CN116114280A - 密钥管理方法及通信装置 - Google Patents

密钥管理方法及通信装置 Download PDF

Info

Publication number
CN116114280A
CN116114280A CN202080104207.7A CN202080104207A CN116114280A CN 116114280 A CN116114280 A CN 116114280A CN 202080104207 A CN202080104207 A CN 202080104207A CN 116114280 A CN116114280 A CN 116114280A
Authority
CN
China
Prior art keywords
key
network element
target
user plane
multicast
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202080104207.7A
Other languages
English (en)
Other versions
CN116114280A8 (zh
Inventor
郭龙华
李�赫
吴�荣
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Publication of CN116114280A publication Critical patent/CN116114280A/zh
Publication of CN116114280A8 publication Critical patent/CN116114280A8/zh
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • H04L9/0833Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • H04L63/205Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0433Key management protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/06Selective distribution of broadcast services, e.g. multimedia broadcast multicast service [MBMS]; Services to user groups; One-way selective calling services

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

本申请实施例提供了密钥管理方法及通信装置,涉及通信技术领域,能够使得多播业务数据安全传输,防止非授权的终端设备获取到多播业务数据。该方法包括:终端设备获取目标密钥,其中,目标密钥包括以下密钥中的至少一个:目标多媒体广播多播业务业务密钥MSK,目标MSK对应的第一子密钥,或目标MSK对应的第二子密钥,第一子密钥用于机密性保护计算,第二子密钥用于完整性保护计算。终端设备接收来自多播用户面处理网元的目标数据,其中,目标数据是经过安全保护后的数据。然后,终端设备采用目标密钥对目标数据进行处理。

Description

PCT国内申请,说明书已公开。

Claims (42)

  1. PCT国内申请,权利要求书已公开。
CN202080104207.7A 2020-08-06 2020-08-06 密钥管理方法及通信装置 Pending CN116114280A (zh)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2020/107498 WO2022027476A1 (zh) 2020-08-06 2020-08-06 密钥管理方法及通信装置

Publications (2)

Publication Number Publication Date
CN116114280A true CN116114280A (zh) 2023-05-12
CN116114280A8 CN116114280A8 (zh) 2023-09-01

Family

ID=80119831

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202080104207.7A Pending CN116114280A (zh) 2020-08-06 2020-08-06 密钥管理方法及通信装置

Country Status (5)

Country Link
US (1) US20230179400A1 (zh)
EP (1) EP4184860A4 (zh)
CN (1) CN116114280A (zh)
CA (1) CA3190801A1 (zh)
WO (1) WO2022027476A1 (zh)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP4238325A4 (en) * 2020-10-29 2024-07-31 Apple Inc MBS KEY DISTRIBUTION AND TRAFFIC PROTECTION
CN117062053A (zh) * 2022-05-06 2023-11-14 华为技术有限公司 通信方法和装置

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2423221A (en) * 2005-02-14 2006-08-16 Ericsson Telefon Ab L M Key delivery method involving double acknowledgement
CN101582730B (zh) * 2008-05-15 2011-06-01 华为技术有限公司 提供mbms服务的方法、系统、相应装置及通信终端
US9467285B2 (en) * 2010-09-07 2016-10-11 Nokia Technologies Oy Security of a multimedia stream
CN102761830A (zh) * 2011-04-27 2012-10-31 华为终端有限公司 多播密钥更新、发送方法、接入点设备、终端设备和系统
IN2014DN09106A (zh) * 2012-05-03 2015-05-22 Ericsson Telefon Ab L M
CN104348627B (zh) * 2014-10-31 2019-02-01 上海华为技术有限公司 密钥下发方法、对ue进行授权检查的方法及相关设备

Also Published As

Publication number Publication date
CA3190801A1 (en) 2022-02-10
WO2022027476A1 (zh) 2022-02-10
CN116114280A8 (zh) 2023-09-01
EP4184860A1 (en) 2023-05-24
US20230179400A1 (en) 2023-06-08
EP4184860A4 (en) 2023-09-06

Similar Documents

Publication Publication Date Title
CN110830991B (zh) 安全会话方法和装置
CN107079023B (zh) 用于下一代蜂窝网络的用户面安全
CN108781366B (zh) 用于5g技术的认证机制
CN107018676B (zh) 用户设备与演进分组核心之间的相互认证
US8295488B2 (en) Exchange of key material
EP3691316B1 (en) Parameter protection method, device and system
US11109206B2 (en) Security method and system for supporting discovery and communication between proximity based service terminals in mobile communication system environment
JP2018526869A (ja) 暗号化されたクライアントデバイスコンテキストを用いたネットワークアーキテクチャおよびセキュリティ
WO2016073229A1 (en) Apparatuses and methods for wireless communication
CN112087724A (zh) 一种通信方法、网络设备、用户设备和接入网设备
US20230179400A1 (en) Key management method and communication apparatus
EP4295531A1 (en) A method for operating a cellular network
US20190058996A1 (en) Methods and apparatus for performing access and/or forwarding control in wireless networks such as wlans
EP4327505A2 (en) Methods and apparatus for provisioning, authentication, authorization, and user equipment (ue) key generation and distribution in an on-demand network
US10560843B2 (en) Method and system for supporting security and information for proximity based service in mobile communication system environment
CN105592433A (zh) 设备到设备限制发现业务广播、监听方法、装置及系统
CN115412909A (zh) 一种通信方法及装置
WO2015064475A1 (ja) 通信制御方法、認証サーバ及びユーザ端末
CN116830533A (zh) 用于分发多播加密密钥的方法和设备
CN116918300A (zh) 用于操作蜂窝网络的方法
CN118830225A (zh) 生成密钥的方法及装置

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CI02 Correction of invention patent application

Correction item: PCT international application to national stage day

Correct: 2023.02.06

False: 2023.02.03

Number: 19-02

Page: The title page

Volume: 39

Correction item: PCT international application to national stage day

Correct: 2023.02.06

False: 2023.02.03

Number: 19-02

Volume: 39

CI02 Correction of invention patent application