates a user token.
The bootstrapping service server BSF generates a user token that is unique and of sufficient length and sufficient randomness to be difficult to guess to crack.
Step 502. The bootstrapping service server BSF associates the user token with the NAF Id or/and the IMPI corresponding to the B-TID.
The bootstrapping service server BSF establishes an association relation between the user token and the NAF_Id, and the bootstrapping service server BSF can locally store the association relation, synchronously send the association relation to a third party authentication server, or synchronously send the association relation to a third party application server corresponding to the NAF_Id. Then, based on the association, if the third party application client running on the user terminal has the same user token, the third party application server can realize authentication of the third party application client according to the association, for example, taking the third party application server corresponding to the NAF_Id as an example, the third party application server receives the authentication request including the user token sent by the third party application client, searches whether the user token exists in the association, if so, the authentication is successful, thereby determining that the sender sending the authentication request is the third party application client corresponding to the third party application server; for another example, taking the synchronous sending of the association relationship to the third party authentication server, after receiving the authentication request including the user token sent by the third party application client, the third party application server forwards the authentication request to the third party authentication server, and the third party authentication server verifies the authentication request according to the association relationship, so as to determine whether the authentication is successful.
Furthermore, in order to provide continuous application service for the same user, the association relationship between the user token and the IMPI corresponding to the B-TID should be established, so that the IMPI corresponding to the B-TID can be found according to the user token, thereby providing continuous service for the same user. For example, taking the case that the association relationship is synchronously sent to a third party application server corresponding to the naf_id, the third party application server receives an authentication request including a user token, searches for a corresponding IMPI in the association relationship according to the user token, and if so, can provide continuous application service for a user associated with the IMPI. The embodiment of obtaining the IMPI corresponding to the B-TID may refer to the embodiment in step 401a, and will not be described herein.
Furthermore, in order not to leak the IMPI on the third party application server, a unique user identifier corresponding to the IMPI may be created in advance, and then the association relationship between the user token and the naf_id and the unique user identifier may be established, and the unique user identifier may be obtained from the association relationship according to the IMPI, so as to avoid the IMPI of the user from leaking to the third party application server.
It should be noted that a cleaning mechanism should be further provided, and for the user token that has failed, the corresponding association relationship should be cleaned timely, for example, after the user token is verified once, the corresponding association relationship of the user token is deleted, or a validity period is set for the user token, and the corresponding association relationship of the user token that has passed the validity period is deleted timely according to the validity period. The specific cleaning mechanism is not described in detail herein.
Step 503. The bootstrapping service server BSF sends a registration reply message to the user terminal, which is a registration success reply message and comprises the user token.
Step 504. The user terminal receives the registration reply message sent by the guiding service server BSF and performs the corresponding operation.
The user terminal receives a registration reply message sent by the bootstrapping service server BSF, the registration reply message being a registration success reply message.
The user terminal executes corresponding operation according to the registration response message, and the method comprises the following steps:
if the registration response message is a registration success response message, a user token in the registration success response message is acquired, the user token is transmitted to a third party application client corresponding to the NAF_Id, and the third party application client can realize authentication to a third party application server based on the user token.
Otherwise, the process is ended.
The above embodiment procedure generates a user token for a third party application client running in the user terminal. The brought effects include: in the first aspect, a user token is automatically acquired for a third party application client, so that input operation of a terminal user is reduced, and use experience of the user is improved; in the second aspect, the user token can be used for authentication of the third party application client to the corresponding third party application server, so that the use experience of the user is improved; in the third aspect, when the user token is used for authentication and authorization, the user token is more suitable for some lightweight application clients (such as client programs based on HTML5 and JavaScript) because operations such as encryption calculation and the like are not needed; in the fourth aspect, the first drawback in the background art is effectively solved, because the bootstrapping service server BSF generates the user token for the third party application client after determining that the user terminal security authentication is successful, instead of generating the application key in response to the B-TID submitted by the third party application server.
8. GBA-based client registration and key sharing method embodiment five
Referring to fig. 6, a flowchart of a fifth embodiment of a GBA-based client registration and key sharing method according to the present invention is shown, and the method may be used in the implementation environment shown in fig. 1. As a more preferable embodiment provided by the GBA-based client registration and key sharing method embodiment two, the present embodiment further implements an authorization confirmation procedure of the end user.
The following steps of the method are based on the GBA-based client registration and key sharing method according to the second embodiment, and specifically include the following steps after the user terminal transmits the naf_id to the bootstrapping service server BSF, and the bootstrapping service server BSF determines that the security authentication is successful, and before the bootstrapping service server BSF provides the registration information including the third party user identifier and the user key for the third party application client running in the user terminal (i.e., before step 301):
and a, guiding the service server BSF to send an application authorization request message to the user terminal.
The application authorization request message may include:
or/and a third party application name, wherein the name is used for identifying the third party application client and the third party application server, the corresponding relation between NAF_Id and the third party application name is prestored on the guiding service server BSF, and the guiding service server BSF searches and acquires the corresponding third party application name in the corresponding relation according to NAF_Id.
Or/and a mobile user name, wherein the name is used for identifying the mobile user, the corresponding relation between the IMPI and the mobile user name is prestored on a guiding service server BSF, and the guiding service server BSF searches and acquires the corresponding mobile user name in the corresponding relation according to the IMPI. The IMPI is obtained by the bootstrapping service server BSF according to the B-TID: after the GBA initializing process, the corresponding relationship between the B-TID and the IMPI is stored in the BSF of the bootstrapping service server, that is, the corresponding IMPI can be found and obtained according to the B-TID, and the BSF of the bootstrapping service server finds and obtains the corresponding IMPI in the corresponding relationship according to the B-TID.
Accordingly, the user terminal receives the application authorization request message sent by the bootstrapping service server BSF.
And b, displaying an application authorization verification interface by the user terminal.
After receiving the application authorization request message sent by the guiding service server BSF, the user terminal invokes and displays an application authorization verification interface to ask whether the terminal user agrees to authorize the third party application.
On the displayed application authorization verification interface, a third party application name or/and a mobile user name included in the application authorization request message may be displayed, specifically:
Third party application names, namely names of a third party application client and a third party application server to be authorized;
the mobile user name, i.e. the mobile user name to be authorized.
After displaying the application authorization verification interface, the end user may enter authorization information indicating confirmation of authorization or indicating cancellation of authorization.
Optionally, a security verification code input box may be included on the displayed application authorization verification interface to query the end user for the security verification code. The security verification code is used for further verifying the authorization of the terminal user, and correspondingly, the corresponding relation between the B-TID and the security verification code is prestored on the guiding service server BSF.
And c, the user terminal receives the authorization information input by the terminal user in the application authorization verification interface.
The user authenticates the interface according to the displayed application authorization, and inputs (including triggers) authorization information in the interface indicating confirmation of authorization or cancellation of authorization. Accordingly, the user terminal receives authorization information input by the user in the application authorization verification interface.
And d, the user terminal sends an application authorization response message to the guiding service server BSF, wherein the application authorization response message is an application authorization confirmation message or an application authorization cancellation message.
The user terminal executes corresponding operations according to the authorization information input by the terminal user, and the operations comprise:
if the authorization information is authorization information indicating confirmation of authorization, the application authorization response message sent by the user terminal to the bootstrapping service server BSF is an application authorization confirmation message.
Optionally, if the displayed application authorization verification interface further includes a security verification code input box, and the authorization message input by the end user and received by the user terminal includes a security verification code, the application authorization confirmation message sent by the user terminal to the bootstrapping service server BSF further includes the security verification code.
If the authorization information is authorization information indicating that the authorization is canceled, the application authorization reply message transmitted by the user terminal to the bootstrapping service server BSF is an application authorization cancellation message.
And e, the guiding service server BSF receives the application authorization response message sent by the user terminal and executes corresponding operation.
The bootstrapping service server BSF receives an application authorization response message sent by the user terminal, which is an application authorization response message indicating confirmation of authorization or indicating cancellation of authorization.
The guiding service server BSF executes corresponding operations according to the application authorization response message, including:
If the application authorization response message is an application authorization confirmation message, the subsequent steps, i.e. the process of guiding the service server BSF to provide registration information and services provided for the third party application client to the user terminal, are continued.
Optionally, the corresponding relationship between the B-TID and the security verification code is pre-stored on the guiding service server BSF, if the security verification code is included in the application authorization confirmation message received by the guiding service server BSF, the guiding service server BSF searches and obtains the corresponding security verification code in the corresponding relationship according to the B-TID, and compares whether the two security verification codes are consistent or not: if the two steps are consistent, continuing to execute the subsequent steps; if not, ending the flow, and not executing the subsequent steps.
If the application authorization response message is an application authorization cancellation message, the process is ended, and no subsequent steps are executed.
According to the method, based on the first embodiment of the GBA-based client registration and key sharing method, the process of enabling the terminal user to verify the authorization is added, and by adding the process, the fact that the client registration information is provided with the authorization permission of the terminal user can be confirmed, and unnecessary third party application clients are prevented from being authorized due to misoperation and the like is avoided, so that the problem that the second defect in the background technology, namely the third party application clients on the same user terminal in the GBA architecture can calculate the application keys of other third party application clients easily is solved.
The present embodiment may also form a new embodiment with the GBA-based client registration and key sharing method embodiment, that is, the method steps of the present embodiment are applied after the user terminal transmits the naf_id to the bootstrapping service server BSF, and the bootstrapping service server BSF determines that the security authentication is successful, and before the bootstrapping service server BSF provides a procedure including an application key for a third party application client running in the user terminal (i.e., before step 401), which is not repeated in specific procedures.
The present embodiment may also form a new embodiment with the GBA-based client registration and key sharing method embodiment, that is, the method steps of the present embodiment are applied after the user terminal passes the naf_id to the bootstrapping service server BSF, and the bootstrapping service server BSF determines that the security authentication is successful, and before the bootstrapping service server BSF provides a procedure including a user token for a third party application client running in the user terminal (i.e., before step 501), which is not repeated in detail.
It should be noted that, in this document, the terms "comprises," "comprising," "includes," "including," "transmitting," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system.
The terms "first," "second," "third," and the like, if any, are used merely for distinguishing between similar objects and not for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments described herein may be implemented in other sequences than those illustrated or otherwise described herein.
The foregoing embodiment numbers of the present invention are merely for the purpose of description, and do not represent the advantages or disadvantages of the embodiments.
The methods, apparatus and systems of the present invention may be implemented in numerous ways. For example, the methods, apparatus and systems of the present invention may be implemented by software, hardware, firmware, or any combination of software, hardware, firmware. The above-described sequence of steps for the method is for illustration only, and the steps of the method of the present invention are not limited to the sequence specifically described above unless specifically stated otherwise. Furthermore, in some embodiments, the present invention may also be embodied as programs recorded in a recording medium, the programs including machine-readable instructions for implementing the methods according to the present invention. Thus, the present invention also covers a recording medium storing a program for executing the method according to the present invention.
The foregoing description is only of the preferred embodiments of the present invention, and is not intended to limit the scope of the invention, but rather is intended to cover any equivalents of the structures or equivalent processes disclosed herein or in the alternative, which may be employed directly or indirectly in other related arts.
Claims (43)
1. The GBA-based client registration and key sharing method is characterized by being applied to a user terminal running a third party application client, and comprises the following steps:
the GBA initialization process is successfully executed with a boot service server BSF, B-TID is obtained, and a first master key Ks is generated;
encrypting first authentication information based on the first master key Ks to generate a first encryption value, wherein the first authentication information is the same as a value of second authentication information generated by the boot service server BSF;
transmitting the B-TID and the first encryption value to the bootstrapping service server BSF;
transmitting NAF_Id to the guiding service server BSF, wherein the NAF_Id is the identification of the third party application client;
and receiving registration information and services provided by the guiding service server BSF and transmitting the registration information and services to the third party application client, wherein the registration information and services are provided after the guiding service server BSF verifies that the first encryption value is valid, and the registration information and services are provided for the third party application client.
2. The method according to claim 1, characterized in that the user terminal is connected to the bootstrapping service server BSF via a data network.
3. The method of claim 2, wherein the data network comprises the internet or a mobile internet.
4. A method according to claim 3, characterized in that the user terminal accesses the mobile internet via a mobile data connection or/and a WiFi connection or/and a WLAN connection.
5. The method of claim 4, wherein the movement data comprises 3G movement data or 4G movement data or 5G movement data or 6G movement data.
6. The method of claim 1, wherein the encrypting the first authentication information based on the first master key Ks to generate a first encrypted value comprises:
generating a first authentication key based on the first master key Ks, wherein the generation mode of the first authentication key is consistent with the generation mode of the second authentication key generated by the guiding service server BSF, so that the value of the first authentication key is the same as the value of the second authentication key generated by the guiding service server BSF;
generating the first verification information, wherein the generation mode of the first verification information is consistent with the generation mode of the second verification information generated by the guiding service server BSF, so that the value of the first verification information is the same as the value of the second verification information generated by the guiding service server BSF;
Encrypting the first authentication information based on the first authentication key to generate a first encrypted value.
7. The method of claim 6, wherein the generating a first authentication key based on the first master key Ks comprises:
taking the first master key Ks as the first authentication key; or alternatively, the process may be performed,
the first authentication key is generated based on information including the first master key Ks.
8. The method of claim 7, wherein the generating the first authentication key based on the information comprising the first master key Ks comprises:
generating a first authentication key based on information including the first master key Ks and a first fixed string or/and a first random string or/and a first timestamp or/and the B-TID or/and naf_id, the first fixed string being a string that is preconfigured and has the same value as a first fixed string preconfigured by the bootstrapping service server BSF, the first random string being a randomly generated string, the first timestamp being generated by acquiring a current system time, the naf_id being an identification of the third party application client;
and if the information for generating the first authentication key comprises the first random string or/and the first timestamp or/and the NAF_Id, transmitting the first random string or/and the first timestamp or/and the NAF_Id to the bootstrap service server BSF.
9. The method of claim 6, wherein the generating the first authentication information comprises:
generating the first verification information based on information including a second fixed string or/and a second random string or/and a second timestamp or/and the B-TID or/and naf_id, wherein the second fixed string is a string which is preconfigured and has the same value as a second fixed string preconfigured by the bootstrap service server BSF, the second random string is a randomly generated string, the second timestamp is generated by acquiring the current system time, and the naf_id is the identification of the third party application client;
and if the generation of the first verification information comprises the second random string or/and the second timestamp or/and the NAF_Id, transmitting the second random string or/and the second timestamp or/and the NAF_Id to the guiding service server BSF.
10. The method of claim 9, wherein the generating the first authentication information based on information comprising a second fixed string or/and a second random string or/and a second timestamp or/and the B-TID or/and NAF Id comprises:
Taking the second fixed character string or the second random character string or the second timestamp or one of the B-TID or the NAF_Id as the first verification information; or alternatively, the process may be performed,
taking a hash value generated by one of the second fixed character string or the second random character string or the second timestamp or the B-TID or the NAF_Id as the first verification information; or alternatively, the process may be performed,
the information comprising the second fixed character string or/and the second random character string or/and the second timestamp or/and the B-TID or/and the NAF_Id is combined and spliced to be used as the first verification information; or alternatively, the process may be performed,
and combining and splicing the information comprising the second fixed character string or/and the second random character string or/and the second timestamp or/and the B-TID or/and the NAF_Id, and then taking a hash value generated by hash calculation as the first verification information.
11. The method of claim 6, wherein the encrypting the first verification information based on the first authentication key to generate a first encrypted value comprises:
generating the first encrypted value by signing and encrypting the first verification information based on the first authentication key by using a signature encryption algorithm; or alternatively, the process may be performed,
The first encrypted value is generated based on symmetric encryption of information including the first authentication information using a symmetric encryption algorithm.
12. The method of claim 1, wherein said communicating the naf_id to the bootstrapping service server BSF comprises:
transmitting the NAF_Id to the bootstrapping service server BSF in the process of transmitting the B-TID and the first encryption value to the bootstrapping service server BSF; or alternatively, the process may be performed,
the NAF_Id is transferred to the bootstrapping service server BSF after the bootstrapping service server BSF verifies that the first encryption value is valid and before the receiving of registration information and services provided by the bootstrapping service server BSF.
13. The method of claim 1, wherein the receiving registration information and services provided by the bootstrapping service server BSF comprises:
the registration information and the service comprise a third party user identifier, specifically, the third party user identifier transmitted by the guiding service server BSF is received, and the third party user identifier is used for identifying a user identity in the third party application client; or/and the combination of the two,
The registration information and the service comprise application keys, specifically, a first application key is generated based on the first master key Ks, the generation mode of the first application key is consistent with the generation mode of the second application key generated by the guiding service server BSF, the first application key is used as the application key in the third party application client, and the third party application client can realize identity authentication or data encryption operation to a corresponding third party application server according to the application key; or/and the combination of the two,
the registration information and services include a user token, specifically, the user token transmitted by the guiding service server BSF is received, and the user token is used for authentication and authorization of the third party application client to access the corresponding third party application server.
14. The method of claim 13, wherein when the registration information and service includes a third party user identification, the registration information and service further includes a user key for the third party user identification, and wherein the receiving the third party user identification communicated by the bootstrapping service server BSF further comprises:
generating a first user key based on the first master key Ks, wherein the generation mode of the first user key is consistent with the generation mode of the second user key generated by the guiding service server BSF, and the first user key is used as the user key in the third party application client, so that the third party application client can realize identity authentication or data encryption operation to a corresponding third party application server according to the third party user identifier and the first user key.
15. The method of claim 14, wherein the generating a first user key based on the first master key Ks comprises:
generating a first user key based on information comprising the first master key Ks and a third fixed string or/and a third random string or/and a third timestamp or/and the B-TID or/and the NAF Id or/and the third party user identity, the third fixed string being a string that is preconfigured and has the same value as a third fixed string that is preconfigured by the bootstrapping service server BSF, the third random string or/and the third timestamp being communicated by the bootstrapping service server BSF.
16. The method of claim 13, wherein the generating a first application key based on the first master key Ks comprises:
generating the first application key based on the first master key Ks and optional parameters; the optional parameters include one or more of Salt, RAND, IMPI and NAF Id, where,
salt is the same Salt value as the bootstrap service server BSF;
RAND is RAND generated during the GBA initialization process;
the IMPI is the IMPI of the user terminal;
Nafjd is the nafjd;
the KDF is the same key derivation algorithm as the bootstrap service server BSF;
the optional parameters are consistent with the optional parameters when the bootstrapping service server BSF generates the second application key.
17. The method of claim 1, further comprising, after said communicating the naf_id to the bootstrapping service server BSF and before said receiving registration information and services provided by the bootstrapping service server BSF:
and sending authorization information confirmed by the end user to the guiding service server BSF.
18. The method of claim 17, wherein said sending authorization information to the bootstrapping service server BSF that is acknowledged by an end user comprises:
receiving an application authorization request message sent by the guiding service server BSF;
displaying an application authorization verification interface;
receiving authorization information input by a terminal user in the application authorization verification interface;
and if the authorization information indicates confirmation authorization, sending an application authorization response message to the guiding service server BSF, wherein the application authorization response message is an application authorization confirmation message.
19. The GBA-based client registration and key sharing method is characterized by being applied to a bootstrapping service server (BSF), and comprises the following steps:
After the GBA initialization process is successfully executed with the user terminal, receiving the B-TID and the first encryption value sent by the user terminal;
acquiring a corresponding second master key Ks according to the B-TID;
verifying the first encrypted value based on the second master key Ks and second verification information, the second verification information being the same value as the first verification information generated by the user terminal;
acquiring NAF_Id transmitted by the user terminal, wherein the NAF_Id is the identifier of a third party application client operated in the user terminal;
and if the first encryption value is verified to be valid, providing registration information and service for the user terminal according to the B-TID and the NAF_Id, wherein the registration information and service are provided for the third party application client.
20. The method according to claim 19, characterized in that the bootstrapping service server BSF is connected to the user terminal via a data network.
21. The method of claim 20, wherein the data network comprises the internet or a mobile internet.
22. The method of claim 19, wherein the verifying the first encrypted value based on the second master key Ks and second verification information comprises:
Generating a second authentication key based on the second master key Ks, wherein the generation mode of the second authentication key is consistent with the generation mode of the first authentication key generated by the user terminal, so that the second authentication key is the same as the value of the first authentication key generated by the user terminal;
generating the second verification information, wherein the generation mode of the second verification information is consistent with the generation mode of the first verification information generated by the user terminal, so that the second verification information is the same as the value of the first verification information generated by the user terminal;
the first encrypted value is verified based on the second authentication key and the second verification information.
23. The method of claim 22, wherein the generating a second authentication key based on the second master key Ks comprises:
taking the second master key Ks as the second authentication key; or alternatively, the process may be performed,
the second authentication key is generated based on information including the second master key Ks.
24. The method of claim 23, wherein the generating the second authentication key based on the information comprising the second master key Ks comprises:
Generating a second authentication key based on information comprising the second master key Ks and a first fixed string or/and a first random string or/and a first timestamp or/and the B-TID or/and NAF Id, the first fixed string being a pre-configured string and having the same value as the first fixed string pre-configured by the user terminal, the first random string or/and the first timestamp or/and the NAF Id being communicated by the user terminal.
25. The method of claim 22, wherein the generating the second authentication information comprises:
generating the second authentication information based on a second fixed string or/and a second random string or/and a second timestamp or/and the B-TID or/and NAF Id, wherein the second fixed string is a string which is preconfigured and has the same value as a second fixed string preconfigured by the user terminal, and the second random string or/and the second timestamp or/and the NAF Id is transmitted by the user terminal.
26. The method of claim 25, wherein the generating the second authentication information based on the second fixed string or/and the second random string or/and the B-TID or/and nafjd comprises:
Taking the second fixed character string or the second random character string or the second timestamp or one of the B-TID or the NAF_Id as the second verification information; or alternatively, the process may be performed,
taking the hash value of the second fixed character string or the second random character string or the second timestamp or one of the B-TID or the NAF_Id as the second verification information; or alternatively, the process may be performed,
the information comprising the second fixed character string or/and the second random character string or/and the second timestamp or/and the B-TID or/and the NAF_Id is combined and spliced to be used as the second verification information; or alternatively, the process may be performed,
and combining and splicing the information comprising the second fixed character string or/and the second random character string or/and the second timestamp or/and the B-TID or/and the NAF_Id, and then taking a hash value generated by hash calculation as the second verification information.
27. The method of claim 22, wherein the verifying the first encrypted value based on the second authentication key and the second verification information comprises:
if the user terminal generates the first encryption value by using a signature encryption algorithm, verifying the first encryption value by using the same signature encryption algorithm based on the second authentication key and the second verification information; or alternatively, the process may be performed,
And if the user terminal generates the first encryption value by using a symmetric encryption algorithm, verifying the first encryption value based on the second authentication key and the second verification information by using the same symmetric encryption algorithm.
28. The method of claim 27, wherein the verifying the first encrypted value based on the second authentication key and the second verification information using the same signature encryption algorithm comprises:
using the same signature encryption algorithm as the user terminal, signature encrypting the second verification information based on the second authentication key to generate a second encryption value;
comparing whether the second encryption value is consistent with the first encryption value;
if so, determining to verify that the first encryption value is valid.
29. The method of claim 27, wherein the verifying the first encrypted value based on the second authentication key and the second verification information using the same symmetric encryption algorithm comprises:
decrypting the first encryption value based on the second authentication key to obtain a plaintext by using the same symmetric encryption algorithm as the user terminal, and obtaining first verification information from the decrypted plaintext;
Comparing whether the second verification information is consistent with the first verification information;
if so, determining to verify that the first encryption value is valid.
30. The method of claim 19, wherein the obtaining the NAF Id delivered by the user terminal comprises:
receiving the NAF_Id transmitted by the user terminal in the process of receiving the B-TID and the first encryption value transmitted by the user terminal; or alternatively, the process may be performed,
and after the first encryption value is verified to be valid, and before the registration information and services are provided to the user terminal, receiving the NAF_Id transmitted by the user terminal.
31. The method of claim 19, wherein said providing registration information and services to the user terminal based on the B-TID and the NAF Id comprises:
the registration information and the service comprise a third party user identifier, specifically, the corresponding third party user identifier is obtained according to the B-TID and the NAF_Id and is used as the third party user identifier, and the third party user identifier is transmitted to the user terminal, so that the third party user identifier is used for identifying the user identity in the third party application client; or/and the combination of the two,
The registration information and the service comprise application keys, specifically, a second application key is generated based on the second master key Ks, the generation mode of the second application key is consistent with the generation mode of the first application key generated by the user terminal, and the corresponding relation between the B-TID and the NAF_Id and the second application key is established, so that the first application key is used as the application key in the third party application client; or/and the combination of the two,
the registration information and services comprise user tokens, specifically, user tokens are generated, the user tokens are associated with the NAF_Id and the IMPI, the IMPI is the IMPI corresponding to the B-TID, the user tokens are transmitted to the user terminal, and the user tokens are used for authentication and authorization of the third party application client to access the corresponding third party application server.
32. The method of claim 31 wherein the obtaining the corresponding third party user identification from the B-TID and the NAF Id comprises:
acquiring corresponding IMPI according to the B-TID;
searching a corresponding third party user identifier according to the IMPI and the NAF_Id;
if the corresponding third party user identifier is found, determining the found corresponding third party user identifier as the third party user identifier;
If no corresponding third party user identifier is found, a unique third party user identifier is created, the unique third party user identifier is determined to be the third party user identifier, and a corresponding relation between the IMPI and the NAF_Id and the unique third party user identifier is established, so that the unique third party user identifier can be found according to the IMPI and the NAF_Id.
33. The method of claim 31 wherein when the registration information and service includes a third party user identification, the registration information and service further includes a user key for the third party user identification, and further comprising, after the obtaining the corresponding third party user identification from the B-TID and the naf_id:
generating a second user key based on the second master key, wherein the generation mode of the second user key is consistent with the generation mode of the first user key generated by the user terminal, and the first user key is used as the user key in the third party application client;
and establishing a corresponding relation between the third party user identifier and the second user key.
34. The method of claim 31, wherein the generating a second application key based on the second master key Ks comprises:
Generating the second application key based on the second master key Ks and optional parameters; the optional parameters include one or more of Salt, RAND, IMPI and NAF Id, where,
salt is the same Salt value as the user terminal;
RAND is RAND generated during the GBA initialization process;
IMPI is the IMPI corresponding to the B-TID;
nafjd is the nafjd;
the KDF is the same key derivation algorithm as the user terminal;
the optional parameters are consistent with the optional parameters when the user terminal generates the first application key.
35. The method of claim 31, wherein the generating a user token, associating the user token with the naf_id and IMPI comprises:
using a randomly generated globally unique string as the user token;
establishing an association relation between the user token and the NAF_Id;
the user token is associated with the IMPI.
36. The method of claim 35, wherein said associating said user token with said IMPI comprises:
establishing an association relationship between the user token and the IMPI so that the IMPI can be acquired according to the user token; or alternatively, the process may be performed,
And pre-creating a unique user identifier corresponding to the IMPI, and building an association relation between the user token and the unique user identifier.
37. The method of claim 19, further comprising, after said obtaining the naf_id communicated by the user terminal and said verifying that the first encryption value is valid, and before said providing registration information and services to the user terminal in accordance with the B-TID and the naf_id:
acquiring the authorization information confirmed by the terminal user sent by the user terminal, and if the authorization information confirmed by the terminal user sent by the user terminal is acquired, executing the registration information and the service provided for the user terminal according to the B-TID and the NAF_Id.
38. The method of claim 37, wherein the obtaining the end-user-confirmed authorization information sent by the user terminal comprises:
sending an application authorization request message to the user terminal;
receiving an application authorization response message sent by the user terminal;
and if the application authorization response message is an application authorization confirmation message, executing the step of providing registration information and services to the user terminal according to the B-TID and the NAF_Id.
39. The method of claim 38, wherein the application authorization request message comprises:
a third party application name, wherein the third party application name is obtained according to the NAF_Id; or/and the combination of the two,
and the mobile user name is obtained according to the B-TID.
40. GBA-based client registration and key sharing apparatus, characterized in that the apparatus is applied in a user terminal running a third party application client, comprising: a memory, a processor for running a program stored by the memory, the program when run performing a method comprising any one of claims 1 to 18.
41. GBA-based client registration and key sharing device, characterized in that said device is applied to a bootstrapping service server BSF, comprising: a memory, a processor for running a program stored by the memory, the program when run performing a method comprising any one of claims 19 to 39.
42. GBA-based client registration and key sharing system, characterized in that the system comprises: a user terminal and a bootstrapping service server (BSF);
The user terminal comprising the apparatus of claim 40;
the bootstrapping service server, BSF, comprises the apparatus of claim 41.
43. A computer readable storage medium, characterized in that the storage medium has stored therein a program for implementing a method comprising any one of claims 1 to 18 when executed by a processor; or/and, the program, when executed by a processor, is for implementing a method comprising any of claims 19 to 39.
Applications Claiming Priority (4)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2018109782125 | 2018-08-23 | ||
| CN201810978212.5A CN109121135A (en) | 2018-08-23 | 2018-08-23 | Client registers and key sharing method, apparatus and system based on GBA |
| PCT/CN2019/074725 WO2020037958A1 (en) | 2018-08-23 | 2019-02-04 | Gba-based client registration and key sharing method, device, and system |
| CNPCT/CN2019/074725 | 2019-02-04 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111050322A CN111050322A (en) | 2020-04-21 |
| CN111050322B true CN111050322B (en) | 2023-06-30 |
Family
ID=64860912
Family Applications (2)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810978212.5A Pending CN109121135A (en) | 2018-08-23 | 2018-08-23 | Client registers and key sharing method, apparatus and system based on GBA |
| CN201910775078.3A Active CN111050322B (en) | 2018-08-23 | 2019-08-22 | GBA-based client registration and key sharing method, device and system |
Family Applications Before (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810978212.5A Pending CN109121135A (en) | 2018-08-23 | 2018-08-23 | Client registers and key sharing method, apparatus and system based on GBA |
Country Status (1)
| Country | Link |
|---|---|
| CN (2) | CN109121135A (en) |
Families Citing this family (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2020037958A1 (en) * | 2018-08-23 | 2020-02-27 | 刘高峰 | Gba-based client registration and key sharing method, device, and system |
| WO2020249861A1 (en) * | 2019-06-08 | 2020-12-17 | Nokia Technologies Oy | Communication security between user equipment and third-party application using communication network-based key |
| CN111327583B (en) * | 2019-08-22 | 2022-03-04 | 刘高峰 | Identity authentication method, intelligent equipment and authentication server |
| CN113518348B (en) * | 2020-06-30 | 2023-05-09 | 中国移动通信有限公司研究院 | Service processing method, device, system and storage medium |
| CN113518349A (en) * | 2020-10-23 | 2021-10-19 | 中国移动通信有限公司研究院 | Service management method, device, system and storage medium |
| CN114584289A (en) * | 2020-12-01 | 2022-06-03 | 中国电信股份有限公司 | Method for generating secret key and related equipment |
| CN112436939B (en) * | 2020-12-11 | 2022-05-03 | 杭州海康威视数字技术股份有限公司 | Key negotiation method, device and system and electronic equipment |
| CN113992367A (en) * | 2021-10-18 | 2022-01-28 | 四川托普信息技术职业学院 | Data encryption transmission system and method thereof |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102264069A (en) * | 2010-05-28 | 2011-11-30 | 中国移动通信集团公司 | Authentication control method, device and system based on universal guide architecture |
| CN102413464A (en) * | 2011-11-24 | 2012-04-11 | 杭州东信北邮信息技术有限公司 | GBA (General Bootstrapping Architecture)-based secret key negotiation system and method of telecommunication capability open platform |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP4763726B2 (en) * | 2005-02-04 | 2011-08-31 | クゥアルコム・インコーポレイテッド | Secure bootstrapping for wireless communication |
| US9251315B2 (en) * | 2011-12-09 | 2016-02-02 | Verizon Patent And Licensing Inc. | Security key management based on service packaging |
-
2018
- 2018-08-23 CN CN201810978212.5A patent/CN109121135A/en active Pending
-
2019
- 2019-08-22 CN CN201910775078.3A patent/CN111050322B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102264069A (en) * | 2010-05-28 | 2011-11-30 | 中国移动通信集团公司 | Authentication control method, device and system based on universal guide architecture |
| CN102413464A (en) * | 2011-11-24 | 2012-04-11 | 杭州东信北邮信息技术有限公司 | GBA (General Bootstrapping Architecture)-based secret key negotiation system and method of telecommunication capability open platform |
Non-Patent Citations (1)
| Title |
|---|
| "COM13-LS147-Y2722".3GPP tsg_sa\WG3_Security.2011,全文. * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109121135A (en) | 2019-01-01 |
| CN111050322A (en) | 2020-04-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111050322B (en) | GBA-based client registration and key sharing method, device and system | |
| CN111050314B (en) | Client registration method, device and system | |
| US10284555B2 (en) | User equipment credential system | |
| WO2017028593A1 (en) | Method for making a network access device access a wireless network access point, network access device, application server, and non-volatile computer readable storage medium | |
| CN111327582B (en) | Authorization method, device and system based on OAuth protocol | |
| CN111327583B (en) | Identity authentication method, intelligent equipment and authentication server | |
| US10411884B2 (en) | Secure bootstrapping architecture method based on password-based digest authentication | |
| JP4741664B2 (en) | Method and apparatus for authentication and privacy | |
| US8726023B2 (en) | Authentication using GAA functionality for unidirectional network connections | |
| US9693226B2 (en) | Method and apparatus for securing a connection in a communications network | |
| US11044084B2 (en) | Method for unified network and service authentication based on ID-based cryptography | |
| CN103763356A (en) | Establishment method, device and system for connection of secure sockets layers | |
| KR20180095873A (en) | Wireless network access method and apparatus, and storage medium | |
| KR20080089500A (en) | Authentication method, system and authentication center based on end to end communication in the mobile network | |
| CN104253801B (en) | Realize the methods, devices and systems of login authentication | |
| WO2007028328A1 (en) | Method, system and device for negotiating about cipher key shared by ue and external equipment | |
| CN108353279B (en) | Authentication method and authentication system | |
| CN114765534B (en) | Private key distribution system and method based on national secret identification cryptographic algorithm | |
| CN111654481B (en) | Identity authentication method, identity authentication device and storage medium | |
| CN108259486B (en) | End-to-end key exchange method based on certificate | |
| CN114158046B (en) | Method and device for realizing one-key login service | |
| CN113727059A (en) | Multimedia conference terminal network access authentication method, device, equipment and storage medium | |
| CN117729056B (en) | Equipment identity authentication method and system | |
| WO2020037958A1 (en) | Gba-based client registration and key sharing method, device, and system | |
| Wan et al. | Access control protocols with two-layer architecture for wireless networks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |