CN111404669B - Key generation method, terminal equipment and network equipment - Google Patents

Key generation method, terminal equipment and network equipment Download PDF

Info

Publication number
CN111404669B
CN111404669B CN201910000545.5A CN201910000545A CN111404669B CN 111404669 B CN111404669 B CN 111404669B CN 201910000545 A CN201910000545 A CN 201910000545A CN 111404669 B CN111404669 B CN 111404669B
Authority
CN
China
Prior art keywords
session key
generation mode
key generation
key
indication information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910000545.5A
Other languages
Chinese (zh)
Other versions
CN111404669A (en
Inventor
刘福文
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
China Mobile Communications Ltd Research Institute
Original Assignee
China Mobile Communications Group Co Ltd
China Mobile Communications Ltd Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, China Mobile Communications Ltd Research Institute filed Critical China Mobile Communications Group Co Ltd
Priority to CN201910000545.5A priority Critical patent/CN111404669B/en
Publication of CN111404669A publication Critical patent/CN111404669A/en
Application granted granted Critical
Publication of CN111404669B publication Critical patent/CN111404669B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The embodiment of the invention provides a key generation method, which relates to terminal equipment, network equipment, a computer readable storage medium and a system, wherein the method comprises the following steps: determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side; the indication information is used for indicating a session key generation mode; generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode; the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the terminal equipment.

Description

Key generation method, terminal equipment and network equipment
Technical Field
The present invention relates to the field of information processing technologies, and in particular, to a key generation method, a terminal device, a network device, a computer storage medium, and a system.
Background
5G will penetrate into various areas of future society and will play a key role in constructing an omnidirectional information ecosystem centered on users. The security architecture is a guarantee of normal operation of the 5G network. The authentication protocol is the cornerstone for building 5G security architecture.
The third generation partnership project (3rd Generation Partnership Project,3GPP) standard TS 33.501 defines a 5G authentication and key agreement protocol (5G Authentication and Key Agreement,5G-AKA) for authentication between a UE and a network, and parameters related to Diffie-hellman key exchange (DH) are generated each time the UE and the network are involved in a mutually serious process. The generation of these parameters requires the use of an asymmetric encryption algorithm, which consumes a large amount of computing resources, which is especially unacceptable for the terminals of the internet of things, because more terminals of the internet of things are required to have long-time working capacity under the condition of using a limited capacity battery, and the large amount of use of the asymmetric encryption algorithm can accelerate the energy consumption speed of the devices of the internet of things and shorten the working time of the devices of the internet of things.
Disclosure of Invention
In order to solve the technical problems, the embodiment of the invention provides a key generation method, terminal equipment, network equipment, a computer storage medium and a system.
In a first aspect, a key generation method is provided, applied to a terminal device, and the method includes:
determining a first key based on the long-term key;
determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side;
generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the terminal equipment.
In a second aspect, a key generation method is provided, applied to a network device, and the method includes:
determining a first key based on the long-term key;
determining a current session key generation mode from at least one session key generation mode based on the indication information;
when the authentication of the terminal equipment is successful based on the authentication information and the authentication response sent by the terminal equipment, generating a current session key corresponding to the terminal equipment based on the current session key generation mode;
The at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
In a third aspect, there is provided a terminal device comprising:
the first communication unit is used for receiving the indication information and the authentication information sent by the network side;
a first key generation unit for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side; generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the terminal equipment.
In a fourth aspect, there is provided a terminal device, including:
the first communication interface is used for receiving the indication information and the authentication information sent by the network side;
A first processor for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side; generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the terminal equipment.
In a fifth aspect, there is provided a network device comprising:
a second communication unit for transmitting the indication information and the authentication information to the terminal device;
a second key generation unit for determining the first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information; when the authentication of the terminal equipment is successful based on the authentication information and the authentication response sent by the terminal equipment, generating a current session key corresponding to the terminal equipment based on the current session key generation mode;
The at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
In a sixth aspect, there is provided a network device comprising:
the second communication interface is used for sending indication information and authentication information to the terminal equipment;
a second processor for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information; when the authentication of the terminal equipment is successful based on the authentication information and the authentication response sent by the terminal equipment, generating a current session key corresponding to the terminal equipment based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
In a seventh aspect, a computer storage medium is provided, on which a computer program is stored, wherein the computer program, when being executed by a processor, implements the steps of the aforementioned key generation method applied to a terminal device.
In an eighth aspect, a computer storage medium is provided, on which a computer program is stored, wherein the computer program, when being executed by a processor, implements the steps of the aforementioned key generation method applied to a network device.
A ninth aspect, a key generation system, wherein the system comprises: at least one terminal equipment, authentication service function AUSF entity; wherein,,
the terminal equipment is used for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side; generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
the AUSF entity for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information; when the authentication of the terminal equipment is successful based on the authentication information and the authentication response sent by the terminal equipment, generating a current session key corresponding to the terminal equipment based on the current session key generation mode;
The at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
According to the technical scheme, when key exchange is carried out, the terminal equipment can generate the session key according to the long-term key and the shared key, the network side instructs the terminal equipment to generate the session key by using the stored shared key by sending the instruction information to the terminal equipment, and the terminal equipment does not need to generate a new shared key for the session by adopting an asymmetric encryption algorithm. Therefore, by reusing the shared key, the use amount of an asymmetric encryption algorithm in the key exchange protocol is reduced, and the power consumption of the terminal equipment is reduced.
Drawings
FIG. 1 is a schematic diagram of a key generation method in the prior art;
fig. 2 is a schematic flow chart 1 of a key generation method provided in an embodiment of the present application;
fig. 3 is a schematic flow chart 2 of a key generation method according to an embodiment of the present invention;
fig. 4 is a schematic flow chart 3 of a key generation method according to an embodiment of the present invention;
fig. 5 is a schematic diagram 1 of a composition structure of a terminal device according to an embodiment of the present invention;
Fig. 6 is a schematic diagram 2 of a composition structure of a terminal device according to an embodiment of the present invention;
fig. 7 is a schematic diagram 1 of a network device composition structure according to an embodiment of the present invention;
fig. 8 is a schematic diagram 2 of a network device composition structure according to an embodiment of the present invention;
fig. 9 is a schematic diagram of a system composition structure according to an embodiment of the present invention.
Detailed Description
The following description of the technical solutions in the embodiments of the present application will be made with reference to the drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present disclosure.
AKA enables mutual authentication between the UE and the network by means of a root key K stored in a global subscriber identity card (Universal Subscriber Identity Module, USIM) and derives a session key. The assumption of security is that the root key K is not known to others except the network operator. However, this assumption is not always correct, since the root key K may already be compromised at the production stage of the USIM card. Thus, a passive attacker may eavesdrop on the communication using the session key derived from the root key K, as well as the exchange of messages between the UE and the network. An active attacker may use a large number of stolen root keys to forge the base station to launch a man-in-the-middle attack. Long term key disclosure has been considered a critical issue in section 5.2.3.2 in TR 33.899.
For the above-described problem of key leakage, a solution to the DH key exchange protocol to enhance 5G AKA security is referred to as using DH on SEAF (SEcurity Anchor Function). The principle is that DH key exchange protocol is accomplished additionally in the SEAF mutual authentication process of the UE and the network, the generation of the session key is added with the DH shared key K_DH between the UE and the network besides the root key K. Even if an attacker knows the root key K, the attacker cannot derive the session key without knowing the shared key k_dh.
As shown in fig. 1, the steps of using the DH exchange session key on the SEAF are as follows:
1. UDM/ARPF (Unified Data Management/Authentication credential Repository and Processing Function) generates authentication vector 5G HE AV (RAND, AUTN, XRES x, KAUSF) and decrypts SUCI (Subscription Concealed Identifier) to obtain SUPI for the UE.
2. The UDM/ARPF sends authentication vectors 5G HE AV and SUPI to AUSF (Authentication Server Function).
3. AUSF temporarily stores XRES and corresponding SUPI, and possibly KAUSF for further use.
4. AUSF uses XRES to derive HXRES and KAUSF to derive KSEAF. Thus AUSF obtains 5G AV (RAND, AUTN, HXRES, KSEAF).
5. AUSF sends a 5G AV message to SEAF.
6. The SEAF generates DH-related parameters from an algorithm indicator Alg (indicating the DH algorithm used), generating a public-private key pair (APUB, APRI) of the SEAF.
7. The SEAF sends an authentication request (Authentication Request) message to the UE, which includes RAND, AUTN, APUB, alg.
8. The UE authenticates the network and generates an authentication response RES if the authentication is successful. And the UE generates DH-related parameters, i.e., public-private key pair (BPUB, BPRI) of the UE, from the algorithm indicator Alg. The UE generates a key k_dh shared with the SEAF using its own private key BPRI and the received public key APUB of the SEAF. UE constructs session key KSEAF' =kseaf||k_dh
9. The UE sends an authentication response (Authentication Response) message to the SEAF, which includes RES, BPUB.
10. The SEAF derives HRES from RES, compares the HRES with HXRES, and completes the authentication of the SEAF to the UE if successful. The SEAF generates a key k_dh shared with the UE using its own private key APRI and the received UE's public key BPUB. The UE builds a session key KSEAF' =kseaf||k_dh.
11. SEAF sends RES to AUSF.
12. AUSF achieves verification of RES by comparing RES with XRES.
13. If the AUSF succeeds in verification on RES, the AUSF sends a message of successful verification to the SEAF and SUPI of the UE.
Here, the solution of using DH on SEAF solves the problem that an attacker knows the long-term key and can derive the session key. But parameters related to DH key exchange are generated each time at SEAF and UE. The generation of these parameters requires the use of an asymmetric encryption algorithm, which consumes a large amount of computing resources, which is unacceptable for the terminals of the internet of things, because more terminals of the internet of things are required to have long-time working capacity under the condition of using a limited capacity battery, and the large amount of use of the asymmetric encryption algorithm can accelerate the energy consumption speed of the devices of the internet of things and shorten the working time of the devices of the internet of things.
Furthermore, the solution of using DH on SEAF, because SEAF belongs to a roaming network element, the home network does not know whether the roaming network implements the DH key exchange protocol to enhance the session key. Roaming networks may fool the home network so that UE communication over the air may be intercepted due to long term key leakage.
Therefore, the embodiment of the invention provides a key generation method, which can reduce the use amount of an asymmetric encryption algorithm in a key exchange protocol and reduce the power consumption of terminal equipment.
As shown in fig. 2, an embodiment of the present invention provides a key generation method, applied to a terminal device, where the method includes:
Step 201: determining a first key based on the long-term key;
step 202: determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side;
step 203: generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the terminal equipment.
Here, the execution subject of steps 201 to 203 may be a processor of the terminal device.
Step 201 specifically includes: the network side equipment estimates a first key based on the long-term key, sends the first key to the terminal equipment, and the terminal equipment receives the first key. The network side device may be a device with an AUSF function on the network side.
The method further comprises the steps of: receiving indication information and authentication information sent by a network side; the indication information is preset by the terminal equipment or determined by the network side based on the security level of the terminal. Specifically, what kind of generation is used is determined according to the indication information carried in the Profile of the terminal device. Regarding the relevant information profile of the terminal device, it may be written into unified data management (UDM, unified Data Management) when the terminal device signs up with the network side, and then when the terminal device needs DH key exchange with the network, the UDM determines which generation the terminal device uses to generate the session key. The authentication information is information required for mutual authentication between the network side and the terminal in the 5G communication authentication process, for example, information such as a 5G authentication vector (5G Home Environment Authentication Vector,5GHE AV) and a long-term user identifier SUPI (Subscription Permanent Identifier).
Specifically, the terminal device receives indication information and authentication information sent by the device with the AUSF function on the network side.
The indication information is any one of the following: a first indication for indicating a first session key generation scheme, a second indication for indicating a second session key generation scheme, and a second indication for indicating a second session key generation scheme.
In practical application, the at least one session key generation mode further includes: generating a second session key generation mode of the session key based on the first key and the new shared key; and a third session key generation mode using the first key as the current session key.
Correspondingly, based on the indication information sent by the network side, determining the current session key generation mode from at least one session key generation mode, including: when the indication information is the first indication, determining that the current session key generation mode is the first session key generation mode; when the indication information is the second indication, determining that the current session key generation mode is the second session key generation mode; and when the indication information is the third indication, determining that the current session key generation mode is the third session key generation mode. That is, the indication information is used to instruct the terminal device to reuse the shared key when generating the session key, to generate a new shared key, or to not use the shared key.
Illustratively, the first session key generation mode specifically includes: carrying out hash operation on the first key and the shared key stored by the terminal equipment to generate a session key of this time; the second session key generation mode specifically includes: and carrying out hash operation on the first key and the new shared key to generate the current session key.
The method further comprises the steps of: generating a new shared key shared with the network side when the indication information is the second indication; the new shared key is saved.
That is, when the terminal device connects to the network to generate the shared key, when the shared key is generated using the second session key generation means for the first time, the shared key generated for the first time is stored on the USIM card of the terminal device or in the storage area where information cannot be tampered with. And when the terminal equipment and the network perform DH (digital rights management) session key exchange, the first session key generation mode is used for indicating the terminal equipment to reuse the stored shared key to generate the session key, and the terminal equipment does not need to use an asymmetric encryption algorithm to generate a new shared key every time, so that the use amount of the asymmetric encryption algorithm in a key exchange protocol can be reduced, and the power consumption of the terminal equipment is reduced.
Optionally, when the second session key generation mode is used for generating the shared key next time, the old shared key stored in the terminal device is replaced by the newly generated shared key, and then the terminal device performs DH session key exchange with the network, the first session key generation mode is used for indicating the terminal device to reuse the latest stored shared key to generate the session key.
That is, the shared key stored in the terminal device may be a shared key newly generated in a session key exchange process, for example, a shared key generated for the first time; alternatively, each time a new shared key is generated during the session key exchange, the old shared key stored in the terminal device is replaced with the new shared key.
In practical application, when the terminal equipment and the network equipment are successfully authenticated with each other; and generating an authentication response and sending the authentication response to the network side, and directly generating a session key based on the current session key generation mode. For example, when the mutual authentication between the UE and the UDM/ARPF is successful, the terminal device stores the latest generated shared key at the same time, and generates a session key using the stored shared key. When the network side is authenticated successfully based on the authentication response, a session key corresponding to the terminal equipment is generated, and the network side and the terminal equipment communicate according to the obtained session key.
Referring to fig. 3, when the network side performs key exchange with the terminal device, the terminal device generates a session key based on the indication information as follows:
1. the UDM/ARPF generates authentication vectors 5G HE AV (RAND, AUTN, XRES x, KAUSF) and decrypts the sui to obtain the long-term user identity SUPI of the UE.
2. The UDM/ARPF sends authentication vectors 5G HE AV, SUPI, and UE Profile to the AUSF, wherein the authentication vectors 5G HE AV and SUPI contain authentication information, and the UE Profile contains indication information.
3. AUSF temporarily stores XRES and corresponding SUPI, and possibly KAUSF for further use.
4. AUSF uses XRES to derive HXRES and KAUSF to derive KSEAF (i.e., the first key in the embodiment of the invention). Thus AUSF obtains 5G AV (RAND, AUTN, HXRES, KSEAF). The AUSF determines a value of dh_ind (indication information) according to the UE Profile. If the value DH_ind is set to a (second indication), DH key exchange related parameters are generated, which first generate the private key APRI of the AUSF and derive the public key APUB of the AUSF. If the value of DH_ind is set to b (first indication) or c (third indication), then the DH key exchange related parameter is not generated.
5. The AUSF sends a 5G AV message to the SEAF, the public key APUB of the AUSF, and an indication Alg using the DH algorithm.
6. The SEAF sends an authentication request (Authentication Request) message to the UE, which includes RAND, AUTN, APUB, DH _ind, alg. Wherein Authentication Request message contains the public key APUB of AUSF only if dh_ind is a.
7. The UE authenticates the network and generates an authentication response RES if the authentication is successful. If DH_ind is a, the UE generates DH related parameters, namely public-private key pair (BPUB, BPRI) of the UE according to the algorithm indicator Alg, and the UE generates a secret key K_DH shared with the AUSF by using the self private key BPRI and the received public key APUB of the AUSF and stores the secret key K_DH on a USIM card or in a storage area with non-tamperable information. The UE generates the session key KSEAF' according to the dh_ind value as follows:
Dh_ind=a, KSEAF' =hash (KSEAF, k_dh), where k_dh is the UE newly generated shared key;
dh_ind=b, KSEAF' =hash (KSEAF, k_dh), where k_dh is the shared key previously stored by the UE;
dh_ind=c, KSEAF' =kseaf, where the shared key is not used and the first key is taken as the session key.
8. The UE sends an authentication response (Authentication Response) message to the SEAF, which includes RES, BPUB.
9. SEAF derives HRES from the authentication response RES and compares HRES with HXRES. If successful, the authentication of the SEAF to the UE is completed, and the SEAF sends RES and BPUB to the AUSF.
10. AUSF verifies RES by comparing the authentication response RES with XRES. The AUSF generates a key k_dh shared with the UE using its own private key APRI and the received public key BPUB of the UE, and stores it in the system. The AUSF generates the session key KSEAF' according to the dh_ind value as follows:
dh_ind=a, KSEAF' =hash (KSEAF, k_dh), where k_dh is the UE newly generated shared key;
dh_ind=b, KSEAF' =hash (KSEAF, k_dh), where k_dh is the shared key previously stored by the UE;
dh_ind=c, KSEAF' =kseaf, where the shared key is not used and the first key is taken as the session key.
11. If the AUSF verifies the authentication response RES successfully, the AUSF sends a message of the verification success, a session key KSEAF' and SUPI of the UE to the SEAF.
The proposal of using DH on AUSF, because AUSF belongs to network element of home network, home network can know whether AUSF implements DH key exchange protocol to strengthen session key, so as to avoid roaming network spoofing home network to complete session key enhancement. Therefore, the terminal of the Internet of things can safely and efficiently finish the network authentication flow. The DH_ind is used for indicating the terminal equipment and the network equipment to reuse the shared key K_DH to generate a session key, so that the use amount of an asymmetric encryption algorithm is reduced, and the method is suitable for being used when the Internet of things equipment is connected with a 5G network.
By adopting the scheme, the terminal equipment can generate the session key according to the long-term key and the shared key when the key exchange is carried out, and the network side instructs the terminal equipment to generate the session key by using the stored shared key by sending the instruction information to the terminal equipment without generating a new shared key for the session by adopting an asymmetric encryption algorithm by the terminal equipment. Therefore, by reusing the shared key, the use amount of an asymmetric encryption algorithm in the key exchange protocol is reduced, and the power consumption of the terminal equipment is reduced.
As shown in fig. 4, an embodiment of the present invention provides a key generation method, applied to a network device, where the method includes:
step 401: determining a first key based on the long-term key;
step 402: determining a current session key generation mode from at least one session key generation mode based on the indication information;
step 403: generating a current session key corresponding to the terminal equipment based on the current session key generation mode when the authentication of the terminal equipment is determined to be successful based on the authentication information and the authentication response sent by the terminal equipment;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
Here, the execution subject of steps 401 to 403 may be a processor of the network device. The network device according to the present embodiment may be regarded as a device having an AUSF function on the network side.
The method further comprises the steps of: transmitting the first key to the terminal equipment; and sending the indication information and the authentication information to the terminal equipment. The indication information is preset by the terminal equipment or determined by the network side based on the security level of the terminal. Specifically, according to the indication information carried in the Profile of the terminal equipment, determining what kind of session key generation mode is used. The relevant information profile of the terminal device may be written into the UDM when the terminal device signs up with the network side, and then when the terminal device needs DH key exchange with the network, the UDM determines which session key generation method is adopted by the terminal device to generate the session key. The authentication information is information required for mutual authentication between the network side and the terminal in the 5G communication authentication process, for example, information such as a 5G authentication vector, SUPI, and the like.
The indication information is any one of the following: a first indication for indicating a first session key generation scheme, a second indication for indicating a second session key generation scheme, and a second indication for indicating a second session key generation scheme.
In practical application, the at least one session key generation mode further includes: generating a second session key generation mode of the session key based on the first key and the new shared key; and a third session key generation mode using the first key as the current session key.
Correspondingly, based on the indication information sent by the network side, determining the current session key generation mode from at least one session key generation mode, including: when the indication information is the first indication, determining that the current session key generation mode is the first session key generation mode; when the indication information is the second indication, determining that the current session key generation mode is the second session key generation mode; and when the indication information is the third indication, determining that the current session key generation mode is the third session key generation mode. That is, the indication information is used to instruct the network device to reuse the shared key when generating the session key, generate a new shared key, or not use the shared key.
Illustratively, the first session key generation mode specifically includes: carrying out hash operation on the first key and the shared key stored by the terminal equipment to generate a session key of this time; the second session key generation mode specifically includes: and carrying out hash operation on the first key and the new shared key to generate the current session key.
The method further comprises the steps of: generating a new shared key shared with the terminal equipment when the indication information is the second indication; the new shared key is saved.
That is, when the network device is connected to the terminal device to generate the shared key, the network device stores the shared key generated for the first time in a storage area where information on the network device is not falsified when the network device generates the shared key for the first time using the second session key generation scheme. And when the terminal equipment and the network equipment perform DH (digital rights management) session key exchange, the first session key generation mode is used for indicating the terminal equipment to reuse the stored shared key to generate the session key, and the network equipment does not need to use an asymmetric encryption algorithm to generate a new shared key every time, so that the use amount of the asymmetric encryption algorithm in the key exchange protocol can be reduced, and the power consumption of the terminal equipment is reduced.
Optionally, when the second session key generation mode is used to generate the shared key next time, the old shared key stored in the network device is replaced by the newly generated shared key, and then the terminal device performs DH session key exchange with the network, the first session key generation mode is used to instruct the network device to reuse the latest stored shared key to generate the session key.
That is, the shared key stored by the network device may be a shared key newly generated during a session key exchange process, for example, a shared key generated for the first time; alternatively, each time a new shared key is generated during the session key exchange, the old shared key stored in the network device is replaced with the new shared key.
In practical application, when the terminal equipment and the network equipment are successfully authenticated with each other; and generating an authentication response and sending the authentication response to the network side, and directly generating the current session key based on the current session key generation mode. For example, when the mutual authentication between the UE and the UDM/ARPF is successful, the terminal device stores the latest generated shared key at the same time, and generates a session key using the stored shared key. When the network side is authenticated successfully based on the authentication response, a session key corresponding to the terminal equipment is generated, and the network side and the terminal equipment communicate according to the obtained session key.
Referring to fig. 3, when the network side performs key exchange with the terminal device, the AUSF generates a session key based on the indication information as follows:
1. the UDM/ARPF generates authentication vectors 5G HE AV (RAND, AUTN, XRES x, KAUSF) and decrypts the sui to obtain the long-term user identity SUPI of the UE.
2. The UDM/ARPF sends authentication vectors 5G HE AV, SUPI, and UE Profile to the AUSF, wherein the authentication vectors 5G HE AV and SUPI contain authentication information, and the UE Profile contains indication information.
3. AUSF temporarily stores XRES and corresponding SUPI, and possibly KAUSF for further use.
4. AUSF uses XRES to derive HXRES and KAUSF to derive KSEAF (i.e., the first key in the embodiment of the invention). Thus AUSF obtains 5G AV (RAND, AUTN, HXRES, KSEAF). The AUSF determines a value of dh_ind (indication information) according to the UE Profile. If the value DH_ind is set to a (second indication), DH key exchange related parameters are generated, which first generate the private key APRI of the AUSF and derive the public key APUB of the AUSF. If the value of DH_ind is set to b (first indication) or c (third indication), then the DH key exchange related parameter is not generated.
5. The AUSF sends a 5G AV message to the SEAF, the public key APUB of the AUSF, and an indication Alg using the DH algorithm.
6. The SEAF sends an authentication request (Authentication Request) message to the UE, which includes RAND, AUTN, APUB, DH _ind, alg. Wherein Authentication Request message contains the public key APUB of AUSF only if dh_ind is a.
7. The UE authenticates the network and generates an authentication response RES if the authentication is successful. If DH_ind is a, the UE generates DH related parameters, namely public-private key pair (BPUB, BPRI) of the UE according to the algorithm indicator Alg, and the UE generates a secret key K_DH shared with the AUSF by using the self private key BPRI and the received public key APUB of the AUSF and stores the secret key K_DH on a USIM card or in a storage area with non-tamperable information. The UE generates the session key KSEAF' according to the dh_ind value as follows:
Dh_ind=a, KSEAF' =hash (KSEAF, k_dh), where k_dh is the UE newly generated shared key;
dh_ind=b, KSEAF' =hash (KSEAF, k_dh), where k_dh is the shared key previously stored by the UE;
dh_ind=c, KSEAF' =kseaf, where the shared key is not used and the first key is taken as the session key.
8. The UE sends an authentication response (Authentication Response) message to the SEAF, which includes RES, BPUB.
9. SEAF derives HRES from the authentication response RES and compares HRES with HXRES. If successful, the authentication of the SEAF to the UE is completed, and the SEAF sends RES and BPUB to the AUSF.
10. AUSF verifies RES by comparing the authentication response RES with XRES. The AUSF generates a key k_dh shared with the UE using its own private key APRI and the received public key BPUB of the UE, and stores it in the system. The AUSF generates the session key KSEAF' according to the dh_ind value as follows:
dh_ind=a, KSEAF' =hash (KSEAF, k_dh), where k_dh is the UE newly generated shared key;
dh_ind=b, KSEAF' =hash (KSEAF, k_dh), where k_dh is the shared key previously stored by the UE;
dh_ind=c, KSEAF' =kseaf, where the shared key is not used and the first key is taken as the session key.
11. If the AUSF verifies the authentication response RES successfully, the AUSF sends a message of the verification success, a session key KSEAF' and SUPI of the UE to the SEAF.
The proposal of using DH on AUSF, because AUSF belongs to network element of home network, home network can know whether AUSF implements DH key exchange protocol to strengthen session key, so as to avoid roaming network spoofing home network to complete session key enhancement. Therefore, the terminal of the Internet of things can safely and efficiently finish the network authentication flow. The DH_ind is used for indicating the terminal equipment and the network equipment to reuse the shared key K_DH to generate a session key, so that the use amount of an asymmetric encryption algorithm is reduced, and the method is suitable for being used when the Internet of things equipment is connected with a 5G network.
By adopting the scheme, the terminal equipment can generate the session key according to the long-term key and the shared key when the key exchange is carried out, and the network side instructs the terminal equipment to generate the session key by using the stored shared key by sending the instruction information to the terminal equipment without generating a new shared key for the session by adopting an asymmetric encryption algorithm by the terminal equipment. Therefore, by reusing the shared key, the use amount of an asymmetric encryption algorithm in the key exchange protocol is reduced, and the power consumption of the terminal equipment is reduced.
As shown in fig. 5, an embodiment of the present invention provides a terminal device, including:
a first communication unit 51, configured to receive indication information and authentication information sent by a network side;
a first key generation unit 52 for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side; generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the terminal equipment.
As shown in fig. 6, an embodiment of the present invention provides a terminal device, including:
a first communication interface 61, configured to receive indication information and authentication information sent by a network side;
a first processor 62 for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side; generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
The at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the terminal equipment.
In some embodiments, the at least one session key generation manner further includes: generating a second session key generation mode of the session key based on the first key and the new shared key; and a third session key generation mode using the first key as the current session key.
In some embodiments, the first session key generation manner specifically includes: carrying out hash operation on the first key and the shared key stored by the terminal equipment to generate a session key of this time; the second session key generation mode specifically includes: and carrying out hash operation on the first key and the new shared key to generate the current session key.
In some embodiments, the first processor 62 is specifically configured to determine that the current session key generation manner is the first session key generation manner when the indication information is the first indication; when the indication information is the second indication, determining that the current session key generation mode is the second session key generation mode; and when the indication information is the third indication, determining that the current session key generation mode is the third session key generation mode.
In some embodiments, the first processor 62 is further configured to generate a new shared key shared with the network side when the indication information is the second indication; the new shared key is saved.
As shown in fig. 7, an embodiment of the present invention provides a network device, including:
a second communication unit 71 for transmitting the instruction information and the authentication information to the terminal device;
a second key generation unit 72 for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information; generating a current session key corresponding to the terminal equipment based on the current session key generation mode when the authentication of the terminal equipment is determined to be successful based on the authentication information and the authentication response sent by the terminal equipment;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
As shown in fig. 8, an embodiment of the present invention provides a network device, including:
a second communication interface 81 for transmitting the indication information and the authentication information to the terminal device;
a second processor 82 for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information; generating a current session key corresponding to the terminal equipment based on the current session key generation mode when the authentication of the terminal equipment is determined to be successful based on the authentication information and the authentication response sent by the terminal equipment;
The at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
In some embodiments, the at least one session key generation manner further includes: generating a second session key generation mode of the session key based on the first key and the new shared key; and a third session key generation mode using the first key as the current session key.
In some embodiments, the first session key generation manner specifically includes: carrying out hash operation on the first key and the shared key stored by the terminal equipment to generate a session key of this time;
the second session key generation mode specifically includes: and carrying out hash operation on the first key and the new shared key to generate the current session key.
In some embodiments, the second processor 82 is specifically configured to determine that the current session key generation manner is the first session key generation manner when the indication information is the first indication; when the indication information is the second indication, determining that the current session key generation mode is the second session key generation mode; and when the indication information is the third indication, determining that the current session key generation mode is the third session key generation mode.
In some embodiments, the second processor 82 is further configured to generate a new shared key shared with the terminal device when the indication information is a second indication; the new shared key is saved.
The network device according to the present embodiment may be regarded as a device having an AUSF function on the network side.
Embodiments of the present application also provide a computer-readable storage medium for storing a computer program.
Optionally, the computer readable storage medium may be applied to any one of the terminal devices in the embodiments of the present application, and the computer program causes a computer to execute a corresponding flow implemented by the terminal device in each method of the embodiments of the present application, which is not described herein for brevity.
Alternatively, the computer readable storage medium may be applied to any one of the network devices in the embodiments of the present application, and the computer program causes a computer to execute a corresponding flow implemented by the network device in each method of the embodiments of the present application, which is not described herein for brevity.
The embodiment of the application also provides a key generation system, as shown in fig. 9, the system includes: at least one terminal device 91, an authentication service function AUSF entity 92; wherein,,
The terminal device 91 is configured to determine a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side; generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
the AUSF entity 92 for determining a first key based on the long term key; determining a current session key generation mode from at least one session key generation mode based on the indication information; when the authentication of the terminal equipment is successful based on the authentication information and the authentication response sent by the terminal equipment, generating a current session key corresponding to the terminal equipment based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
The at least one session key generation mode further comprises: generating a second session key generation mode of the session key based on the first key and the new shared key; and taking the first key as a third session key generation mode of the current session key.
The terminal equipment is used for carrying out hash operation on the first key and the shared key stored by the terminal equipment to generate a current session key; the second session key generation mode specifically includes: carrying out hash operation on the first key and the new shared key to generate a current session key;
the AUSF entity is used for carrying out hash operation on the first key and the shared key stored by the terminal equipment to generate a current session key; the second session key generation mode specifically includes: and carrying out hash operation on the first key and the new shared key to generate a current session key.
The terminal device is configured to determine that the current session key generation mode is a first session key generation mode when the indication information is a first indication; when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode; when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode;
the AUSF entity is used for determining that the current session key generation mode is a first session key generation mode when the indication information is a first indication; when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode; and when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode.
The terminal equipment is used for generating a new shared key shared with the network side when the indication information is a second indication; saving the new shared key;
the AUSF entity is used for generating a new shared key shared with the terminal equipment when the indication information is a second indication; the new shared key is saved.
In addition, the functions of each device in the system are the same as those of the foregoing method or apparatus embodiments, so that a detailed description is omitted.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the above-described systems, apparatuses and units may refer to corresponding procedures in the foregoing method embodiments, and are not repeated herein.
In the several embodiments provided in this application, it should be understood that the disclosed systems, devices, and methods may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in each embodiment of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: a usb disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The foregoing is merely specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily think about changes or substitutions within the technical scope of the present application, and the changes and substitutions are intended to be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (29)

1. A key generation method applied to a terminal device, the method comprising:
determining a first key based on the long-term key;
determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side;
generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the terminal equipment.
2. The method of claim 1, wherein the at least one session key generation manner further comprises: generating a second session key generation mode of the session key based on the first key and the new shared key;
and taking the first key as a third session key generation mode of the current session key.
3. The method of claim 2, wherein the first session key generation mode specifically comprises: carrying out hash operation on the first key and the shared key stored by the terminal equipment to generate a session key;
The second session key generation mode specifically includes: and carrying out hash operation on the first key and the new shared key to generate a current session key.
4. The method of claim 2, wherein the determining the current session key generation mode from the at least one session key generation mode based on the indication information sent by the network side includes:
when the indication information is a first indication, determining that the current session key generation mode is a first session key generation mode;
when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode;
and when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode.
5. The method of claim 4, wherein the method further comprises:
generating a new shared key shared with the network side when the indication information is a second indication;
the new shared key is saved.
6. A key generation method applied to a network device, the method comprising:
determining a first key based on the long-term key;
determining a current session key generation mode from at least one session key generation mode based on the indication information;
When the authentication of the terminal equipment is successful based on the authentication information and the authentication response sent by the terminal equipment, generating a current session key corresponding to the terminal equipment based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
7. The method of claim 6, wherein the at least one session key generation manner further comprises: generating a second session key generation mode of the session key based on the first key and the new shared key;
and taking the first key as a third session key generation mode of the current session key.
8. The method of claim 7, wherein the first session key generation manner specifically comprises: carrying out hash operation on the first key and the shared key stored by the terminal equipment to generate a session key;
the second session key generation mode specifically includes: and carrying out hash operation on the first key and the new shared key to generate a current session key.
9. The method of claim 7, wherein the determining the current session key generation mode from the at least one session key generation mode based on the indication information comprises:
when the indication information is a first indication, determining that the current session key generation mode is a first session key generation mode;
when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode;
and when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode.
10. The method of claim 9, wherein the method further comprises:
generating a new shared key shared with the terminal equipment when the indication information is a second indication;
the new shared key is saved.
11. A terminal device, comprising:
the first communication unit is used for receiving the indication information and the authentication information sent by the network side;
a first key generation unit for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side; generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
The at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the terminal equipment.
12. A terminal device, comprising:
the first communication interface is used for receiving the indication information and the authentication information sent by the network side;
a first processor for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side; generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the terminal equipment.
13. The terminal device of claim 12, wherein the at least one session key generation manner further includes: generating a second session key generation mode of the session key based on the first key and the new shared key;
And taking the first key as a third session key generation mode of the current session key.
14. The terminal device of claim 13, wherein the first session key generation manner specifically includes: carrying out hash operation on the first key and the shared key stored by the terminal equipment to generate a session key;
the second session key generation mode specifically includes: and carrying out hash operation on the first key and the new shared key to generate a current session key.
15. The terminal device of claim 13, wherein the first processor is specifically configured to determine that the current session key generation manner is a first session key generation manner when the indication information is a first indication; when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode; and when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode.
16. The terminal device of claim 15, wherein the first processor is further configured to generate a new shared key shared with the network side when the indication information is a second indication; the new shared key is saved.
17. A network device, comprising:
a second communication unit for transmitting the indication information and the authentication information to the terminal device;
a second key generation unit for determining the first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information; when the authentication of the terminal equipment is successful based on the authentication information and the authentication response sent by the terminal equipment, generating a current session key corresponding to the terminal equipment based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
18. A network device, comprising:
the second communication interface is used for sending indication information and authentication information to the terminal equipment;
a second processor for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information; when the authentication of the terminal equipment is successful based on the authentication information and the authentication response sent by the terminal equipment, generating a current session key corresponding to the terminal equipment based on the current session key generation mode;
The at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
19. The network device of claim 18, wherein the at least one session key generation manner further comprises: generating a second session key generation mode of the session key based on the first key and the new shared key;
and taking the first key as a third session key generation mode of the current session key.
20. The network device of claim 19, wherein the first session key generation means specifically comprises: carrying out hash operation on the first key and the shared key stored by the terminal equipment to generate a session key;
the second session key generation mode specifically includes: and carrying out hash operation on the first key and the new shared key to generate a current session key.
21. The network device of claim 19, wherein the second processor is specifically configured to determine that the current session key generation manner is a first session key generation manner when the indication information is a first indication; when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode; and when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode.
22. The network device of claim 21, wherein the second processor is further configured to generate a new shared key shared with the terminal device when the indication information is a second indication; the new shared key is saved.
23. A computer storage medium having stored thereon a computer program, wherein the computer program when executed by a processor realizes the steps of the method according to any of claims 1-5.
24. A computer storage medium having stored thereon a computer program, wherein the computer program when executed by a processor realizes the steps of the method according to any of claims 6-10.
25. A key generation system, wherein the system comprises: at least one terminal equipment, authentication service function AUSF entity; wherein,,
the terminal equipment is used for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information sent by the network side; generating an authentication response and transmitting the authentication response to the network side when the authentication information transmitted by the network side successfully authenticates the network side, and generating a current session key based on the current session key generation mode;
The AUSF entity for determining a first key based on the long-term key; determining a current session key generation mode from at least one session key generation mode based on the indication information; when the authentication of the terminal equipment is successful based on the authentication information and the authentication response sent by the terminal equipment, generating a current session key corresponding to the terminal equipment based on the current session key generation mode;
the at least one session key generation mode at least comprises the following steps: and generating a first session key generation mode of the session key based on the first key and the shared key stored by the network equipment.
26. The system of claim 25, wherein the at least one session key generation manner further comprises: generating a second session key generation mode of the session key based on the first key and the new shared key; and taking the first key as a third session key generation mode of the current session key.
27. The system of claim 26, wherein the terminal device is configured to perform a hash operation on the first key and a shared key stored by the terminal device to generate a current session key; the second session key generation mode specifically includes: carrying out hash operation on the first key and the new shared key to generate a current session key;
The AUSF entity is used for carrying out hash operation on the first key and the shared key stored by the terminal equipment to generate a current session key; the second session key generation mode specifically includes: and carrying out hash operation on the first key and the new shared key to generate a current session key.
28. The system of claim 27, wherein the terminal device is configured to determine that the current session key generation manner is a first session key generation manner when the indication information is a first indication; when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode; when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode;
the AUSF entity is used for determining that the current session key generation mode is a first session key generation mode when the indication information is a first indication; when the indication information is a second indication, determining that the current session key generation mode is a second session key generation mode; and when the indication information is a third indication, determining that the current session key generation mode is a third session key generation mode.
29. The system according to claim 28, wherein the terminal device is configured to generate a new shared key shared with the network side when the indication information is a second indication; saving the new shared key;
the AUSF entity is used for generating a new shared key shared with the terminal equipment when the indication information is a second indication; the new shared key is saved.
CN201910000545.5A 2019-01-02 2019-01-02 Key generation method, terminal equipment and network equipment Active CN111404669B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910000545.5A CN111404669B (en) 2019-01-02 2019-01-02 Key generation method, terminal equipment and network equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910000545.5A CN111404669B (en) 2019-01-02 2019-01-02 Key generation method, terminal equipment and network equipment

Publications (2)

Publication Number Publication Date
CN111404669A CN111404669A (en) 2020-07-10
CN111404669B true CN111404669B (en) 2023-05-09

Family

ID=71430135

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910000545.5A Active CN111404669B (en) 2019-01-02 2019-01-02 Key generation method, terminal equipment and network equipment

Country Status (1)

Country Link
CN (1) CN111404669B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114125834A (en) * 2020-09-01 2022-03-01 大唐移动通信设备有限公司 Method, terminal, network side equipment and device for determining application layer key

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104917605A (en) * 2014-03-14 2015-09-16 华为技术有限公司 Key negotiation method and device during terminal device switching
CN106888092A (en) * 2016-09-12 2017-06-23 中国移动通信有限公司研究院 Information processing method and device
CN107820239A (en) * 2016-09-12 2018-03-20 中国移动通信有限公司研究院 Information processing method and device
CN109041057A (en) * 2018-08-08 2018-12-18 兴唐通信科技有限公司 Authorizing procedure safety Enhancement Method between a kind of core network element based on 5G AKA

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103987037A (en) * 2014-05-28 2014-08-13 大唐移动通信设备有限公司 Secret communication implementation method and device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104917605A (en) * 2014-03-14 2015-09-16 华为技术有限公司 Key negotiation method and device during terminal device switching
CN106888092A (en) * 2016-09-12 2017-06-23 中国移动通信有限公司研究院 Information processing method and device
CN107820239A (en) * 2016-09-12 2018-03-20 中国移动通信有限公司研究院 Information processing method and device
CN109041057A (en) * 2018-08-08 2018-12-18 兴唐通信科技有限公司 Authorizing procedure safety Enhancement Method between a kind of core network element based on 5G AKA

Also Published As

Publication number Publication date
CN111404669A (en) 2020-07-10

Similar Documents

Publication Publication Date Title
US11296877B2 (en) Discovery method and apparatus based on service-based architecture
US8559633B2 (en) Method and device for generating local interface key
CN108848502B (en) Method for protecting SUPI (supl interconnection) by using 5G-AKA (alkyl ketene dimmer)
US11496320B2 (en) Registration method and apparatus based on service-based architecture
US9253178B2 (en) Method and apparatus for authenticating a communication device
CN103596173B (en) Wireless network authentication method, client and service end wireless network authentication device
JP2019169963A (en) Security configuration in communication between communication device and network device
KR102233860B1 (en) Actions related to user equipment using secret identifiers
US11909869B2 (en) Communication method and related product based on key agreement and authentication
CN102685739B (en) Authentication method and system for Android enterprise applications
CN110831002B (en) Method and device for key deduction and computing storage medium
CN111641498A (en) Key determination method and device
EP3737132A1 (en) Uicc key provisioning
CN111404669B (en) Key generation method, terminal equipment and network equipment
CN111404666B (en) Key generation method, terminal equipment and network equipment
CN111404667B (en) Key generation method, terminal equipment and network equipment
CN111836260A (en) Authentication information processing method, terminal and network equipment
CN111404670A (en) Key generation method, UE and network equipment
KR20080056055A (en) Communication inter-provider roaming authentication method and key establishment method, and recording medium storing program including the same
CN115412909A (en) Communication method and device
CN117692902B (en) Intelligent home interaction method and system based on embedded home gateway
CN118803752A (en) Authentication method and device and network equipment
CN118803751A (en) Authentication method, device, network equipment and storage medium
CN118802151A (en) Anonymous authentication method, AAnF network element, user equipment and storage medium
CN113132338A (en) Authentication processing method, device and equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant