CN116264687A - Method and device for transmitting message signature - Google Patents
Method and device for transmitting message signature Download PDFInfo
- Publication number
- CN116264687A CN116264687A CN202111520755.0A CN202111520755A CN116264687A CN 116264687 A CN116264687 A CN 116264687A CN 202111520755 A CN202111520755 A CN 202111520755A CN 116264687 A CN116264687 A CN 116264687A
- Authority
- CN
- China
- Prior art keywords
- signal
- information
- message
- superimposed
- transmitting
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 127
- 230000005540 biological transmission Effects 0.000 claims abstract description 72
- 230000008569 process Effects 0.000 claims abstract description 10
- 238000012545 processing Methods 0.000 claims description 39
- 101100274486 Mus musculus Cited2 gene Proteins 0.000 claims description 9
- 101150096622 Smr2 gene Proteins 0.000 claims description 9
- 238000004590 computer program Methods 0.000 claims description 5
- 238000012795 verification Methods 0.000 description 14
- 230000008521 reorganization Effects 0.000 description 13
- 238000010586 diagram Methods 0.000 description 12
- 238000004891 communication Methods 0.000 description 10
- 230000011664 signaling Effects 0.000 description 6
- 230000006870 function Effects 0.000 description 5
- 238000005259 measurement Methods 0.000 description 4
- 230000002265 prevention Effects 0.000 description 4
- 101150096310 SIB1 gene Proteins 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000013461 design Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000010363 phase shift Effects 0.000 description 3
- 230000000977 initiatory effect Effects 0.000 description 2
- 238000010295 mobile communication Methods 0.000 description 2
- 230000006798 recombination Effects 0.000 description 2
- 238000005215 recombination Methods 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 101100533725 Mus musculus Smr3a gene Proteins 0.000 description 1
- 238000004422 calculation algorithm Methods 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 230000001934 delay Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 239000011159 matrix material Substances 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/40—Security arrangements using identity modules
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W74/00—Wireless channel access, e.g. scheduled or random access
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W74/00—Wireless channel access, e.g. scheduled or random access
- H04W74/002—Transmission of channel access control information
- H04W74/008—Transmission of channel access control information with additional processing of random access related information at receiving side
Abstract
The application provides a method and a device for transmitting message signatures, wherein the method for transmitting message signatures comprises the following steps: generating second information based on the first information, the anti-replay information and the first key, wherein the first information is a random access process message or a system broadcast message, and the second information is used for checking the validity of the first information; the first information and the anti-replay information are combined and then encoded and modulated to obtain a first signal, and the second information is modulated to obtain a second signal; superposing the first signal and the second signal to generate a first superposition signal; the first superimposed signal is transmitted. In the method, the first information to be sent and the second information used for checking the first information are transmitted through the same time-frequency resource, so that extra bandwidth is not required to be occupied, and the overhead required by message signature transmission can be reduced.
Description
Technical Field
The present application relates to the field of communications, and more particularly, to a method and apparatus for transmitting a message signature.
Background
In the existing wireless communication technology, because the terminal equipment needs to obtain some basic information of the base station in the initial network access state. The base station will broadcast a system message to the terminal device within a defined period. And the terminal equipment receives the system message sent by the base station and obtains the basic information of the base station. Then, the terminal equipment initiates a random access process, the terminal equipment sends an uplink message 1 (Msg 1) to the base station, and after the base station receives and detects the Msg1, the base station responds and sends a downlink message 2 (Msg 2) according to the Msg 1. After the terminal equipment successfully decodes the Msg2, the terminal equipment sends an uplink message 3 (Msg 3) to the base station, and the uplink message carries the identity of the terminal equipment. After the base station successfully receives the decoded uplink message Msg3, the base station responds and issues a downlink message 4 (Msg 4) according to the Msg3 message. After the terminal equipment successfully receives the decoding Msg4, the terminal equipment needs to feed back an acknowledgement of the Msg4 ACK to the base station, so that the process of accessing the base station is completed.
However, in the initial state, the base station does not know when the terminal device is accessed, and before the terminal device and the base station are connected, a security context cannot be established between the terminal device and the base station, so that the system message sent by the base station cannot be encrypted and protected. Thus, the system message is easily stolen and counterfeited by the pseudo base station. The pseudo base station thereby adsorbs the terminal equipment to deceive the terminal equipment and steal the private information. The random access process does not have any safety treatment, is easy to be imitated and eavesdropped by the fake terminal equipment and the fake base station, and jeopardizes the normal service requirements of the legal base station and the terminal equipment.
Disclosure of Invention
The application provides a method and a device for transmitting message signature, which not only can prevent counterfeiting and replay attack of a pseudo base station or a pseudo terminal, but also can further reduce resource overhead required by transmitting message signature.
In a first aspect, a method for transmitting a message signature is provided, where the method is performed by a sender, specifically, may be performed by a network device, may be performed by a terminal device, or may be performed by a chip or a circuit for the network device or the terminal device, which is not limited in this application.
The method may include: generating second information based on the first information, the anti-replay information and the first key, wherein the first information is a random access procedure message or a system broadcast message, and the second information is used for checking the validity of the first information; the first information and the anti-replay information are combined and then encoded and modulated to obtain a first signal, and the second information is modulated to obtain a second signal; superposing the first signal and the second signal to generate a first superposition signal; the first superimposed signal is transmitted.
Specifically, the modulation of the second information may be direct modulation or may also be coded modulation, which is not limited in the embodiment of the present application.
For example, if the transmitting end is a network device, the first information may be a system broadcast message such as SIB, MIB or Paging; alternatively, in the random access phase, the first information may be signaling such as Msg2 or Msg 4. If the transmitting end is a terminal device, the first information may be signaling such as Msg 3.
The first key is a private key, the first key and the second key of the receiving end may be a public-private key pair, and the sending end may obtain the private key from a key center. Alternatively, the first key may be a shared key.
Illustratively, the anti-replay information may be in different forms of a random number, a serial number, a time stamp, an underlying physical characteristic parameter, etc., which are not particularly limited in the embodiments of the present application.
It will be appreciated that the anti-replay information may remain unchanged during the same scheduling period when the broadcast message is transmitted, i.e. the anti-replay information may be the same during adjacent transmission periods of the same scheduling period, but the anti-replay information may be different during different scheduling periods.
It should be understood that the transmitting end has acquired the first key from the third party key center before generating the second information based on the first information and the first key, and the receiving end also acquires the second key paired with the first key from the third party key center.
In the above technical solution, under the condition of presetting a symmetric key or having a private key distributed by a key center, the private key is used to sign the first information to be protected, so as to generate second information for the receiving end to check the validity of the first information. Because the private key cannot be obtained by the attacker such as the pseudo terminal equipment, the pseudo network equipment and the like, the attacker such as the pseudo network equipment or the pseudo terminal equipment and the like can be prevented from attacking, and the security in the message transmission process can be improved. And the replay prevention information among different scheduling periods is different, so that an attacker cannot pass the verification of the receiving end even if the superimposed signal is forwarded in a subsequent event by setting the replay prevention information, and the safety of message transmission can be improved. In addition, the first information and the second information to be protected can be sent in the same time-frequency resource by modulating, coding and superposing the first information and the second information, so that extra bandwidth is not required to be occupied, and the cost required by transmission can be reduced.
With reference to the first aspect, in certain implementations of the first aspect, the method further includes: the first information is one of a system information block SIB, a master information block MIB, a Paging message Paging, a random access procedure message Msg2, msg3 or Msg 4.
With reference to the first aspect, in certain implementations of the first aspect, the method further includes: the first signal and the second signal are superimposed based on a power division factor to generate the first superimposed signal.
With reference to the first aspect, in certain implementations of the first aspect, the method further includes: the superimposed signal is determined according to the following formula:
Y=α*S 1 ±β*V 1
wherein Y is the superimposed signal, S 1 For the first signal, V 1 For the second signal, α is the power division factor of the first signal, and β is the power division factor of the second signal.
In some possible implementations, the power allocation factors α and β may be optimized according to interference noise measurements of the network device or the frequency band utilization within the broadcast message scheduling period. In some possible implementations, the power allocation factors α and β may be optimized according to the frequency band utilization rate in the random access procedure or measurement information (such as the following signal to noise ratio) at the terminal side, and may be further optimized based on other information, which is not specifically limited in the embodiments of the present application.
With reference to the first aspect, in certain implementations of the first aspect, the method further includes: transmitting the first superimposed signal in a first transmission period; and transmitting a second superposition signal in a second transmission period, wherein the second transmission period is an adjacent period of the first transmission period, and performing symbol inversion on the power distribution factors in the first signal and the second signal in the second superposition signal.
It should be noted that, if the first information is a system broadcast message, the first transmission period and the second transmission period belong to the same scheduling period, that is, the playback preventing information in the first superimposed signal and the second superimposed signal is the same; if the first information is the random access procedure message Msg3, the first transmission period and the second transmission period are two adjacent transmission periods within a first time interval, where anti-replay information in the first superimposed signal and the second superimposed signal are also the same, and further, the first time interval may be a time interval agreed by the receiving end and the transmitting end, or may also be a preset time interval.
With reference to the first aspect, in certain implementations of the first aspect, the method further includes: the second superimposed signal is determined according to the following formula:
wherein Y is 2 Is the second superimposed signal.
In the above technical solution, demodulation enhancement of the superimposed signal can be achieved by performing symbol inversion on the superimposed signal carrying the same first information transmitted in two adjacent transmission periods.
With reference to the first aspect, in certain implementations of the first aspect, 0 < β < α < P, α 2 +β 2 =P 2 ,P 2 ≥1,P 2 Capable of being allocated for one subcarrier Maximum power reached.
With reference to the first aspect, in certain implementations of the first aspect, the power allocation factor is kept fixed and is an optimal value during the same scheduling period.
In a second aspect, a method for transmitting a message signature is provided, which is performed by a receiving end, in particular, by a network device, by a terminal device, or by a chip or a circuit for a network device or a terminal device, which is not limited in this application.
The method may include: receiving a first superimposed signal; demodulating and decoding the first superimposed signal to determine recombined information, wherein the recombined information is formed by combining first information and anti-replay information, and performing code modulation on the recombined information to determine a first signal; determining second information from the first superimposed signal and the first signal; and verifying the validity of the first information based on the second key and the second information.
Specifically, a second signal is determined through differential processing according to the first superposition signal and the first signal, and then the second information is determined through demodulation and decoding of the second signal.
In some possible implementations, if the validity of the first information is checked, the receiving end may send a corresponding message according to the content of the first information.
In some possible implementations, if the validity of the first information is not checked, the receiving end may store the first information and/or the first superimposed signal for joint checking in combination with the second superimposed signal received in the first time interval.
In the above technical solution, since the first information and the second information for checking the first information are transmitted in the same time-frequency resource, no extra bandwidth is required to be occupied, and the overhead required for transmission can be reduced.
With reference to the second aspect, in certain implementations of the second aspect, the method further includes: receiving a second superimposed signal; the first signal and the second information are determined from the second superimposed signal and the first superimposed signal.
The second superimposed signal and the first superimposed signal are transmitted in two adjacent transmission periods. The first superimposed signal is transmitted in a first transmission period and the second superimposed signal is transmitted in a second transmission period. The first transmission period and the second transmission period are two adjacent transmission periods in the same scheduling period; or two adjacent transmission periods in the first time interval in the transmission process of the random access procedure message Msg 3. If the demodulation of the receiving end fails in the first transmission period, the receiving end can demodulate the second superimposed signal received in the second transmission period in combination with the first superimposed signal, so that the demodulation success rate of the superimposed signal is improved.
In a third aspect, an apparatus for transmitting a message signature is provided, the apparatus may comprise: a processing unit configured to generate second information based on the first information, the anti-replay information, and the first key, the first information being a random access procedure message or a system broadcast message, the second information being used to check validity of the first information; the first information and the anti-replay information are combined and then encoded to obtain a first signal, and the second information is modulated to obtain a second signal; the processing unit is also used for generating a first superposition signal by superposing the first signal and the second signal; and the receiving and transmitting unit is used for transmitting the first superposition signal.
With reference to the third aspect, in some implementations of the third aspect, the first information is one of a system information block SIB, a master information block MIB, a Paging message Paging, a random access procedure message Msg2, msg3, or Msg 4.
With reference to the third aspect, in certain implementations of the third aspect, the processing unit is further configured to: the first signal and the second signal are superimposed based on a power division factor to generate the first superimposed signal.
With reference to the third aspect, in certain implementations of the third aspect, the processing unit determines the first superimposed signal according to the following formula:
Y=α*S 1 ±β*V 1
Wherein Y is the first superpositionSignal, S 1 For the first signal, V 1 For the second signal, α is the power division factor of the first signal, and β is the power division factor of the second signal.
With reference to the third aspect, in certain implementations of the third aspect, the transceiver unit is further configured to: transmitting the first superimposed signal in a first transmission period; and transmitting a second superposition signal in a second transmission period, wherein the second transmission period is an adjacent period of the first transmission period, and performing symbol inversion on the power distribution factors in the first signal and the second signal in the second superposition signal.
With reference to the third aspect, in certain implementations of the third aspect, the processing unit determines the second superimposed signal according to the following formula:
wherein Y is 2 Is the second superimposed signal.
With reference to the third aspect, in certain implementations of the third aspect, 0 < β < α < P, α 2 +β 2 =P 2 ,P 2 >1,P 2 Maximum power that can be allocated for one subcarrier.
With reference to the third aspect, in some implementations of the third aspect, the power allocation factor is kept fixed and is an optimal value during the same scheduling period.
In a fourth aspect, an apparatus for transmitting a message signature is provided, the apparatus may comprise: a transceiver unit for receiving the superimposed signal; the processing unit is used for demodulating and decoding the superimposed signal to determine first information, and modulating and encoding the first information to determine a first signal; determining second information from the superimposed signal and the first signal; and verifying the validity of the first information based on the second key and the second information.
With reference to the fourth aspect, in some implementations of the fourth aspect, the transceiver unit is further configured to: receiving a second superimposed signal; the processing unit is further configured to determine the first signal and the second signal based on the second superimposed signal and the superimposed signal.
In a fifth aspect, an apparatus for transmitting a message signature is provided, the apparatus may comprise: a memory for storing a program; a processor for executing a memory-stored program, which when executed is adapted to carry out the method of any one of the possible implementations of the first to second aspects described above.
In a sixth aspect, a system for transmitting a message signature is provided, the system comprising means for transmitting a message signature as in any of the possible implementations of the third aspect or the third aspect, and means for transmitting a message signature as in any of the possible implementations of the fourth aspect or the fourth aspect.
In a seventh aspect, there is provided a computer program product comprising: computer program code which, when run on a computer, causes the computer to perform the method of any one of the first to second aspects described above as possible.
In an eighth aspect, there is provided a computer readable medium storing program code which, when run on a computer, causes the computer to perform the first and second aspects and any one of the methods of the first and second aspects. These computer-readable stores include, but are not limited to, one or more of the following: read-only memory (ROM), programmable ROM (PROM), erasable PROM (EPROM), flash memory, electrically EPROM (EEPROM), and hard disk drive (hard drive).
In a ninth aspect, a chip is provided, the chip comprising a processor and a data interface, wherein the processor reads instructions stored on a memory via the data interface to perform the method of the first aspect or any one of the possible implementations of the first aspect. In a specific implementation, the chip may be implemented in the form of a central processing unit (central processing unit, CPU), microcontroller (micro controller unit, MCU), microprocessor (micro processing unit, MPU), digital signal processor (digital signal processing, DSP), system on chip (SoC), application-specific integrated circuit (ASIC), field programmable gate array (field programmable gate array, FPGA) or programmable logic device (programmable logic device, PLD).
Drawings
Fig. 1 is an application scenario schematic diagram of a method for transmitting a message signature provided in the present application; .
FIG. 2 is a schematic diagram of an identity-based signature system framework provided herein;
fig. 3 is a schematic diagram of a QPSK signal constellation provided in the present application;
FIG. 4 is a schematic flow chart of a method of identity-based key generation provided herein;
FIG. 5 is a schematic flow chart diagram of a method of transmitting a message signature provided herein;
FIG. 6 is a schematic flow chart diagram of a method of transmitting a message signature provided herein;
FIG. 7 is a schematic flow chart diagram of a method of transmitting a message signature provided herein;
FIG. 8 is a schematic flow chart diagram of a method of transmitting a message signature provided herein;
FIG. 9 is a schematic diagram of an apparatus for transmitting a message signature provided herein;
fig. 10 is a schematic diagram of an apparatus for transmitting a message signature provided herein.
Detailed Description
The technical solutions in the present application will be described below with reference to the accompanying drawings.
The terminal device in the embodiments of the present application may refer to a user device, an access terminal, a subscriber unit, a subscriber station, a mobile station, a remote terminal, a mobile device, a user terminal, a wireless communication device, a user agent, or a user apparatus. The terminal device may also be a cellular telephone, a cordless telephone, a session initiation protocol (session initiation protocol, SIP) phone, a wireless local loop (wireless local loop, WLL) station, a personal digital assistant (personal digital assistant, PDA), a handheld device with wireless communication capabilities, a computing device or other processing device connected to a wireless modem, a vehicle-mounted device, a wearable device, a terminal device in a future 5G network or a terminal device in a future evolved public land mobile network (public land mobile network, PLMN), etc., as the embodiments of the application are not limited in this respect.
The network device in the embodiment of the present application may be a device for communicating with a terminal device, where the network device may be a base station (base transceiver station, BTS) in a global system for mobile communications (global system of mobile communication, GSM) or code division multiple access (code division multiple access, CDMA), a base station (NodeB, NB) in a wideband code division multiple access (wideband code division multiple access, WCDMA) system, an evolved base station (eNB or eNodeB) in an LTE system, a wireless controller in a cloud wireless access network (cloud radio access network, CRAN) scenario, or the network device may be a relay station, an access point, a vehicle-mounted device, a wearable device, a network device in a future 5G network, or a network device in a future evolved PLMN network, etc., which is not limited in this application.
Fig. 1 is a schematic diagram of an application scenario of a method for transmitting a message signature according to an embodiment of the present application. With the rapid popularity of wireless devices, the need for network device authentication has also grown dramatically. As shown in (a) and (b) of fig. 1, the pseudo network device may impersonate a system broadcast message of a normal network device or signaling of high power Msg2, msg4, etc., thereby eavesdropping on the privacy information of the terminal device. Alternatively, as shown in fig. 1 (c), the pseudo terminal device may impersonate the signaling of high power Msg3 or the like, thereby attacking the network device.
Therefore, in order to improve security in a message transmission process and prevent attacks of a dummy network device or a dummy terminal device, digital signatures are often used to verify the legitimacy of a broadcast system message. The signature message is added after the system message body of the radio resource control (Radio Resource Control, RRC) layer, and the signature message is transmitted independently of the system message, so that a certain bandwidth is required to be occupied, resulting in an increase in network device resource overhead. In particular, if each system message is independently signed, the resource overhead of the network device may be increased. Taking 5G system information block (system information block, SIB) as an example, the message body length of SIB1 in RRC layer is about 952bits, the signature length is 784bits, and after signature, the message body length of RRC layer becomes 1736 bits. Assuming that QPSK modulation is fixedly used and mcs=4 is used for low density parity check code (low density parity check code, LDPC) encoding, a new 86.7% resource overhead is required to carry the new signature.
Table 1 shows that in different application scenarios, the fixed mcs=4, the original message is compared with the length of the message after signature addition and the occupied frequency domain resource RB. If multiple messages are used to jointly package the signature, the access delay of the terminal equipment can be greatly increased. The scheduling period of the 5G MIB is 80ms, which is repeatedly transmitted 4 times in 80ms, once every 20ms. The scheduling period of 5GSIB1 is 160ms, repeated transmissions within 160ms, transmitted every 20ms. The 5G SI message contains one or more SIBs with the same scheduling requirements except SIB1, with a configurable minimum transmission period of 80ms and a maximum transmission period of 5120ms. If SIB1 is jointly signed with other SI messages (SIB 2 etc.), this can lead to transmission delays that increase from 20ms to over 80 ms.
TABLE 1 message body Length and resource Block RB size before and after signature addition
In view of this, the present application provides a method and apparatus for transmitting a message signature, which can be applied to the architecture shown in fig. 2. Specifically, the sending end reorganizes the information to be transmitted and the anti-replay information into reorganized information, then signs the reorganized information by using a private key of the sending end to generate authentication information, further codes and modulates the reorganized information to obtain a first signal, directly modulates or codes and modulates the authentication information to obtain a second signal, and superimposes the first signal and the second signal obtained by modulation to obtain a superimposed signal, and then sends the superimposed signal to the receiving end. After receiving the superimposed signal, the receiving end demodulates the superimposed signal to obtain recombination information and authentication information, and verifies the authentication information by utilizing a preset public key; if the verification is passed, the message in the reorganization information is considered to be a correct message; if the verification fails, the received signal and the same kind of signal received next time in the same scheduling period are jointly demodulated. In the embodiment of the invention, the authentication information and the information to be transmitted are sent simultaneously, so that extra bandwidth is not required to be occupied, and the cost required for transmission can be reduced. The authentication information and the replay prevention information can be used for authenticating the identity of the terminal equipment or the network equipment, preventing the attack of an attacker such as a pseudo network equipment or a pseudo terminal equipment and the like, and improving the safety in the process of message transmission.
To facilitate understanding of the embodiments of the present application, the following briefly describes related concepts related to the embodiments of the present application in conjunction with fig. 3 and 4:
1. certificate authority (certification authority, CA): the third party institution responsible for managing and issuing the certificate functions to check the validity of the identity of the certificate holder and issue the certificate to prevent the certificate from being forged or tampered with.
2. Identity-based cryptography (identity based cryptography, IBC): an asymmetric cryptography technique is used to provide a signature based on identity Information (ID). IBC cryptography belongs to a public key technology, and the generation of a key is based on a pair of global parameters global public key (global public key, GPK) and global private key (global secret key, GSK). The key center (private key generator, PKG) generates a private key SK based on the relevant ID for the user by calculation using the global parameters based on ID information provided by the user (e.g. network device) ID . Further, the ID, SK is secured in a reliable manner ID And GPK to users. In signing using IBC technology, the message sender (e.g. the network device in fig. 4 (a)) needs to possess an ID, private key SK for signing ID And a global public key GPK. Message sender uses ID, global public key GPK and private key SK ID Signing plaintext data M, such as a broadcast message issued by a base station, to form a signature Sig (SK ID M), and the signed message E (M) = { ID, M, sig (SK) ID M) to the receiving side (terminal device). The receiving party receives the ciphertext E (M), and firstly obtains a corresponding global public key GPK according to the network equipment ID carried in the message. Further, the receiver verifies the signature Sig (SK) carried in the message using the ID and the GPK ID M) to verify the integrity of the message.
3. Shared key: based on a symmetric cryptographic technique, such as a network device to which 100 terminal devices are connected, each terminal device has a different key, the terminal device signs the message with its own key or generates an authentication tag. The terminal equipment can select to acquire a public key for checking the second information through the preset information of the operator when opening an account; alternatively, the global public key of each key center may be preset in a preset manner to a SIM card or other storage of the terminal device. Further, the network device may obtain the private key and the GPK based on the ID of the network device, and further perform signature authentication on the received message. It should be understood that since the pseudo network device cannot obtain the corresponding key from the PKG, the terminal device cannot be attacked as shown in (b) of fig. 4.
4. System message: the system messages of the 4G LTE network and the 5G NR network mainly comprise two major categories, namely a main information block (master information block, MIB) and a system information block SIB. Wherein MIB messages are transmitted in a physical broadcast channel (physical boardcast channel, PBCH) without scrambling using a radio network temporary identifier (radio Network temporary identity, RNTI). And SIB messages are transmitted in the physical downlink shared channel (physical downlink shared channel, PDSCH), scrambled with a system message radio network temporary identifier (system information RNTI, SI-RNTI). The terminal device needs to acquire system information of the cell so as to know how the cell is configured to access the cell and operate normally in the cell. The system broadcast information generally comprises resident parameters of the current cell, reselection parameters, parameters of same frequency, different frequencies, different system neighbor cells and the like.
5. Quadrature phase shift keying/quadrature phase shift keying (quadrature phase shift keying, QPSK): a digital modulation scheme, also known as constellation modulation scheme. Four carrier phases are specified, 45 °,135 °,225 °,315 °, respectively. Let the binary bit sequence of the QPSK modulator input be b 0 ,b 1 ,…,b n If two bits are combined into one group, four combinations, i.e., 00, 01, 11, 10, can be respectively modulated into a constellation point complex symbol s. The formula is as follows:
illustratively, b is the binary bit sequence input by the QPSK modulator 0 ,b 1 ,…,b 5 For 011080 cases, the binary bit sequence can be converted into 01, 10, 00, and s (0), s (1) and s (2) respectively. That is, in the above formula, i takes values of 0,1,2. Will be i, b 2i And b 2i+1 The specific position of s (i) in the constellation can be obtained by taking the formula.
6. Power division factor: the I and Q values of the QPSK mapped constellation points are 2 -1/2 Or-2 -1/2 Then each constellation point power is I 2 +Q 2 =1. Each subcarrier carries one constellation point. Assuming that the system bandwidth of the network device or the terminal device is N Resource Blocks (RBs), and there are 12 subcarriers in 1 RB, the maximum transmission power of the system is P max =n×12. Assuming that the total number of RBs used for current transmission slot resource scheduling is M (M < =n), the maximum power that one subcarrier can allocate is:
assuming that the power distribution factors of the effective information and the signature information are alpha and beta respectively, when two signals of the effective information and the signature information are overlapped on the modulation domain of the physical layer, the power distribution factors alpha and beta need to be full Foot: beta < alpha < P0 RE 1/2 ,α 2 +β 2 =P RE 。
7. Modulation and coding strategy (modulation and coding scheme, MCS): each MCS index corresponds to a coded transmission rate under a set of parameters.
Fig. 5 illustrates a method 500 for transmitting a message signature according to an embodiment of the present application, where the method 500 may be applied to the application scenario illustrated in fig. 1, or may also be applied to other scenarios of message transmission, and the embodiment of the present application is not limited thereto. Illustratively, the method 500 is performed by the sender. The method 500 includes:
s501, generating first information, acquiring anti-replay information, and generating reorganization information according to the first information and the anti-replay information.
In some possible implementations, the sending end is a network device, and the first information may be a system broadcast message such as SIB, MIB or Paging; alternatively, in the random access phase, the first information may be signaling that needs to be transmitted in the shared channel, such as Msg2 or Msg 4.
In some possible implementations, the sending end is a terminal device, and the first information may be Msg3 or the like signaling that needs to be transmitted in the shared channel.
Alternatively, the first information may be other messages that need to be encrypted but not encrypted, which is not specifically limited in the embodiment of the present application. Further, signature protection may be provided for the above-described unencrypted messages by embodiments of the present application.
In some possible implementations, the anti-replay information may be in different forms, such as a random number, a serial number, a timestamp, an underlying physical feature parameter, and the like, which is not specifically limited in this embodiment of the present application. In some possible implementations, the sending end may splice the anti-replay information after the first information is placed to form the reorganized information; alternatively, the anti-replay information may be placed before or in the middle of the first information, and the specific location of the anti-replay information in the reorganized information is not limited in the embodiments of the present application. However, the transmitting end and the receiving end need to agree on a specific location of the anti-replay information.
S502, second information is generated using the first key based on the first information and the anti-replay information.
It should be appreciated that the second information may be a signature, e.g. the first key belongs to a public-private key pair; alternatively, it may be an authentication tag, for example, when the first key belongs to a shared key; alternatively, the information may be other information that can be used by the receiving end to authenticate the identity of the sending end, such as a hash value of integrity protection, which is not limited in the embodiment of the present application.
In addition, operations such as generating the second information by the transmitting end and checking the second information by the receiving end may be performed at an RRC (radio resource control) or may be performed at a bottom layer such as a physical layer (PHY), and the modules for generating the second information and checking the second information are not specifically limited in this embodiment of the present application.
Specifically, by the first key k s The first information s and the Anti-replay information Anti-replay info jointly generate second information t:
t=g(k s ,s,Anti_replay_info)
in some possible implementations, the sending end is a network device, and the first key may be a network device private key, where the network device private key may be obtained from a key center. Specifically, in the initialization process, the network device enables the key center to generate a corresponding private key, and the key center sends the generated private key of the network device to the corresponding network device. It should be understood that each key center generates a global public key for distinguishing different key centers, and when the network device is a transmitting end, the terminal device can select to obtain the public key for verifying the second information through the preset information of the operator at the time of opening an account; or, the global public key of each key center can be preset in a SIM card or other storage of the terminal equipment in a preset mode for subsequent verification of the second information. It will be appreciated that when the first key belongs to a public-private key pair as described above, the global public key may be preset in a plurality of terminals, i.e. the global public key is not kept secret from outside. But the private key of the network device is kept secret, only legal network devices can obtain the private key, and an attacker cannot know the legal private key, so that legal signatures cannot be generated.
In some possible implementations, the first key may also be a shared key preset for the sending end and the receiving end, for example, in a business scenario such as an enterprise campus, where the network device stores a shared key of all terminal devices, and the terminal device presets its own private key. The terminal equipment signs the recombined information by taking a preset private key as a first key to obtain second information; and after receiving the message of the terminal equipment, the network equipment uses the shared key to check the second information.
It should be understood that in the embodiment of the present application, the anti-replay information of the first information transmitted in each period is the same, and the anti-replay information of the first information transmitted in different periods is different. Illustratively, during one scheduling period (80 ms), the anti-replay information of the first information from the first 20ms to the fourth 20ms uses sequence number 1, and during the other scheduling period, the other anti-replay information having a sequence number other than 1 is used.
S503, coding and modulating the recombined information generated in S501 to obtain a first signal.
It should be appreciated that encoding and modulating the reconstructed information may occur at the PHY layer, and in some possible implementations, may be modulated using QPSK modulation techniques.
S504, modulating the second information generated in S502 to obtain a second signal.
Specifically, the second information may be directly modulated, for example, may be modulated using a QPSK modulation technique; alternatively, the second information may be encoded and modulated, for example, by first performing an LDPC encoder on the bit string of the second information and then performing QAM modulation, which is not limited in the embodiment of the present application. It should be appreciated that modulating the second information may be performed at the PHY layer.
S505, the first signal and the second signal are superimposed to obtain a superimposed signal.
Specifically, when the signal superposition is performed, the power division factors of the first signal and the second signal are set to α and β, respectively, which are required to satisfy: 0 < beta < alpha < P, alpha 2 +β 2 =P 2 ,P 2 > 1, wherein P 2 Maximum power that can be allocated for one subcarrier. Illustratively, the superimposed signal is denoted as Y and the first signal is denoted as S 1 The second signal is denoted as V 1 Then the superimposed signal y=α×s 1 ±β*V 1 。
It should be noted that, when the first information is a system broadcast message, the broadcast message is repeatedly sent N times in accordance with the 3GPP standard protocol in the scheduling period Q of the broadcast message, and the adjacent transmission time interval is T, i.e., n×t=q. Then in one scheduling period Q of the broadcast message 0 Multiple transmission periods T within n In, the power split factors α and β remain fixed and are optimized values, where n=0, 1. When the first information is Msg3, then the power allocation factors α and β remain fixed and at an optimal value during the same random access procedure.
In some possible implementations, during a scheduling period Q 0 When the first information transmitted in two continuous transmission periods is the same, symbol inversion is performed when the first signal and the second signal are overlapped. Illustratively, the scheduling period Q 0 Transmission period T 0 The internally generated superimposed signal may be Y 1 =α*S 1 ±β*V 1 Scheduling period Q 0 Transmission period T 1 The internally generated superimposed signal may be
It should be noted that the power allocation factor may be different in different broadcast message scheduling periods or in different random access procedures.
In some possible implementations, the power allocation factors α and β may be optimized according to interference noise measurement results of the network device or a frequency band utilization rate in a broadcast message scheduling period, and further, the superimposed signal may be determined according to the optimized power allocation factors. In some possible implementations, the power allocation factors α and β may be optimized according to the frequency band utilization rate in the random access procedure or measurement information (such as the following signal to noise ratio) at the terminal side, and then the superimposed signal is determined according to the optimized power allocation factors. It should be understood that the above method for optimizing the power division factors α and β is merely illustrative, and may be optimized based on other information, which is not specifically limited in the embodiments of the present application.
S506, sending a superposition signal.
Specifically, the superimposed signal may be transmitted through an air interface, which is not specifically limited in the embodiment of the present application.
It should be noted that the steps or operations in the method 500 shown in fig. 5 are merely examples, and other operations or variations of the operations in fig. 5 may also be performed by embodiments of the present application. Furthermore, the various steps in fig. 5 may be performed in a different order than presented in fig. 5. Illustratively, S503 and S504 may be performed synchronously; alternatively, S502 and S503 may be performed synchronously; alternatively, S503 may also be performed before S502, which is not specifically limited in the embodiment of the present application.
According to the method for transmitting the message signature, under the condition of presetting a symmetric key or having a private key distributed by a key center, first information to be protected and anti-replay information are spliced into the reconstructed information, and then the private key is used for signing the reconstructed information to generate second information for a receiving end to check the validity of the first information. Because the private key cannot be obtained by the attacker such as the pseudo terminal equipment, the pseudo network equipment and the like, the attacker such as the pseudo network equipment or the pseudo terminal equipment and the like can be prevented from attacking, and the security in the message transmission process can be improved. In addition, by superposing signals obtained according to the recombined information and the second information, the first information needing to be protected and the second information used for verification can be sent in the same time-frequency resource, so that extra bandwidth is not required to be occupied, and the cost required by transmission can be reduced.
Fig. 6 illustrates a method 600 for transmitting a message signature according to an embodiment of the present application, where the method 600 may be applied to the application scenario illustrated in fig. 1, or may also be applied to other scenarios of message transmission, and the embodiment of the present application is not limited to this. Illustratively, the method 600 is performed by a receiving end. The method 600 includes:
s601, receiving the superposition signal.
It should be understood that the superimposed signal is the superimposed signal in the method 500, and will not be described herein.
S602, demodulating and decoding the superimposed signal to obtain recombination information.
Specifically, the demodulation and decoding process performed by the receiving end is performed at the PHY layer. Illustratively, if the superimposed signal is Y, the receiving end calculates a channel estimation response H and an interference noise matrix Y based on the received superimposed signal Y uu . Further, the receiving end calculates the estimated value of the superposition signal through the channel estimation response H and the superposition signal Y
The formula is as follows:
further, the receiving end uses the superposition signal estimation value
Demodulation and decoding are carried out to obtain a recombined information estimation value +.>
It will be appreciated that the superimposed signal is a first signal S modulated by the code of the reconstructed information 1 And a second signal V obtained by code modulation based on the signature or authentication related information 1 Obtained by superposition, in this step, of the first signal S in the superimposed signal 1 The second signal V can be demodulated and decoded 1 Considered noise.
S603, recoding and modulating the recoding information to obtain a recombined first signal, and carrying out differential processing on the recombined first signal and the overlapped signal to obtain a second signal.
In some possible implementations, the receiving end estimates a value based on the first information
Re-encoding modulation to obtain a re-encoded first signal in combination with anti-replay information>
Furthermore, by superimposing the signal estimate +.>
And recombining the first signal->
Differential obtaining a second signal which can be used for checking whether the first information in the reorganized information is the correct one>
Wherein α and β are power division factors of the first signal and the second signal, respectively.
S604, demodulating and decoding the second signal to obtain second information.
S605, based on the reorganization information of S602 and the second information of S604, the reorganization information is checked using the second key.
In some possible implementations, the second key and the first key in the method 500 may be a public-private key pair, and if the first key is a network device private key, the second key is a preset global public key; or the second key and the first key in the method 500 may be a shared key, for example, if the first key is a terminal device shared key, the second key is a network device shared key; alternatively, the second key and the first key in the method 500 may be other key pairs that can be obtained from a key center, which is not specifically limited in the embodiments of the present application.
Further, if the verification of the reorganization information is passed, the first information in the reorganization information is considered to be a correct message; if the verification fails, the reorganization information is considered as fake information, and the receiving end stores the reorganization information. Further, in the first time range, if the reorganization information is received again, starting the joint receiving process, and checking the reorganization information. In some possible implementations, the first time range may be a transmission period T within a scheduling period; alternatively, the first time range may be a range preset by the system; alternatively, the first time range may be a user-defined range, which is not limited in the embodiment of the present application.
The first time range is illustratively a transmission period T within a scheduling period, assuming a scheduling period Q 0 Transmission period T 0 Transmitted superimposed signal Y 1 =α*S 1 +β*V 1 After passing S602 to S605, the verification fails, and the sender will be in the scheduling period Q 0 Transmission period T 1 Transmitting superimposed signal Y 2 =α*S 1 -β*V 1 . Further, the receiving end will receive the superimposed signal Y 2 After that, the superimposed signal estimation value is determined by the method in S602
Further, the receiving end pair superimposes the signal Y 1 Superimposed signal Y 2 And carrying out joint treatment. In some possible implementations +.>
And->
Respectively adding and subtracting to obtain a first signal +.>
And a second signal->
Furthermore, based on the first signal->
And a second signal->
And checking the recombined information through the second key.
According to the method for transmitting the message signature, the received superimposed signal is demodulated to obtain the recombined information and the second information for verifying the validity of the first information. And further verifying the second information based on the public key paired with the private key of the receiving end and the reorganized information. Because the private key cannot be obtained by the attacker such as the pseudo terminal equipment, the pseudo network equipment and the like, the attacker such as the pseudo network equipment or the pseudo terminal equipment and the like can be prevented from attacking, and the security in the message transmission process can be improved. Further, if the verification of the second information fails, the second information is determined by combining the second superposition signal generated based on the first information and repeatedly received within a certain time range through 'joint receiving processing', and the second information is verified, so that the first information to be protected and the second information used for verification can be ensured to be safe in the message transmission process by modulating, encoding and superposing the recombined information and the second information.
Fig. 7 illustrates a method 700 for transmitting a message signature according to an embodiment of the present application, where the method 700 may be applied to the application scenario illustrated in fig. 1, or may also be applied to other scenarios of message transmission, and the embodiment of the present application is not limited thereto. Illustratively, the method 700 is performed by a sender. The method 700 includes:
s701, generating second information based on the first information, the anti-replay information, and the first key, where the first information is a random access procedure message or a system broadcast message, and the second information is used to verify validity of the first information.
The first information may be the first information in the above embodiment, the anti-replay information may be the anti-replay information in the above embodiment, and the first key may be the first key in the above embodiment, for example.
It should be noted that, the method for generating the second information based on the first information, the anti-replay information and the first key may be referred to the description in the above embodiment, and will not be repeated here.
S702, the first information and the anti-replay information are combined and then encoded to obtain a first signal, and the second information is modulated to obtain a second signal.
Illustratively, the first signal may be the first signal in the above embodiment, and the second signal may be the second signal in the above embodiment.
It should be noted that, the method for obtaining the first signal and the second signal may be referred to the description in the above embodiments, and will not be described herein.
S703, the first signal and the second signal are superimposed to generate a first superimposed signal.
The first superimposed signal may be, for example, the superimposed signal in the above-described embodiment.
It should be noted that, the method for generating the superimposed signal may be referred to the description in the above embodiment, and will not be repeated here.
S704, a first superposition signal is transmitted.
In the embodiment of the application, the first information and the second information to be protected can be sent in the same time-frequency resource by modulating, coding and superposing the first information and the second information, so that extra bandwidth is not required to be occupied, and the cost required for transmission can be reduced. In addition, by introducing the first key and the replay prevention information, double protection is formed for the first information, so that attacks of attackers such as pseudo network equipment or pseudo terminal equipment can be prevented, and the security in the message transmission process can be improved.
Fig. 8 illustrates a method 800 for transmitting a message signature according to an embodiment of the present application, where the method 800 may be applied to the application scenario illustrated in fig. 1, or may also be applied to other scenarios of message transmission, and the embodiment of the present application is not limited thereto. Illustratively, the method 800 is performed by a receiving end. The method 800 includes:
S801, a first superimposed signal is received.
The first superimposed signal may be, for example, the superimposed signal in the above-described embodiment.
S802, demodulating and decoding the first superimposed signal to determine recombined information, combining the recombined information with playback information to determine the recombined information, and performing code modulation on the recombined information to determine a first signal.
Illustratively, the reorganization information may be reorganization information in the above embodiment, the first information may be first information in the above embodiment, and the first signal may be a first signal in the above embodiment.
It should be noted that, the method for determining the reorganization information and determining the first signal may be referred to the description in the above embodiment, and will not be repeated here.
S803, determining the second information according to the first superimposed signal and the first signal.
The second information may be, for example, the second information in the above-described embodiment.
It should be noted that, the method for determining the second information may be referred to the description in the above embodiment, and will not be repeated here.
S804, verifying the validity of the first information based on the second key and the second information.
It should be noted that, the method for verifying the validity of the first information may be referred to the description in the above embodiment, and will not be repeated here.
It should be appreciated that the verification of the validity of the first information may or may not pass. If the verification is passed, the receiving end can send corresponding information according to the content of the first information; if the verification is not passed, the receiving end may store the first information and/or the first superposition signal for joint verification in combination with the second superposition signal received in the first time interval.
In the embodiment of the application, the first information and the second information for checking the first information are transmitted in the same time-frequency resource, so that extra bandwidth is not required to be occupied, and the cost required for transmission can be reduced.
The method provided by the embodiments of the present application is described in detail above in connection with fig. 5 to 8. The apparatus provided in the embodiments of the present application will be described in detail with reference to fig. 9 and 10. The descriptions of the apparatus embodiments and the descriptions of the method embodiments correspond to each other, and thus, the descriptions of the apparatus embodiments and the descriptions of the method embodiments that are not described in detail may be referred to above, and are not repeated herein for brevity.
Fig. 9 is a schematic block diagram of an apparatus for transmitting a message signature provided by an embodiment of the present application. The apparatus 2000 includes a transceiving unit 2010 and a transceiving unit 2020. The transceiver unit 2010 may implement a corresponding communication function, and the processing unit 2020 is configured to perform data processing.
Optionally, the apparatus 2000 may further include a storage unit, where the storage unit may be configured to store instructions and/or data, and the processing unit 2020 may read the instructions and/or data in the storage unit, so that the apparatus implements the foregoing method embodiments.
The apparatus 2000 may include means for performing the methods of fig. 5-8. And each unit in the apparatus 2000 and the other operations and/or functions described above are respectively for implementing the corresponding flows of the method embodiments of fig. 5 to 8.
When the apparatus 2000 is used to perform the method 700 in fig. 7, the transceiver unit 2010 may be used to perform S704 in the method 700, and the processing unit 2020 may be used to perform S701 to S703 in the method 700.
Specifically, the apparatus 2000 includes: a processing unit configured to generate second information based on the first information, the anti-replay information, and the first key, the first information being a random access procedure message or a system broadcast message, the second information being used to check validity of the first information; the first information and the anti-replay information are combined and then encoded to obtain a first signal, and the second information is modulated to obtain a second signal; the processing unit is also used for generating a first superposition signal by superposing the first signal and the second signal; and the receiving and transmitting unit is used for transmitting the first superposition signal.
In some possible implementations, the first information is one of a system information block SIB, a master information block MIB, a Paging message Paging, a random access procedure message Msg2, msg3, or Msg 4.
In some possible implementations, the processing unit is further configured to: the first signal and the second signal are superimposed based on a power division factor to generate the first superimposed signal.
In some possible implementations, the processing unit determines the first superimposed signal according to the following formula:
Y=α*S 1 ±β*V 1
wherein Y is the first superimposed signal, S 1 For the first signal, V 1 For the second signal, α is the power division factor of the first signal, and β is the power division factor of the second signal.
In some possible implementations, the transceiver unit is further configured to: transmitting the first superimposed signal in a first transmission period; and transmitting a second superposition signal in a second transmission period, wherein the second transmission period is an adjacent period of the first transmission period, and performing symbol inversion on the power distribution factors in the first signal and the second signal in the second superposition signal.
In some possible implementations, the processing unit determines the second superimposed signal according to the following formula:
Wherein Y is 2 Is the second superimposed signal.
In some possible implementations, 0 < β < α < P, α 2 +β 2 =P 2 ,P 2 ≥1,P 2 Maximum power that can be allocated for one subcarrier.
In some possible implementations, the power allocation factor remains fixed and at an optimal value during the same scheduling period.
The apparatus 2000 may also be used to perform the method 800 in fig. 8, when the apparatus 2000 is used to perform the method 800 in fig. 8, the transceiver unit 2010 may be used to perform S801 in the method 800, and the processing unit 2020 may be used to perform S802 to S804 in the method 800.
Specifically, the apparatus 2000 includes: a transceiver unit for receiving the superimposed signal; the processing unit is used for demodulating and decoding the superimposed signal to determine first information, and modulating and encoding the first information to determine a first signal; determining second information from the superimposed signal and the first signal; and verifying the validity of the first information based on the second key and the second information.
In some possible implementations, the transceiver unit is further configured to: receiving a second superimposed signal; the processing unit is further configured to determine the first signal and the second signal based on the second superimposed signal and the superimposed signal.
The processing unit 2020 in fig. 9 may be implemented by at least one processor or processor-related circuit, the transceiver unit 2010 may be implemented by a transceiver or transceiver-related circuit, and the storage unit may be implemented by at least one memory.
Fig. 10 is a schematic block diagram of an apparatus for data retransmission according to an embodiment of the present application. The apparatus 2100 for data retransmission shown in fig. 10 may include: a processor 2110, a transceiver 2120, and a memory 2130. Wherein the processor 2110, the transceiver 2120 and the memory 2130 are connected through an internal connection path, the memory 2130 is used for storing instructions, and the processor 2110 is used for executing the instructions stored in the memory 2130, so that the transceiver 2130 receives/transmits a part of parameters. Alternatively, the memory 2130 may be coupled to the processor 2110 through an interface or may be integrated with the processor 2110.
It should be noted that the transceiver 2120 may include, but is not limited to, a transceiver device such as an input/output interface (i/o interface) to enable communication between the communication device 2100 and other devices or communication networks.
In implementation, the steps of the above method may be performed by integrated logic circuitry in hardware or instructions in software in the processor 2110. The method disclosed in connection with the embodiments of the present application may be embodied directly in hardware processor execution or in a combination of hardware and software modules in a processor. The software modules may be located in a random access memory, flash memory, read only memory, programmable read only memory, or electrically erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in the memory 2130, and the processor 2110 reads information in the memory 2130 and performs the steps of the method in combination with its hardware. To avoid repetition, a detailed description is not provided herein.
It should also be appreciated that in embodiments of the present application, the memory may include read only memory and random access memory, and provide instructions and data to the processor. A portion of the processor may also include nonvolatile random access memory. The processor may also store information of the device type, for example.
Embodiments of the present application also provide a computer readable storage medium storing program code which, when run on a computer, causes the computer to perform any of the methods of fig. 5-8 described above.
The embodiment of the application also provides a chip, which comprises: at least one processor and a memory, the at least one processor being coupled to the memory for reading and executing instructions in the memory to perform any of the methods of fig. 5-8 described above.
The present application will present various aspects, embodiments, or features about a system comprising a plurality of devices, components, modules, etc. It is to be understood and appreciated that the various systems may include additional devices, components, modules, etc. and/or may not include all of the devices, components, modules etc. discussed in connection with the figures. Furthermore, combinations of these schemes may also be used.
In addition, in the embodiments of the present application, words such as "exemplary," "for example," and the like are used to indicate an example, instance, or illustration. Any embodiment or design described herein as "exemplary" is not necessarily to be construed as preferred or advantageous over other embodiments or designs. Rather, the term use of an example is intended to present concepts in a concrete fashion.
In the embodiments of the present application, "corresponding" and "corresponding" may sometimes be used in combination, and it should be noted that the meaning to be expressed is consistent when the distinction is not emphasized.
The network architecture and the service scenario described in the embodiments of the present application are for more clearly describing the technical solution of the embodiments of the present application, and do not constitute a limitation on the technical solution provided in the embodiments of the present application, and those skilled in the art can know that, with the evolution of the network architecture and the appearance of the new service scenario, the technical solution provided in the embodiments of the present application is also applicable to similar technical problems.
Reference in the specification to "one embodiment" or "some embodiments" or the like means that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the application. Thus, appearances of the phrases "in one embodiment," "in some embodiments," "in other embodiments," and the like in the specification are not necessarily all referring to the same embodiment, but mean "one or more but not all embodiments" unless expressly specified otherwise. The terms "comprising," "including," "having," and variations thereof mean "including but not limited to," unless expressly specified otherwise.
In the present application, "at least one" means one or more, and "a plurality" means two or more. "and/or", describes an association relationship of an association object, and indicates that there may be three relationships, for example, a and/or B, and may indicate: including the case where a alone exists, both a and B together, and B alone, where a, B may be singular or plural. The character "/" generally indicates that the context-dependent object is an "or" relationship. "at least one of" or the like means any combination of these items, including any combination of single item(s) or plural items(s). For example, at least one (one) of a, b, or c may represent: a, b, c, a-b, a-c, b-c, or a-b-c, wherein a, b, c may be single or plural.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the above-described systems, apparatuses and units may refer to corresponding procedures in the foregoing method embodiments, and are not repeated herein.
In the several embodiments provided in this application, it should be understood that the disclosed systems, devices, and methods may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in each embodiment of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The foregoing is merely specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily think about changes or substitutions within the technical scope of the present application, and the changes and substitutions are intended to be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (23)
1. A method of transmitting a message signature, comprising:
generating second information based on the first information, the anti-replay information and the first key, wherein the first information is a random access process message or a system broadcast message, and the second information is used for checking the validity of the first information;
the first information and the anti-replay information are combined and then encoded and modulated to obtain a first signal, and the second information is modulated to obtain a second signal;
superposing the first signal and the second signal to generate a first superposition signal;
and transmitting the first superposition signal.
2. The method of claim 1, wherein the first information is one of a system information block SIB, a master information block MIB, a Paging message Paging, a random access procedure message Msg2, msg3, or Msg 4.
3. The method according to claim 1 or 2, wherein the superimposing the first signal and the second signal to generate a first superimposed signal comprises:
and superposing the first signal and the second signal based on a power distribution factor to generate the first superposition signal.
4. A method according to claim 3, wherein the first superimposed signal is determined according to the formula:
Y=α*S 1 ±β*V 1
Wherein Y is the first superimposed signal, S 1 For the first signal, V 1 For the second signal, α is a power division factor of the first signal, and β is the power division factor of the second signal.
5. The method according to claim 3 or 4, characterized in that the method further comprises:
transmitting the first superimposed signal in a first transmission period;
and transmitting a second superposition signal in a second transmission period, wherein the second transmission period is an adjacent period of the first transmission period, and performing symbol inversion on the power distribution factors in the first signal and the second signal in the second superposition signal.
6. The method of claim 5, wherein the second superimposed signal is determined according to the formula:
wherein Y is 2 Is the second superimposed signal.
7. The method according to claim 4 or 6, wherein 0<β<α<P,α 2 +β 2 =P 2 ,P 2 ≥1,P 2 Maximum power that can be allocated for one subcarrier.
8. The method according to any of claims 3 to 6, wherein the power allocation factor remains fixed and at an optimal value during the same scheduling period.
9. A method of transmitting a message signature, comprising:
Receiving a first superimposed signal;
demodulating and decoding the first superimposed signal to determine recombined information, wherein the recombined information is determined by combining first information and playback information, and performing code modulation on the recombined information to determine a first signal;
determining second information according to the first superimposed signal and the first signal;
and verifying the validity of the first information based on the second key and the second information.
10. The method of claim 9, wherein verifying the validity of the first information based on the second key and the second information comprises:
receiving a second superimposed signal;
and determining the first signal and the second signal according to the second superposition signal and the first superposition signal.
11. An apparatus for transmitting a message signature, comprising:
the processing unit is used for generating second information based on the first information, the anti-replay information and the first key, wherein the first information is a random access process message or a system broadcast message, and the second information is used for checking the validity of the first information;
the processing unit is also used for combining the first information and the anti-replay information, then encoding and modulating to obtain a first signal, and modulating the second information to obtain a second signal;
The processing unit is further configured to superimpose the first signal and the second signal to generate a first superimposed signal;
and the receiving and transmitting unit is used for transmitting the first superposition signal.
12. The apparatus of claim 11, wherein the first information is one of a system information block SIB, a master information block MIB, a Paging message Paging, a random access procedure message Msg2, msg3, or Msg 4.
13. The apparatus according to claim 11 or 12, wherein the processing unit is further configured to:
and superposing the first signal and the second signal based on a power distribution factor to generate the first superposition signal.
14. The apparatus of claim 13, wherein the processing unit determines the first superimposed signal according to the formula:
Y=α*S 1 ±β*V 1
wherein Y is the first superimposed signal, S 1 For the first signal, V 1 For the second signal, α is a power division factor of the first signal, and β is the power division factor of the second signal.
15. The apparatus according to claim 13 or 14, wherein the transceiver unit is further configured to:
transmitting the first superimposed signal in a first transmission period;
And transmitting a second superposition signal in a second transmission period, wherein the second transmission period is an adjacent period of the first transmission period, and performing symbol inversion on the power distribution factors in the first signal and the second signal in the second superposition signal.
16. The apparatus of claim 15, wherein the processing unit determines the second superimposed signal according to the formula:
wherein Y is 2 Is the second superimposed signal.
17. The device of claim 14 or 16, wherein 0<β<α<P,α 2 +β 2 =P 2 ,P 2 ≥1,P 2 Maximum power that can be allocated for one subcarrier.
18. The apparatus according to any of claims 13 to 16, wherein the power allocation factor remains fixed and at an optimal value during the same scheduling period.
19. An apparatus for transmitting a message signature, comprising:
the receiving and transmitting unit is used for receiving the first superposition signal;
the processing unit is used for demodulating, decoding and determining first information of the first superposition signal, and modulating, encoding and determining a first signal of the first information;
the processing unit is further configured to determine second information according to the first superimposed signal and the first signal;
The processing unit is further configured to verify validity of the first information based on a second key and the second information.
20. The apparatus of claim 19, wherein the transceiver unit is further configured to:
receiving a second superimposed signal;
the processing unit is further configured to determine the first signal and the second signal according to the second superimposed signal and the first superimposed signal.
21. An apparatus for transmitting a message signature, comprising:
a transceiver for receiving and transmitting messages;
a memory for storing a computer program;
a processor for executing the computer program stored in the memory to cause the apparatus to perform the method of any one of claims 1 to 10; the processor is coupled with the memory.
22. A computer-readable storage medium, on which a computer program is stored which, when executed by a computer, causes the method according to any one of claims 1 to 10 to be implemented.
23. A chip comprising a processor and a data interface, the processor reading instructions stored on a memory via the data interface to perform the method of any one of claims 1 to 10.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111520755.0A CN116264687A (en) | 2021-12-13 | 2021-12-13 | Method and device for transmitting message signature |
| PCT/CN2022/136514 WO2023109546A1 (en) | 2021-12-13 | 2022-12-05 | Method and apparatus for transmitting message signature |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111520755.0A CN116264687A (en) | 2021-12-13 | 2021-12-13 | Method and device for transmitting message signature |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116264687A true CN116264687A (en) | 2023-06-16 |
Family
ID=86722013
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111520755.0A Pending CN116264687A (en) | 2021-12-13 | 2021-12-13 | Method and device for transmitting message signature |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN116264687A (en) |
| WO (1) | WO2023109546A1 (en) |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11284261B2 (en) * | 2019-04-25 | 2022-03-22 | Qualcomm Incorporated | System information security container |
-
2021
- 2021-12-13 CN CN202111520755.0A patent/CN116264687A/en active Pending
-
2022
- 2022-12-05 WO PCT/CN2022/136514 patent/WO2023109546A1/en unknown
Also Published As
| Publication number | Publication date |
|---|---|
| WO2023109546A1 (en) | 2023-06-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7415043B2 (en) | Code division multiple access (CDMA) method and apparatus for protecting and authenticating wirelessly transmitted digital information | |
| RU2502226C2 (en) | Method and apparatus for obtaining security key(s) | |
| CN102869013B (en) | Based on the safe communication system of radio channel characteristic | |
| EP0858186A2 (en) | Method for secure communication in a telecommunication system | |
| CN107409299A (en) | It is used for the limited safe method and apparatus for constructing adjacency service code found for protecting | |
| US10425810B2 (en) | Method for physical layer security protection using public keys | |
| CN109788480B (en) | Communication method and device | |
| CN112889056A (en) | Identification-based signatures in system information protection | |
| CN101405987A (en) | Asymmetric cryptography for wireless systems | |
| CN109600222B (en) | Key generation method based on channel characteristics | |
| CN110336657B (en) | Optical OFDM dynamic key generation method based on channel characteristics | |
| US20230319557A1 (en) | Authentication method and related apparatus | |
| Melki et al. | Lightweight and secure D2D authentication & key management based on PLS | |
| CN101867923B (en) | Heterogeneous wireless network secure access authentication method based on identity self-confirmation | |
| CN106102049B (en) | A kind of safe transmission message approach using the characteristic of channel | |
| CN114450988A (en) | Protecting downlink control information in a cellular communication network | |
| CN104010310A (en) | Heterogeneous network unified authentication method based on physical layer safety | |
| CN104284330A (en) | Physical layer encryption technique based on unreliable wireless channel | |
| KR20220047276A (en) | Scrambling for wireless communications | |
| WO2023109546A1 (en) | Method and apparatus for transmitting message signature | |
| Xu et al. | GAKAV: Group authentication and key agreement for LTE/LTE-A vehicular networks | |
| CN112437432B (en) | Physical layer secret key distribution method and communication equipment | |
| CN101567786A (en) | Method and system for accessing access authentication of global interoperating system by microwaves | |
| Singh et al. | Analysis of security threats and protocols for LTE networks | |
| Hoque et al. | Countering Relay and Spoofing Attacks in the Connection Establishment Phase of Wi-Fi Systems |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication |