CN114245372B - Authentication method, device and system - Google Patents

Authentication method, device and system Download PDF

Info

Publication number
CN114245372B
CN114245372B CN202111426465.XA CN202111426465A CN114245372B CN 114245372 B CN114245372 B CN 114245372B CN 202111426465 A CN202111426465 A CN 202111426465A CN 114245372 B CN114245372 B CN 114245372B
Authority
CN
China
Prior art keywords
failure
authentication
information
encryption information
value corresponding
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202111426465.XA
Other languages
Chinese (zh)
Other versions
CN114245372A (en
Inventor
张博
赵绪文
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN202111426465.XA priority Critical patent/CN114245372B/en
Publication of CN114245372A publication Critical patent/CN114245372A/en
Application granted granted Critical
Publication of CN114245372B publication Critical patent/CN114245372B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Abstract

The embodiment of the application provides an authentication method, an authentication device and an authentication system. The authentication method comprises the following steps: the terminal equipment receives an authentication request message sent by an access and mobile management function entity, authenticates according to the authentication request message, and if authentication fails, encrypts a cause value corresponding to an authentication failure type to obtain failure encryption information, and sends the failure encryption information to the access and mobile management function entity. According to the embodiment of the application, the reason value of the authentication failure type is encrypted, so that an attacker cannot distinguish which authentication failure type is specific even if intercepting the authentication failure message, the attacker cannot locate the user, and the privacy of the user is guaranteed not to be revealed.

Description

Authentication method, device and system
Technical Field
The present application relates to the field of communications, and more particularly, to an authentication method, apparatus, and system.
Background
In The third generation mobile communication system (The 3rd Generation,3G) and The fourth generation mobile communication system (The 4rd Generation,4G), there is always a problem of authentication protocol chainable attacks (AKA protocol linkability attack). The attacker can intercept the user identification of a certain terminal device through the air interface message, and control the pseudo base station to intercept the authentication request message sent to the terminal device from the network side, and then control a plurality of pseudo base stations to replay the authentication request message to each terminal device attracted to the lower side, and trigger each terminal device to authenticate.
After receiving the authentication request message, the terminal device feeds back authentication failure information of which the type is synchronization failure to the pseudo base station, since the authentication request message is replayed, and the message authentication code (message authentication code, MAC) is successfully authenticated and sequence number (SQN) is failed. And after receiving the authentication request message, the other terminal equipment fails to authenticate the message authentication code and feeds back an authentication failure message with the type of failed message authentication code to the pseudo base station. The pseudo base station can determine that the terminal equipment is in the coverage area of one or more pseudo base stations according to the type of the authentication failure message, so that the user equipment can be accurately positioned by adopting methods such as triangular positioning and the like.
In The fifth generation mobile communication system (The 5rd Generation,5G), the user identifier is encrypted, and an attacker cannot accurately identify The identity of a certain terminal device through The user identifier, but still can realize positioning of a certain terminal device by implementing The attack twice. For example, when the attack is performed for the first time, the coverage area of the pseudo base station signal is set to be very small, the terminal equipment is only attracted to the pseudo base station (the pseudo base station can be close to the terminal equipment as much as possible at the moment), the interception of the authentication request message is completed, and when the terminal equipment moves to other areas, the attacker can continue to implement the similar steps, and finally the positioning of the terminal equipment is realized.
Based on the above analysis, providing an authentication method capable of protecting user privacy is a problem that needs to be solved in the industry.
Disclosure of Invention
The application provides an authentication method, an authentication device and an authentication system, which have higher security performance.
In a first aspect, there is provided an authentication method, the method comprising: the terminal equipment receives an authentication request message sent by an access and mobile management functional entity; the terminal equipment authenticates according to the authentication request message; if the authentication fails, the terminal equipment encrypts the reason value corresponding to the authentication failure type to obtain failure encryption information; the terminal device sends the failure encryption information to the access and mobility management function entity.
According to the embodiment of the application, the reason value of the authentication failure type is encrypted, so that an attacker cannot distinguish which authentication failure type is specific even if the attacker intercepts the authentication failure message, the attacker cannot locate the user, the privacy of the user is guaranteed not to be revealed, and the safety performance of the system is improved.
With reference to the first aspect, in some implementation manners of the first aspect, the encrypting, by the terminal device, the cause value corresponding to the authentication failure type to obtain failure encryption information includes: if the authentication failure type is synchronization failure, encrypting the reason value corresponding to the synchronization failure and the local serial number information of the terminal equipment to obtain failure encryption information; or if the authentication failure type is that the message authentication code fails, encrypting the reason value corresponding to the message authentication code failure to obtain the failed encryption information.
With reference to the first aspect, in certain implementations of the first aspect, the length of the failed encryption information is the same for different authentication failure types.
According to the embodiment, an attacker cannot distinguish which authentication failure type is through the length of the failed encryption information, so that the attacker cannot locate or associate the position of the tracked user, and the privacy of the user is ensured not to be revealed.
With reference to the first aspect, in some implementation manners of the first aspect, the encrypting the cause value corresponding to the synchronization failure and the local serial number information of the terminal device to obtain the failed encrypted information includes: performing serial operation on the cause value corresponding to the synchronization failure and the local serial number information of the terminal equipment to obtain a first intermediate value; and carrying out encryption operation on the first intermediate value to obtain the failure encryption information.
With reference to the first aspect, in some implementation manners of the first aspect, encrypting a cause value corresponding to a failure of the message authentication code to obtain the failed encrypted information, including: performing serial operation on the cause value corresponding to the failure of the message authentication code and binary numbers of N bits to obtain a second intermediate value; and carrying out encryption operation on the second intermediate value to obtain the failure encryption information, wherein N is an integer greater than or equal to 1.
With reference to the first aspect, in certain implementation manners of the first aspect, the failed encryption information is sent through an authentication failure message, where the authentication failure message further includes: and the encryption indication information is used for indicating that the authentication failure message carries the failure encryption information.
With reference to the first aspect, in some implementations of the first aspect, the local sequence number information of the terminal device includes a local sequence number of the terminal device or a parameter generated by processing the local sequence number of the terminal device.
With reference to the first aspect, in certain implementations of the first aspect, the method further includes: acquiring a first authentication code according to a cause value corresponding to an authentication failure type, wherein the first authentication code is used for verifying the authentication failure type; the terminal device sends the first authentication code to the access and mobility management function entity.
With reference to the first aspect, in certain implementations of the first aspect, the method further includes: the terminal equipment generates a sharing secret key; the terminal device encrypts a cause value corresponding to the authentication failure type to obtain failure encryption information, and the method comprises the following steps: and the terminal equipment uses the shared secret key to encrypt the reason value corresponding to the authentication failure type so as to obtain failure encryption information.
In a second aspect, there is provided an authentication method, the method comprising: the access and mobile management functional entity sends an authentication request message to the terminal equipment; the access and mobile management functional entity receives the failure encryption information sent by the terminal equipment, and the failure encryption information is obtained after encryption processing is carried out on the reason value corresponding to the authentication failure type.
With reference to the second aspect, in some implementations of the second aspect, the failure encryption information is obtained after encryption processing by using a cause value corresponding to an authentication failure type, including: if the authentication failure type is synchronous failure, the failure encryption information is obtained by encrypting the reason value corresponding to the synchronous failure and the local serial number information of the terminal equipment; or if the authentication failure type is message authentication code failure, the failure encryption information is obtained by encrypting the reason value corresponding to the message authentication code failure.
With reference to the second aspect, in certain implementations of the second aspect, the length of the failed encryption information is the same for different authentication failure types.
With reference to the second aspect, in some implementation manners of the second aspect, the failure encryption information is obtained after encryption processing is performed on a cause value corresponding to the synchronization failure and local serial number information of the terminal device, and includes: performing serial operation on the cause value corresponding to the synchronization failure and the local serial number information of the terminal equipment to obtain a first intermediate value; and carrying out encryption operation on the first intermediate value to obtain the failure encryption information.
With reference to the second aspect, in some implementation manners of the second aspect, the failure encryption information is obtained by performing encryption processing on a cause value corresponding to a failure of the message authentication code, and includes:
performing serial operation on the cause value corresponding to the failure of the message authentication code and binary numbers of N bits to obtain a second intermediate value; and carrying out encryption operation on the second intermediate value to obtain the failure encryption information, wherein N is an integer greater than or equal to 1.
With reference to the second aspect, in certain implementations of the second aspect, the failed encryption information is sent by an authentication failure message, the authentication failure message further including: and the encryption indication information is used for indicating that the authentication failure message carries the failure encryption information.
With reference to the second aspect, in some implementations of the second aspect, the local serial number information of the terminal device includes a local serial number of the terminal device or a parameter generated by processing the local serial number of the terminal device.
With reference to the second aspect, in certain implementations of the second aspect, the method further includes: the access and mobility management function entity sends the failed encryption information to the authentication server function entity.
With reference to the second aspect, in certain implementations of the second aspect, the method further includes: the access and mobile management function entity decrypts the failed encrypted information.
With reference to the second aspect, in some implementations of the second aspect, the authentication failure message further includes a first authentication code, where the first authentication code is obtained according to a cause value of the authentication failure type, and the first authentication code is used to verify the authentication failure type; the method further comprises the steps of: and matching the first authentication code with a second authentication code, and determining the authentication failure type according to a matching result, wherein the second authentication code is obtained according to a cause value corresponding to the first authentication failure type, and the first authentication failure type is message verification code failure or synchronization failure.
With reference to the second aspect, in certain implementations of the second aspect, the method further includes: the access and mobile management functional entity generates a shared secret key; the access and mobile management function entity decrypts the failed encrypted information, including: the access and mobility management function entity uses the shared key to decrypt the failed encrypted message.
In a third aspect, there is provided an authentication method, the method comprising: the authentication server functional entity receives the failure encryption information sent by the access and mobile management functional entity, and the failure encryption information is obtained after encryption processing is carried out on the reason value corresponding to the authentication failure type.
With reference to the third aspect, in some implementations of the third aspect, the failure encryption information is obtained after encryption processing is performed on a cause value corresponding to an authentication failure type, including: if the authentication failure type is synchronous failure, the failure encryption information is obtained by encrypting the reason value corresponding to the synchronous failure and the local serial number information of the terminal equipment; or if the authentication failure type is message authentication code failure, the failure encryption information is obtained by encrypting the reason value corresponding to the message authentication code failure.
With reference to the third aspect, in some implementations of the third aspect, the length of the failed encryption information is the same for different authentication failure types.
With reference to the third aspect, in some implementations of the third aspect, the failure encryption information is obtained after encryption processing is performed on a cause value corresponding to the synchronization failure and local serial number information of the terminal device, and includes: performing serial operation on the cause value corresponding to the synchronization failure and the local serial number information of the terminal equipment to obtain a first intermediate value; and carrying out encryption operation on the first intermediate value to obtain the failure encryption information.
With reference to the third aspect, in some implementations of the third aspect, the failure encryption information is obtained after encryption processing is performed on a cause value corresponding to a failure of the message authentication code, including: performing serial operation on the cause value corresponding to the failure of the message authentication code and binary numbers of N bits to obtain a second intermediate value; and carrying out encryption operation on the second intermediate value to obtain the failure encryption information, wherein N is an integer greater than or equal to 1.
With reference to the third aspect, in some implementations of the third aspect, the local sequence number information of the terminal device includes a local sequence number of the terminal device or a parameter generated by processing the local sequence number of the terminal device.
With reference to the third aspect, in certain implementations of the third aspect, the method further includes: the authentication server function entity transmits the failed encryption information to a unified data management entity.
With reference to the third aspect, in certain implementations of the third aspect, the method further includes: the authentication server functional entity decrypts the failed encrypted information.
With reference to the third aspect, in certain implementations of the third aspect, the method further includes: the authentication server functional entity generates a shared secret key; the authentication server functional entity decrypts the failed encrypted information, including: the authentication server function entity uses the shared secret key to decrypt the failed encrypted information.
With reference to the third aspect, in certain implementations of the third aspect, the method further includes: the authentication server functional entity generates a second authentication code, and the second authentication code is used for verifying the authentication failure type; the authentication server function entity sends the second authentication code to an access and mobility management function entity.
In a fourth aspect, there is provided an authentication method, the method comprising: the unified data management entity receives failure encryption information sent by the authentication server functional entity, and the failure encryption information is obtained after encryption processing is carried out on a reason value corresponding to the authentication failure type; the unified data management entity decrypts the failed encrypted information.
With reference to the fourth aspect, in some implementations of the fourth aspect, the failure encryption information is obtained by encrypting a cause value corresponding to an authentication failure type, and includes: if the authentication failure type is synchronous failure, the failure encryption information is obtained by encrypting the reason value corresponding to the synchronous failure and the local serial number information of the terminal equipment; or if the authentication failure type is message authentication code failure, the failure encryption information is obtained by encrypting the reason value corresponding to the message authentication code failure.
With reference to the fourth aspect, in some implementations of the fourth aspect, the length of the failed encryption information is the same for different authentication failure types.
With reference to the fourth aspect, in some implementations of the fourth aspect, the failure encryption information is obtained after encryption processing is performed on a cause value corresponding to the synchronization failure and local serial number information of the terminal device, including: performing serial operation on the cause value corresponding to the synchronization failure and the local serial number information of the terminal equipment to obtain a first intermediate value; and carrying out encryption operation on the first intermediate value to obtain the failure encryption information.
With reference to the fourth aspect, in some implementation manners of the fourth aspect, the failure encryption information is obtained by performing encryption processing on a cause value corresponding to the failure of the message authentication code, and includes: performing serial operation on the cause value corresponding to the failure of the message authentication code and binary numbers of N bits to obtain a second intermediate value; and carrying out encryption operation on the second intermediate value to obtain the failure encryption information, wherein N is an integer greater than or equal to 1.
With reference to the fourth aspect, in some implementations of the fourth aspect, the local serial number information of the terminal device includes a local serial number of the terminal device or a parameter generated by processing the local serial number of the terminal device.
With reference to the fourth aspect, in certain implementations of the fourth aspect, the method further includes: the unified data management entity generating a shared secret key; the unified data management entity decrypts the failed encrypted information, including: and decrypting the failed encrypted information by using the shared secret key.
With reference to the fourth aspect, in certain implementations of the fourth aspect, the method further includes: the unified data management entity generates a second authentication code, and the second authentication code is used for verifying the authentication failure type; the unified data management entity sends the second authentication code to an access and mobility management function entity.
In a fifth aspect, there is provided an authentication device comprising individual modules or units for performing the method in any one of the possible implementations of the first to fourth aspects.
In a sixth aspect, an authentication device is provided that includes a processor. The processor is coupled to the memory and operable to execute instructions in the memory to implement the method of any one of the possible implementations of the first to fourth aspects. Optionally, the secure session device further comprises a memory. Optionally, the secure session device further comprises a communication interface, the processor being coupled with the communication interface.
In one implementation, the authentication device is a communication device, such as a terminal device, AMF, AUSF, or UDM in the embodiments of the present application. When the authentication device is a communication device, the communication interface may be a transceiver, or an input/output interface.
In another implementation, the authentication device is a chip configured in a communication device, such as a chip configured in a terminal device, an AMF, an AUSF, or a UDM as in the embodiments of the present application. When the authentication device is a chip configured in a communication device, the communication interface may be an input/output interface.
Alternatively, the transceiver may be a transceiver circuit. Alternatively, the input/output interface may be an input/output circuit.
In a seventh aspect, there is provided a processor comprising: input circuit, output circuit and processing circuit. The processing circuit is configured to receive signals via the input circuit and transmit signals via the output circuit, such that the processor performs the method of any one of the possible implementations of the first to fourth aspects.
In a specific implementation process, the processor may be a chip, the input circuit may be an input pin, the output circuit may be an output pin, and the processing circuit may be a transistor, a gate circuit, a trigger, various logic circuits, and the like. The input signal received by the input circuit may be received and input by, for example and without limitation, a receiver, the output signal may be output by, for example and without limitation, a transmitter and transmitted by a transmitter, and the input circuit and the output circuit may be the same circuit, which functions as the input circuit and the output circuit, respectively, at different times. The embodiments of the present application do not limit the specific implementation manner of the processor and the various circuits.
In an eighth aspect, a processing device is provided that includes a processor and a memory. The processor is configured to read instructions stored in the memory and to receive signals via the receiver and to transmit signals via the transmitter to perform the method of any one of the possible implementations of the first to fourth aspects.
Optionally, the processor is one or more, and the memory is one or more.
Alternatively, the memory may be integrated with the processor or the memory may be separate from the processor.
In a specific implementation process, the memory may be a non-transient (non-transitory) memory, for example, a Read Only Memory (ROM), which may be integrated on the same chip as the processor, or may be separately disposed on different chips.
It should be appreciated that the related data interaction process, for example, transmitting the indication information, may be a process of outputting the indication information from the processor, and the receiving the capability information may be a process of receiving the input capability information by the processor. Specifically, the data output by the processing may be output to the transmitter, and the input data received by the processor may be from the receiver. Wherein the transmitter and receiver may be collectively referred to as a transceiver.
The processing means in the eighth aspect may be a chip, and the processor may be implemented by hardware or software, and when implemented by hardware, the processor may be a logic circuit, an integrated circuit, or the like; when implemented in software, the processor may be a general-purpose processor, implemented by reading software code stored in a memory, which may be integrated in the processor, or may reside outside the processor, and exist separately.
In a ninth aspect, there is provided a computer program product comprising: a computer program (which may also be referred to as code, or instructions) which, when executed, causes a computer to perform the method of any one of the possible implementations of the first to fourth aspects described above.
In a tenth aspect, a computer readable medium is provided, which stores a computer program (which may also be referred to as code, or instructions) which, when run on a computer, causes the computer to perform the method of any one of the possible implementations of the first to fourth aspects.
An eleventh aspect provides a communication system comprising the aforementioned terminal device, access and mobility management function entity, authentication server function entity, or unified data management entity.
Drawings
FIG. 1 is a schematic diagram of a network architecture suitable for use in the methods provided by embodiments of the present application;
FIG. 2 is a schematic flow chart of an example of an authentication method according to the present application;
FIG. 3 is a schematic flow chart of another example of an authentication method according to the present application;
FIG. 4 is a schematic flow chart of yet another example of an authentication method according to the present application;
FIG. 5 is a schematic flow chart diagram of yet another example of an authentication method according to the present application;
FIG. 6 is a schematic block diagram of an authentication device according to the present application;
fig. 7 is a schematic block diagram of an authentication device according to the present application.
Detailed Description
The technical solutions in the present application will be described below with reference to the accompanying drawings.
The technical solution of the embodiment of the application can be applied to various communication systems, for example: global system for mobile communications (global system for mobile communications, GSM), code division multiple access (code division multiple access, CDMA) system, wideband code division multiple access (wideband code division multiple access, WCDMA) system, general packet radio service (general packet radio service, GPRS), long term evolution (long term evolution, LTE) system, LTE frequency division duplex (frequency division duplex, FDD) system, LTE time division duplex (time division duplex, TDD), universal mobile telecommunications system (universal mobile telecommunication system, UMTS), worldwide interoperability for microwave access (worldwide interoperability for microwave access, wiMAX) communication system, future fifth generation (5th generation,5G) system, or New Radio (NR), etc.
It should be understood that the embodiment of the present application is not particularly limited to the specific structure of the execution body of the method provided in the embodiment of the present application, as long as the communication can be performed by executing the program recorded with the code of the method provided in the embodiment of the present application in the method provided in accordance with the embodiment of the present application, for example, the execution body of the method provided in the embodiment of the present application may be a terminal device or a network device, or a functional module in the terminal device or the network device that can call the program and execute the program.
For the sake of understanding the embodiments of the present application, first, an application scenario of the embodiments of the present application will be described in detail with reference to fig. 1.
Fig. 1 is a schematic diagram of a network architecture suitable for use in the methods provided in embodiments of the present application. As shown, the network architecture may be, for example, a non-roaming (non-roaming) architecture. The network architecture may specifically include the following network elements:
1. terminal equipment (UE): a user equipment, terminal, access terminal, subscriber unit, subscriber station, mobile station, remote terminal, mobile device, user terminal, wireless communication device, user agent, or user device may be referred to. The UE may also be a cellular phone, a cordless phone, a session initiation protocol (session initiation protocol, SIP) phone, a wireless local loop (wireless local loop, WLL) station, a personal digital assistant (personal digital assistant, PDA), a handheld device with wireless communication capabilities, a computing device or other processing device connected to a wireless modem, a car-mounted device, a wearable device, a terminal device in a future 5G network or a terminal device in a future evolved public land mobile communication network (public land mobile network, PLMN), etc., as well as an end device, a logical entity, a smart device, a terminal device such as a cell phone, a smart terminal, or a server, gateway, base station, controller, etc., or an internet of things (Internet of things, ioT) device, such as a sensor, an electricity meter, a water meter, etc. The embodiments of the present application are not limited in this regard.
2. Access Network (AN): the network access function is provided for authorized users in a specific area, and transmission tunnels with different qualities can be used according to the level of the users, the requirements of services and the like. The access network may be an access network employing different access technologies. There are two types of current radio access technologies: third generation partnership project (3rd Generation Partnership Project,3GPP) access technologies (e.g., wireless access technologies employed in 3G, 4G, or 5G systems) and non-third generation partnership project (non-3 GPP) access technologies. The 3GPP access technology refers to an access technology conforming to the 3GPP standard specification, and an access network employing the 3GPP access technology is referred to as a radio access network (Radio Access Network, RAN), wherein an access network device in the 5G system is referred to as a next generation base station node (next generation Node Base station, gNB). The non-3GPP access technology refers to an access technology that does not conform to the 3GPP standard specification, for example, an air interface technology typified by an Access Point (AP) in wifi.
An access network implementing access network functions based on wireless communication technology may be referred to as a radio access network (radio access network, RAN). The radio access network can manage radio resources, provide access service for the terminal, and further complete the forwarding of control signals and user data between the terminal and the core network.
The radio access network may be, for example, a base station (NodeB), an evolved NodeB (eNB or eNodeB), a base station (gNB) in a 5G mobile communication system, a base station in a future mobile communication system, an AP in a WiFi system, or the like, or may be a radio controller in a cloud radio access network (cloud radio access network, CRAN) scenario, or the access network device may be a relay station, an access point, a vehicle-mounted device, a wearable device, and a network device in a future 5G network or a network device in a future evolved PLMN network, or the like. The embodiment of the application does not limit the specific technology and the specific equipment form adopted by the wireless access network equipment.
3. Access and mobility management function (access and mobility management function, AMF) entity: the method is mainly used for mobility management, access management and the like, and can be used for realizing other functions besides session management in the functions of a mobility management entity (mobility management entity, MME), such as legal interception, access authorization (or authentication) and the like. In the embodiment of the application, the method and the device can be used for realizing the functions of the access and mobile management network elements.
4. Session management function (session management function, SMF) entity: the method is mainly used for session management, internet protocol (Internet Protocol, IP) address allocation and management of the UE, terminal nodes of a selective manageable user plane function, policy control or charging function interface, downlink data notification and the like. In the embodiment of the application, the method and the device can be used for realizing the function of the session management network element.
5. User plane function (User Plane Function, UPF) entity: i.e. a data plane gateway. Quality of service (quality of service, qoS) handling, etc. for packet routing and forwarding, or user plane data. User data may be accessed to a Data Network (DN) through the network element. In the embodiment of the application, the method and the device can be used for realizing the functions of the user plane gateway.
6. Data Network (DN): for providing a network for transmitting data. Such as a network of operator services, internet network, third party service network, etc.
7. Authentication server function (authentication server function, AUSF) entity: the method is mainly used for user authentication and the like.
8. Network open function (network exposure function, NEF) entity: for securely opening services and capabilities provided by 3GPP network functions, etc., to the outside.
9. Network Function (NF) repository function, NRF entity for storing the description information of the network function entity and its service provided, and supporting service discovery, network element entity discovery, etc.
10. Policy control function (policy control function, PCF) entity: a unified policy framework for guiding network behavior, providing policy rule information for control plane function network elements (e.g., AMF, SMF network elements, etc.), and the like.
11. Unified data management (unified data management, UDM) entity: for handling user identification, access authentication, registration, or mobility management, etc.
12. Application function (application function, AF) entity: the method is used for carrying out data routing of application influence, accessing network elements with open functions of the network, or carrying out strategy control and the like in interaction with a strategy framework.
In the network architecture, an N1 interface is a reference point between a terminal and an AMF entity; the N2 interface is a reference point of AN and AMF entities, and is used for sending non-access stratum (NAS) messages; the N3 interface is a reference point between the (R) AN and the UPF entity and is used for transmitting data of a user plane and the like; the N4 interface is a reference point between the SMF entity and the UPF entity, and is used for transmitting information such as tunnel identification information, data buffer indication information, downlink data notification message, and the like of the N3 connection; the N6 interface is a reference point between the UPF entity and the DN, and is used for transmitting data of the user plane, etc.
It should be understood that the network architecture applied to the embodiments of the present application is merely an exemplary network architecture described from the perspective of a conventional point-to-point architecture and a service architecture, and the network architecture to which the embodiments of the present application are applicable is not limited thereto, and any network architecture capable of implementing the functions of the respective network elements described above is applicable to the embodiments of the present application.
It should also be understood that the AMF entity, SMF entity, UPF entity, NSSF entity, NEF entity, AUSF entity, NRF entity, PCF entity, UDM entity shown in fig. 1 may be understood as network elements in the core network for implementing different functions, e.g. may be combined into network slices as required. The core network elements may be independent devices, or may be integrated in the same device to implement different functions, which is not limited in this application.
Hereinafter, for convenience of explanation, an entity for implementing an AMF is referred to as an AMF, an entity for implementing an AUSF is referred to as an AUSF, and an entity for implementing a UDM function is referred to as a UDM. It should be understood that the above designations are merely for distinguishing between different functions, and do not represent that these network elements are separate physical devices, and the specific form of the network elements is not limited in this application, and may be, for example, integrated into the same physical device or may be separate physical devices. Furthermore, the above designations are merely for convenience in distinguishing between different functions and should not be construed as limiting the application in any way, which does not exclude the possibility of employing other designations in 5G networks and other networks in the future. For example, in a 6G network, some or all of the individual network elements may follow the terminology in 5G, possibly by other names, etc. The description is unified herein, and will not be repeated.
It should also be understood that the names of interfaces between the network elements in fig. 1 are only an example, and the names of interfaces in the specific implementation may be other names, which are not specifically limited in this application. Furthermore, the names of the transmitted messages (or signaling) between the various network elements described above are also merely an example, and do not constitute any limitation on the function of the message itself.
Fig. 2 is a schematic flow chart of an authentication method 200 provided in an embodiment of the present application. As shown in fig. 2, the method 200 includes the following.
In step S210, the AMF transmits an authentication request message to the terminal device.
Specifically, the AMF sends an authentication request message to the terminal device in preparation for authenticating the terminal device. As an example, an authentication random number (RAND), an authentication token (authentication token, AUTN) may be carried in the authentication request message, and a message authentication code and a sequence number may be included in the AUTN.
In step S221, the terminal device performs authentication according to the authentication request message.
For example, the terminal device may authenticate based on the RAND and AUTN.
Specifically, the terminal device may send the RAND and AUTN to a global subscriber identity module (universal subscriber identity module, USIM), where the USIM first calculates a desired message authentication code XMAC according to the AUTN, RAND and root key K, and then compares the XMAC with the MAC in the AUTN, and if the verification fails (e.g., the two are not equal), determines that the authentication fails, and the authentication failure type is a message authentication code failure (MAC failure), and at this time, the terminal device generates a cause value corresponding to the message authentication code failure.
If the comparison check of the XMAC and the MAC in the AUTN is successful (e.g., equal), then the check is continued to see if the SQN in the AUTN is within a valid range (e.g., check if the SQN is greater than the local sequence number SQN of the terminal device) MS ) If the verification fails (e.g., the SQN is less than or equal to the SQN MS ) The authentication failure is determined and the authentication failure type is a synchronization failure (synchronization failure), and at this time, the terminal device also generates a cause value corresponding to the synchronization failure.
The reason value corresponding to the message authentication code failure is used for indicating that the authentication failure type is the message authentication code failure, and the reason value corresponding to the synchronization failure is used for indicating that the authentication failure type is the synchronization failure, and the two types are different.
As an example, the cause value corresponding to the message authentication code failure and the cause value corresponding to the synchronization failure may be binary numbers of 8 bits, for example, the cause value corresponding to the message authentication code failure may be "00010100", and likewise, the cause value corresponding to the synchronization failure may be "00010101".
In step 222, if the authentication fails, the cause value corresponding to the authentication failure type is encrypted to obtain failed encrypted information.
For example, if the authentication failure type is that the message authentication code fails, the reason value corresponding to the message authentication code fails is encrypted.
For another example, if the authentication failure type is a synchronization failure, the cause value corresponding to the synchronization failure is encrypted.
It should be understood that, the method of encrypting the cause value corresponding to the authentication failure type in the embodiment of the present application is not limited, and the terminal device may negotiate with the network side device (for example, any one of AMF, AUSF, UDM) to encrypt the cause value corresponding to the authentication failure type.
As an example, the reason value corresponding to the authentication failure type may be encrypted by using a symmetric encryption method, for example, the terminal device uses the root key K to encrypt the reason value corresponding to the authentication failure type, and then the network side device (for example, any one of AMF, AUSF, UDM) may use the same key to decrypt the failure encryption information. As another example, the terminal device may use the same shared key as the network-side device (e.g., based on authentication function key K ausf Calculated shared key) to encrypt the cause value corresponding to the authentication failure type, and similarly, the network-side device (e.g., any one of AMF, AUSF, UDM) may decrypt the failed encrypted information using the shared key.
As an example, the cause value corresponding to the authentication failure type may be encrypted by using an asymmetric encryption method, for example, the authentication failure type information may be encrypted by using a public key (private key) of the home network, and the network side device may decrypt the failure encrypted information by using the corresponding private key (public key).
As an example, the reason value corresponding to the authentication failure type may be encrypted using a method based on a user hidden identifier (subscription concealed identifier, sui) encryption or a method based on a resynchronization parameter (resynchronization token, AUTS) encryption, and the network side device may decrypt the failure encryption information using a corresponding sui decryption-based method or an AUTS decryption-based method.
It should be understood that the key used for encrypting the cause value corresponding to the authentication failure type may be owned by the terminal device itself, may be acquired through a network, or may be derived from the terminal device itself.
In step 230, the terminal device transmits the failed encryption information to the AMF.
Specifically, the terminal device sends the failed encryption information to the AMF, so as to feed back the authentication failure result to the network side device such as the AMF, so that the network side device such as the AMF can determine the next action (e.g. reinitiate authentication) according to the authentication failure result.
For example, the terminal device may send the failed encryption information to the AMF through an authentication failure message.
The network side equipment such as AMF can decrypt the failure encryption information according to a preset mode to obtain a reason value corresponding to the authentication failure type, and finally the authentication failure type is determined.
According to the embodiment of the application, the reason value corresponding to the authentication failure type can be encrypted to obtain the failure encryption information, even if the failure encryption information is intercepted by an attacker on an air interface, the attacker cannot decrypt the failure encryption information, and further cannot distinguish which authentication failure type is, so that the attacker cannot locate or associate the position of the tracked user, and the privacy of the user is guaranteed not to be leaked.
Alternatively, in step S222, the manner of performing encryption processing for the cause values corresponding to different authentication failure types may be different.
For example, if the authentication failure type is a message authentication code failure, encryption processing is performed on a cause value corresponding to the message authentication code failure.
If the authentication failure type is synchronization failure, encryption processing can be performed on the reason value corresponding to the synchronization failure and the local serial number information of the terminal equipment at the same time.
Specifically, for synchronization failure, the authentication failure information generally further includes local sequence number information of the terminal device, so that the UDM can acquire the local sequence number SQN of the terminal device MS And according to the SQN MS A new authentication is initiated. However, for the failure of the message authentication code, the local serial number information of the terminal device is not included in the authentication failure information, so as to prevent an attacker from distinguishing the authentication failure type according to the local serial number information of the terminal device, and for the synchronization failure, the reason value corresponding to the synchronization failure and the local serial number information of the terminal device may be simultaneously encrypted.
Specifically, the local serial number SQN of the terminal device can be obtained through the local serial number information of the terminal device MS The local sequence number information of the terminal device may include a local sequence number of the terminal device or a parameter generated by processing the local sequence number of the terminal device, for example, the local sequence number information of the terminal device may include an authentication failure parameter (authentication failure parameter).
In addition, the authentication failure parameters typically include a parameter name, a parameter length, and an AUTS. Wherein AUTS is through pair SQN MS Exclusive OR with AK and carry MAC-S, thereby realizing the SQN MS The calculation formula of AUTS is as follows:
wherein AK is an Anonymous Key (AK),representing exclusive or operations, and "||" representing tandem operations, MAC-S is a resynchronisation message authentication code (message authentication code synchronization).
That is, the local sequence number information of the terminal device may further include a resynchronization parameter AUTS, a local sequence number SQN of the terminal device MS Results SQN of exclusive-or operation with anonymity key AK MS AK or local sequence number SQN of the terminal device MS
Therefore, for the synchronization failure, the reason value corresponding to the synchronization failure and the authentication failure parameter may be simultaneously encrypted to obtain the failed encryption information.
Or, for the synchronization failure, the reason value corresponding to the synchronization failure and the AUTS may be encrypted at the same time to obtain the failed encryption information.
Alternatively, for a synchronization failure, the reason value corresponding to the synchronization failure and the SQN may be simultaneously used MS And AK performs encryption processing to obtain the failed encryption information.
Alternatively, for a synchronization failure, the reason value corresponding to the synchronization failure and the SQN may be simultaneously used MS And performing encryption processing to obtain the failed encryption information.
Optionally, as an embodiment, for a synchronization failure, encrypting a cause value corresponding to the synchronization failure and local serial number information of the terminal device, to obtain the failed encrypted information may be in the following manner:
the cause value (indicated as cause # 1) corresponding to the synchronization failure and the local serial number information (indicated as SQN # 1) of the terminal equipment are subjected to a series operation to obtain a first intermediate value, which can be indicated as: the result #1 SQN #1 performs an encryption operation on the first intermediate value to obtain the failed encrypted information, which may be written as: enc (cause #1||sqn # 1).
Specifically, performing serial operation on the cause value corresponding to the synchronization failure and the local serial number information of the terminal device refers to splicing the cause value corresponding to the synchronization failure and the local serial number information of the terminal device together end to end (the sequence of the cause value and the local serial number information is not limited), so as to obtain the first intermediate value, and continuing to perform encryption operation on the first intermediate value to obtain the failed encryption information.
For example, the first intermediate value obtained by performing a series operation of the cause value corresponding to the synchronization failure and the authentication failure parameter (denoted as afp#1) may be denoted as: the result # 1|afp #1 is then encrypted with the first intermediate value to obtain the encryption failure information, which may be described as: enc (cause #1||afp # 1).
For another example, the first intermediate value obtained by performing a series operation on the cause value corresponding to the synchronization failure and the aus may be described as: the result # 1|auts is then encrypted with the first intermediate value to obtain the encryption failure information, which may be expressed as: enc (cause # 1||auts).
For another example, the reason value corresponding to the synchronization failure and the SQN MS The first intermediate value obtained by performing the series operation on AK may be described as: cause #1 SQN MS AK, then performing encryption operation on the first intermediate value to obtain the encryption failure information, which can be written as: enc (cause #1 SQN) MS ⊕AK)。
For another example, the reason value corresponding to the synchronization failure and the local sequence number SQN of the terminal device MS The first intermediate value obtained by performing the series operation can be described as: cause #1 SQN MS Then, the first intermediate value is subjected to encryption operation to obtain the encryption failure information, which can be expressed as: enc (cause #1 SQN) MS )。
It should be understood that the encryption processing is performed on the cause value corresponding to the synchronization failure and the local serial number information of the terminal device, so as to obtain the failed encryption information, which may also be performed in other manners. For example, other operations (for example, exclusive or operation) may be performed on the cause value corresponding to the synchronization failure and the local serial number information of the terminal device, so as to obtain the first intermediate value, and then, an encryption operation may be performed on the first intermediate value, which is not limited in this application.
Alternatively, the length of the failed encryption information is the same for different authentication failure types.
Specifically, in a normal case, the reason value corresponding to the synchronization failure and the reason value corresponding to the message authentication code failure have the same length, and when the authentication failure type is the synchronization failure, the reason value corresponding to the synchronization failure and the local serial number information of the terminal device may be subjected to a serial operation to obtain a first intermediate value, and the first intermediate value is subjected to an encryption operation to obtain the failed encryption information.
Because of the existence of the local serial number information of the terminal device, the length of the encryption failure information corresponding to the authentication failure type is possibly obviously larger than the length of the encryption failure information corresponding to the message authentication code failure under the condition that the authentication failure type is synchronous failure, and based on the reason, an attacker can distinguish which authentication failure type is according to the length of the encryption failure information.
In view of this, when the terminal device performs encryption processing on the cause value corresponding to the authentication failure type, the length of the failed encryption information may be made the same for different authentication failure types.
As an example, the length of the failed encryption information may be made the same by at least one of:
Mode 1
The cause value corresponding to the failure of the message authentication code is encrypted using a specific encryption scheme (e.g., a specific encryption key), or the cause value corresponding to the synchronization failure and the local serial number information of the terminal device are encrypted using a specific encryption scheme. Different encryption schemes may change the length of the failed encrypted information after encryption, and thus, encryption processing may be performed using a specific encryption scheme such that the length of the failed encrypted information is a certain same value for different authentication failure types.
Mode 2
The contents before the encryption operation and binary numbers of a certain length are subjected to mathematical operations (for example, serial operations, exclusive-or operations, etc.), and then are subjected to encryption processing.
As an example, the content before the encryption operation and a binary number of a certain length may be serially operated, and then the encryption operation may be performed, so that the lengths of the failed encryption information may be the same. The content before the encryption operation may be a corresponding cause value for the message authentication code failure, and the content before the encryption operation may be a result of performing a serial operation between the corresponding cause value and the local serial number information of the terminal device, that is, the first intermediate value, for the synchronization failure.
For example, before the encryption processing is performed on the cause value corresponding to the failure of the message authentication code, a series operation may be performed on the cause value corresponding to the failure of the message authentication code (denoted as cause # 2) and a binary number of N bits (denoted as string # 1), so as to obtain a second intermediate value, which may be denoted as: the result # 2|string #1 performs an encryption operation on the second intermediate value to obtain the failed encrypted information, which may be written as: enc (cause #2||string # 1), where N is an integer of 1 or more.
The composition of the binary number of N bits may be determined by negotiating with the network side device (e.g., any one of AMF, AUSF, UDM), for example, the binary number of N bits may be composed of "0" of any bit and "1" of any bit, for example, the binary number of N bits may be composed of N "0", for example, and for example, the binary number of N bits may be composed of N "1".
For both authentication failure types, synchronization failure and message authentication code failure, the lengths of the failed encryption information corresponding to the two may be made the same (i.e., the length of Enc (cause #1 SQN # 1) and Enc (cause # 2) string # 1) may be made the same).
Therefore, for the same encryption operation method, the length of string#1 and the length of sqn#1 need only be the same, or the value of N and the length value of the local sequence number information of the terminal equipment are the same. For example, the value of N may be equal to the AFP#1, AUTS, SQN MS ⊕AK、SQN MS The length values of any one of the above are equal.
It should be understood that, for other possible future forms of encoding, the length of the authentication failure information of two different authentication failure types may be made to be the same fixed value according to the method similar to the above-mentioned "performing tandem operation with N-bit binary numbers", for example, "N-bit binary numbers" may be equivalent to "N-bit decimal numbers", "N-bit hexadecimal numbers", or "N-bit characters", etc., and all the possible future forms are included in the scope of the present application.
It should be understood that, for two authentication failure types, that is, synchronization failure and message authentication code failure, the same or different mathematical operation manners may be adopted, and the same or different encryption manners may be adopted, so long as the lengths of the failure encryption information corresponding to the two authentication failure types are the same, which is not limited in this application, and all possible forms are within the scope of the technical solution of the present application.
According to the embodiment of the application, an attacker cannot distinguish which authentication failure type is through the length of the failed encryption information, so that the attacker cannot locate or associate the position of the tracked user, and the privacy of the user is ensured not to be revealed.
Alternatively, as another possible embodiment, in order to make it impossible for an attacker to distinguish which authentication failure type is by the length of the failed encryption information, the length of the failed encryption information corresponding thereto may be variable for different authentication failure types and may be within the same variation range.
For example, the length of the failed encryption information corresponding to the failure of the message authentication code can also be made variable by the above-described mode 1 and/or mode 2, and is within the first variation range;
the length of the failed encryption information corresponding to the synchronization failure can be made variable by the above-described mode 1 and/or mode 2, and also falls within the first variation range.
By the above embodiment, the attacker can not distinguish which authentication failure type by the length of the failed encryption information.
Fig. 3 is a schematic flow chart of an authentication method 300 provided in another embodiment of the present application. As shown in fig. 3, the method 300 includes the following.
In step S300, an authentication procedure is initiated between the UDM and the terminal device.
Specifically, the UDM first creates a 5G home environment authentication vector (5G home environment authentication vector,5G HE AV) according to the authentication request, the 5G HE AV may include authentication parameters such as RAND, AUTN, expected response parameters (expected response, XRES), and the like, then sends the 5G HE AV to the AUSF, the AUSF generates a 5G visited environment authentication vector (5G serving environment authentication vector,5G SE HV) according to the 5G HE AV, the 5G SE HV may include authentication parameters such as RAND, AUTN, and hash expected response (hash expected response, HXRES), and the like, then sends the 5G SE HV to the AMF, and the AMF generates an authentication request message according to the 5G SE HV.
In step S310, the AMF transmits the authentication request message to the terminal device.
In step S321, the terminal device performs authentication according to the authentication request message.
In step S322, if the authentication fails, the cause value corresponding to the authentication failure type is encrypted to obtain failed encrypted information.
The steps S310, S321, S322 may be understood by referring to the steps S210, S221, S222 in the method 200, and are not described herein.
In step S330, the terminal device transmits an authentication failure message to the AMF, the authentication failure message including the failed encryption information.
Specifically, the failed encryption information may be sent to the AMF through the authentication failure message, or may be sent to the AMF in other forms (e.g., sent separately).
In step S350, the AMF sends the failed encryption information to the UDM.
In step S360, the UDM decrypts the failed encryption information.
Specifically, the terminal device may send the failed encryption information to the AMF through the authentication failure message, and after the AMF receives the failed encryption information, the AMF may directly send the failed encryption information to the UDM, or may send the failed encryption information to the UDM through the AUSF. For example, the failed encryption information may also be sent to the UDM with a service call for the authentication procedure.
Specifically, the AMF sends the failed encryption information to the UDM, the UDM acquires the failed encryption information and decrypts the failed encryption information, thereby acquiring a cause value corresponding to the authentication failure type, and finally determining the authentication failure type. In addition, the UDM can also acquire the local serial number information of the terminal equipment, and finally acquire the local serial number SQN of the terminal equipment MS . The UDM determines the next action (e.g., re-initiates authentication) based on the obtained information.
The UDM may determine the manner of decrypting the failed encrypted information according to the specific manner in which the terminal device performs the encryption process.
For example, the failed encrypted information may be decrypted using any one of the root key K, a private key (public key) corresponding to the public key (private key) of the home network, a method of decrypting based on the user hidden identifier sui, a method of decrypting based on the resynchronization parameter auss, and a shared key derived by UDM or AUSF.
The UDM decrypts the failed encryption information by using any one of the above methods, so as to obtain a cause value corresponding to the authentication failure type, and finally determine the authentication failure type, and the UDM may determine a next action according to the authentication failure type, for example, including the following case a and case B.
Case A
If the authentication failure type is a message authentication code failure or synchronization failure, the UDM may execute step S370, and in step S370, the UDM reinitiates the authentication procedure.
Case B
If the authentication failure type is that the message authentication code fails, the UDM may execute step S380, and in step S380, the UDM sends a cause value corresponding to the message authentication code failure to the AMF, and the AMF reinitiates the authentication flow, or performs other operations.
Specifically, the UDM may directly send the cause value corresponding to the failure of the message authentication code to the AMF, or may send the cause value corresponding to the failure of the message authentication code to the AMF through the AUSF.
Optionally, the method 300 may further include the following.
In step S323, the terminal device generates encryption instruction information.
Specifically, the encryption indication information is used for indicating that the authentication failure message carries the failed encryption information, wherein the authentication failure message comprises the encryption indication information.
Specifically, the terminal device may send the encryption indication information to the AMF through the authentication failure message, or may send the encryption indication information to the AMF through other manners (e.g., separately sending).
As an example, the encryption indication information may be a new Cause value contained in the 5GMM Cause cell, for example, the new Cause value may be used to indicate that the authentication failure type is "message authentication code failure or synchronization failure" or "unknown failure".
In step 340, the AMF determines whether the encryption indication information is included in the authentication failure message.
Specifically, if the AMF determines that the encryption indication information exists, it may determine that the received failed encryption information is obtained after encryption processing, and the AMF may send the failed encryption information to the AUSF, and then the AUSF may send the failed encryption information to the UDM, or the AMF may directly send the failed encryption information to the UDM.
Further, the encryption instruction information is generated simultaneously with the generation of the failed encryption information, and the AMF judges whether or not the encryption instruction information is included in the authentication failure message, whereby it is possible to prevent the AMF from misidentifying the failed encryption information as a cause value corresponding to a certain authentication failure type or from misidentifying the failed encryption information as a certain abnormal cell.
The AMF may also send the encryption indication information to the UDM.
Specifically, the AMF may send the encryption indication information directly to the UDM, or may send the encryption indication information to the UDM through the AUSF. For example, the failed encryption information may also be sent to the UDM with a service call for the authentication procedure.
Fig. 4 is a schematic flow chart of an authentication method 400 according to the present application under a 5G network architecture. As shown in fig. 4, the method 400 includes the following.
The steps S400, S410, S421, S422, S430 may be understood by referring to the steps S300, S310, S321, S322, S330 in the method 300, and will not be described herein.
In step S401, the UDM generates (or derives) a shared key for decrypting the authentication failure information.
In step S402, the UDM transmits the shared key to the AMF.
Specifically, the method for generating the shared secret key by the UDM and the parameters required for generating the shared secret key are not limited in the embodiments of the present application, for example, the UDM may be based on the authentication function key K ausf Deducing to obtain the shared secret key, then sending the shared secret key to an AMF, and storing the shared secret key by the AMF.
The UDM may negotiate with the terminal device the method of generating the shared key, as well as the parameters required to generate the shared key.
The UDM may send the shared key directly to the AMF or may send the shared key to the AMF via the AUSF. For example, the shared key may be sent to the AUSF with the 5G home context authentication vector and to the AMF with the 5G visited context authentication vector.
In addition, the shared key may also be generated by the AUSF, and the AUSF sends the shared key to the AMF. For example, the shared key may be sent to the AMF with the 5G visited environment authentication vector.
In addition, the shared secret key can also be calculated by the AMF itself.
In step S4211, the terminal device generates the shared key for encrypting the cause value corresponding to the authentication failure type.
Specifically, the terminal device may also generate the shared secret key, and encrypt the cause value (possibly including the local serial number information of the terminal device) corresponding to the authentication failure type with the shared secret key.
For example, the terminal device may also be based on the authentication function key K ausf Deducing to obtain the shared secret key, and carrying out encryption processing by using the shared secret key.
Alternatively, the terminal device may negotiate with the UDM (or AUSF, or AMF) to generate the shared key using other methods and other parameters.
In step S422, if the authentication fails, the terminal device uses the shared key to encrypt the cause value (possibly including the local serial number information of the terminal device) corresponding to the authentication failure type, so as to obtain the failed encrypted information.
In step S441, the AMF decrypts the failed encryption information.
Specifically, the AMF obtains the failed encryption information, decrypts the failed encryption information using the shared key, thereby obtaining a cause value corresponding to the authentication failure type, and finally determines the authentication failure type. In addition, the AMF may further obtain local sequence number information of the terminal device. The AMF determines the next action (e.g., re-initiating authentication) based on the obtained information.
The AMF decrypts the failed encryption information by using the shared secret key, thereby obtaining a cause value corresponding to the authentication failure type, and finally determining the authentication failure type, and the AMF may determine a next action according to the authentication failure type, for example, including the following case X and case Y.
Case X
If the authentication failure type is that the message authentication code fails, step S442 is executed, and the AMF initiates a re-authentication procedure or performs other operations.
Case Y
The authentication failure type is a synchronization failure, steps S450-460 are performed.
In step S450, the AMF sends the reason value corresponding to the synchronization failure and the local sequence number information of the terminal device to the UDM.
Specifically, the AMF may directly send the cause value corresponding to the synchronization failure and the local sequence number information of the terminal device to the UDM, or may send the cause value corresponding to the synchronization failure and the local sequence number information of the terminal device to the UDM through the AUSF. For example, the cause value corresponding to the synchronization failure and the local serial number information of the terminal device may also be sent to the UDM along with the service call of the authentication procedure.
In step S460, the UDM initiates a reauthentication procedure.
Specifically, the UDM acquires a cause value corresponding to the synchronization failure and local sequence number information of the terminal device, determines the type of the authentication failure as the synchronization failure, and determines a local sequence number SQN of the terminal device at the same time MS . The UDM can be based on the local sequence number SQN of the terminal device MS Initiating a re-authentication procedure.
The method 400 provided in this embodiment and the method 300 provided in the foregoing embodiment are used to decrypt the failure encrypted information by the UDM and the AMF, respectively, and it should be understood that the AUSF may also decrypt the failure encrypted information and send the cause value (possibly including the local serial number information of the terminal device) corresponding to the authentication failure type obtained after decryption to the UDM.
Fig. 5 is a schematic flow chart of an authentication method 500 according to the present application under a 5G network architecture. As shown in fig. 5, the method 500 includes the following.
Steps S500, S510, S521, S522 may be understood by referring to steps S300, S310, S321, S322 in the method 300, and are not described herein.
In step S501, the UDM acquires the second authentication code according to the cause value corresponding to the first authentication failure type.
For example, the UDM may calculate the second authentication code according to a cause value corresponding to a first authentication failure type, where the second authentication code is used to verify an authentication failure type, and the first authentication failure type is a message verification code failure or a synchronization failure.
In step S502, the UDM sends the second authentication code to the AMF.
For example, the first authentication failure type is a message verification code failure, and the UDM may calculate the second authentication code according to a cause value corresponding to the message verification code failure.
For another example, the first authentication failure type is synchronization failure, and the UDM may calculate the second authentication code according to a cause value corresponding to the synchronization failure.
The method for calculating the second authentication code according to the cause value corresponding to the first authentication failure type is not limited, and other parameters required for calculation are not limited. For example, the second authentication code may be calculated based on the root key K, RAND and the cause value corresponding to the authentication failure type.
The UDM may negotiate with the terminal device the method of calculating the second authentication code, and the parameters required for calculating the second authentication code.
Specifically, the UDM calculates the second authentication code, and sends the second authentication code to the AMF, which may store the second authentication code after it is received by the AMF.
The UDM may send the second authentication code directly to the AMF or may send the second authentication code to the AMF through the AUSF. For example, the second authentication code may be sent to the AUSF with the 5G home context authentication vector and to the AMF with the 5G visited context authentication vector.
In addition, the second authentication code may also be calculated by the AUSF, and the AUSF sends the second authentication code to the AMF. For example, the second authentication code may be sent to the AMF with the 5G visited environment authentication vector.
In addition, the second authentication code may also be calculated by the AMF itself.
In step S523, the terminal device acquires a first authentication code according to a cause value corresponding to the authentication failure type.
For example, the terminal device calculates a first authentication code according to the cause value corresponding to the authentication failure type, where the first authentication code is used to verify the authentication failure type.
Specifically, after determining the authentication failure type, the terminal device calculates a first authentication code according to a cause value corresponding to the authentication failure type, where the first authentication code is used to verify the authentication failure type.
For example, if the authentication failure type is a message authentication code failure, the first authentication code is calculated according to a cause value corresponding to the message authentication code failure.
For another example, if the authentication failure type is synchronization failure, the first authentication code is calculated according to a cause value corresponding to the synchronization failure.
The method for calculating the first authentication code according to the cause value corresponding to the authentication failure type is not limited, and other parameters required for calculation are not limited.
It should be understood that the method for calculating the first authentication code by the terminal device according to the cause value corresponding to the authentication failure type and the method for calculating the second authentication code by the UDM according to the cause value corresponding to the first authentication failure type may be the same or different, and other parameters required for calculating the two may be the same or different.
For example, the same calculation method may be adopted for both the first authentication code and the second authentication code, or the terminal device may calculate the first authentication code based on the root key K, RAND and the cause value corresponding to the authentication failure type.
In step S530, the terminal device transmits an authentication failure message to the AMF, the authentication failure message including failure encryption information and the first authentication code.
Specifically, the failed encryption information and the first authentication code may not be sent to the AMF through the authentication failure message, or the failed encryption information and the first authentication code may be sent to the AMF separately or simultaneously through other manners.
In step S541, the AMF determines the authentication failure type according to the first authentication code and the second verification code.
Specifically, referring to the foregoing description, the first authentication code and the second authentication code may be calculated using the same method and parameters. As an example, the first authentication failure type may be that the message verification code fails, that is, the second authentication code is calculated according to a cause value corresponding to the message verification code failure. The first authentication code and the second authentication code can be matched, and the authentication failure type is determined according to the matching result.
For example, if the matching is successful (e.g., the two are equal in size), then it may be determined that the type of authentication failure is the first authentication failure type, i.e., it may be determined that the type of authentication failure is a message verification code failure.
For another example, if the match fails (e.g., the two are not equal in size), then it may be determined that the type of authentication failure is a type other than the first authentication failure type, i.e., it may be determined that the type of authentication failure is a synchronization failure.
It should be appreciated that in step S501, the second authentication code may also be generated simultaneously according to different authentication failure types.
For example, a second authentication code is calculated according to the cause value corresponding to the failure of the message verification code, and at the same time, a second authentication code is also calculated according to the cause value corresponding to the failure of the synchronization.
In step S541, the AMF may determine the authentication failure type according to the first authentication code and the two second verification codes. For example, the first authentication code and the two second authentication codes may be matched at the same time, and the authentication failure type may be determined together according to the matching result.
Compared with the embodiment, the authentication failure type can be obtained in advance according to the matching result of the first authentication code and the second authentication code, the authentication failure type can be obtained after decryption processing is not required to be carried out on the failed encryption information uniformly, the flow is more simplified, and the efficiency is higher.
The AMF may determine the next action based on the authentication failure type, including, for example, case M and case N described below.
Case M
If the authentication failure type is that the message authentication code fails, step S542 is executed, and the AMF initiates a re-authentication procedure or performs other operations.
Case N
The authentication failure type is a synchronization failure, steps S550-570 are performed.
In step S550, the AMF transmits failure encryption information corresponding to the synchronization failure to the UDM.
Specifically, the AMF may directly send the failure encryption information corresponding to the synchronization failure to the UDM, or may send the failure encryption information corresponding to the synchronization failure to the UDM through the AUSF. For example, the failure encryption information corresponding to the synchronization failure may also be sent to the UDM along with the service call of the authentication procedure.
In step S560, the UDM decrypts the failure encryption information corresponding to the synchronization failure.
In step S570, the UDM initiates a reauthentication procedure.
Specifically, the UDM may determine the manner of decrypting the failed encrypted information according to the specific manner in which the terminal device performs the encryption process.
For example, the failed encrypted information may be decrypted using any one of the root key K, a private key (public key) corresponding to the public key (private key) of the home network, a method of decrypting based on the user hidden identifier sui, a method of decrypting based on the resynchronization parameter auss, and a shared key derived by UDM or AUSF.
The UDM decrypts the failure encryption information by using any mode, so that a reason value corresponding to the authentication failure type and the local serial number information of the terminal equipment are obtained. And the UDM initiates a re-authentication flow according to the acquired information.
The authentication method provided in the embodiment of the present application is described in detail above with reference to fig. 2 to 5. The authentication device provided in the embodiment of the present application is described in detail below with reference to fig. 6 to 7.
Fig. 6 is a schematic block diagram of an authentication apparatus 800 provided in an embodiment of the present application. As shown, the authentication apparatus 800 may include: a transceiver unit 810 and a processing unit 820.
In one possible design, the authentication apparatus 800 may be a terminal device in the above method embodiment, or may be a chip for implementing the functions of the terminal device in the above method embodiment.
Specifically, the authentication apparatus 800 may correspond to the terminal device in the methods 200 to 500 according to the embodiments of the present application, and the authentication apparatus 800 may include units for performing the methods performed by the terminal device in the methods 200 to 500 in fig. 2 to 5. And, each unit in the authentication device 800 and the other operations and/or functions described above are respectively for implementing the respective flows of the method 200 in fig. 2, the method 300 in fig. 3, the method 400 in fig. 4, and the method 500 in fig. 5. It should be understood that the specific process of each unit performing the corresponding steps has been described in detail in the above method embodiments, and is not described herein for brevity.
In another possible design, the authentication device 800 may be an AMF in the above method embodiment, or may be a chip for implementing the functions of the AMF in the above method embodiment.
In particular, the authentication device 800 may correspond to the AMFs in the methods 200 to 500 according to an embodiment of the application, and the authentication device 800 may include units for performing the methods performed by the AMFs in the methods 200 to 500 in fig. 2 to 5. And, each unit in the authentication device 800 and the other operations and/or functions described above are respectively for implementing the respective flows of the method 200 in fig. 2, the method 300 in fig. 3, the method 400 in fig. 4, and the method 500 in fig. 5. It should be understood that the specific process of each unit performing the corresponding steps has been described in detail in the above method embodiments, and is not described herein for brevity.
In another possible design, the authentication device 800 may be an AUSF in the above method embodiment, or may be a chip for implementing the functions of the AUSF in the above method embodiment.
In particular, the authentication apparatus 800 may correspond to the AUSF in the methods 200 to 500 according to the embodiments of the present application, and the authentication apparatus 800 may include means for performing the methods performed by the AUSF in the methods 200 to 500 in fig. 2 to 5. And, each unit in the authentication device 800 and the other operations and/or functions described above are respectively for implementing the respective flows of the method 200 in fig. 2, the method 300 in fig. 3, the method 400 in fig. 4, and the method 500 in fig. 5. It should be understood that the specific process of each unit performing the corresponding steps has been described in detail in the above method embodiments, and is not described herein for brevity.
In another possible design, the authentication device 800 may be a UDM in the above method embodiment, or may be a chip for implementing the functions of a UDM in the above method embodiment.
In particular, the authentication device 800 may correspond to the UDM in the methods 200 to 500 according to embodiments of the present application, and the authentication device 800 may include means for performing the methods performed by the UDM in the methods 200 to 500 in fig. 2 to 5. And, each unit in the authentication device 800 and the other operations and/or functions described above are respectively for implementing the respective flows of the method 200 in fig. 2, the method 300 in fig. 3, the method 400 in fig. 4, and the method 500 in fig. 5. It should be understood that the specific process of each unit performing the corresponding steps has been described in detail in the above method embodiments, and is not described herein for brevity.
It should be understood that the transceiving unit in the authentication apparatus 800 may correspond to the transceiver 920 in the authentication device 900 shown in fig. 7, and the processing unit 820 in the authentication apparatus 800 may correspond to the processor 910 in the authentication device 900 shown in fig. 7.
Fig. 7 is a schematic block diagram of an authentication device 900 provided by an embodiment of the present application. As shown, the authentication apparatus 900 includes: a processor 910 and a transceiver 920. The processor 910 is coupled to the memory for executing instructions stored in the memory to control the transceiver 920 to transmit signals and/or receive signals. Optionally, the authentication device 900 further comprises a memory 930 for storing instructions.
It should be appreciated that the processor 910 and the memory 930 may be combined into one processing device, and the processor 910 is configured to execute the program code stored in the memory 930 to implement the functions described above. In particular implementations, the memory 930 may also be integrated within the processor 910 or separate from the processor 910.
It should also be appreciated that transceiver 920 may include a receiver (or receiver) and a transmitter (or transmitter). The transceiver may further include antennas, the number of which may be one or more.
In one possible design, the authentication device 900 may be a terminal device in the above method embodiment, or may be a chip for implementing the functions of the terminal device in the above method embodiment.
In particular, the authentication device 900 may correspond to the terminal device in the methods 200 to 500 according to embodiments of the present application, and the authentication device 900 may include units for performing the methods performed by the terminal device in the methods 200 to 500 in fig. 2 to 5. And, each element in the authentication device 900 and the other operations and/or functions described above are respectively for implementing the respective flows of the method 200 in fig. 2, the method 300 in fig. 3, the method 400 in fig. 4, and the method 500 in fig. 5. It should be understood that the specific process of each unit performing the corresponding steps has been described in detail in the above method embodiments, and is not described herein for brevity.
In another possible design, the authentication device 900 may be an AMF in the above method embodiment, or a chip for implementing the functions of the AMF in the above method embodiment.
In particular, the authentication device 900 may correspond to the AMFs in the methods 200 to 500 according to an embodiment of the application, and the authentication device 900 may include units for performing the methods performed by the AMFs in the methods 200 to 500 in fig. 2 to 5. And, each element in the authentication device 900 and the other operations and/or functions described above are respectively for implementing the respective flows of the method 200 in fig. 2, the method 300 in fig. 3, the method 400 in fig. 4, and the method 500 in fig. 5. It should be understood that the specific process of each unit performing the corresponding steps has been described in detail in the above method embodiments, and is not described herein for brevity.
In another possible design, the authentication device 900 may be an AUSF in the above method embodiment, or may be a chip for implementing the functions of the AUSF in the above method embodiment.
In particular, the authentication device 900 may correspond to the AUSF in the methods 200 to 500 according to embodiments of the present application, and the authentication device 900 may include units for performing the methods performed by the AUSF in the methods 200 to 500 in fig. 2 to 5. And, each element in the authentication device 900 and the other operations and/or functions described above are respectively for implementing the respective flows of the method 200 in fig. 2, the method 300 in fig. 3, the method 400 in fig. 4, and the method 500 in fig. 5. It should be understood that the specific process of each unit performing the corresponding steps has been described in detail in the above method embodiments, and is not described herein for brevity.
In another possible design, the authentication device 900 may be a UDM in the above method embodiment, or a chip for implementing the functions of the UDM in the above method embodiment.
In particular, the authentication device 900 may correspond to the UDM in the methods 200 to 500 according to embodiments of the present application, and the authentication device 900 may include means for performing the methods performed by the UDM in the methods 200 to 500 in fig. 2 to 5. And, each element in the authentication device 900 and the other operations and/or functions described above are respectively for implementing the respective flows of the method 200 in fig. 2, the method 300 in fig. 3, the method 400 in fig. 4, and the method 500 in fig. 5. It should be understood that the specific process of each unit performing the corresponding steps has been described in detail in the above method embodiments, and is not described herein for brevity.
According to the method provided by the embodiment of the application, the application further provides a computer program product, which comprises: computer program code which, when run on a computer, causes the computer to perform the authentication method of any of the embodiments shown in fig. 2 to 5.
According to the method provided in the embodiments of the present application, there is further provided a computer readable medium storing a program code which, when run on a computer, causes the computer to perform the authentication method of any one of the embodiments shown in fig. 2 to 5.
According to the method provided by the embodiment of the application, the application further provides a system which comprises the user equipment, the AMF, the AUSF and the UDM.
In the above embodiments, it may be implemented in whole or in part by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When the computer instructions are loaded and executed on a computer, the processes or functions described in accordance with embodiments of the present application are produced in whole or in part. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. The computer instructions may be stored in a computer-readable storage medium or transmitted from one computer-readable storage medium to another computer-readable storage medium, for example, the computer instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center by a wired (e.g., coaxial cable, fiber optic, digital subscriber line (digital subscriber line, DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains an integration of one or more available media. The usable medium may be a magnetic medium (e.g., a floppy disk, a hard disk, a magnetic tape), an optical medium (e.g., a high-density digital video disc (digital video disc, DVD)), or a semiconductor medium (e.g., a Solid State Disk (SSD)), or the like.
Each network element in the above-mentioned respective device embodiments may correspond to each network element in the method embodiments completely, and respective steps are performed by respective modules or units, for example, the transceiver unit (transceiver) performs the steps of receiving or transmitting in the method embodiments, and other steps except for transmitting and receiving may be performed by the processing unit (processor). Reference may be made to corresponding method embodiments for the function of a specific unit. Wherein the processor may be one or more.
In the present application, "at least one" means one or more, and "a plurality" means two or more. "and/or", describes an association relationship of an association object, and indicates that there may be three relationships, for example, a and/or B, and may indicate: a alone, a and B together, and B alone, wherein A, B may be singular or plural. The character "/" generally indicates that the context-dependent object is an "or" relationship. "at least one of" or the like means any combination of these items, including any combination of single item(s) or plural items(s). For example, at least one (one) of a, b or c may represent: a, b, or c, or a and b, or a and c, or b and c, or a, b and c, wherein a, b or c can be single or multiple respectively.
It should be appreciated that reference throughout this specification to "one embodiment" or "an embodiment" means that a particular feature, structure or characteristic described in connection with the embodiment is included in at least one embodiment of the present application. Thus, the appearances of the phrases "in one embodiment" or "in an embodiment" in various places throughout this specification are not necessarily all referring to the same embodiment. Furthermore, the particular features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. It should be understood that, in various embodiments of the present application, the sequence numbers of the foregoing processes do not mean the order of execution, and the order of execution of the processes should be determined by the functions and internal logic of the processes, and should not constitute any limitation on the implementation process of the embodiments of the present invention.
As used in this specification, the terms "component," "module," "system," and the like are intended to refer to a computer-related entity, either hardware, firmware, a combination of hardware and software, or software in execution. For example, a component may be, but is not limited to being, a process running on a processor, an object, an executable, a thread of execution, a program, and/or a computer. By way of illustration, both an application running on a computing device and the computing device can be a component. One or more components may reside within a process and/or thread of execution and a component may be localized on one computer and/or distributed between 2 or more computers. Furthermore, these components can execute from various computer readable media having various data structures stored thereon. The components may communicate by way of local and/or remote processes such as in accordance with a signal having one or more data packets (e.g., data from two components interacting with one another in a local system, distributed system, and/or across a network such as the internet with other systems by way of the signal).
Those of ordinary skill in the art will appreciate that the various illustrative logical blocks (illustrative logical block) and steps (steps) described in connection with the embodiments disclosed herein can be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the above-described systems, apparatuses and units may refer to corresponding procedures in the foregoing method embodiments, and are not repeated herein.
In the several embodiments provided in this application, it should be understood that the disclosed systems, devices, and methods may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in each embodiment of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
In the above-described embodiments, the functions of the respective functional units may be implemented in whole or in part by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions (programs). When the computer program instructions (program) are loaded and executed on a computer, the processes or functions described in accordance with the embodiments of the present application are fully or partially produced. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. The computer instructions may be stored in or transmitted from one computer-readable storage medium to another, for example, by wired (e.g., coaxial cable, optical fiber, digital Subscriber Line (DSL)), or wireless (e.g., infrared, wireless, microwave, etc.). The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains an integration of one or more available media. The usable medium may be a magnetic medium (e.g., a floppy disk, a hard disk, a magnetic tape), an optical medium (e.g., a DVD), or a semiconductor medium (e.g., a Solid State Disk (SSD)), or the like.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a read-only memory (ROM), a random access memory (random access memory, RAM), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The foregoing is merely specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily think about changes or substitutions within the technical scope of the present application, and the changes and substitutions are intended to be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (24)

1. An authentication method, comprising:
the access and mobile management functional entity sends an authentication request message to the terminal equipment;
the access and mobile management functional entity receives an authentication failure message from the terminal equipment, wherein the authentication failure message comprises failure encryption information and encryption indication information, the failure encryption information is a cause value corresponding to an encrypted authentication failure type, and the encryption indication information is used for indicating that the authentication failure message carries the failure encryption information;
if the authentication failure message is determined to comprise the encryption indication information, the access and mobile management function entity sends the failure encryption information to a unified data management entity or an authentication server function entity; if the authentication failure type is synchronization failure, the failure encryption information is obtained by encrypting the reason value corresponding to the synchronization failure and the local serial number information of the terminal equipment; or if the authentication failure type is message authentication code failure, the failure encryption information is obtained by encrypting the reason value corresponding to the message authentication code failure;
the failure encryption information is obtained by encrypting the reason value corresponding to the synchronization failure and the local serial number information of the terminal equipment, and comprises the following steps:
Performing serial operation on the cause value corresponding to the synchronization failure and the local serial number information of the terminal equipment to obtain a first intermediate value; and carrying out encryption operation on the first intermediate value to obtain the failed encryption information.
2. The method of claim 1, wherein the local sequence number information of the terminal device includes a local sequence number of the terminal device or a parameter generated by processing the local sequence number of the terminal device.
3. The method according to claim 1, wherein the failed encryption information is obtained by encrypting a cause value corresponding to the failure of the message authentication code, and the method comprises:
performing serial operation on the cause value corresponding to the failure of the message authentication code and binary numbers of N bits to obtain a second intermediate value; and carrying out encryption operation on the second intermediate value to obtain the failure encryption information, wherein N is an integer greater than or equal to 1.
4. A method according to any one of claims 1 to 3, characterized in that the length of the failed encryption information is the same for different authentication failure types.
5. A method according to any of claims 1-3, characterized in that the access and mobility management function entity decrypts the failed encrypted information.
6. The method as recited in claim 5, wherein the method further comprises: the access and mobile management functional entity generates a shared secret key;
the access and mobile management function entity decrypts the failed encrypted information, and comprises the following steps: and the access and mobile management functional entity uses the shared secret key to decrypt the failure encryption information.
7. The method of claim 6, wherein the authentication failure message further comprises a first authentication code;
the method further comprises the steps of: receiving a second authentication code from the authentication server function entity; and matching the first authentication code with the second authentication code, and determining the authentication failure type according to a matching result, wherein the authentication failure type is message verification code failure or synchronization failure.
8. A method of authentication, the method comprising:
the authentication server functional entity receives failure encryption information from the access and mobile management functional entity, wherein the failure encryption information is a reason value corresponding to an encrypted authentication failure type;
the authentication server functional entity decrypts the failed encryption information;
If the authentication failure type is synchronous failure, the failure encryption information is obtained by encrypting the reason value corresponding to the synchronous failure and the local serial number information of the terminal equipment; or if the authentication failure type is message authentication code failure, the failure encryption information is obtained by encrypting the reason value corresponding to the message authentication code failure;
the failure encryption information is obtained by encrypting the reason value corresponding to the synchronization failure and the local serial number information of the terminal equipment, and comprises the following steps:
performing serial operation on the cause value corresponding to the synchronization failure and the local serial number information of the terminal equipment to obtain a first intermediate value; and carrying out encryption operation on the first intermediate value to obtain the failed encryption information.
9. The method of claim 8, wherein the local sequence number information of the terminal device includes a local sequence number of the terminal device or a parameter generated by processing the local sequence number of the terminal device.
10. The method according to claim 8, wherein the failed encryption information is obtained by encrypting a cause value corresponding to the failure of the message authentication code, and includes:
Performing serial operation on the cause value corresponding to the failure of the message authentication code and binary numbers of N bits to obtain a second intermediate value; and carrying out encryption operation on the second intermediate value to obtain the failure encryption information, wherein N is an integer greater than or equal to 1.
11. The method according to any of claims 8 to 10, wherein the length of the failed encryption information is the same for different authentication failure types.
12. The method of claim 11, wherein the method further comprises: the authentication server functional entity sends the failure encryption information to a unified data management entity.
13. The method according to claim 12, wherein the method further comprises: the authentication server functional entity generates a shared secret key;
the authentication server functional entity decrypts the failed encrypted information, and comprises the following steps: and the authentication server functional entity uses the shared secret key to decrypt the failure encryption information.
14. The method of claim 13, wherein the method further comprises: the authentication server functional entity generates a second authentication code, wherein the second authentication code is used for verifying the authentication failure type; the authentication server function entity sends the second authentication code to the access and mobility management function entity.
15. A method of authentication, the method comprising:
the unified data management entity receives failure encryption information from an authentication server functional entity, wherein the failure encryption information is a reason value corresponding to an encrypted authentication failure type;
the unified data management entity decrypts the failed encryption information;
if the authentication failure type is synchronous failure, the failure encryption information is obtained by encrypting the reason value corresponding to the synchronous failure and the local serial number information of the terminal equipment; or if the authentication failure type is message authentication code failure, the failure encryption information is obtained by encrypting the reason value corresponding to the message authentication code failure;
the failure encryption information is obtained by encrypting the reason value corresponding to the synchronization failure and the local serial number information of the terminal equipment, and comprises the following steps:
performing serial operation on the cause value corresponding to the synchronization failure and the local serial number information of the terminal equipment to obtain a first intermediate value; and carrying out encryption operation on the first intermediate value to obtain the failed encryption information.
16. The method of claim 15, wherein the local sequence number information of the terminal device includes a local sequence number of the terminal device or a parameter generated by processing the local sequence number of the terminal device.
17. The method of claim 15, wherein the failed encryption information is obtained by encrypting a cause value corresponding to a failure of the message authentication code, and comprises:
performing serial operation on the cause value corresponding to the failure of the message authentication code and binary numbers of N bits to obtain a second intermediate value; and carrying out encryption operation on the second intermediate value to obtain the failure encryption information, wherein N is an integer greater than or equal to 1.
18. The method according to any of claims 15 to 17, wherein the length of the failed encryption information is the same for different authentication failure types.
19. The method of claim 18, wherein the method further comprises: the unified data management entity generates a sharing secret key;
the unified data management entity decrypts the failed encrypted information, including: and decrypting the failure encryption information by using the shared secret key.
20. The method of claim 19, wherein the method further comprises: the unified data management entity generates a second authentication code, wherein the second authentication code is used for verifying the authentication failure type; the unified data management entity sends the second authentication code to an access and mobility management function entity.
21. A communication device comprising a processor and a memory; the memory is configured to store computer readable instructions and the processor is configured to execute the computer readable instructions stored by the memory to cause the apparatus to perform the method of any one of claims 1 to 7.
22. A communication device comprising a processor and a memory; the memory is configured to store computer readable instructions and the processor is configured to execute the computer readable instructions stored by the memory to cause the apparatus to perform the method of any one of claims 8 to 14.
23. A communication device comprising a processor and a memory; the memory is configured to store computer readable instructions and the processor is configured to execute the computer readable instructions stored by the memory to cause the apparatus to perform the method of any one of claims 15 to 20.
24. A computer readable storage medium, characterized in that the storage medium has stored therein a computer readable program or instructions which, when executed by a communication device, implements the method of any one of claims 1 to 7, or implements the method of any one of claims 8 to 14, or implements the method of any one of claims 15 to 20.
CN202111426465.XA 2019-01-18 2019-01-18 Authentication method, device and system Active CN114245372B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111426465.XA CN114245372B (en) 2019-01-18 2019-01-18 Authentication method, device and system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202111426465.XA CN114245372B (en) 2019-01-18 2019-01-18 Authentication method, device and system
CN201910049182.4A CN111465007B (en) 2019-01-18 2019-01-18 Authentication method, device and system

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
CN201910049182.4A Division CN111465007B (en) 2019-01-18 2019-01-18 Authentication method, device and system

Publications (2)

Publication Number Publication Date
CN114245372A CN114245372A (en) 2022-03-25
CN114245372B true CN114245372B (en) 2024-03-15

Family

ID=71613705

Family Applications (2)

Application Number Title Priority Date Filing Date
CN201910049182.4A Active CN111465007B (en) 2019-01-18 2019-01-18 Authentication method, device and system
CN202111426465.XA Active CN114245372B (en) 2019-01-18 2019-01-18 Authentication method, device and system

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN201910049182.4A Active CN111465007B (en) 2019-01-18 2019-01-18 Authentication method, device and system

Country Status (2)

Country Link
CN (2) CN111465007B (en)
WO (1) WO2020147602A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113596824A (en) * 2021-07-30 2021-11-02 深圳供电局有限公司 Encryption method for authentication failure plaintext information in 5G security protocol

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20160046655A (en) * 2014-10-21 2016-04-29 주식회사 케이티 Apparatus and method for user authentication using subscriber identification module
CN108809903A (en) * 2017-05-02 2018-11-13 中国移动通信有限公司研究院 A kind of authentication method, apparatus and system

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
BRPI0621127A2 (en) * 2005-12-22 2011-11-29 Interdigital Tech Corp Data security method and apparatus and implementation of automatic repetition requirement in wireless communication system
CN101686233B (en) * 2008-09-24 2013-04-03 电信科学技术研究院 Method, system and device for processing mismatching of user equipment (UE) and network security algorithm
US9544770B2 (en) * 2010-12-01 2017-01-10 Microsoft Technology Licensing, Llc User authentication in a mobile environment
US20120202512A1 (en) * 2011-02-04 2012-08-09 Richard Neil Braithwaite Data throughput for cell-edge users in a lte network using alternative power control for up-link harq relays
US9646292B2 (en) * 2011-08-24 2017-05-09 Follett Corporation Method and system for distributing digital media content
CN103297401A (en) * 2012-03-01 2013-09-11 腾讯科技(深圳)有限公司 Error code returning method and device
WO2013176502A1 (en) * 2012-05-24 2013-11-28 주식회사 케이티 Method for providing mobile communication provider information and device for performing same
US8971851B2 (en) * 2012-06-28 2015-03-03 Certicom Corp. Key agreement for wireless communication
CN107113610A (en) * 2014-12-02 2017-08-29 华为技术有限公司 Method for authenticating, relevant apparatus and system in a kind of cordless communication network
US9800578B2 (en) * 2015-10-27 2017-10-24 Blackberry Limited Handling authentication failures in wireless communication systems
CN113923659B (en) * 2016-09-12 2024-02-23 中兴通讯股份有限公司 Network access authentication method and device
CN106851410B (en) * 2016-12-09 2019-07-23 深圳市纽格力科技有限公司 A kind of set-top box failure restorative procedure and system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20160046655A (en) * 2014-10-21 2016-04-29 주식회사 케이티 Apparatus and method for user authentication using subscriber identification module
CN108809903A (en) * 2017-05-02 2018-11-13 中国移动通信有限公司研究院 A kind of authentication method, apparatus and system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
Network Slice access Subscription Management by a third party – message flow P-CR;Nokia;SA WG2 Meeting #122bis S2-175694;第1-12页 *

Also Published As

Publication number Publication date
CN114245372A (en) 2022-03-25
CN111465007B (en) 2022-10-11
CN111465007A (en) 2020-07-28
WO2020147602A1 (en) 2020-07-23

Similar Documents

Publication Publication Date Title
US20210135878A1 (en) Authentication Mechanism for 5G Technologies
CN110830991B (en) Secure session method and device
US9240881B2 (en) Secure communications for computing devices utilizing proximity services
US10887295B2 (en) System and method for massive IoT group authentication
US20160127897A1 (en) User-plane security for next generation cellular networks
US10833876B2 (en) Protection of the UE identity during 802.1x carrier hotspot and Wi-Fi calling authentication
US10057766B2 (en) Methods and systems for authentication interoperability
US11082843B2 (en) Communication method and communications apparatus
WO2020248624A1 (en) Communication method, network device, user equipment and access network device
EP4262257A1 (en) Secure communication method and device
CN114245372B (en) Authentication method, device and system
US11553561B2 (en) Protection of the UE identity during 802.1x carrier hotspot and wi-fi calling authentication
US20220159457A1 (en) Providing ue capability information to an authentication server
Fidelis et al. ENHANCED ADAPTIVE SECURITY PROTOCOL IN LTE AKA
EP4104383A1 (en) Processing module for authenticating a communication device in a 3g capable network
Edo Scientific Analysis and Feasibility Study of Vulnerabilities in Mobile Cellular Networks
Ülküderner Wireless network security

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant