CN111884796B - Method and system for carrying information based on random number field - Google Patents

Method and system for carrying information based on random number field Download PDF

Info

Publication number
CN111884796B
CN111884796B CN202010552295.9A CN202010552295A CN111884796B CN 111884796 B CN111884796 B CN 111884796B CN 202010552295 A CN202010552295 A CN 202010552295A CN 111884796 B CN111884796 B CN 111884796B
Authority
CN
China
Prior art keywords
information
random number
side functional
functional component
network side
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010552295.9A
Other languages
Chinese (zh)
Other versions
CN111884796A (en
Inventor
王俊
张力
许建明
田永春
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CETC 30 Research Institute
Original Assignee
CETC 30 Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CETC 30 Research Institute filed Critical CETC 30 Research Institute
Priority to CN202010552295.9A priority Critical patent/CN111884796B/en
Publication of CN111884796A publication Critical patent/CN111884796A/en
Application granted granted Critical
Publication of CN111884796B publication Critical patent/CN111884796B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity

Abstract

The invention discloses a method and a system for carrying information based on a random number field, wherein the method is characterized in that a terminal side functional component and a network side functional component are matched end to end, a random number is used as a carrier for interacting and negotiating information, and meanwhile, the randomness of the random number is ensured by encrypting the information, so that the effect of embedding a special safety mechanism in a standard communication flow is achieved. The method and the system for carrying information based on the random number field can carry specific information based on standard protocol parameters and can also interact private negotiation information based on a standard protocol negotiation channel, so that a terminal side and a network side can utilize the random number field to carry out end-to-end information interaction on the premise of not changing an end-to-end protocol format and flow and an intermediate information transmission network element.

Description

Method and system for carrying information based on random number field
Technical Field
The invention relates to the technical field of information system security, in particular to a method and a system for carrying information based on a random number field.
Background
The mobile communication system has evolved from 2G to 5G as the most standardized information communication system on the ground, and has now entered the pre-commercialization stage. Compared with the prior mobile communication system, the 5G mobile communication system not only has great improvement on communication capacity, but also has great change on business model. Particularly, in the business model, the mobile communication is changed from a 2C model for providing general services for general public users to a 2B model for providing differentiated services for vertical industry users. Therefore, a high-security private network, which is represented by 5G mobile communication including satellite, etc., and which constructs wide-area coverage based on public information infrastructure has become a mainstream technical approach in various industries.
In particular, there are some key industries with high security requirements in the vertical industry, which need to solve the problem of building a relatively secure information system based on an untrusted infrastructure, and often provide end-to-end security enhancement capability by performing security enhancement on the UE and the home network element respectively.
As shown in fig. 1, taking a mobile communication system as an example, an end-to-end enhanced security model of a key industry with high security requirements includes a mobile terminal device (high security device) -a service network domain-a trusted network domain-a high security application, where the service network domain includes an access network and a core network visited network, and is completely dependent on a public infrastructure of the mobile communication system; the trusted network domain is mainly a core network home network and consists of a general function and a customized function of a key industry; the high-safety equipment is used for carrying out safety enhancement based on a universal mobile communication terminal; high security applications are fully customized application functions for critical industries. The end-to-end security enhancement capability of a signaling plane and a service plane is realized by respectively performing security enhancement on the trusted network domains of the UE side and the home location, and meanwhile, the effect of embedding a special security mechanism in a standard communication flow is achieved.
However, the establishment of a high-security private network based on public information infrastructure needs to be established under the precondition that the public standards such as international, domestic and industry are strictly followed, and meanwhile, the standards and protocols are not changed, and on the basis of an end-to-end enhanced security model, negotiation information required by a security enhancement mechanism of a key industry per se needs to be transmitted through a protocol channel specified by the public standards. However, the protocol channels specified by the published standards often do not reserve redundant fields to provide space for the industry to transfer additional information, and therefore, the difficult problem of carrying additional information based on the protocol fields specified by the published standards so as to facilitate negotiation between the UE and the home-based customized network element is urgently solved.
Disclosure of Invention
The purpose of the invention is: the method and the system can carry information based on the protocol field specified by the open standard without changing the open standard or the protocol specified by the open standard by carrying the ciphertext information obtained by encrypting the specific information in the random number field, thereby achieving the effect of end-to-end negotiation information between the UE and the attribution customized network element and meeting the requirement of constructing a high-safety private network in the key industry.
The invention provides a method for carrying information based on a random number field, which is characterized in that the information is interacted and negotiated by using a random number as a carrier through end-to-end matching of a terminal side functional component and a network side functional component, and the randomness of the random number is ensured by encrypting the information, and the method comprises the following steps:
(1) when the random number is transferred from the network side function component to the terminal side function component: the network side functional component converts the specific entrainment information into ciphertext information meeting the requirement of the specified length of the random number through an encryption mechanism, performs integrity protection, ensures that the ciphertext information has the characteristics of the random number, fills the ciphertext information in a random number section and transmits the ciphertext information to the terminal side functional component; the terminal side functional assembly encryption mechanism judges whether the random number field carries specific entrainment information or not, and if not, the standard processing flow is executed according to the common random number; if the random number is carried, extracting the ciphertext information from the random number section through an encryption mechanism, recovering the ciphertext information into plaintext information of specific entrained information after integrity verification, and then executing a standard processing flow by taking the random number section as a common random number after executing a related processing flow of the specific entrained information;
(2) when the random number is transferred from the terminal side function component to the network side function component: the terminal side functional component converts the specific entrainment information into ciphertext information meeting the requirement of the specified length of the random number through an encryption mechanism, performs integrity protection, ensures that the ciphertext information has the characteristics of the random number, fills the ciphertext information in a random number section, and transmits the ciphertext information to the network side functional component; the network side functional assembly encryption mechanism judges whether the random number field carries specific entrainment information or not, and if not, the standard processing flow is executed according to the common random number; if the random number is carried, extracting the ciphertext information from the random number section through an encryption mechanism, recovering the ciphertext information into plaintext information of the specific entrained information after integrity verification, and then executing a standard processing flow by taking the random number section as a common random number after executing a related processing flow of the specific entrained information.
Further, when the random number is transmitted from the network side function component to the terminal side function component, the execution process of the network side function component includes the following steps:
step S101, a network side functional component encodes specific entrained information and converts the specific entrained information into encoded plaintext information with the required encryption length;
step S102, the network side functional component uses the coded plaintext information to generate summary data;
step S103, the network side functional component inserts random information into the coded plaintext information and the abstract data to generate plaintext information which meets the requirement of the specified length of the random number;
step S104, the network side functional component carries out encryption operation on plaintext information meeting the requirement of the specified length of the random number to generate ciphertext information meeting the requirement of the specified length of the random number;
step S105, the network side functional component fills the cipher text information meeting the requirement of the random number on the specified length in the random number field and transmits the cipher text information to the terminal side functional component.
Further, when the random number is transmitted from the network side function component to the terminal side function component, the execution process of the terminal side function component includes the following steps:
step S201, the terminal side functional assembly assumes that the random number field contains the ciphertext information meeting the requirement of the specified length of the random number, and performs decryption operation on the random number field to obtain the plaintext information meeting the requirement of the specified length of the random number;
step S202, the terminal side functional assembly eliminates random information from the plaintext information meeting the specified length requirement to obtain encoded plaintext information and summary data;
step S203, the terminal side functional component generates abstract data by using the encoded plaintext information, and performs comparison verification with the abstract data analyzed from the random number field, and the verification result is used as a basis for distinguishing whether the random number carries specific entrained information, and is also used as a basis for integrity verification of the carried information:
a1, if the verification result is consistent, indicating that the random number field carries specific entrainment information and the entrainment information is not tampered in the transmission process, the terminal side functional component performs inverse coding conversion on the coded plaintext information to obtain the specific entrainment information;
a2, the terminal side functional assembly executes the relevant processing flow of the specific carried information, and finally, the random number field is used as the common random number to execute the standard processing flow;
b. and if the verification result is inconsistent, the random number field is indicated to be not carried with specific entrained information or the carried entrained information is tampered in the transmission process, and the terminal side functional component executes a standard processing flow of the common random number.
Further, when the random number is transferred from the terminal-side function component to the network-side function component, the execution process of the terminal-side function component includes the following steps:
step S111, the terminal side functional assembly encodes the specific entrained information and converts the specific entrained information into encoded plaintext information with the required encryption length;
step S112, the terminal side functional component uses the coded plaintext information to generate summary data;
step S113, the terminal side functional assembly inserts random information into the coded plaintext information and the abstract data to generate plaintext information which meets the requirement of the specified length of the random number;
step S114, the terminal side functional assembly carries out encryption operation on plaintext information meeting the requirement of the specified length of the random number to generate ciphertext information meeting the requirement of the specified length of the random number;
and step S115, the terminal side functional component fills the ciphertext information meeting the requirement of the specified length of the random number in a random number field and transmits the ciphertext information to the network side functional component.
Further, when the random number is transferred from the terminal side function component to the network side function component, the execution process of the network side function component includes the following steps:
step S211, the network side functional assembly assumes that the random number field contains the ciphertext information meeting the requirement of the specified length of the random number, and performs decryption operation on the random number field to obtain the plaintext information meeting the requirement of the specified length of the random number;
step S212, the network side functional component eliminates random information from the plaintext information meeting the specified length requirement to obtain encoded plaintext information and summary data;
step S213, the network side functional component generates abstract data by using the encoded plaintext information, and compares the abstract data with the abstract data analyzed from the random number field to check, so that the check result is used as a basis for distinguishing whether the random number carries specific entrained information, and is also used as a basis for checking the integrity of the carried information:
a1, if the verification result is consistent, indicating that the random number field carries specific entrainment information and the entrainment information is not tampered in the transmission process, the network side functional component performs inverse coding conversion on the coded plaintext information to obtain the specific entrainment information;
a2, the network side functional module executes the relevant processing flow of the specific carried information, and finally, the random number section is used as the common random number to execute the standard processing flow;
b. and if the verification result is inconsistent, the random number field is indicated to be not carried with specific entrained information or the carried entrained information is tampered in the transmission process, and the network side functional component executes a standard processing flow of the common random number.
The invention also provides a system based on the random number field carried information, which comprises a terminal side functional component and a network side functional component; the terminal side functional component and the network side functional component are used for executing the method for carrying information based on the random number field.
In summary, due to the adoption of the technical scheme, the invention has the beneficial effects that:
1. the method and the system for carrying information based on the random number field can carry specific information based on standard protocol parameters and can also interact private negotiation information based on a standard protocol negotiation channel, so that a terminal side and a network side can utilize the random number field to carry out end-to-end information interaction on the premise of not changing an end-to-end protocol format and flow and an intermediate information transmission network element.
2. The method and the system for carrying information based on the random number field have wide application range, are not only suitable for a mobile communication system, but also are suitable for any information system in principle. Particularly, the method and the system can provide powerful technical support for constructing a high-safety private network based on public infrastructure and implementing the military and civil fusion strategy.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present invention and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained according to the drawings without inventive efforts.
FIG. 1 is a schematic diagram of a prior art end-to-end enhanced security model for a key industry with high security requirements.
Fig. 2 is a schematic flow chart of the method for carrying information based on the random number field according to the present invention, when the random number is transmitted from the network-side functional component to the terminal-side functional component.
Fig. 3 is a schematic flow chart of the method for carrying information based on the random number field according to the present invention, when the random number is transferred from the terminal-side functional component to the network-side functional component.
Fig. 4 is a schematic diagram of a method for carrying information based on a nonce field according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the detailed description and specific examples, while indicating the preferred embodiment of the invention, are intended for purposes of illustration only and are not intended to limit the scope of the invention. The components of embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the present invention, presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.
The invention relates to a system for carrying information based on a random number field, which comprises a terminal side functional component and a network side functional component; the terminal side functional component and the network side functional component are used for executing a method for carrying information based on a random number field as described below.
As shown in fig. 1, the method for carrying information based on a nonce field is to use a nonce as a carrier to interact and negotiate information through end-to-end cooperation between a terminal-side functional component and a network-side functional component, and to ensure randomness of the nonce itself by using encryption of the information, so as to achieve an effect of embedding a dedicated security mechanism in a standard communication flow, and includes:
(1) when the random number is transferred from the network side function component to the terminal side function component: the network side functional component converts the specific entrainment information into ciphertext information meeting the requirement of the specified length of the random number through an encryption mechanism, performs integrity protection, ensures that the ciphertext information has the characteristics of the random number, fills the ciphertext information in a random number section and transmits the ciphertext information to the terminal side functional component; the terminal side functional assembly encryption mechanism judges whether the random number field carries specific entrainment information or not, and if not, the standard processing flow is executed according to the common random number; if the random number is carried, extracting the ciphertext information from the random number section through an encryption mechanism, recovering the ciphertext information into plaintext information of specific entrained information after integrity verification, and then executing a standard processing flow by taking the random number section as a common random number after executing a related processing flow of the specific entrained information;
as shown in fig. 2, specifically:
A. the execution process of the network side functional component comprises the following steps:
step S101, a network side functional component encodes specific entrained information and converts the specific entrained information into encoded plaintext information with the required encryption length;
step S102, the network side functional component uses the coded plaintext information to generate summary data;
step S103, the network side functional component inserts random information into the coded plaintext information and the abstract data to generate plaintext information which meets the requirement of the specified length of the random number;
step S104, the network side functional component carries out encryption operation on plaintext information meeting the requirement of the specified length of the random number to generate ciphertext information meeting the requirement of the specified length of the random number;
step S105, the network side functional component fills the cipher text information meeting the requirement of the random number on the specified length in the random number field and transmits the cipher text information to the terminal side functional component.
B. The execution process of the terminal side functional component comprises the following steps:
step S201, the terminal side functional assembly assumes that the random number field contains the ciphertext information meeting the requirement of the specified length of the random number, and performs decryption operation on the random number field to obtain the plaintext information meeting the requirement of the specified length of the random number;
step S202, the terminal side functional assembly eliminates random information from the plaintext information meeting the specified length requirement to obtain encoded plaintext information and summary data;
step S203, the terminal side functional component generates abstract data by using the encoded plaintext information, and performs comparison verification with the abstract data analyzed from the random number field, and the verification result is used as a basis for distinguishing whether the random number carries specific entrained information, and is also used as a basis for integrity verification of the carried information:
a1, if the verification result is consistent, indicating that the random number field carries specific entrainment information and the entrainment information is not tampered in the transmission process, the terminal side functional component performs inverse coding conversion on the coded plaintext information to obtain the specific entrainment information;
a2, the terminal side functional assembly executes the relevant processing flow of the specific carried information, and finally, the random number field is used as the common random number to execute the standard processing flow;
b. and if the verification result is inconsistent, the random number field is indicated to be not carried with specific entrained information or the carried entrained information is tampered in the transmission process, and the terminal side functional component executes a standard processing flow of the common random number.
(2) When the random number is transferred from the terminal-side function module to the network-side function module, the functions of the terminal-side function module and the network-side function module are just opposite to the case when the random number is transferred from the network-side function module to the terminal-side function module: the terminal side functional component converts the specific entrainment information into ciphertext information meeting the requirement of the specified length of the random number through an encryption mechanism, performs integrity protection, ensures that the ciphertext information has the characteristics of the random number, fills the ciphertext information in a random number section, and transmits the ciphertext information to the network side functional component; the network side functional assembly encryption mechanism judges whether the random number field carries specific entrainment information or not, and if not, the standard processing flow is executed according to the common random number; if the random number is carried, extracting the ciphertext information from the random number section through an encryption mechanism, recovering the ciphertext information into plaintext information of the specific entrained information after integrity verification, and then executing a standard processing flow by taking the random number section as a common random number after executing a related processing flow of the specific entrained information.
As shown in fig. 3, specifically:
A. the execution process of the terminal side functional component comprises the following steps:
step S111, the terminal side functional assembly encodes the specific entrained information and converts the specific entrained information into encoded plaintext information with the required encryption length;
step S112, the terminal side functional component uses the coded plaintext information to generate summary data;
step S113, the terminal side functional assembly inserts random information into the coded plaintext information and the abstract data to generate plaintext information which meets the requirement of the specified length of the random number;
step S114, the terminal side functional assembly carries out encryption operation on plaintext information meeting the requirement of the specified length of the random number to generate ciphertext information meeting the requirement of the specified length of the random number;
and step S115, the terminal side functional component fills the ciphertext information meeting the requirement of the specified length of the random number in a random number field and transmits the ciphertext information to the network side functional component.
B. The execution process of the network side functional component comprises the following steps:
step S211, the network side functional assembly assumes that the random number field contains the ciphertext information meeting the requirement of the specified length of the random number, and performs decryption operation on the random number field to obtain the plaintext information meeting the requirement of the specified length of the random number;
step S212, the network side functional component eliminates random information from the plaintext information meeting the specified length requirement to obtain encoded plaintext information and summary data;
step S213, the network side functional component generates abstract data by using the encoded plaintext information, and compares the abstract data with the abstract data analyzed from the random number field to check, so that the check result is used as a basis for distinguishing whether the random number carries specific entrained information, and is also used as a basis for checking the integrity of the carried information:
a1, if the verification result is consistent, indicating that the random number field carries specific entrainment information and the entrainment information is not tampered in the transmission process, the network side functional component performs inverse coding conversion on the coded plaintext information to obtain the specific entrainment information;
a2, the network side functional module executes the relevant processing flow of the specific carried information, and finally, the random number section is used as the common random number to execute the standard processing flow;
b. and if the verification result is inconsistent, the random number field is indicated to be not carried with specific entrained information or the carried entrained information is tampered in the transmission process, and the network side functional component executes a standard processing flow of the common random number.
The features and properties of the present invention are described in further detail below with reference to examples.
In this embodiment, the terminal side functional component included in the system based on the random number segment carried information is a USIM card of a 5G UE (mobile terminal) and a functional component in the USIM card, and the network side functional component is a 5G UDM network function and a functional component in the UDM; the USIM card of the 5G UE communicates with a mobile communication base station through a mobile network; and the USIM card and the UDM network function perform authentication data interaction through a mobile communication core network data center. It should be noted that both the UDM network function and the USIM card need to be slightly customized to facilitate interaction with their respective functional components.
Fig. 2 is a schematic diagram of the embodiment that the RAND random number in the authentication AV vector is used to carry specific carried information in the mobile communication system, and specifically includes the following steps:
s01: UE initiates a network attachment request, the network attachment request reaches a mobile communication core network data center through a mobile communication base station, and the mobile communication core network data center acquires an authentication AV vector to a UDM network function;
s02: the authentication AV vector generated by the UDM network function comprises an RAND random number, and specific entrainment information is acquired from a functional component in the UDM at the moment;
s03: the functional component in the UDM processes the specific entrainment information according to the method, generates 128-bit ciphertext information RAND meeting the length requirement, and transmits the 128-bit ciphertext information RAND to the UDM network function;
s04: the UDM network function fills cipher text information RAND carrying specific carried information into an RAND field of the authentication AV vector and transmits the RAND field to a mobile communication core network data center;
s05: the data center of the mobile communication core network initiates a bidirectional authentication request to the UE by using the authentication AV vector;
s06: after receiving the bidirectional authentication request, the UE extracts an authentication AV vector and transmits an RAND field and an AUTN to the USIM card;
s07: the USIM card takes out the cipher text information RAND from the RAND field and transmits the cipher text information RAND to a functional component in the USIM card,
s08: after the functional component in the USIM card obtains the ciphertext information RAND, processing the ciphertext information according to the method, so as to analyze the specific entrainment information transmitted from the network side functional component (the 5G UDM network function and the functional component in the UDM), wherein if the specific entrainment information is successfully analyzed, the returned return value is successful; if the specific entrained information is found to be tampered due to factors such as error codes and the like in the transmission process, the returned return value is failure;
s09: and the USIM card continues the subsequent bidirectional authentication processing according to the return value of the functional component in the USIM card.
The beneficial effects of the invention are as follows:
1. the method and the system for carrying information based on the random number field can carry specific information based on standard protocol parameters and can also interact private negotiation information based on a standard protocol negotiation channel, so that a terminal side and a network side can utilize the random number field to carry out end-to-end information interaction on the premise of not changing an end-to-end protocol format and flow and an intermediate information transmission network element.
2. The method and the system for carrying information based on the random number field have wide application range, are not only suitable for a mobile communication system, but also are suitable for any information system in principle. Particularly, the method and the system can provide powerful technical support for constructing a high-safety private network based on public infrastructure and implementing the military and civil fusion strategy.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.

Claims (2)

1. A method for carrying information based on random number field is characterized in that the method is applied to the field of mobile communication system; the method is characterized in that the end-to-end matching of a terminal side functional component and a network side functional component is realized, the random number is used as a carrier to interact and negotiate information, and the information is encrypted to ensure the randomness of the random number, and the method comprises the following steps:
(1) when the random number is transferred from the network side function component to the terminal side function component: the network side functional component converts the specific entrainment information into ciphertext information meeting the requirement of the specified length of the random number through an encryption mechanism, performs integrity protection, ensures that the ciphertext information has the characteristics of the random number, fills the ciphertext information in a random number section and transmits the ciphertext information to the terminal side functional component; the terminal side functional assembly encryption mechanism judges whether the random number field carries specific entrainment information or not, and if not, the standard processing flow is executed according to the common random number; if the random number is carried, extracting the ciphertext information from the random number section through an encryption mechanism, recovering the ciphertext information into plaintext information of specific entrained information after integrity verification, and then executing a standard processing flow by taking the random number section as a common random number after executing a related processing flow of the specific entrained information;
(2) when the random number is transferred from the terminal side function component to the network side function component: the terminal side functional component converts the specific entrainment information into ciphertext information meeting the requirement of the specified length of the random number through an encryption mechanism, performs integrity protection, ensures that the ciphertext information has the characteristics of the random number, fills the ciphertext information in a random number section, and transmits the ciphertext information to the network side functional component; the network side functional assembly encryption mechanism judges whether the random number field carries specific entrainment information or not, and if not, the standard processing flow is executed according to the common random number; if the random number is carried, extracting the ciphertext information from the random number section through an encryption mechanism, recovering the ciphertext information into plaintext information of specific entrained information after integrity verification, and then executing a standard processing flow by taking the random number section as a common random number after executing a related processing flow of the specific entrained information;
when the random number is transmitted from the network side function component to the terminal side function component, the execution process of the network side function component comprises the following steps:
step S101, a network side functional component encodes specific entrained information and converts the specific entrained information into encoded plaintext information with the required encryption length;
step S102, the network side functional component uses the coded plaintext information to generate summary data;
step S103, the network side functional component inserts random information into the coded plaintext information and the abstract data to generate plaintext information which meets the requirement of the specified length of the random number;
step S104, the network side functional component carries out encryption operation on plaintext information meeting the requirement of the specified length of the random number to generate ciphertext information meeting the requirement of the specified length of the random number;
step S105, the network side functional component fills the ciphertext information meeting the requirement of the specified length of the random number in a random number field and transmits the ciphertext information to the terminal side functional component;
when the random number is transmitted from the network side function component to the terminal side function component, the execution process of the terminal side function component comprises the following steps:
step S201, the terminal side functional assembly assumes that the random number field contains the ciphertext information meeting the requirement of the specified length of the random number, and performs decryption operation on the random number field to obtain the plaintext information meeting the requirement of the specified length of the random number;
step S202, the terminal side functional assembly eliminates random information from the plaintext information meeting the specified length requirement to obtain encoded plaintext information and summary data;
step S203, the terminal side functional component generates abstract data by using the encoded plaintext information, and performs comparison verification with the abstract data analyzed from the random number field, and the verification result is used as a basis for distinguishing whether the random number carries specific entrained information, and is also used as a basis for integrity verification of the carried information:
a1, if the verification result is consistent, indicating that the random number field carries specific entrainment information and the entrainment information is not tampered in the transmission process, the terminal side functional component performs inverse coding conversion on the coded plaintext information to obtain the specific entrainment information;
a2, the terminal side functional assembly executes the relevant processing flow of the specific carried information, and finally, the random number field is used as the common random number to execute the standard processing flow;
b. if the verification result is inconsistent, the random number section is indicated to be not carried with specific entrained information or the carried entrained information is tampered in the transmission process, and the terminal side functional component executes a standard processing flow of a common random number;
when the random number is transmitted from the terminal side function component to the network side function component, the execution process of the terminal side function component comprises the following steps:
step S111, the terminal side functional assembly encodes the specific entrained information and converts the specific entrained information into encoded plaintext information with the required encryption length;
step S112, the terminal side functional component uses the coded plaintext information to generate summary data;
step S113, the terminal side functional assembly inserts random information into the coded plaintext information and the abstract data to generate plaintext information which meets the requirement of the specified length of the random number;
step S114, the terminal side functional assembly carries out encryption operation on plaintext information meeting the requirement of the specified length of the random number to generate ciphertext information meeting the requirement of the specified length of the random number;
step S115, the terminal side functional assembly fills the cipher text information meeting the requirement of the specified length of the random number in a random number field and transmits the cipher text information to the network side functional assembly;
when the random number is transmitted from the terminal side function component to the network side function component, the execution process of the network side function component comprises the following steps:
step S211, the network side functional assembly assumes that the random number field contains the ciphertext information meeting the requirement of the specified length of the random number, and performs decryption operation on the random number field to obtain the plaintext information meeting the requirement of the specified length of the random number;
step S212, the network side functional component eliminates random information from the plaintext information meeting the specified length requirement to obtain encoded plaintext information and summary data;
step S213, the network side functional component generates abstract data by using the encoded plaintext information, and compares the abstract data with the abstract data analyzed from the random number field to check, so that the check result is used as a basis for distinguishing whether the random number carries specific entrained information, and is also used as a basis for checking the integrity of the carried information:
a1, if the verification result is consistent, indicating that the random number field carries specific entrainment information and the entrainment information is not tampered in the transmission process, the network side functional component performs inverse coding conversion on the coded plaintext information to obtain the specific entrainment information;
a2, the network side functional module executes the relevant processing flow of the specific carried information, and finally, the random number section is used as the common random number to execute the standard processing flow;
b. and if the verification result is inconsistent, the random number field is indicated to be not carried with specific entrained information or the carried entrained information is tampered in the transmission process, and the network side functional component executes a standard processing flow of the common random number.
2. A system based on random number field carrying information is characterized by comprising a terminal side functional component and a network side functional component; the terminal-side functional component and the network-side functional component are configured to perform the method for carrying information based on nonce fields as claimed in claim 1.
CN202010552295.9A 2020-06-17 2020-06-17 Method and system for carrying information based on random number field Active CN111884796B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010552295.9A CN111884796B (en) 2020-06-17 2020-06-17 Method and system for carrying information based on random number field

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010552295.9A CN111884796B (en) 2020-06-17 2020-06-17 Method and system for carrying information based on random number field

Publications (2)

Publication Number Publication Date
CN111884796A CN111884796A (en) 2020-11-03
CN111884796B true CN111884796B (en) 2022-03-18

Family

ID=73158371

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010552295.9A Active CN111884796B (en) 2020-06-17 2020-06-17 Method and system for carrying information based on random number field

Country Status (1)

Country Link
CN (1) CN111884796B (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101645883A (en) * 2008-08-08 2010-02-10 比亚迪股份有限公司 Data transmitting method, a data sending method and a data receiving method

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6957341B2 (en) * 1998-05-14 2005-10-18 Purdue Research Foundation Method and system for secure computational outsourcing and disguise
US20050259617A1 (en) * 2004-05-06 2005-11-24 Samsung Electronics Co., Ltd. System and method for channel time reservation in distributed wireless personal area network
JP5074823B2 (en) * 2007-05-29 2012-11-14 パナソニック株式会社 Data transmitting apparatus and data receiving apparatus
CN101159972B (en) * 2007-09-12 2011-04-20 华为技术有限公司 Traffic processing method and system and traffic control point
CN101217364B (en) * 2007-12-28 2012-03-21 中国科学院计算技术研究所 An organization structure and maintenance method of security context in media accessing control system
CN104038450B (en) * 2013-03-04 2017-09-19 华为技术有限公司 Message transmitting method and device based on PCIE buses
CN105577738B (en) * 2014-11-10 2019-08-02 中国移动通信集团公司 A kind of method, apparatus and system of processing terminal information
CN104506500A (en) * 2014-12-11 2015-04-08 广东电网有限责任公司电力科学研究院 GOOSE message authentication method based on transformer substation
CN106385313A (en) * 2016-09-08 2017-02-08 四川长虹电器股份有限公司 Random cryptograph system based on grouping encryption algorithm and realization method thereof
CN110839283A (en) * 2018-08-15 2020-02-25 华为技术有限公司 Air interface resource allocation method and wireless Access Point (AP)
CN111083091B (en) * 2018-10-19 2022-08-02 中兴通讯股份有限公司 Tunnel creation method, device and storage medium
CN110351015A (en) * 2019-08-21 2019-10-18 上海云丁微电子有限公司 A kind of data transmission method for uplink, method of reseptance and equipment
CN111002310A (en) * 2019-12-17 2020-04-14 上海嘉奥信息科技发展有限公司 Data communication method and system suitable for mechanical arm and PC

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101645883A (en) * 2008-08-08 2010-02-10 比亚迪股份有限公司 Data transmitting method, a data sending method and a data receiving method

Also Published As

Publication number Publication date
CN111884796A (en) 2020-11-03

Similar Documents

Publication Publication Date Title
CN1694454B (en) Communication method and system between a terminal and at least a communication device
CN102695168B (en) Terminal equipment, encrypted gateway and method and system for wireless network safety communication
US20220295269A1 (en) Network access authentication method and device
CN1842993B (en) Providing credentials
CN111212426B (en) Terminal access method, terminal, micro base station and access system
KR20080104180A (en) Sim based authentication
CN110809892B (en) Authentication method, terminal and network equipment
CN113507358B (en) Communication system, authentication method, electronic device, and storage medium
US10097553B2 (en) Installation of a secure-element-related service application in a secure element in a communication device, system and telecommunications
KR20120019507A (en) System and method for authentication for wireless emergency services
CN113423104A (en) Security negotiation method, terminal equipment and network equipment
CN104660567A (en) D2D terminal access authentication method as well as D2D terminal and server
CN100550888C (en) The method and the computer installation that are used for message coding
CN105007163A (en) Pre-shared key (PSK) transmitting and acquiring methods and transmitting and acquiring devices
CN111884796B (en) Method and system for carrying information based on random number field
CN113965425B (en) Access method, device and equipment of Internet of things equipment and computer readable storage medium
CN113302895B (en) Method and apparatus for authenticating a group of wireless communication devices
CN107995616B (en) User behavior data processing method and device
CN105678542B (en) payment service interaction method, payment terminal and payment cloud terminal
CN113542231B (en) Communication method, electronic device, and storage medium
CN111093169B (en) Communication establishing method and device
CN100466567C (en) A method of access authentication for WLAN
CN114244505A (en) Safety communication method based on safety chip
CN112616148B (en) Authentication method, authentication platform and authentication system
CN111770099B (en) Data transmission method and device, electronic equipment and computer readable medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant