CN111404669A - Key generation method, terminal equipment and network equipment - Google Patents
Key generation method, terminal equipment and network equipment Download PDFInfo
- Publication number
- CN111404669A CN111404669A CN201910000545.5A CN201910000545A CN111404669A CN 111404669 A CN111404669 A CN 111404669A CN 201910000545 A CN201910000545 A CN 201910000545A CN 111404669 A CN111404669 A CN 111404669A
- Authority
- CN
- China
- Prior art keywords
- key
- key generation
- session
- generation mode
- session key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The embodiment of the invention provides a secret key generation method, which relates to terminal equipment, network equipment, a computer readable storage medium and a system, wherein the method comprises the following steps: determining a first key based on the long-term key; determining a key generation mode of the current session from at least one session key generation mode based on indication information sent by a network side; the indication information is used for indicating a session key generation mode; when the authentication of the network side is successful based on the authentication information sent by the network side, generating an authentication response and sending the authentication response to the network side, and generating a key of the session based on the key generation mode of the session; wherein the at least one session key generation mode at least comprises: and generating a first session key generation mode of the current session key based on the first key and the shared key stored by the terminal equipment.
Description
Technical Field
The present invention relates to the field of information processing technologies, and in particular, to a key generation method, a terminal device, a network device, a computer storage medium, and a system.
Background
The 5G will penetrate into various fields of future society and play a key role in constructing a user-centered omnibearing information ecosystem. The safety architecture is the guarantee of the normal operation of the 5G network. The authentication protocol is the cornerstone of building a 5G security architecture.
The third Generation Partnership Project (3rd Generation Partnership Project, 3GPP) standard TS33.501 defines a 5G Authentication and Key Agreement protocol (5G Authentication and Key Agreement, 5G-AKA) for Authentication between a UE and a network, and generates Diffie-Hellman Key exchange (DH) Key exchange related parameters each time the UE and the network perform mutual Authentication. The parameters are generated by using an asymmetric encryption algorithm, a large amount of computing resources are consumed, and the method is particularly unacceptable for the terminal of the internet of things because more terminals of the internet of things are required to have long-time working capacity under the condition of using a battery with limited capacity, and the energy consumption speed of the equipment of the internet of things is increased and the working time of the equipment of the internet of things is shortened due to the large amount of use of the asymmetric encryption algorithm.
Disclosure of Invention
To solve the foregoing technical problem, embodiments of the present invention provide a key generation method, a terminal device, a network device, a computer storage medium, and a system.
In a first aspect, a key generation method is provided, which is applied to a terminal device, and the method includes:
determining a first key based on the long-term key;
determining a key generation mode of the current session from at least one session key generation mode based on indication information sent by a network side;
when the authentication of the network side is successful based on the authentication information sent by the network side, generating an authentication response and sending the authentication response to the network side, and generating a key of the session based on the key generation mode of the session;
wherein the at least one session key generation mode at least comprises: and generating a first session key generation mode of the current session key based on the first key and the shared key stored by the terminal equipment.
In a second aspect, a key generation method is provided, which is applied to a network device, and includes:
determining a first key based on the long-term key;
determining a key generation mode of the current session from at least one session key generation mode based on the indication information;
when the authentication of the terminal equipment is determined to be successful based on the authentication information and the authentication response sent by the terminal equipment, a current session key corresponding to the terminal equipment is generated based on the current session key generation mode;
wherein the at least one session key generation mode at least comprises: and generating a first session key generation mode of the current session key based on the first key and the shared key stored in the network equipment.
In a third aspect, a terminal device is provided, which includes:
the first communication unit is used for receiving the indication information and the authentication information sent by the network side;
a first key generation unit configured to determine a first key based on the long-term key; determining a key generation mode of the current session from at least one session key generation mode based on indication information sent by a network side; when the authentication of the network side is successful based on the authentication information sent by the network side, generating an authentication response and sending the authentication response to the network side, and generating a key of the session based on the key generation mode of the session;
wherein the at least one session key generation mode at least comprises: and generating a first session key generation mode of the current session key based on the first key and the shared key stored by the terminal equipment.
In a fourth aspect, a terminal device is provided, which includes:
the first communication interface is used for receiving the indication information and the authentication information sent by the network side;
a first processor to determine a first key based on a long-term key; determining a key generation mode of the current session from at least one session key generation mode based on indication information sent by a network side; when the authentication of the network side is successful based on the authentication information sent by the network side, generating an authentication response and sending the authentication response to the network side, and generating a key of the session based on the key generation mode of the session;
wherein the at least one session key generation mode at least comprises: and generating a first session key generation mode of the current session key based on the first key and the shared key stored by the terminal equipment.
In a fifth aspect, a network device is provided, which includes:
the second communication unit is used for sending the indication information and the authentication information to the terminal equipment;
a second key generation unit configured to determine the first key based on the long-term key; determining a key generation mode of the current session from at least one session key generation mode based on the indication information; when the authentication of the terminal equipment is determined to be successful based on the authentication information and the authentication response sent by the terminal equipment, a current session key corresponding to the terminal equipment is generated based on the current session key generation mode;
wherein the at least one session key generation mode at least comprises: and generating a first session key generation mode of the current session key based on the first key and the shared key stored in the network equipment.
In a sixth aspect, a network device is provided, comprising:
the second communication interface is used for sending the indication information and the authentication information to the terminal equipment;
a second processor for determining a first key based on the long-term key; determining a key generation mode of the current session from at least one session key generation mode based on the indication information; when the authentication of the terminal equipment is determined to be successful based on the authentication information and the authentication response sent by the terminal equipment, a current session key corresponding to the terminal equipment is generated based on the current session key generation mode;
wherein the at least one session key generation mode at least comprises: and generating a first session key generation mode of the current session key based on the first key and the shared key stored in the network equipment.
In a seventh aspect, a computer storage medium is provided, on which a computer program is stored, wherein the computer program, when executed by a processor, implements the steps of the aforementioned key generation method applied to a terminal device.
In an eighth aspect, a computer storage medium is provided, on which a computer program is stored, wherein the computer program, when executed by a processor, implements the steps of the aforementioned key generation method applied to a network device.
In a ninth aspect, a key generation system, wherein the system comprises: at least one terminal device and an authentication service function AUSF entity; wherein the content of the first and second substances,
the terminal device is used for determining a first key based on a long-term key; determining a key generation mode of the current session from at least one session key generation mode based on indication information sent by a network side; when the authentication of the network side is successful based on the authentication information sent by the network side, generating an authentication response and sending the authentication response to the network side, and generating a key of the session based on the key generation mode of the session;
the AUSF entity is used for determining a first key based on the long-term key; determining a key generation mode of the current session from at least one session key generation mode based on the indication information; when the authentication of the terminal equipment is determined to be successful based on the authentication information and the authentication response sent by the terminal equipment, a current session key corresponding to the terminal equipment is generated based on the current session key generation mode;
wherein the at least one session key generation mode at least comprises: and generating a first session key generation mode of the current session key based on the first key and the shared key stored in the network equipment.
According to the technical scheme of the embodiment of the invention, when key exchange is carried out, the terminal equipment can generate the session key according to the long-term key and the shared key, the network side sends the indication information to the terminal equipment to indicate the terminal equipment to use the stored shared key to generate the session key, and the terminal equipment does not need to adopt an asymmetric encryption algorithm to generate a new shared key for the session. Therefore, by reusing the shared secret key, the usage amount of the asymmetric encryption algorithm in the secret key exchange protocol is reduced, and the power consumption of the terminal equipment is reduced.
Drawings
FIG. 1 is a schematic diagram of a prior art key generation method;
fig. 2 is a schematic flowchart 1 of a key generation method provided in an embodiment of the present application;
fig. 3 is a schematic flowchart of a key generation method according to an embodiment of the present invention, which is shown in fig. 2;
fig. 4 is a schematic flowchart of a key generation method according to an embodiment of the present invention, which is shown in fig. 3;
fig. 5 is a schematic diagram 1 of a terminal device structure according to an embodiment of the present invention;
fig. 6 is a schematic diagram of a terminal device structure according to an embodiment of the present invention 2;
fig. 7 is a schematic diagram 1 of a network device structure according to an embodiment of the present invention;
fig. 8 is a schematic diagram of a network device structure according to an embodiment of the present invention 2;
fig. 9 is a schematic diagram of a system configuration according to an embodiment of the present invention.
Detailed Description
Technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
AKA relies on a root key K stored in a Universal Subscriber Identity Module (USIM) to enable mutual authentication between the UE and the network and to derive a session key. The assumption of security is that the root key K is unknown to anyone but the network operator. However, this assumption is not always correct, since the root key K may have been compromised already at the production stage of the USIM card. Thus, a passive attacker can eavesdrop on the communication using the session key derived from the root key K, and the exchange of messages between the UE and the network. An active attacker may exploit the stolen large number of root keys to forge the base station and launch a man-in-the-middle attack. Long term key compromise has been identified as a key issue in TR33.899, section 5.2.3.2.
For the above key leakage problem, a scheme for enhancing 5G AKA security by the DH key exchange protocol is called using DH on seaf (security Anchor function). The principle is that DH key exchange protocol is additionally completed in the SEAF mutual authentication process of UE and network, and except a root key K, a DH shared key K _ DH between the UE and the network is added in the generation of session key. Even if the attacker knows the root key K, the attacker cannot derive the session key because he does not know the shared key K _ DH.
The steps for exchanging session keys using DH at SEAF are as follows:
1. UDM/ARPF (Unified Data Management/Authentication and Processing Function) generates Authentication vectors 5G HEAV (RAND, AUTN, XRES, KAUSF), and decrypts SUCI (subscription centralized identifier) to obtain SUPI of UE.
2. The UDM/ARPF sends authentication vectors 5G HE AV and SUPI to the ausf (authentication server function).
3. The AUSF temporarily stores XRES and corresponding SUPI, and possibly KAUSF for other uses.
4. AUSF derived hxrres using XRES and KSEAF using KAUSF. Thus, AUSF obtains 5G AV (RAND, AUTN, HXRES, KSEAF).
5. The AUSF sends a 5G AV message to the SEAF.
6. The SEAF generates DH-related parameters from an algorithm indicator Alg (indicating the DH algorithm used), generating a SEAF public-private key pair (APUB, APRI).
7. The SEAF sends an Authentication Request (Authentication Request) message to the UE, which includes RAND, AUTN, APUB, Alg.
8. The UE verifies the network and generates an authentication response RES if the verification is successful. And the UE generates DH-related parameters, namely a public-private key pair (BPUB, BPRI) of the UE according to the algorithm indicator Alg. The UE generates a secret key K _ DH shared with the SEAF by using the BPRI of the UE and the received public key APUB of the SEAF. UE (user Equipment) constructs a session key KSEAF | K _ DH
9. The UE sends an Authentication Response (Authentication Response) message to the SEAF, which includes RES, BPUB.
10. The SEAF deduces HRES from RES, compares HRES with HXRES, and if successful, completes the SEAF authentication for the UE. The SEAF uses the private key APRI of the SEAF and the received public key BPUB of the UE to generate a secret key K _ DH shared with the UE. The UE constructs a session key KSEAF | K _ DH.
11. SEAF sends RES to AUSF.
12. AUSF achieves validation of RES by comparing RES to XRES.
13. If the AUSF succeeds in verifying RES, the AUSF sends a message of successful verification to the SEAF, and the SUPI of the UE.
Here, the scheme using DH on SEAF solves the problem that an attacker can deduce the session key while knowing the long-term key. But the DH key exchange related parameters are generated each time at the SEAF and the UE. The parameters are generated by using an asymmetric encryption algorithm, a large amount of computing resources are consumed, and the generation is unacceptable for the terminal of the internet of things because more terminals of the internet of things are required to have long-time working capacity under the condition of using a limited-capacity battery, and the energy consumption speed of the equipment of the internet of things is increased and the working time of the equipment of the internet of things is shortened due to the large amount of use of the asymmetric encryption algorithm.
In addition, in the scheme of using DH on the SEAF, since the SEAF belongs to the network element of the roaming network, the home network does not know whether the roaming network implements DH key exchange protocol to enhance the session key. The roaming network may spoof the home network, and thus the UE communication over the air interface may be eavesdropped due to the long-term key leakage.
Therefore, the embodiment of the invention provides a key generation method, which can reduce the usage amount of an asymmetric encryption algorithm in a key exchange protocol and reduce the power consumption of terminal equipment.
As shown in fig. 2, an embodiment of the present invention provides a key generation method, which is applied to a terminal device, and the method includes:
step 201: determining a first key based on the long-term key;
step 202: determining a key generation mode of the current session from at least one session key generation mode based on indication information sent by a network side;
step 203: when the authentication of the network side is successful based on the authentication information sent by the network side, generating an authentication response and sending the authentication response to the network side, and generating a key of the session based on the key generation mode of the session;
wherein, at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the current session key based on the first key and the shared key stored by the terminal equipment.
Here, the execution subject of steps 201 to 203 may be a processor of the terminal device.
Step 201 specifically includes: the network side equipment deduces a first key based on the long-term key, sends the first key to the terminal equipment, and the terminal equipment receives the first key. The network side device may be a device having an AUSF function on the network side.
The method further comprises the following steps: receiving indication information and authentication information sent by a network side; the indication information is preset by the terminal equipment, or the network side is determined based on the security level of the terminal. Specifically, which generation is used is determined according to indication information carried in the Profile of the terminal device. The profile of the information about the terminal device may be written into a Unified Data Management (UDM) when the terminal device signs a contract with the network side, and then the UDM determines which generation the terminal device uses to generate the session key when the terminal device needs to perform DH key exchange with the network. The Authentication information is information required for mutual Authentication between the network side and the terminal in the 5G communication Authentication process, for example, information such as a 5G Home Environment Authentication Vector (5G HE AV), a long-term user identity (supi) (subscription management identifier), and the like.
Specifically, the terminal device receives indication information and authentication information sent by a device with an AUSF function on the network side.
The indication information is any one of the following information: the first indication is used for indicating the first session key generation mode, the second indication is used for indicating the second session key generation mode, and the second indication is used for indicating the second session key generation mode.
In practical applications, at least one session key generation method further includes: a second session key generation mode for generating the session key of the current time based on the first key and the new shared key; and taking the first key as a third session key generation mode of the current session key.
Correspondingly, the determining the current session key generation mode from at least one session key generation mode based on the indication information sent by the network side comprises the following steps: when the indication information is a first indication, determining that the session key generation mode is a first session key generation mode; when the indication information is a second indication, determining that the session key generation mode is a second session key generation mode; and when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode. That is, the indication information is used to instruct the terminal device to reuse the shared key, generate a new shared key, or not use the shared key when generating the session key.
Illustratively, the first session key generation manner specifically includes: performing hash operation on the first secret key and a shared secret key stored in the terminal equipment to generate a secret key of the session; the second session key generation method specifically includes: and carrying out hash operation on the first secret key and the new shared secret key to generate the secret key of the session.
The method further comprises the following steps: when the indication information is a second indication, generating a new shared key shared with the network side; the new shared key is saved.
That is, when the terminal device generates the shared key by connecting to the network, and when the shared key is generated by using the second session key generation method for the first time, the shared key generated for the first time is stored on the USIM card of the terminal device or in a storage area in which information cannot be tampered. And then when the terminal equipment exchanges DH session keys with the network, the first session key generation mode is used for instructing the terminal equipment to reuse the stored shared key to generate the session key, the terminal equipment does not need to use an asymmetric encryption algorithm to generate a new shared key every time, the usage amount of the asymmetric encryption algorithm in a key exchange protocol can be reduced, and the power consumption of the terminal equipment is reduced.
Optionally, the second session key generation method is used for generating the shared key next time, the newly generated shared key is used to replace the old shared key stored in the terminal device, and then when the terminal device performs DH session key exchange with the network, the first session key generation method is used to instruct the terminal device to reuse the newly stored shared key to generate the session key.
That is, the shared key stored in the terminal device may be a newly generated shared key in a certain session key exchange process, for example, a first generated shared key; alternatively, each time a new shared key is generated during the session key exchange, the old shared key stored in the terminal device is replaced with the new shared key.
In practical application, when the mutual authentication between the terminal equipment and the network side is successful; and generating an authentication response and sending the authentication response to the network side, and directly generating a session key based on the current session key generation mode. For example, when the mutual authentication between the UE and the UDM/ARPF is successful, the terminal device may store the newly generated shared key at the same time, and generate the session key by using the stored shared key. And when the network side successfully authenticates based on the authentication response, generating a session key corresponding to the terminal equipment, and communicating the network side and the terminal equipment according to the obtained session key.
Referring to fig. 3, when the network side performs key exchange with the terminal device, the step of generating the session key by the terminal device based on the indication information is as follows:
1. UDM/ARPF generates an authentication vector 5G HE AV (RAND, AUTN, XRES, KAUSF) and decrypts sui to obtain the long term subscriber identity SUPI of the UE.
2. The UDM/ARPF sends authentication vectors 5G HE AV, SUPI, and UE Profile to the AUSF, where the authentication vectors 5G HE AV and SUPI contain authentication information and the UE Profile contains indication information.
3. The AUSF temporarily stores XRES and corresponding SUPI, and possibly KAUSF for other uses.
4. The AUSF derives HXRES using XRES and KSEAF (i.e., the first key in embodiments of the invention) using KAUSF. Thus, AUSF obtains 5G AV (RAND, AUTN, HXRES, KSEAF). The AUSF determines the value of DH _ ind (indication information) from the UE Profile. If the value of DH _ ind is set to a (second indication), then DH key exchange related parameters are generated, which first generate the private key APRI of the AUSF and derive the public key APUB of the AUSF. If the value of DH _ ind is set to b (first indication) or c (third indication), no DH key exchange related parameters are generated.
5. The AUSF sends a 5G AV message to the SEAF, the public key APUB of the AUSF, and an indication Alg to use the DH algorithm.
6. The SEAF sends an Authentication Request (Authentication Request) message to the UE, which includes RAND, AUTN, APUB, DH _ ind, Alg. Wherein the Authentication Request message contains the public key APUB of the AUSF only if DH _ ind is a.
7. The UE verifies the network and generates an authentication response RES if the verification is successful. If DH _ ind is a, UE generates DH related parameters, namely a public and private key pair (BPUB, BPRI) of UE according to the algorithm indicator Alg, UE generates a secret key K _ DH shared with AUSF by using the private key BPRI of the UE and the received public key APUB of AUSF, and stores the secret key K _ DH in a USIM card or a storage area with untrustworthy information. The UE generates the session key KSEAF' according to the different values of DH _ ind as follows:
DH _ ind ═ a, KSEAF ═ HASH (KSEAF, K _ DH), where K _ DH is a shared key newly generated by the UE;
DH _ ind ═ b, KSEAF ═ HASH (KSEAF, K _ DH), where K _ DH is the shared key previously stored by the UE;
DH _ ind ═ c, KSEAF ═ KSEAF, where the shared key is not used, the first key being the session key.
8. The UE sends an Authentication Response (Authentication Response) message to the SEAF, which includes RES, BPUB.
9. The SEAF deduces HRES from the authentication response RES and compares HRES with HXRES. And if the authentication of the UE by the SEAF is successful, the SEAF sends RES and BPUB to the AUSF.
10. The AUSF achieves verification of the authentication response RES by comparing it to XRES. The AUSF uses its own private key APRI and the received public key BPUB of the UE to generate a secret key K _ DH shared with the UE and store it in the system. The session key KSEAF' is generated by the AUSF depending on the value of DH _ ind as follows:
DH _ ind ═ a, KSEAF ═ HASH (KSEAF, K _ DH), where K _ DH is a shared key newly generated by the UE;
DH _ ind ═ b, KSEAF ═ HASH (KSEAF, K _ DH), where K _ DH is the shared key previously stored by the UE;
DH _ ind ═ c, KSEAF ═ KSEAF, where the shared key is not used, the first key being the session key.
11. If the AUSF verifies the authentication response RES successfully, the AUSF sends a message to the SEAF that the verification is successful, the session key KSEAF', and the SUPI of the UE.
The DH scheme is used on AUSF, because AUSF belongs to the home network element, the home network can know whether AUSF implements DH key exchange protocol to strengthen the session key, thus avoiding roaming network cheating home network to complete the strengthening of session key. Therefore, the internet of things terminal can safely and efficiently complete the network authentication process. DH _ ind is used for instructing the terminal device and the network device to reuse the shared secret key K _ DH to generate a session key, so that the using amount of an asymmetric encryption algorithm is reduced, and the method is suitable for being used when the device of the Internet of things is connected with a 5G network.
Therefore, by adopting the scheme, when key exchange is carried out, the terminal equipment can generate the session key according to the long-term key and the shared key, the network side sends the indication information to the terminal equipment to indicate the terminal equipment to use the stored shared key to generate the session key, and the terminal equipment does not need to adopt an asymmetric encryption algorithm to generate a new shared key for the session. Therefore, by reusing the shared secret key, the usage amount of the asymmetric encryption algorithm in the secret key exchange protocol is reduced, and the power consumption of the terminal equipment is reduced.
As shown in fig. 4, an embodiment of the present invention provides a key generation method, applied to a network device, where the method includes:
step 401: determining a first key based on the long-term key;
step 402: determining a key generation mode of the current session from at least one session key generation mode based on the indication information;
step 403: when the authentication of the terminal equipment is determined to be successful based on the authentication information and the authentication response sent by the terminal equipment, a current session key corresponding to the terminal equipment is generated based on a current session key generation mode;
wherein, at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the current session key based on the first key and the shared key stored by the network equipment.
Here, the execution subject of steps 401 to 403 may be a processor of a network device. The network device in this embodiment may be considered to be a device having an AUSF function on the network side.
The method further comprises the following steps: sending the first key to the terminal equipment; and sending the indication information and the authentication information to the terminal equipment. The indication information is preset by the terminal equipment, or the network side is determined based on the security level of the terminal. Specifically, which session key generation mode is used is determined according to the indication information carried in the Profile of the terminal device. The profile of the relevant information about the terminal device may be written into the UDM when the terminal device signs a contract with the network side, and then when the terminal device and the network need to perform DH key exchange, the UDM determines which session key generation method the terminal device adopts to generate the session key. The authentication information is information required for mutual authentication between the network side and the terminal in the 5G communication authentication process, and for example, information such as a 5G authentication vector and SUPI.
The indication information is any one of the following information: the first indication is used for indicating the first session key generation mode, the second indication is used for indicating the second session key generation mode, and the second indication is used for indicating the second session key generation mode.
In practical applications, at least one session key generation method further includes: a second session key generation mode for generating the session key of the current time based on the first key and the new shared key; and taking the first key as a third session key generation mode of the current session key.
Correspondingly, the determining the current session key generation mode from at least one session key generation mode based on the indication information sent by the network side comprises the following steps: when the indication information is a first indication, determining that the session key generation mode is a first session key generation mode; when the indication information is a second indication, determining that the session key generation mode is a second session key generation mode; and when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode. That is, the indication information is used to instruct the network device to reuse the shared key, generate a new shared key, or not use the shared key when generating the session key.
Illustratively, the first session key generation manner specifically includes: performing hash operation on the first secret key and a shared secret key stored in the terminal equipment to generate a secret key of the session; the second session key generation method specifically includes: and carrying out hash operation on the first secret key and the new shared secret key to generate the secret key of the session.
The method further comprises the following steps: when the indication information is a second indication, generating a new shared key shared with the terminal equipment; the new shared key is saved.
That is, when the network device and the terminal device are connected to generate the shared key, and the network device generates the shared key by using the second session key generation method for the first time, the initially generated shared key is stored in the storage area, on the network device, of which the information cannot be tampered. And then when the terminal equipment and the network equipment perform DH session key exchange, the first session key generation mode is used for instructing the terminal equipment to reuse the stored shared key to generate the session key, the network equipment does not need to use an asymmetric encryption algorithm to generate a new shared key each time, the use amount of the asymmetric encryption algorithm in the key exchange protocol can be reduced, and the power consumption of the terminal equipment is reduced.
Optionally, the second session key generation manner is used for generating the shared key next time, the newly generated shared key is used for replacing the old shared key stored in the network device, and then when the terminal device performs DH session key exchange with the network, the first session key generation manner is used for instructing the network device to reuse the newly stored shared key to generate the session key.
That is, the shared key stored by the network device may be a newly generated shared key in a certain session key exchange process, for example, a first generated shared key; alternatively, each time a new shared key is generated during the session key exchange process, the old shared key stored in the network device is replaced with the new shared key.
In practical application, when the mutual authentication between the terminal equipment and the network side is successful; and generating an authentication response and sending the authentication response to the network side, and directly generating the session key based on the session key generation mode. For example, when the mutual authentication between the UE and the UDM/ARPF is successful, the terminal device may store the newly generated shared key at the same time, and generate the session key by using the stored shared key. And when the network side successfully authenticates based on the authentication response, generating a session key corresponding to the terminal equipment, and communicating the network side and the terminal equipment according to the obtained session key.
Referring to fig. 3, when the network side performs key exchange with the terminal device, the step of generating the session key by the AUSF based on the indication information is as follows:
1. UDM/ARPF generates an authentication vector 5G HE AV (RAND, AUTN, XRES, KAUSF) and decrypts sui to obtain the long term subscriber identity SUPI of the UE.
2. The UDM/ARPF sends authentication vectors 5G HE AV, SUPI, and UE Profile to the AUSF, where the authentication vectors 5G HE AV and SUPI contain authentication information and the UE Profile contains indication information.
3. The AUSF temporarily stores XRES and corresponding SUPI, and possibly KAUSF for other uses.
4. The AUSF derives HXRES using XRES and KSEAF (i.e., the first key in embodiments of the invention) using KAUSF. Thus, AUSF obtains 5G AV (RAND, AUTN, HXRES, KSEAF). The AUSF determines the value of DH _ ind (indication information) from the UE Profile. If the value of DH _ ind is set to a (second indication), then DH key exchange related parameters are generated, which first generate the private key APRI of the AUSF and derive the public key APUB of the AUSF. If the value of DH _ ind is set to b (first indication) or c (third indication), no DH key exchange related parameters are generated.
5. The AUSF sends a 5G AV message to the SEAF, the public key APUB of the AUSF, and an indication Alg to use the DH algorithm.
6. The SEAF sends an Authentication Request (Authentication Request) message to the UE, which includes RAND, AUTN, APUB, DH _ ind, Alg. Wherein the Authentication Request message contains the public key APUB of the AUSF only if DH _ ind is a.
7. The UE verifies the network and generates an authentication response RES if the verification is successful. If DH _ ind is a, UE generates DH related parameters, namely a public and private key pair (BPUB, BPRI) of UE according to the algorithm indicator Alg, UE generates a secret key K _ DH shared with AUSF by using the private key BPRI of the UE and the received public key APUB of AUSF, and stores the secret key K _ DH in a USIM card or a storage area with untrustworthy information. The UE generates the session key KSEAF' according to the different values of DH _ ind as follows:
DH _ ind ═ a, KSEAF ═ HASH (KSEAF, K _ DH), where K _ DH is a shared key newly generated by the UE;
DH _ ind ═ b, KSEAF ═ HASH (KSEAF, K _ DH), where K _ DH is the shared key previously stored by the UE;
DH _ ind ═ c, KSEAF ═ KSEAF, where the shared key is not used, the first key being the session key.
8. The UE sends an Authentication Response (Authentication Response) message to the SEAF, which includes RES, BPUB.
9. The SEAF deduces HRES from the authentication response RES and compares HRES with HXRES. And if the authentication of the UE by the SEAF is successful, the SEAF sends RES and BPUB to the AUSF.
10. The AUSF achieves verification of the authentication response RES by comparing it to XRES. The AUSF uses its own private key APRI and the received public key BPUB of the UE to generate a secret key K _ DH shared with the UE and store it in the system. The session key KSEAF' is generated by the AUSF depending on the value of DH _ ind as follows:
DH _ ind ═ a, KSEAF ═ HASH (KSEAF, K _ DH), where K _ DH is a shared key newly generated by the UE;
DH _ ind ═ b, KSEAF ═ HASH (KSEAF, K _ DH), where K _ DH is the shared key previously stored by the UE;
DH _ ind ═ c, KSEAF ═ KSEAF, where the shared key is not used, the first key being the session key.
11. If the AUSF verifies the authentication response RES successfully, the AUSF sends a message to the SEAF that the verification is successful, the session key KSEAF', and the SUPI of the UE.
The DH scheme is used on AUSF, because AUSF belongs to the home network element, the home network can know whether AUSF implements DH key exchange protocol to strengthen the session key, thus avoiding roaming network cheating home network to complete the strengthening of session key. Therefore, the internet of things terminal can safely and efficiently complete the network authentication process. DH _ ind is used for instructing the terminal device and the network device to reuse the shared secret key K _ DH to generate a session key, so that the using amount of an asymmetric encryption algorithm is reduced, and the method is suitable for being used when the device of the Internet of things is connected with a 5G network.
Therefore, by adopting the scheme, when key exchange is carried out, the terminal equipment can generate the session key according to the long-term key and the shared key, the network side sends the indication information to the terminal equipment to indicate the terminal equipment to use the stored shared key to generate the session key, and the terminal equipment does not need to adopt an asymmetric encryption algorithm to generate a new shared key for the session. Therefore, by reusing the shared secret key, the usage amount of the asymmetric encryption algorithm in the secret key exchange protocol is reduced, and the power consumption of the terminal equipment is reduced.
As shown in fig. 5, an embodiment of the present invention provides a terminal device, including:
a first communication unit 51, configured to receive indication information and authentication information sent by a network side;
a first key generation unit 52 for determining a first key based on the long-term key; determining a key generation mode of the current session from at least one session key generation mode based on indication information sent by a network side; when the authentication of the network side is successful based on the authentication information sent by the network side, generating an authentication response and sending the authentication response to the network side, and generating a key of the session based on the key generation mode of the session;
wherein, at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the current session key based on the first key and the shared key stored by the terminal equipment.
As shown in fig. 6, an embodiment of the present invention provides a terminal device, including:
a first communication interface 61, configured to receive indication information and authentication information sent by a network side;
a first processor 62 for determining a first key based on the long-term key; determining a key generation mode of the current session from at least one session key generation mode based on indication information sent by a network side; when the authentication of the network side is successful based on the authentication information sent by the network side, generating an authentication response and sending the authentication response to the network side, and generating a key of the session based on the key generation mode of the session;
wherein, at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the current session key based on the first key and the shared key stored by the terminal equipment.
In some embodiments, the at least one session key generation method further includes: a second session key generation mode for generating the session key of the current time based on the first key and the new shared key; and taking the first key as a third session key generation mode of the current session key.
In some embodiments, the first session key generation manner specifically includes: performing hash operation on the first secret key and a shared secret key stored in the terminal equipment to generate a secret key of the session; the second session key generation method specifically includes: and carrying out hash operation on the first secret key and the new shared secret key to generate the secret key of the session.
In some embodiments, the first processor 62 is specifically configured to determine that the current session key generation manner is the first session key generation manner when the indication information is the first indication; when the indication information is a second indication, determining that the session key generation mode is a second session key generation mode; and when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode.
In some embodiments, the first processor 62 is further configured to generate a new shared key shared with the network side when the indication information is the second indication; the new shared key is saved.
As shown in fig. 7, an embodiment of the present invention provides a network device, including:
a second communication unit 71 configured to send instruction information and authentication information to the terminal device;
a second key generation unit 72 for determining a first key based on the long-term key; determining a key generation mode of the current session from at least one session key generation mode based on the indication information; when the authentication of the terminal equipment is determined to be successful based on the authentication information and the authentication response sent by the terminal equipment, a current session key corresponding to the terminal equipment is generated based on a current session key generation mode;
wherein, at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the current session key based on the first key and the shared key stored by the network equipment.
As shown in fig. 8, an embodiment of the present invention provides a network device, including:
a second communication interface 81 for transmitting the instruction information and the authentication information to the terminal device;
a second processor 82 for determining a first key based on the long-term key; determining a key generation mode of the current session from at least one session key generation mode based on the indication information; when the authentication of the terminal equipment is determined to be successful based on the authentication information and the authentication response sent by the terminal equipment, a current session key corresponding to the terminal equipment is generated based on a current session key generation mode;
wherein, at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the current session key based on the first key and the shared key stored by the network equipment.
In some embodiments, the at least one session key generation method further includes: a second session key generation mode for generating the session key of the current time based on the first key and the new shared key; and taking the first key as a third session key generation mode of the current session key.
In some embodiments, the first session key generation manner specifically includes: performing hash operation on the first secret key and a shared secret key stored in the terminal equipment to generate a secret key of the session;
the second session key generation method specifically includes: and carrying out hash operation on the first secret key and the new shared secret key to generate the secret key of the session.
In some embodiments, the second processor 82 is specifically configured to determine that the current session key generation manner is the first session key generation manner when the indication information is the first indication; when the indication information is a second indication, determining that the session key generation mode is a second session key generation mode; and when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode.
In some embodiments, the second processor 82 is further configured to generate a new shared key shared with the terminal device when the indication information is the second indication; the new shared key is saved.
The network device in this embodiment may be considered to be a device having an AUSF function on the network side.
The embodiment of the application also provides a computer readable storage medium for storing the computer program.
Optionally, the computer-readable storage medium may be applied to any terminal device in the embodiments of the present application, and the computer program enables a computer to execute corresponding processes implemented by the terminal device in the methods in the embodiments of the present application, which are not described herein again for brevity.
Alternatively, the computer-readable storage medium may be applied to any network device in the embodiments of the present application, and the computer program enables a computer to execute corresponding processes implemented by the network device in the methods in the embodiments of the present application, which are not described herein again for brevity.
An embodiment of the present application further provides a key generation system, as shown in fig. 9, the system includes: at least one terminal device 91, an authentication service function AUSF entity 92; wherein the content of the first and second substances,
the terminal device 91 is configured to determine a first key based on the long-term key; determining a key generation mode of the current session from at least one session key generation mode based on indication information sent by a network side; when the authentication of the network side is successful based on the authentication information sent by the network side, generating an authentication response and sending the authentication response to the network side, and generating a key of the session based on the key generation mode of the session;
the AUSF entity 92, configured to determine a first key based on the long-term key; determining a key generation mode of the current session from at least one session key generation mode based on the indication information; when the authentication of the terminal equipment is determined to be successful based on the authentication information and the authentication response sent by the terminal equipment, a current session key corresponding to the terminal equipment is generated based on the current session key generation mode;
wherein the at least one session key generation mode at least comprises: and generating a first session key generation mode of the current session key based on the first key and the shared key stored in the network equipment.
The at least one session key generation method further comprises: a second session key generation mode for generating the session key of the current time based on the first key and the new shared key; and taking the first key as a third session key generation mode of the current session key.
The terminal device is configured to perform a hash operation on the first key and a shared key stored in the terminal device to generate a session key of this time; the second session key generation method specifically includes: carrying out Hash operation on the first secret key and the new shared secret key to generate a secret key of the session;
the AUSF entity is used for carrying out hash operation on the first secret key and a shared secret key stored in the terminal equipment to generate a secret key of the session; the second session key generation method specifically includes: and carrying out hash operation on the first secret key and the new shared secret key to generate the secret key of the session.
The terminal device is used for determining that the session key generation mode is a first session key generation mode when the indication information is a first indication; when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode; when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode;
the AUSF entity is used for determining that the session key generation mode is a first session key generation mode when the indication information is a first indication; when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode; and when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode.
The terminal device is configured to generate a new shared key shared with a network side when the indication information is a second indication; saving the new shared secret key;
the AUSF entity is used for generating a new shared key shared with the terminal equipment when the indication information is a second indication; the new shared key is saved.
In addition, the functions of each device in the system are the same as those of the method or the device embodiments, and therefore, the detailed description is omitted.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present application, and shall be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (29)
1. A key generation method is applied to terminal equipment and comprises the following steps:
determining a first key based on the long-term key;
determining a key generation mode of the current session from at least one session key generation mode based on indication information sent by a network side;
when the authentication of the network side is successful based on the authentication information sent by the network side, generating an authentication response and sending the authentication response to the network side, and generating a key of the session based on the key generation mode of the session;
wherein the at least one session key generation mode at least comprises: and generating a first session key generation mode of the current session key based on the first key and the shared key stored by the terminal equipment.
2. The method of claim 1, wherein the at least one session key generation mode further comprises: a second session key generation mode for generating the session key of the current time based on the first key and the new shared key;
and taking the first key as a third session key generation mode of the current session key.
3. The method of claim 2, wherein the first session key generation manner specifically comprises: performing hash operation on the first secret key and a shared secret key stored in the terminal equipment to generate a secret key of the session;
the second session key generation method specifically includes: and carrying out hash operation on the first secret key and the new shared secret key to generate the secret key of the session.
4. The method according to claim 2, wherein the determining the current session key generation method from at least one session key generation method based on the indication information sent by the network side includes:
when the indication information is a first indication, determining that the session key generation mode is a first session key generation mode;
when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode;
and when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode.
5. The method of claim 4, wherein the method further comprises:
when the indication information is a second indication, generating a new shared key shared with a network side;
the new shared key is saved.
6. A key generation method is applied to network equipment, and the method comprises the following steps:
determining a first key based on the long-term key;
determining a key generation mode of the current session from at least one session key generation mode based on the indication information;
when the authentication of the terminal equipment is determined to be successful based on the authentication information and the authentication response sent by the terminal equipment, a current session key corresponding to the terminal equipment is generated based on the current session key generation mode;
wherein the at least one session key generation mode at least comprises: and generating a first session key generation mode of the current session key based on the first key and the shared key stored in the network equipment.
7. The method of claim 6, wherein the at least one session key generation mode further comprises: a second session key generation mode for generating the session key of the current time based on the first key and the new shared key;
and taking the first key as a third session key generation mode of the current session key.
8. The method of claim 7, wherein the first session key generation manner specifically comprises: performing hash operation on the first secret key and a shared secret key stored in the terminal equipment to generate a secret key of the session;
the second session key generation method specifically includes: and carrying out hash operation on the first secret key and the new shared secret key to generate the secret key of the session.
9. The method according to claim 7, wherein the determining the current session key generation method from at least one session key generation method based on the instruction information includes:
when the indication information is a first indication, determining that the session key generation mode is a first session key generation mode;
when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode;
and when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode.
10. The method of claim 9, wherein the method further comprises:
when the indication information is a second indication, generating a new shared key shared with the terminal equipment;
the new shared key is saved.
11. A terminal device, comprising:
the first communication unit is used for receiving the indication information and the authentication information sent by the network side;
a first key generation unit configured to determine a first key based on the long-term key; determining a key generation mode of the current session from at least one session key generation mode based on indication information sent by a network side; when the authentication of the network side is successful based on the authentication information sent by the network side, generating an authentication response and sending the authentication response to the network side, and generating a key of the session based on the key generation mode of the session;
wherein the at least one session key generation mode at least comprises: and generating a first session key generation mode of the current session key based on the first key and the shared key stored by the terminal equipment.
12. A terminal device, comprising:
the first communication interface is used for receiving the indication information and the authentication information sent by the network side;
a first processor to determine a first key based on a long-term key; determining a key generation mode of the current session from at least one session key generation mode based on indication information sent by a network side; when the authentication of the network side is successful based on the authentication information sent by the network side, generating an authentication response and sending the authentication response to the network side, and generating a key of the session based on the key generation mode of the session;
wherein the at least one session key generation mode at least comprises: and generating a first session key generation mode of the current session key based on the first key and the shared key stored by the terminal equipment.
13. The terminal device of claim 12, wherein the at least one session key generation manner further comprises: a second session key generation mode for generating the session key of the current time based on the first key and the new shared key;
and taking the first key as a third session key generation mode of the current session key.
14. The terminal device of claim 13, wherein the first session key generation manner specifically includes: performing hash operation on the first secret key and a shared secret key stored in the terminal equipment to generate a secret key of the session;
the second session key generation method specifically includes: and carrying out hash operation on the first secret key and the new shared secret key to generate the secret key of the session.
15. The terminal device according to claim 13, wherein the first processor is specifically configured to determine that the current session key generation manner is a first session key generation manner when the indication information is a first indication; when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode; and when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode.
16. The terminal device of claim 15, wherein the first processor is further configured to generate a new shared key shared with a network side when the indication information is a second indication; the new shared key is saved.
17. A network device, comprising:
the second communication unit is used for sending the indication information and the authentication information to the terminal equipment;
a second key generation unit configured to determine the first key based on the long-term key; determining a key generation mode of the current session from at least one session key generation mode based on the indication information; when the authentication of the terminal equipment is determined to be successful based on the authentication information and the authentication response sent by the terminal equipment, a current session key corresponding to the terminal equipment is generated based on the current session key generation mode;
wherein the at least one session key generation mode at least comprises: and generating a first session key generation mode of the current session key based on the first key and the shared key stored in the network equipment.
18. A network device, comprising:
the second communication interface is used for sending the indication information and the authentication information to the terminal equipment;
a second processor for determining a first key based on the long-term key; determining a key generation mode of the current session from at least one session key generation mode based on the indication information; when the authentication of the terminal equipment is determined to be successful based on the authentication information and the authentication response sent by the terminal equipment, a current session key corresponding to the terminal equipment is generated based on the current session key generation mode;
wherein the at least one session key generation mode at least comprises: and generating a first session key generation mode of the current session key based on the first key and the shared key stored in the network equipment.
19. The network device of claim 18, wherein the at least one session key generation scheme further comprises: a second session key generation mode for generating the session key of the current time based on the first key and the new shared key;
and taking the first key as a third session key generation mode of the current session key.
20. The network device of claim 19, wherein the first session key generation manner specifically comprises: performing hash operation on the first secret key and a shared secret key stored in the terminal equipment to generate a secret key of the session;
the second session key generation method specifically includes: and carrying out hash operation on the first secret key and the new shared secret key to generate the secret key of the session.
21. The network device according to claim 19, wherein the second processor is specifically configured to determine that the current session key generation manner is a first session key generation manner when the indication information is a first indication; when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode; and when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode.
22. The network device of claim 21, wherein the second processor is further configured to generate a new shared key shared with the terminal device when the indication information is a second indication; the new shared key is saved.
23. A computer storage medium having a computer program stored thereon, wherein the computer program when executed by a processor implements the steps of the method of any one of claims 1-5.
24. A computer storage medium having a computer program stored thereon, wherein the computer program when executed by a processor implements the steps of the method of any of claims 6-10.
25. A key generation system, wherein the system comprises: at least one terminal device and an authentication service function AUSF entity; wherein the content of the first and second substances,
the terminal device is used for determining a first key based on a long-term key; determining a key generation mode of the current session from at least one session key generation mode based on indication information sent by a network side; when the authentication of the network side is successful based on the authentication information sent by the network side, generating an authentication response and sending the authentication response to the network side, and generating a key of the session based on the key generation mode of the session;
the AUSF entity is used for determining a first key based on the long-term key; determining a key generation mode of the current session from at least one session key generation mode based on the indication information; when the authentication of the terminal equipment is determined to be successful based on the authentication information and the authentication response sent by the terminal equipment, a current session key corresponding to the terminal equipment is generated based on the current session key generation mode;
wherein the at least one session key generation mode at least comprises: and generating a first session key generation mode of the current session key based on the first key and the shared key stored in the network equipment.
26. The system of claim 25, wherein the at least one session key generation approach further comprises: a second session key generation mode for generating the session key of the current time based on the first key and the new shared key; and taking the first key as a third session key generation mode of the current session key.
27. The system of claim 26, wherein the terminal device is configured to perform a hash operation on the first key and a shared key stored in the terminal device to generate a current session key; the second session key generation method specifically includes: carrying out Hash operation on the first secret key and the new shared secret key to generate a secret key of the session;
the AUSF entity is used for carrying out hash operation on the first secret key and a shared secret key stored in the terminal equipment to generate a secret key of the session; the second session key generation method specifically includes: and carrying out hash operation on the first secret key and the new shared secret key to generate the secret key of the session.
28. The system of claim 27, wherein the terminal device is configured to determine that the current session key generation manner is a first session key generation manner when the indication information is a first indication; when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode; when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode;
the AUSF entity is used for determining that the session key generation mode is a first session key generation mode when the indication information is a first indication; when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode; and when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode.
29. The system of claim 28, wherein the terminal device is configured to generate a new shared key shared with a network side when the indication information is a second indication; saving the new shared secret key;
the AUSF entity is used for generating a new shared key shared with the terminal equipment when the indication information is a second indication; the new shared key is saved.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910000545.5A CN111404669B (en) | 2019-01-02 | 2019-01-02 | Key generation method, terminal equipment and network equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910000545.5A CN111404669B (en) | 2019-01-02 | 2019-01-02 | Key generation method, terminal equipment and network equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111404669A true CN111404669A (en) | 2020-07-10 |
| CN111404669B CN111404669B (en) | 2023-05-09 |
Family
ID=71430135
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910000545.5A Active CN111404669B (en) | 2019-01-02 | 2019-01-02 | Key generation method, terminal equipment and network equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111404669B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114125834A (en) * | 2020-09-01 | 2022-03-01 | 大唐移动通信设备有限公司 | Method, terminal, network side equipment and device for determining application layer key |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104917605A (en) * | 2014-03-14 | 2015-09-16 | 华为技术有限公司 | Key negotiation method and device during terminal device switching |
| US20170118026A1 (en) * | 2014-05-28 | 2017-04-27 | Datang Mobile Communications Equipment Co., Ltd. | Encrypted communication method and apparatus |
| CN106888092A (en) * | 2016-09-12 | 2017-06-23 | 中国移动通信有限公司研究院 | Information processing method and device |
| CN107820239A (en) * | 2016-09-12 | 2018-03-20 | 中国移动通信有限公司研究院 | Information processing method and device |
| CN109041057A (en) * | 2018-08-08 | 2018-12-18 | 兴唐通信科技有限公司 | Authorizing procedure safety Enhancement Method between a kind of core network element based on 5G AKA |
-
2019
- 2019-01-02 CN CN201910000545.5A patent/CN111404669B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104917605A (en) * | 2014-03-14 | 2015-09-16 | 华为技术有限公司 | Key negotiation method and device during terminal device switching |
| US20170118026A1 (en) * | 2014-05-28 | 2017-04-27 | Datang Mobile Communications Equipment Co., Ltd. | Encrypted communication method and apparatus |
| CN106888092A (en) * | 2016-09-12 | 2017-06-23 | 中国移动通信有限公司研究院 | Information processing method and device |
| CN107820239A (en) * | 2016-09-12 | 2018-03-20 | 中国移动通信有限公司研究院 | Information processing method and device |
| CN109041057A (en) * | 2018-08-08 | 2018-12-18 | 兴唐通信科技有限公司 | Authorizing procedure safety Enhancement Method between a kind of core network element based on 5G AKA |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114125834A (en) * | 2020-09-01 | 2022-03-01 | 大唐移动通信设备有限公司 | Method, terminal, network side equipment and device for determining application layer key |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111404669B (en) | 2023-05-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP6979420B2 (en) | Security configuration for communication between communication devices and network devices | |
| US8559633B2 (en) | Method and device for generating local interface key | |
| US10009359B2 (en) | System, apparatus and method for transferring ownership of a device from manufacturer to user using an embedded resource | |
| JP5579872B2 (en) | Secure multiple UIM authentication and key exchange | |
| US20160269176A1 (en) | Key Configuration Method, System, and Apparatus | |
| CN102685739B (en) | Authentication method and system for Android enterprise applications | |
| CN107820239B (en) | Information processing method and device | |
| CN111245607B (en) | Networking method and system, network distribution equipment, client and server | |
| CN108683690A (en) | Method for authenticating, user equipment, authentication device, authentication server and storage medium | |
| CN111641498A (en) | Key determination method and device | |
| WO2010023506A1 (en) | Methods, apparatuses, computer program products, and systems for providing secure pairing and association for wireless devices | |
| CN110831002B (en) | Method and device for key deduction and computing storage medium | |
| CN112235799B (en) | Network access authentication method and system for terminal equipment | |
| CN111404669B (en) | Key generation method, terminal equipment and network equipment | |
| CN108932425B (en) | Offline identity authentication method, authentication system and authentication equipment | |
| CN111404667B (en) | Key generation method, terminal equipment and network equipment | |
| AU2020204946B2 (en) | Key generation method, terminal device and network device | |
| KR20210146829A (en) | Cryptographic processing events for encrypting or decrypting data | |
| CN109586913B (en) | Security authentication method, security authentication device, communication device, and storage medium | |
| CN102487505B (en) | Access authentication method of sensor node, apparatus thereof and system thereof | |
| CN111404670A (en) | Key generation method, UE and network equipment | |
| CN111404666B (en) | Key generation method, terminal equipment and network equipment | |
| CN117692902B (en) | Intelligent home interaction method and system based on embedded home gateway | |
| CN111866884B (en) | Safety protection method and device | |
| Rasmussen et al. | Nearby threats: Reversing, analyzing, and attacking Google’s ‘nearby connections’ on Android |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |