CN112806041A - 一种密钥生成方法、设备及系统 - Google Patents
一种密钥生成方法、设备及系统 Download PDFInfo
- Publication number
- CN112806041A CN112806041A CN201880098520.7A CN201880098520A CN112806041A CN 112806041 A CN112806041 A CN 112806041A CN 201880098520 A CN201880098520 A CN 201880098520A CN 112806041 A CN112806041 A CN 112806041A
- Authority
- CN
- China
- Prior art keywords
- key
- network function
- user plane
- upf
- plane network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 179
- 238000004891 communication Methods 0.000 claims abstract description 168
- 230000007774 longterm Effects 0.000 claims abstract description 109
- 230000006870 function Effects 0.000 claims description 464
- 238000013461 design Methods 0.000 description 102
- 238000007726 management method Methods 0.000 description 101
- 238000012545 processing Methods 0.000 description 38
- 230000008569 process Effects 0.000 description 24
- 230000011664 signaling Effects 0.000 description 24
- 230000005540 biological transmission Effects 0.000 description 18
- 230000000694 effects Effects 0.000 description 15
- 238000010586 diagram Methods 0.000 description 12
- 230000003993 interaction Effects 0.000 description 10
- 238000012795 verification Methods 0.000 description 8
- 230000006399 behavior Effects 0.000 description 7
- 238000013523 data management Methods 0.000 description 5
- 238000004590 computer program Methods 0.000 description 4
- 230000002452 interceptive effect Effects 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 4
- 230000010485 coping Effects 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 230000004044 response Effects 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 101150119040 Nsmf gene Proteins 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000009795 derivation Methods 0.000 description 1
- 230000001066 destructive effect Effects 0.000 description 1
- GVVPGTZRZFNKDS-JXMROGBWSA-N geranyl diphosphate Chemical compound CC(C)=CCC\C(C)=C\CO[P@](O)(=O)OP(O)(O)=O GVVPGTZRZFNKDS-JXMROGBWSA-N 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/03—Protecting confidentiality, e.g. by encryption
- H04W12/033—Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/041—Key generation or derivation
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
- Small-Scale Networks (AREA)
Abstract
本申请实施例公开了一种密钥生成方法、设备及系统,涉及通信技术领域,以解决保护密钥被窃取或泄露造成的数据泄露的问题。所述方法包括:用户面网络功能与终端设备相互获取对方发送的密钥更新信息,用户面网络功能利用获取到的密钥更新信息更新由长期密钥衍生的子密钥,得到新的保护密钥,终端设备利用获取到的密钥更新信息更新由长期密钥衍生的子密钥,得到新的保护密钥,利用新的保护密钥对终端设备与用户面网络功能之间传输的用户面数据进行安全保护。
Description
PCT国内申请,说明书已公开。
Claims (24)
- PCT国内申请,权利要求书已公开。
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| PCT/CN2018/112730 WO2020087286A1 (zh) | 2018-10-30 | 2018-10-30 | 一种密钥生成方法、设备及系统 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112806041A true CN112806041A (zh) | 2021-05-14 |
| CN112806041B CN112806041B (zh) | 2022-12-13 |
Family
ID=70463366
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201880098520.7A Active CN112806041B (zh) | 2018-10-30 | 2018-10-30 | 一种密钥生成方法、设备及系统 |
Country Status (4)
| Country | Link |
|---|---|
| US (1) | US11863977B2 (zh) |
| EP (1) | EP3843438A4 (zh) |
| CN (1) | CN112806041B (zh) |
| WO (1) | WO2020087286A1 (zh) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115188148A (zh) * | 2022-07-11 | 2022-10-14 | 卡奥斯工业智能研究院(青岛)有限公司 | 基于5g的安防监控系统、方法、电子设备及存储介质 |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11522879B2 (en) * | 2020-05-20 | 2022-12-06 | At&T Intellectual Property I, L.P. | Scrubber for distributed denial of service attacks targetting mobile networks |
| CN112788594B (zh) * | 2020-06-03 | 2023-06-27 | 中兴通讯股份有限公司 | 数据传输方法、装置和系统、电子设备、存储介质 |
| CN115086951A (zh) * | 2022-06-29 | 2022-09-20 | 中国电信股份有限公司 | 一种报文传输系统、方法及装置 |
| CN117812584A (zh) * | 2022-09-30 | 2024-04-02 | 华为技术有限公司 | 一种通信的方法和装置 |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101237444A (zh) * | 2007-01-31 | 2008-08-06 | 华为技术有限公司 | 密钥处理方法、系统和设备 |
| CN101257723A (zh) * | 2008-04-08 | 2008-09-03 | 中兴通讯股份有限公司 | 密钥生成方法、装置及系统 |
| CN104519486A (zh) * | 2013-09-29 | 2015-04-15 | 中国电信股份有限公司 | 用于异构网中无线侧密钥更新的方法和系统 |
| CN104936173A (zh) * | 2014-03-18 | 2015-09-23 | 华为技术有限公司 | 密钥生成方法、主基站、辅基站及用户设备 |
| CN107820283A (zh) * | 2016-09-13 | 2018-03-20 | 华为技术有限公司 | 一种网络切换保护方法、相关设备及系统 |
| CN108347420A (zh) * | 2017-01-25 | 2018-07-31 | 华为技术有限公司 | 一种网络密钥处理的方法、相关设备及系统 |
| WO2018194971A1 (en) * | 2017-04-17 | 2018-10-25 | Intel Corporation | Group based context and security for massive internet of things devices |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8897448B2 (en) * | 2008-10-31 | 2014-11-25 | Ciena Corporation | Controlling session keys through in-band signaling |
| US9730072B2 (en) * | 2014-05-23 | 2017-08-08 | Apple Inc. | Electronic subscriber identity module provisioning |
| CN106375989B (zh) * | 2015-07-20 | 2019-03-12 | 中兴通讯股份有限公司 | 实现接入层安全的方法及用户设备和无线接入小节点 |
| CN108235300B (zh) * | 2017-12-22 | 2020-05-22 | 中国科学院信息工程研究所 | 移动通信网络用户数据安全保护方法及系统 |
| EP3695578B1 (en) * | 2018-10-04 | 2022-11-23 | Google LLC | Distributed network cellular identity management |
-
2018
- 2018-10-30 EP EP18938506.5A patent/EP3843438A4/en active Pending
- 2018-10-30 CN CN201880098520.7A patent/CN112806041B/zh active Active
- 2018-10-30 WO PCT/CN2018/112730 patent/WO2020087286A1/zh unknown
-
2021
- 2021-04-28 US US17/243,011 patent/US11863977B2/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101237444A (zh) * | 2007-01-31 | 2008-08-06 | 华为技术有限公司 | 密钥处理方法、系统和设备 |
| CN101257723A (zh) * | 2008-04-08 | 2008-09-03 | 中兴通讯股份有限公司 | 密钥生成方法、装置及系统 |
| CN104519486A (zh) * | 2013-09-29 | 2015-04-15 | 中国电信股份有限公司 | 用于异构网中无线侧密钥更新的方法和系统 |
| CN104936173A (zh) * | 2014-03-18 | 2015-09-23 | 华为技术有限公司 | 密钥生成方法、主基站、辅基站及用户设备 |
| CN107820283A (zh) * | 2016-09-13 | 2018-03-20 | 华为技术有限公司 | 一种网络切换保护方法、相关设备及系统 |
| CN108347420A (zh) * | 2017-01-25 | 2018-07-31 | 华为技术有限公司 | 一种网络密钥处理的方法、相关设备及系统 |
| WO2018194971A1 (en) * | 2017-04-17 | 2018-10-25 | Intel Corporation | Group based context and security for massive internet of things devices |
Non-Patent Citations (2)
| Title |
|---|
| NOKIA: "《Evolution scenario for AMF and SEAF from 5G phase 1 to later phases》", 《3GPP TSG SA WG3 (SECURITY) MEETING #86BIS》 * |
| QUALCOMM INCORPORATED: "S3-170834 "pCR: Solution for UE-UPF security setup"", 《3GPP TSG_SA\WG3_SECURITY》 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115188148A (zh) * | 2022-07-11 | 2022-10-14 | 卡奥斯工业智能研究院(青岛)有限公司 | 基于5g的安防监控系统、方法、电子设备及存储介质 |
Also Published As
| Publication number | Publication date |
|---|---|
| US20210250762A1 (en) | 2021-08-12 |
| EP3843438A1 (en) | 2021-06-30 |
| WO2020087286A1 (zh) | 2020-05-07 |
| EP3843438A4 (en) | 2021-09-22 |
| US11863977B2 (en) | 2024-01-02 |
| CN112806041B (zh) | 2022-12-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112806041B (zh) | 一种密钥生成方法、设备及系统 | |
| US11917054B2 (en) | Network key processing method and system and related device | |
| CN110891269B (zh) | 一种数据保护方法、设备及系统 | |
| EP3499840B1 (en) | User-plane security for next generation cellular networks | |
| US11432150B2 (en) | Method and apparatus for authenticating network access of terminal | |
| CN102625995B (zh) | 无线网络中的伽罗瓦/计数器模式加密 | |
| EP3183857B1 (en) | Secure provisioning of an authentication credential | |
| CN102257842B (zh) | 直通链路通信的增强的安全性 | |
| KR102024653B1 (ko) | 사용자 장비(ue)를 위한 액세스 방법, 디바이스 및 시스템 | |
| KR101091793B1 (ko) | 보안 키 변경 처리 방법 및 관련 통신 기기 | |
| US11909869B2 (en) | Communication method and related product based on key agreement and authentication | |
| WO2018201946A1 (zh) | 锚密钥生成方法、设备以及系统 | |
| US11082843B2 (en) | Communication method and communications apparatus | |
| WO2018201398A1 (zh) | 获取密钥的方法、设备和通信系统 | |
| JP2012034085A (ja) | 中継装置、無線通信装置、ネットワークシステム、プログラム、および、方法 | |
| EP4021048A1 (en) | Identity authentication method and apparatus | |
| CN109076086A (zh) | 执行认证和密钥协商之前的安全信令 | |
| CN110475247A (zh) | 消息处理方法及装置 | |
| WO2021103772A1 (zh) | 数据传输方法和装置 | |
| CN113498053A (zh) | 电子用户身份模块转移凭据包装 | |
| CN113872755A (zh) | 一种密钥交换方法及装置 | |
| CN113302958B (zh) | 一种通信方法及装置 | |
| CN109756324A (zh) | 一种Mesh网络中的密钥协商方法、终端及网关 | |
| US20190149326A1 (en) | Key obtaining method and apparatus | |
| WO2018046109A1 (en) | Attack mitigation in 5g networks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |