CN111404669B - Key generation method, terminal equipment and network equipment - Google Patents
Key generation method, terminal equipment and network equipment Download PDFInfo
- Publication number
- CN111404669B CN111404669B CN201910000545.5A CN201910000545A CN111404669B CN 111404669 B CN111404669 B CN 111404669B CN 201910000545 A CN201910000545 A CN 201910000545A CN 111404669 B CN111404669 B CN 111404669B
- Authority
- CN
- China
- Prior art keywords
- session key
- generation mode
- key generation
- key
- indication information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 58
- 230000004044 response Effects 0.000 claims abstract description 59
- 230000007774 longterm Effects 0.000 claims abstract description 35
- 238000004891 communication Methods 0.000 claims description 18
- 238000004590 computer program Methods 0.000 claims description 11
- 230000006870 function Effects 0.000 description 12
- 238000004846 x-ray emission Methods 0.000 description 12
- 239000013598 vector Substances 0.000 description 11
- MXBCYQUALCBQIJ-RYVPXURESA-N (8s,9s,10r,13s,14s,17r)-13-ethyl-17-ethynyl-11-methylidene-1,2,3,6,7,8,9,10,12,14,15,16-dodecahydrocyclopenta[a]phenanthren-17-ol;(8r,9s,13s,14s,17r)-17-ethynyl-13-methyl-7,8,9,11,12,14,15,16-octahydro-6h-cyclopenta[a]phenanthrene-3,17-diol Chemical compound OC1=CC=C2[C@H]3CC[C@](C)([C@](CC4)(O)C#C)[C@@H]4[C@@H]3CCC2=C1.C1CC[C@@H]2[C@H]3C(=C)C[C@](CC)([C@](CC4)(O)C#C)[C@@H]4[C@@H]3CCC2=C1 MXBCYQUALCBQIJ-RYVPXURESA-N 0.000 description 6
- 238000010586 diagram Methods 0.000 description 6
- 238000012795 verification Methods 0.000 description 5
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000013523 data management Methods 0.000 description 3
- 238000005265 energy consumption Methods 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 230000001010 compromised effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The embodiment of the invention provides a key generation method, which relates to terminal equipment, network equipment, a computer readable storage medium and a system, wherein the method comprises the following steps: determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side; the indication information is used for indicating a session key generation mode; generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode; the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the terminal equipment.
Description
Technical Field
The present invention relates to the field of information processing technologies, and in particular, to a key generation method, a terminal device, a network device, a computer storage medium, and a system.
Background
5G will penetrate into various areas of future society and will play a key role in constructing an omnidirectional information ecosystem centered on users. The security architecture is a guarantee of normal operation of the 5G network. The authentication protocol is the cornerstone for building 5G security architecture.
The third generation partnership project (3rd Generation Partnership Project,3GPP) standard TS 33.501 defines a 5G authentication and key agreement protocol (5G Authentication and Key Agreement,5G-AKA) for authentication between a UE and a network, and parameters related to Diffie-hellman key exchange (DH) are generated each time the UE and the network are involved in a mutually serious process. The generation of these parameters requires the use of an asymmetric encryption algorithm, which consumes a large amount of computing resources, which is especially unacceptable for the terminals of the internet of things, because more terminals of the internet of things are required to have long-time working capacity under the condition of using a limited capacity battery, and the large amount of use of the asymmetric encryption algorithm can accelerate the energy consumption speed of the devices of the internet of things and shorten the working time of the devices of the internet of things.
Disclosure of Invention
In order to solve the technical problems, the embodiment of the invention provides a key generation method, terminal equipment, network equipment, a computer storage medium and a system.
In a first aspect, a key generation method is provided, applied to a terminal device, and the method includes:
determining a first key based on the long-term key;
determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side;
generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the terminal equipment.
In a second aspect, a key generation method is provided, applied to a network device, and the method includes:
determining a first key based on the long-term key;
determining a current session key generation mode from at least one session key generation mode based on the indication information;
when the authentication of the terminal equipment is successful based on the authentication information and the authentication response sent by the terminal equipment, generating a current session key corresponding to the terminal equipment based on the current session key generation mode;
The at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
In a third aspect, there is provided a terminal device comprising:
the first communication unit is used for receiving the indication information and the authentication information sent by the network side;
a first key generation unit for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side; generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the terminal equipment.
In a fourth aspect, there is provided a terminal device, including:
the first communication interface is used for receiving the indication information and the authentication information sent by the network side;
A first processor for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side; generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the terminal equipment.
In a fifth aspect, there is provided a network device comprising:
a second communication unit for transmitting the indication information and the authentication information to the terminal device;
a second key generation unit for determining the first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information; when the authentication of the terminal equipment is successful based on the authentication information and the authentication response sent by the terminal equipment, generating a current session key corresponding to the terminal equipment based on the current session key generation mode;
The at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
In a sixth aspect, there is provided a network device comprising:
the second communication interface is used for sending indication information and authentication information to the terminal equipment;
a second processor for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information; when the authentication of the terminal equipment is successful based on the authentication information and the authentication response sent by the terminal equipment, generating a current session key corresponding to the terminal equipment based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
In a seventh aspect, a computer storage medium is provided, on which a computer program is stored, wherein the computer program, when being executed by a processor, implements the steps of the aforementioned key generation method applied to a terminal device.
In an eighth aspect, a computer storage medium is provided, on which a computer program is stored, wherein the computer program, when being executed by a processor, implements the steps of the aforementioned key generation method applied to a network device.
A ninth aspect, a key generation system, wherein the system comprises: at least one terminal equipment, authentication service function AUSF entity; wherein,,
the terminal equipment is used for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side; generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
the AUSF entity for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information; when the authentication of the terminal equipment is successful based on the authentication information and the authentication response sent by the terminal equipment, generating a current session key corresponding to the terminal equipment based on the current session key generation mode;
The at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
According to the technical scheme, when key exchange is carried out, the terminal equipment can generate the session key according to the long-term key and the shared key, the network side instructs the terminal equipment to generate the session key by using the stored shared key by sending the instruction information to the terminal equipment, and the terminal equipment does not need to generate a new shared key for the session by adopting an asymmetric encryption algorithm. Therefore, by reusing the shared key, the use amount of an asymmetric encryption algorithm in the key exchange protocol is reduced, and the power consumption of the terminal equipment is reduced.
Drawings
FIG. 1 is a schematic diagram of a key generation method in the prior art;
fig. 2 is a schematic flow chart 1 of a key generation method provided in an embodiment of the present application;
fig. 3 is a schematic flow chart 2 of a key generation method according to an embodiment of the present invention;
fig. 4 is a schematic flow chart 3 of a key generation method according to an embodiment of the present invention;
fig. 5 is a schematic diagram 1 of a composition structure of a terminal device according to an embodiment of the present invention;
Fig. 6 is a schematic diagram 2 of a composition structure of a terminal device according to an embodiment of the present invention;
fig. 7 is a schematic diagram 1 of a network device composition structure according to an embodiment of the present invention;
fig. 8 is a schematic diagram 2 of a network device composition structure according to an embodiment of the present invention;
fig. 9 is a schematic diagram of a system composition structure according to an embodiment of the present invention.
Detailed Description
The following description of the technical solutions in the embodiments of the present application will be made with reference to the drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present disclosure.
AKA enables mutual authentication between the UE and the network by means of a root key K stored in a global subscriber identity card (Universal Subscriber Identity Module, USIM) and derives a session key. The assumption of security is that the root key K is not known to others except the network operator. However, this assumption is not always correct, since the root key K may already be compromised at the production stage of the USIM card. Thus, a passive attacker may eavesdrop on the communication using the session key derived from the root key K, as well as the exchange of messages between the UE and the network. An active attacker may use a large number of stolen root keys to forge the base station to launch a man-in-the-middle attack. Long term key disclosure has been considered a critical issue in section 5.2.3.2 in TR 33.899.
For the above-described problem of key leakage, a solution to the DH key exchange protocol to enhance 5G AKA security is referred to as using DH on SEAF (SEcurity Anchor Function). The principle is that DH key exchange protocol is accomplished additionally in the SEAF mutual authentication process of the UE and the network, the generation of the session key is added with the DH shared key K_DH between the UE and the network besides the root key K. Even if an attacker knows the root key K, the attacker cannot derive the session key without knowing the shared key k_dh.
As shown in fig. 1, the steps of using the DH exchange session key on the SEAF are as follows:
1. UDM/ARPF (Unified Data Management/Authentication credential Repository and Processing Function) generates authentication vector 5G HE AV (RAND, AUTN, XRES x, KAUSF) and decrypts SUCI (Subscription Concealed Identifier) to obtain SUPI for the UE.
2. The UDM/ARPF sends authentication vectors 5G HE AV and SUPI to AUSF (Authentication Server Function).
3. AUSF temporarily stores XRES and corresponding SUPI, and possibly KAUSF for further use.
4. AUSF uses XRES to derive HXRES and KAUSF to derive KSEAF. Thus AUSF obtains 5G AV (RAND, AUTN, HXRES, KSEAF).
5. AUSF sends a 5G AV message to SEAF.
6. The SEAF generates DH-related parameters from an algorithm indicator Alg (indicating the DH algorithm used), generating a public-private key pair (APUB, APRI) of the SEAF.
7. The SEAF sends an authentication request (Authentication Request) message to the UE, which includes RAND, AUTN, APUB, alg.
8. The UE authenticates the network and generates an authentication response RES if the authentication is successful. And the UE generates DH-related parameters, i.e., public-private key pair (BPUB, BPRI) of the UE, from the algorithm indicator Alg. The UE generates a key k_dh shared with the SEAF using its own private key BPRI and the received public key APUB of the SEAF. UE constructs session key KSEAF' =kseaf||k_dh
9. The UE sends an authentication response (Authentication Response) message to the SEAF, which includes RES, BPUB.
10. The SEAF derives HRES from RES, compares the HRES with HXRES, and completes the authentication of the SEAF to the UE if successful. The SEAF generates a key k_dh shared with the UE using its own private key APRI and the received UE's public key BPUB. The UE builds a session key KSEAF' =kseaf||k_dh.
11. SEAF sends RES to AUSF.
12. AUSF achieves verification of RES by comparing RES with XRES.
13. If the AUSF succeeds in verification on RES, the AUSF sends a message of successful verification to the SEAF and SUPI of the UE.
Here, the solution of using DH on SEAF solves the problem that an attacker knows the long-term key and can derive the session key. But parameters related to DH key exchange are generated each time at SEAF and UE. The generation of these parameters requires the use of an asymmetric encryption algorithm, which consumes a large amount of computing resources, which is unacceptable for the terminals of the internet of things, because more terminals of the internet of things are required to have long-time working capacity under the condition of using a limited capacity battery, and the large amount of use of the asymmetric encryption algorithm can accelerate the energy consumption speed of the devices of the internet of things and shorten the working time of the devices of the internet of things.
Furthermore, the solution of using DH on SEAF, because SEAF belongs to a roaming network element, the home network does not know whether the roaming network implements the DH key exchange protocol to enhance the session key. Roaming networks may fool the home network so that UE communication over the air may be intercepted due to long term key leakage.
Therefore, the embodiment of the invention provides a key generation method, which can reduce the use amount of an asymmetric encryption algorithm in a key exchange protocol and reduce the power consumption of terminal equipment.
As shown in fig. 2, an embodiment of the present invention provides a key generation method, applied to a terminal device, where the method includes:
Step 201: determining a first key based on the long-term key;
step 202: determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side;
step 203: generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the terminal equipment.
Here, the execution subject of steps 201 to 203 may be a processor of the terminal device.
Step 201 specifically includes: the network side equipment estimates a first key based on the long-term key, sends the first key to the terminal equipment, and the terminal equipment receives the first key. The network side device may be a device with an AUSF function on the network side.
The method further comprises the steps of: receiving indication information and authentication information sent by a network side; the indication information is preset by the terminal equipment or determined by the network side based on the security level of the terminal. Specifically, what kind of generation is used is determined according to the indication information carried in the Profile of the terminal device. Regarding the relevant information profile of the terminal device, it may be written into unified data management (UDM, unified Data Management) when the terminal device signs up with the network side, and then when the terminal device needs DH key exchange with the network, the UDM determines which generation the terminal device uses to generate the session key. The authentication information is information required for mutual authentication between the network side and the terminal in the 5G communication authentication process, for example, information such as a 5G authentication vector (5G Home Environment Authentication Vector,5GHE AV) and a long-term user identifier SUPI (Subscription Permanent Identifier).
Specifically, the terminal device receives indication information and authentication information sent by the device with the AUSF function on the network side.
The indication information is any one of the following: a first indication for indicating a first session key generation scheme, a second indication for indicating a second session key generation scheme, and a second indication for indicating a second session key generation scheme.
In practical application, the at least one session key generation mode further includes: generating a second session key generation mode of the session key based on the first key and the new shared key; and a third session key generation mode using the first key as the current session key.
Correspondingly, based on the indication information sent by the network side, determining the current session key generation mode from at least one session key generation mode, including: when the indication information is the first indication, determining that the current session key generation mode is the first session key generation mode; when the indication information is the second indication, determining that the current session key generation mode is the second session key generation mode; and when the indication information is the third indication, determining that the current session key generation mode is the third session key generation mode. That is, the indication information is used to instruct the terminal device to reuse the shared key when generating the session key, to generate a new shared key, or to not use the shared key.
Illustratively, the first session key generation mode specifically includes: carrying out hash operation on the first key and the shared key stored by the terminal equipment to generate a session key of this time; the second session key generation mode specifically includes: and carrying out hash operation on the first key and the new shared key to generate the current session key.
The method further comprises the steps of: generating a new shared key shared with the network side when the indication information is the second indication; the new shared key is saved.
That is, when the terminal device connects to the network to generate the shared key, when the shared key is generated using the second session key generation means for the first time, the shared key generated for the first time is stored on the USIM card of the terminal device or in the storage area where information cannot be tampered with. And when the terminal equipment and the network perform DH (digital rights management) session key exchange, the first session key generation mode is used for indicating the terminal equipment to reuse the stored shared key to generate the session key, and the terminal equipment does not need to use an asymmetric encryption algorithm to generate a new shared key every time, so that the use amount of the asymmetric encryption algorithm in a key exchange protocol can be reduced, and the power consumption of the terminal equipment is reduced.
Optionally, when the second session key generation mode is used for generating the shared key next time, the old shared key stored in the terminal device is replaced by the newly generated shared key, and then the terminal device performs DH session key exchange with the network, the first session key generation mode is used for indicating the terminal device to reuse the latest stored shared key to generate the session key.
That is, the shared key stored in the terminal device may be a shared key newly generated in a session key exchange process, for example, a shared key generated for the first time; alternatively, each time a new shared key is generated during the session key exchange, the old shared key stored in the terminal device is replaced with the new shared key.
In practical application, when the terminal equipment and the network equipment are successfully authenticated with each other; and generating an authentication response and sending the authentication response to the network side, and directly generating a session key based on the current session key generation mode. For example, when the mutual authentication between the UE and the UDM/ARPF is successful, the terminal device stores the latest generated shared key at the same time, and generates a session key using the stored shared key. When the network side is authenticated successfully based on the authentication response, a session key corresponding to the terminal equipment is generated, and the network side and the terminal equipment communicate according to the obtained session key.
Referring to fig. 3, when the network side performs key exchange with the terminal device, the terminal device generates a session key based on the indication information as follows:
1. the UDM/ARPF generates authentication vectors 5G HE AV (RAND, AUTN, XRES x, KAUSF) and decrypts the sui to obtain the long-term user identity SUPI of the UE.
2. The UDM/ARPF sends authentication vectors 5G HE AV, SUPI, and UE Profile to the AUSF, wherein the authentication vectors 5G HE AV and SUPI contain authentication information, and the UE Profile contains indication information.
3. AUSF temporarily stores XRES and corresponding SUPI, and possibly KAUSF for further use.
4. AUSF uses XRES to derive HXRES and KAUSF to derive KSEAF (i.e., the first key in the embodiment of the invention). Thus AUSF obtains 5G AV (RAND, AUTN, HXRES, KSEAF). The AUSF determines a value of dh_ind (indication information) according to the UE Profile. If the value DH_ind is set to a (second indication), DH key exchange related parameters are generated, which first generate the private key APRI of the AUSF and derive the public key APUB of the AUSF. If the value of DH_ind is set to b (first indication) or c (third indication), then the DH key exchange related parameter is not generated.
5. The AUSF sends a 5G AV message to the SEAF, the public key APUB of the AUSF, and an indication Alg using the DH algorithm.
6. The SEAF sends an authentication request (Authentication Request) message to the UE, which includes RAND, AUTN, APUB, DH _ind, alg. Wherein Authentication Request message contains the public key APUB of AUSF only if dh_ind is a.
7. The UE authenticates the network and generates an authentication response RES if the authentication is successful. If DH_ind is a, the UE generates DH related parameters, namely public-private key pair (BPUB, BPRI) of the UE according to the algorithm indicator Alg, and the UE generates a secret key K_DH shared with the AUSF by using the self private key BPRI and the received public key APUB of the AUSF and stores the secret key K_DH on a USIM card or in a storage area with non-tamperable information. The UE generates the session key KSEAF' according to the dh_ind value as follows:
Dh_ind=a, KSEAF' =hash (KSEAF, k_dh), where k_dh is the UE newly generated shared key;
dh_ind=b, KSEAF' =hash (KSEAF, k_dh), where k_dh is the shared key previously stored by the UE;
dh_ind=c, KSEAF' =kseaf, where the shared key is not used and the first key is taken as the session key.
8. The UE sends an authentication response (Authentication Response) message to the SEAF, which includes RES, BPUB.
9. SEAF derives HRES from the authentication response RES and compares HRES with HXRES. If successful, the authentication of the SEAF to the UE is completed, and the SEAF sends RES and BPUB to the AUSF.
10. AUSF verifies RES by comparing the authentication response RES with XRES. The AUSF generates a key k_dh shared with the UE using its own private key APRI and the received public key BPUB of the UE, and stores it in the system. The AUSF generates the session key KSEAF' according to the dh_ind value as follows:
dh_ind=a, KSEAF' =hash (KSEAF, k_dh), where k_dh is the UE newly generated shared key;
dh_ind=b, KSEAF' =hash (KSEAF, k_dh), where k_dh is the shared key previously stored by the UE;
dh_ind=c, KSEAF' =kseaf, where the shared key is not used and the first key is taken as the session key.
11. If the AUSF verifies the authentication response RES successfully, the AUSF sends a message of the verification success, a session key KSEAF' and SUPI of the UE to the SEAF.
The proposal of using DH on AUSF, because AUSF belongs to network element of home network, home network can know whether AUSF implements DH key exchange protocol to strengthen session key, so as to avoid roaming network spoofing home network to complete session key enhancement. Therefore, the terminal of the Internet of things can safely and efficiently finish the network authentication flow. The DH_ind is used for indicating the terminal equipment and the network equipment to reuse the shared key K_DH to generate a session key, so that the use amount of an asymmetric encryption algorithm is reduced, and the method is suitable for being used when the Internet of things equipment is connected with a 5G network.
By adopting the scheme, the terminal equipment can generate the session key according to the long-term key and the shared key when the key exchange is carried out, and the network side instructs the terminal equipment to generate the session key by using the stored shared key by sending the instruction information to the terminal equipment without generating a new shared key for the session by adopting an asymmetric encryption algorithm by the terminal equipment. Therefore, by reusing the shared key, the use amount of an asymmetric encryption algorithm in the key exchange protocol is reduced, and the power consumption of the terminal equipment is reduced.
As shown in fig. 4, an embodiment of the present invention provides a key generation method, applied to a network device, where the method includes:
step 401: determining a first key based on the long-term key;
step 402: determining a current session key generation mode from at least one session key generation mode based on the indication information;
step 403: generating a current session key corresponding to the terminal equipment based on the current session key generation mode when the authentication of the terminal equipment is determined to be successful based on the authentication information and the authentication response sent by the terminal equipment;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
Here, the execution subject of steps 401 to 403 may be a processor of the network device. The network device according to the present embodiment may be regarded as a device having an AUSF function on the network side.
The method further comprises the steps of: transmitting the first key to the terminal equipment; and sending the indication information and the authentication information to the terminal equipment. The indication information is preset by the terminal equipment or determined by the network side based on the security level of the terminal. Specifically, according to the indication information carried in the Profile of the terminal equipment, determining what kind of session key generation mode is used. The relevant information profile of the terminal device may be written into the UDM when the terminal device signs up with the network side, and then when the terminal device needs DH key exchange with the network, the UDM determines which session key generation method is adopted by the terminal device to generate the session key. The authentication information is information required for mutual authentication between the network side and the terminal in the 5G communication authentication process, for example, information such as a 5G authentication vector, SUPI, and the like.
The indication information is any one of the following: a first indication for indicating a first session key generation scheme, a second indication for indicating a second session key generation scheme, and a second indication for indicating a second session key generation scheme.
In practical application, the at least one session key generation mode further includes: generating a second session key generation mode of the session key based on the first key and the new shared key; and a third session key generation mode using the first key as the current session key.
Correspondingly, based on the indication information sent by the network side, determining the current session key generation mode from at least one session key generation mode, including: when the indication information is the first indication, determining that the current session key generation mode is the first session key generation mode; when the indication information is the second indication, determining that the current session key generation mode is the second session key generation mode; and when the indication information is the third indication, determining that the current session key generation mode is the third session key generation mode. That is, the indication information is used to instruct the network device to reuse the shared key when generating the session key, generate a new shared key, or not use the shared key.
Illustratively, the first session key generation mode specifically includes: carrying out hash operation on the first key and the shared key stored by the terminal equipment to generate a session key of this time; the second session key generation mode specifically includes: and carrying out hash operation on the first key and the new shared key to generate the current session key.
The method further comprises the steps of: generating a new shared key shared with the terminal equipment when the indication information is the second indication; the new shared key is saved.
That is, when the network device is connected to the terminal device to generate the shared key, the network device stores the shared key generated for the first time in a storage area where information on the network device is not falsified when the network device generates the shared key for the first time using the second session key generation scheme. And when the terminal equipment and the network equipment perform DH (digital rights management) session key exchange, the first session key generation mode is used for indicating the terminal equipment to reuse the stored shared key to generate the session key, and the network equipment does not need to use an asymmetric encryption algorithm to generate a new shared key every time, so that the use amount of the asymmetric encryption algorithm in the key exchange protocol can be reduced, and the power consumption of the terminal equipment is reduced.
Optionally, when the second session key generation mode is used to generate the shared key next time, the old shared key stored in the network device is replaced by the newly generated shared key, and then the terminal device performs DH session key exchange with the network, the first session key generation mode is used to instruct the network device to reuse the latest stored shared key to generate the session key.
That is, the shared key stored by the network device may be a shared key newly generated during a session key exchange process, for example, a shared key generated for the first time; alternatively, each time a new shared key is generated during the session key exchange, the old shared key stored in the network device is replaced with the new shared key.
In practical application, when the terminal equipment and the network equipment are successfully authenticated with each other; and generating an authentication response and sending the authentication response to the network side, and directly generating the current session key based on the current session key generation mode. For example, when the mutual authentication between the UE and the UDM/ARPF is successful, the terminal device stores the latest generated shared key at the same time, and generates a session key using the stored shared key. When the network side is authenticated successfully based on the authentication response, a session key corresponding to the terminal equipment is generated, and the network side and the terminal equipment communicate according to the obtained session key.
Referring to fig. 3, when the network side performs key exchange with the terminal device, the AUSF generates a session key based on the indication information as follows:
1. the UDM/ARPF generates authentication vectors 5G HE AV (RAND, AUTN, XRES x, KAUSF) and decrypts the sui to obtain the long-term user identity SUPI of the UE.
2. The UDM/ARPF sends authentication vectors 5G HE AV, SUPI, and UE Profile to the AUSF, wherein the authentication vectors 5G HE AV and SUPI contain authentication information, and the UE Profile contains indication information.
3. AUSF temporarily stores XRES and corresponding SUPI, and possibly KAUSF for further use.
4. AUSF uses XRES to derive HXRES and KAUSF to derive KSEAF (i.e., the first key in the embodiment of the invention). Thus AUSF obtains 5G AV (RAND, AUTN, HXRES, KSEAF). The AUSF determines a value of dh_ind (indication information) according to the UE Profile. If the value DH_ind is set to a (second indication), DH key exchange related parameters are generated, which first generate the private key APRI of the AUSF and derive the public key APUB of the AUSF. If the value of DH_ind is set to b (first indication) or c (third indication), then the DH key exchange related parameter is not generated.
5. The AUSF sends a 5G AV message to the SEAF, the public key APUB of the AUSF, and an indication Alg using the DH algorithm.
6. The SEAF sends an authentication request (Authentication Request) message to the UE, which includes RAND, AUTN, APUB, DH _ind, alg. Wherein Authentication Request message contains the public key APUB of AUSF only if dh_ind is a.
7. The UE authenticates the network and generates an authentication response RES if the authentication is successful. If DH_ind is a, the UE generates DH related parameters, namely public-private key pair (BPUB, BPRI) of the UE according to the algorithm indicator Alg, and the UE generates a secret key K_DH shared with the AUSF by using the self private key BPRI and the received public key APUB of the AUSF and stores the secret key K_DH on a USIM card or in a storage area with non-tamperable information. The UE generates the session key KSEAF' according to the dh_ind value as follows:
Dh_ind=a, KSEAF' =hash (KSEAF, k_dh), where k_dh is the UE newly generated shared key;
dh_ind=b, KSEAF' =hash (KSEAF, k_dh), where k_dh is the shared key previously stored by the UE;
dh_ind=c, KSEAF' =kseaf, where the shared key is not used and the first key is taken as the session key.
8. The UE sends an authentication response (Authentication Response) message to the SEAF, which includes RES, BPUB.
9. SEAF derives HRES from the authentication response RES and compares HRES with HXRES. If successful, the authentication of the SEAF to the UE is completed, and the SEAF sends RES and BPUB to the AUSF.
10. AUSF verifies RES by comparing the authentication response RES with XRES. The AUSF generates a key k_dh shared with the UE using its own private key APRI and the received public key BPUB of the UE, and stores it in the system. The AUSF generates the session key KSEAF' according to the dh_ind value as follows:
dh_ind=a, KSEAF' =hash (KSEAF, k_dh), where k_dh is the UE newly generated shared key;
dh_ind=b, KSEAF' =hash (KSEAF, k_dh), where k_dh is the shared key previously stored by the UE;
dh_ind=c, KSEAF' =kseaf, where the shared key is not used and the first key is taken as the session key.
11. If the AUSF verifies the authentication response RES successfully, the AUSF sends a message of the verification success, a session key KSEAF' and SUPI of the UE to the SEAF.
The proposal of using DH on AUSF, because AUSF belongs to network element of home network, home network can know whether AUSF implements DH key exchange protocol to strengthen session key, so as to avoid roaming network spoofing home network to complete session key enhancement. Therefore, the terminal of the Internet of things can safely and efficiently finish the network authentication flow. The DH_ind is used for indicating the terminal equipment and the network equipment to reuse the shared key K_DH to generate a session key, so that the use amount of an asymmetric encryption algorithm is reduced, and the method is suitable for being used when the Internet of things equipment is connected with a 5G network.
By adopting the scheme, the terminal equipment can generate the session key according to the long-term key and the shared key when the key exchange is carried out, and the network side instructs the terminal equipment to generate the session key by using the stored shared key by sending the instruction information to the terminal equipment without generating a new shared key for the session by adopting an asymmetric encryption algorithm by the terminal equipment. Therefore, by reusing the shared key, the use amount of an asymmetric encryption algorithm in the key exchange protocol is reduced, and the power consumption of the terminal equipment is reduced.
As shown in fig. 5, an embodiment of the present invention provides a terminal device, including:
a first communication unit 51, configured to receive indication information and authentication information sent by a network side;
a first key generation unit 52 for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side; generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the terminal equipment.
As shown in fig. 6, an embodiment of the present invention provides a terminal device, including:
a first communication interface 61, configured to receive indication information and authentication information sent by a network side;
a first processor 62 for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side; generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
The at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the terminal equipment.
In some embodiments, the at least one session key generation manner further includes: generating a second session key generation mode of the session key based on the first key and the new shared key; and a third session key generation mode using the first key as the current session key.
In some embodiments, the first session key generation manner specifically includes: carrying out hash operation on the first key and the shared key stored by the terminal equipment to generate a session key of this time; the second session key generation mode specifically includes: and carrying out hash operation on the first key and the new shared key to generate the current session key.
In some embodiments, the first processor 62 is specifically configured to determine that the current session key generation manner is the first session key generation manner when the indication information is the first indication; when the indication information is the second indication, determining that the current session key generation mode is the second session key generation mode; and when the indication information is the third indication, determining that the current session key generation mode is the third session key generation mode.
In some embodiments, the first processor 62 is further configured to generate a new shared key shared with the network side when the indication information is the second indication; the new shared key is saved.
As shown in fig. 7, an embodiment of the present invention provides a network device, including:
a second communication unit 71 for transmitting the instruction information and the authentication information to the terminal device;
a second key generation unit 72 for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information; generating a current session key corresponding to the terminal equipment based on the current session key generation mode when the authentication of the terminal equipment is determined to be successful based on the authentication information and the authentication response sent by the terminal equipment;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
As shown in fig. 8, an embodiment of the present invention provides a network device, including:
a second communication interface 81 for transmitting the indication information and the authentication information to the terminal device;
a second processor 82 for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information; generating a current session key corresponding to the terminal equipment based on the current session key generation mode when the authentication of the terminal equipment is determined to be successful based on the authentication information and the authentication response sent by the terminal equipment;
The at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
In some embodiments, the at least one session key generation manner further includes: generating a second session key generation mode of the session key based on the first key and the new shared key; and a third session key generation mode using the first key as the current session key.
In some embodiments, the first session key generation manner specifically includes: carrying out hash operation on the first key and the shared key stored by the terminal equipment to generate a session key of this time;
the second session key generation mode specifically includes: and carrying out hash operation on the first key and the new shared key to generate the current session key.
In some embodiments, the second processor 82 is specifically configured to determine that the current session key generation manner is the first session key generation manner when the indication information is the first indication; when the indication information is the second indication, determining that the current session key generation mode is the second session key generation mode; and when the indication information is the third indication, determining that the current session key generation mode is the third session key generation mode.
In some embodiments, the second processor 82 is further configured to generate a new shared key shared with the terminal device when the indication information is a second indication; the new shared key is saved.
The network device according to the present embodiment may be regarded as a device having an AUSF function on the network side.
Embodiments of the present application also provide a computer-readable storage medium for storing a computer program.
Optionally, the computer readable storage medium may be applied to any one of the terminal devices in the embodiments of the present application, and the computer program causes a computer to execute a corresponding flow implemented by the terminal device in each method of the embodiments of the present application, which is not described herein for brevity.
Alternatively, the computer readable storage medium may be applied to any one of the network devices in the embodiments of the present application, and the computer program causes a computer to execute a corresponding flow implemented by the network device in each method of the embodiments of the present application, which is not described herein for brevity.
The embodiment of the application also provides a key generation system, as shown in fig. 9, the system includes: at least one terminal device 91, an authentication service function AUSF entity 92; wherein,,
The terminal device 91 is configured to determine a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side; generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
the AUSF entity 92 for determining a first key based on the long term key; determining a current session key generation mode from at least one session key generation mode based on the indication information; when the authentication of the terminal equipment is successful based on the authentication information and the authentication response sent by the terminal equipment, generating a current session key corresponding to the terminal equipment based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
The at least one session key generation mode further comprises: generating a second session key generation mode of the session key based on the first key and the new shared key; and taking the first key as a third session key generation mode of the current session key.
The terminal equipment is used for carrying out hash operation on the first key and the shared key stored by the terminal equipment to generate a current session key; the second session key generation mode specifically includes: carrying out hash operation on the first key and the new shared key to generate a current session key;
the AUSF entity is used for carrying out hash operation on the first key and the shared key stored by the terminal equipment to generate a current session key; the second session key generation mode specifically includes: and carrying out hash operation on the first key and the new shared key to generate a current session key.
The terminal device is configured to determine that the current session key generation mode is a first session key generation mode when the indication information is a first indication; when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode; when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode;
the AUSF entity is used for determining that the current session key generation mode is a first session key generation mode when the indication information is a first indication; when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode; and when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode.
The terminal equipment is used for generating a new shared key shared with the network side when the indication information is a second indication; saving the new shared key;
the AUSF entity is used for generating a new shared key shared with the terminal equipment when the indication information is a second indication; the new shared key is saved.
In addition, the functions of each device in the system are the same as those of the foregoing method or apparatus embodiments, so that a detailed description is omitted.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the above-described systems, apparatuses and units may refer to corresponding procedures in the foregoing method embodiments, and are not repeated herein.
In the several embodiments provided in this application, it should be understood that the disclosed systems, devices, and methods may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in each embodiment of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: a usb disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The foregoing is merely specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily think about changes or substitutions within the technical scope of the present application, and the changes and substitutions are intended to be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (29)
1. A key generation method applied to a terminal device, the method comprising:
determining a first key based on the long-term key;
determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side;
generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the terminal equipment.
2. The method of claim 1, wherein the at least one session key generation manner further comprises: generating a second session key generation mode of the session key based on the first key and the new shared key;
and taking the first key as a third session key generation mode of the current session key.
3. The method of claim 2, wherein the first session key generation mode specifically comprises: carrying out hash operation on the first key and the shared key stored by the terminal equipment to generate a session key;
The second session key generation mode specifically includes: and carrying out hash operation on the first key and the new shared key to generate a current session key.
4. The method of claim 2, wherein the determining the current session key generation mode from the at least one session key generation mode based on the indication information sent by the network side includes:
when the indication information is a first indication, determining that the current session key generation mode is a first session key generation mode;
when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode;
and when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode.
5. The method of claim 4, wherein the method further comprises:
generating a new shared key shared with the network side when the indication information is a second indication;
the new shared key is saved.
6. A key generation method applied to a network device, the method comprising:
determining a first key based on the long-term key;
determining a current session key generation mode from at least one session key generation mode based on the indication information;
When the authentication of the terminal equipment is successful based on the authentication information and the authentication response sent by the terminal equipment, generating a current session key corresponding to the terminal equipment based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
7. The method of claim 6, wherein the at least one session key generation manner further comprises: generating a second session key generation mode of the session key based on the first key and the new shared key;
and taking the first key as a third session key generation mode of the current session key.
8. The method of claim 7, wherein the first session key generation manner specifically comprises: carrying out hash operation on the first key and the shared key stored by the terminal equipment to generate a session key;
the second session key generation mode specifically includes: and carrying out hash operation on the first key and the new shared key to generate a current session key.
9. The method of claim 7, wherein the determining the current session key generation mode from the at least one session key generation mode based on the indication information comprises:
when the indication information is a first indication, determining that the current session key generation mode is a first session key generation mode;
when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode;
and when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode.
10. The method of claim 9, wherein the method further comprises:
generating a new shared key shared with the terminal equipment when the indication information is a second indication;
the new shared key is saved.
11. A terminal device, comprising:
the first communication unit is used for receiving the indication information and the authentication information sent by the network side;
a first key generation unit for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side; generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
The at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the terminal equipment.
12. A terminal device, comprising:
the first communication interface is used for receiving the indication information and the authentication information sent by the network side;
a first processor for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side; generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the terminal equipment.
13. The terminal device of claim 12, wherein the at least one session key generation manner further includes: generating a second session key generation mode of the session key based on the first key and the new shared key;
And taking the first key as a third session key generation mode of the current session key.
14. The terminal device of claim 13, wherein the first session key generation manner specifically includes: carrying out hash operation on the first key and the shared key stored by the terminal equipment to generate a session key;
the second session key generation mode specifically includes: and carrying out hash operation on the first key and the new shared key to generate a current session key.
15. The terminal device of claim 13, wherein the first processor is specifically configured to determine that the current session key generation manner is a first session key generation manner when the indication information is a first indication; when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode; and when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode.
16. The terminal device of claim 15, wherein the first processor is further configured to generate a new shared key shared with the network side when the indication information is a second indication; the new shared key is saved.
17. A network device, comprising:
a second communication unit for transmitting the indication information and the authentication information to the terminal device;
a second key generation unit for determining the first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information; when the authentication of the terminal equipment is successful based on the authentication information and the authentication response sent by the terminal equipment, generating a current session key corresponding to the terminal equipment based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
18. A network device, comprising:
the second communication interface is used for sending indication information and authentication information to the terminal equipment;
a second processor for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information; when the authentication of the terminal equipment is successful based on the authentication information and the authentication response sent by the terminal equipment, generating a current session key corresponding to the terminal equipment based on the current session key generation mode;
The at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
19. The network device of claim 18, wherein the at least one session key generation manner further comprises: generating a second session key generation mode of the session key based on the first key and the new shared key;
and taking the first key as a third session key generation mode of the current session key.
20. The network device of claim 19, wherein the first session key generation means specifically comprises: carrying out hash operation on the first key and the shared key stored by the terminal equipment to generate a session key;
the second session key generation mode specifically includes: and carrying out hash operation on the first key and the new shared key to generate a current session key.
21. The network device of claim 19, wherein the second processor is specifically configured to determine that the current session key generation manner is a first session key generation manner when the indication information is a first indication; when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode; and when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode.
22. The network device of claim 21, wherein the second processor is further configured to generate a new shared key shared with the terminal device when the indication information is a second indication; the new shared key is saved.
23. A computer storage medium having stored thereon a computer program, wherein the computer program when executed by a processor realizes the steps of the method according to any of claims 1-5.
24. A computer storage medium having stored thereon a computer program, wherein the computer program when executed by a processor realizes the steps of the method according to any of claims 6-10.
25. A key generation system, wherein the system comprises: at least one terminal equipment, authentication service function AUSF entity; wherein,,
the terminal equipment is used for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side; generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
The AUSF entity for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information; when the authentication of the terminal equipment is successful based on the authentication information and the authentication response sent by the terminal equipment, generating a current session key corresponding to the terminal equipment based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
26. The system of claim 25, wherein the at least one session key generation manner further comprises: generating a second session key generation mode of the session key based on the first key and the new shared key; and taking the first key as a third session key generation mode of the current session key.
27. The system of claim 26, wherein the terminal device is configured to perform a hash operation on the first key and a shared key stored by the terminal device to generate a current session key; the second session key generation mode specifically includes: carrying out hash operation on the first key and the new shared key to generate a current session key;
The AUSF entity is used for carrying out hash operation on the first key and the shared key stored by the terminal equipment to generate a current session key; the second session key generation mode specifically includes: and carrying out hash operation on the first key and the new shared key to generate a current session key.
28. The system of claim 27, wherein the terminal device is configured to determine that the current session key generation manner is a first session key generation manner when the indication information is a first indication; when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode; when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode;
the AUSF entity is used for determining that the current session key generation mode is a first session key generation mode when the indication information is a first indication; when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode; and when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode.
29. The system according to claim 28, wherein the terminal device is configured to generate a new shared key shared with the network side when the indication information is a second indication; saving the new shared key;
the AUSF entity is used for generating a new shared key shared with the terminal equipment when the indication information is a second indication; the new shared key is saved.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910000545.5A CN111404669B (en) | 2019-01-02 | 2019-01-02 | Key generation method, terminal equipment and network equipment |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910000545.5A CN111404669B (en) | 2019-01-02 | 2019-01-02 | Key generation method, terminal equipment and network equipment |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111404669A CN111404669A (en) | 2020-07-10 |
CN111404669B true CN111404669B (en) | 2023-05-09 |
Family
ID=71430135
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910000545.5A Active CN111404669B (en) | 2019-01-02 | 2019-01-02 | Key generation method, terminal equipment and network equipment |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111404669B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114125834A (en) * | 2020-09-01 | 2022-03-01 | 大唐移动通信设备有限公司 | Method, terminal, network side equipment and device for determining application layer key |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104917605A (en) * | 2014-03-14 | 2015-09-16 | 华为技术有限公司 | Key negotiation method and device during terminal device switching |
CN106888092A (en) * | 2016-09-12 | 2017-06-23 | 中国移动通信有限公司研究院 | Information processing method and device |
CN107820239A (en) * | 2016-09-12 | 2018-03-20 | 中国移动通信有限公司研究院 | Information processing method and device |
CN109041057A (en) * | 2018-08-08 | 2018-12-18 | 兴唐通信科技有限公司 | Authorizing procedure safety Enhancement Method between a kind of core network element based on 5G AKA |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103987037A (en) * | 2014-05-28 | 2014-08-13 | 大唐移动通信设备有限公司 | Secret communication implementation method and device |
-
2019
- 2019-01-02 CN CN201910000545.5A patent/CN111404669B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104917605A (en) * | 2014-03-14 | 2015-09-16 | 华为技术有限公司 | Key negotiation method and device during terminal device switching |
CN106888092A (en) * | 2016-09-12 | 2017-06-23 | 中国移动通信有限公司研究院 | Information processing method and device |
CN107820239A (en) * | 2016-09-12 | 2018-03-20 | 中国移动通信有限公司研究院 | Information processing method and device |
CN109041057A (en) * | 2018-08-08 | 2018-12-18 | 兴唐通信科技有限公司 | Authorizing procedure safety Enhancement Method between a kind of core network element based on 5G AKA |
Also Published As
Publication number | Publication date |
---|---|
CN111404669A (en) | 2020-07-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11296877B2 (en) | Discovery method and apparatus based on service-based architecture | |
US8559633B2 (en) | Method and device for generating local interface key | |
CN108848502B (en) | Method for protecting SUPI (supl interconnection) by using 5G-AKA (alkyl ketene dimmer) | |
US11496320B2 (en) | Registration method and apparatus based on service-based architecture | |
US9253178B2 (en) | Method and apparatus for authenticating a communication device | |
CN103596173B (en) | Wireless network authentication method, client and service end wireless network authentication device | |
JP2019169963A (en) | Security configuration in communication between communication device and network device | |
KR102233860B1 (en) | Actions related to user equipment using secret identifiers | |
US11909869B2 (en) | Communication method and related product based on key agreement and authentication | |
CN102685739B (en) | Authentication method and system for Android enterprise applications | |
CN110831002B (en) | Method and device for key deduction and computing storage medium | |
CN111641498A (en) | Key determination method and device | |
EP3737132A1 (en) | Uicc key provisioning | |
CN111404669B (en) | Key generation method, terminal equipment and network equipment | |
CN111404666B (en) | Key generation method, terminal equipment and network equipment | |
CN111404667B (en) | Key generation method, terminal equipment and network equipment | |
CN111836260A (en) | Authentication information processing method, terminal and network equipment | |
CN111404670A (en) | Key generation method, UE and network equipment | |
KR20080056055A (en) | Communication inter-provider roaming authentication method and key establishment method, and recording medium storing program including the same | |
CN115412909A (en) | Communication method and device | |
CN117692902B (en) | Intelligent home interaction method and system based on embedded home gateway | |
CN118803752A (en) | Authentication method and device and network equipment | |
CN118803751A (en) | Authentication method, device, network equipment and storage medium | |
CN118802151A (en) | Anonymous authentication method, AAnF network element, user equipment and storage medium | |
CN113132338A (en) | Authentication processing method, device and equipment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |