CN116349267A

CN116349267A - Key distribution method, device, communication equipment and storage medium

Info

Publication number: CN116349267A
Application number: CN202380008185.8A
Authority: CN
Inventors: 陆伟
Original assignee: Beijing Xiaomi Mobile Software Co Ltd
Current assignee: Beijing Xiaomi Mobile Software Co Ltd
Priority date: 2023-02-10
Filing date: 2023-02-10
Publication date: 2023-06-27

Abstract

The embodiment of the disclosure provides a key distribution method, wherein the method is executed by a terminal, and the method comprises the following steps: sending first request information to a first network function; wherein the first request information is used for requesting to acquire a key of the terminal broadcasting a side uplink positioning protocol SLPP signaling or receiving a broadcasted SLPP signaling in side uplink SL communication. Here, the terminal transmits a key for requesting acquisition of a side uplink positioning protocol SLPP signaling or a SLPP signaling received broadcasting in side uplink SL communication to the first network function, so that the key can be acquired, encryption and integrity protection of data to be transmitted can be performed based on the key, and thus transmission security of the data can be ensured.

Description

Key distribution method, device, communication equipment and storage medium

Technical Field

The present disclosure relates to the field of wireless communication technologies, but is not limited to the field of wireless communication technologies, and in particular, to a key distribution method, a device, a communication apparatus, and a storage medium.

Background

In the wireless communication technology, for ranging or Sidelink (SL) location services, it is possible to transmit part of the SL location signaling in a broadcast manner. Since SL positioning capability and SL positioning assistance data are information for obtaining ranging results, integrity protection is required to ensure that they are not tampered with. SL positioning capability and location information relate to the privacy of the terminal concerned, which needs to be encrypted to protect the privacy of the terminal. Therefore, after enabling the SL location broadcast mode, how to provide security keys and to integrity protect and encrypt broadcast messages is a matter of consideration.

Disclosure of Invention

The embodiment of the disclosure discloses a key distribution method, a device, communication equipment and a storage medium.

According to a first aspect of embodiments of the present disclosure, there is provided a key distribution method, wherein the method is performed by a terminal, the method comprising:

sending first request information to a first network function;

wherein the first request information is used for requesting to acquire a key of the terminal broadcasting a side uplink positioning protocol SLPP signaling or receiving the broadcasted SLPP signaling in side uplink SL communication; the first network function is a network function of a network where the terminal is currently located.

According to a second aspect of embodiments of the present disclosure, there is provided a key distribution method, wherein the method is performed by a first network function, the method comprising:

receiving first request information sent by a terminal;

wherein the first request information is used for requesting acquisition of a key of the terminal broadcasting or receiving the SLPP signaling in the side-link SL communication.

According to a third aspect of embodiments of the present disclosure, there is provided a key distribution method, wherein the method is performed by a second network function or a third network function, the method comprising:

Sending third request information to a fourth network function;

wherein the third request information indicates a key for requesting acquisition of SLPP signaling broadcast by the terminal or SLPP signaling received broadcast in side-uplink SL communication.

According to a fourth aspect of embodiments of the present disclosure, there is provided a key distribution method, wherein the method is performed by a fourth network function, the method comprising:

receiving third request information sent by a second network function or a third network function of the terminal;

According to a fifth aspect of embodiments of the present disclosure, there is provided a system, wherein the system comprises at least one of a first network function, a second network function, a third network function, and a fourth network function; the first network function is used for realizing a method for realizing the first network function; the second network function is used for realizing a method for realizing the second network function; the third network function is used for realizing the method for realizing the third network function.

According to a sixth aspect of embodiments of the present disclosure, there is provided a key distribution apparatus, wherein the apparatus includes:

A transmitting module configured to transmit first request information to a first network function;

wherein the first request information is used for requesting to acquire a key of the terminal broadcasting or receiving the SLPP signaling in the side uplink SL communication; the first network function is a network function of a network where the terminal is currently located.

According to a seventh aspect of embodiments of the present disclosure, there is provided a key distribution apparatus, wherein the apparatus includes:

the receiving module is configured to receive first request information sent by the terminal;

According to an eighth aspect of the embodiments of the present disclosure, there is provided a key distribution apparatus, wherein the apparatus includes:

a transmitting module configured to transmit third request information to a fourth network function;

According to a ninth aspect of the embodiments of the present disclosure, there is provided a key distribution apparatus, wherein the apparatus includes:

The receiving module is configured to receive third request information sent by a second network function or a third network function of the terminal;

According to a tenth aspect of embodiments of the present disclosure, there is provided a communication device comprising:

a processor;

a memory for storing the processor-executable instructions;

wherein the processor is configured to: for executing the executable instructions, implementing the methods described in any of the embodiments of the present disclosure.

According to an eleventh aspect of the embodiments of the present disclosure, there is provided a computer storage medium storing a computer executable program that when executed by a processor implements the method of any of the embodiments of the present disclosure.

In an embodiment of the present disclosure, first request information is sent to a first network function; wherein the first request information is used for requesting to acquire a key of the terminal broadcasting a side uplink positioning protocol SLPP signaling or receiving the broadcasted SLPP signaling in side uplink SL communication; the first network function is a network function of a network where the terminal is currently located. Here, the terminal transmits a key for requesting acquisition of a side-link positioning protocol SLPP signaling broadcast by the terminal or a SLPP signaling received broadcast in side-link SL communication to the first network function, so that the key can be acquired, encryption and integrity protection of data to be transmitted can be performed based on the key, and thus transmission security of the data can be ensured.

Drawings

Fig. 1 is a schematic diagram illustrating a structure of a wireless communication system according to an exemplary embodiment.

Fig. 2 is a flow diagram illustrating a key distribution method according to an example embodiment.

Fig. 3 is a flow diagram illustrating a key distribution method according to an example embodiment.

Fig. 4 is a flow diagram illustrating a key distribution method according to an example embodiment.

Fig. 5 is a flow diagram illustrating a key distribution method according to an example embodiment.

Fig. 6 is a flow diagram illustrating a key distribution method according to an example embodiment.

Fig. 7 is a flow chart illustrating a key distribution method according to an exemplary embodiment.

Fig. 8 is a flow chart illustrating a key distribution method according to an exemplary embodiment.

Fig. 9 is a flow chart illustrating a key distribution method according to an exemplary embodiment.

Fig. 10 is a flow chart illustrating a key distribution method according to an exemplary embodiment.

Fig. 11 is a flow chart illustrating a key distribution method according to an exemplary embodiment.

Fig. 12 is a flow chart illustrating a key distribution method according to an exemplary embodiment.

Fig. 13 is a flow chart illustrating a key distribution method according to an exemplary embodiment.

Fig. 14 is a flow chart illustrating a key distribution method according to an exemplary embodiment.

Fig. 15 is a flow chart illustrating a key distribution method according to an exemplary embodiment.

FIG. 16 is a schematic diagram of a system according to an example embodiment.

Fig. 17 is a flow chart illustrating a key distribution method according to an exemplary embodiment.

Fig. 18 is a flow chart illustrating a key distribution method according to an exemplary embodiment.

Fig. 19 is a schematic diagram showing a key distribution apparatus according to an exemplary embodiment.

Fig. 20 is a schematic diagram showing a key distribution apparatus according to an exemplary embodiment.

Fig. 21 is a schematic diagram showing a key distribution apparatus according to an exemplary embodiment.

Fig. 22 is a schematic diagram showing a key distribution apparatus according to an exemplary embodiment.

Fig. 23 is a schematic structural view of a terminal according to an exemplary embodiment.

Fig. 24 is a block diagram of a base station, according to an example embodiment.

Detailed Description

Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings refer to the same or similar elements, unless otherwise indicated. The implementations described in the following exemplary embodiments do not represent all implementations consistent with the embodiments of the present disclosure. Rather, they are merely examples of apparatus and methods consistent with aspects of embodiments of the present disclosure as detailed in the accompanying claims.

The terminology used in the embodiments of the disclosure is for the purpose of describing particular embodiments only and is not intended to be limiting of the embodiments of the disclosure. As used in this disclosure of embodiments and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It should also be understood that the term "and/or" as used herein refers to and encompasses any or all possible combinations of one or more of the associated listed items.

It should be understood that although the terms first, second, third, etc. may be used in embodiments of the present disclosure to describe various information, these information should not be limited to these terms. These terms are only used to distinguish one type of information from another. For example, the first information may also be referred to as second information, and similarly, the second information may also be referred to as first information, without departing from the scope of embodiments of the present disclosure. The word "if" as used herein may be interpreted as "at … …" or "at … …" or "responsive to a determination", depending on the context.

For purposes of brevity and ease of understanding, the terms "greater than" or "less than" are used herein in characterizing a size relationship. But it will be appreciated by those skilled in the art that: the term "greater than" also encompasses the meaning of "greater than or equal to," less than "also encompasses the meaning of" less than or equal to.

Referring to fig. 1, a schematic structural diagram of a wireless communication system according to an embodiment of the disclosure is shown. As shown in fig. 1, the wireless communication system is a communication system based on a mobile communication technology, and may include: a number of user equipments 110 and a number of base stations 120.

Wherein the user device 110 may be a device that provides voice and/or data connectivity to a user. The user equipment 110 may communicate with one or more core networks via a radio access network (Radio Access Network, RAN), and the user equipment 110 may be an internet of things user equipment such as sensor devices, mobile phones and computers with internet of things user equipment, for example, stationary, portable, pocket, hand-held, computer-built-in or vehicle-mounted devices. Such as a Station (STA), subscriber unit (subscriber unit), subscriber Station (subscriber Station), mobile Station (mobile), remote Station (remote Station), access point, remote user equipment (remote terminal), access user equipment (access terminal), user device (user terminal), user agent (user agent), user device (user device), or user equipment (user request). Alternatively, the user device 110 may be a device of an unmanned aerial vehicle. Alternatively, the user device 110 may be a vehicle-mounted device, for example, a laptop with a wireless communication function, or a wireless user device with an external laptop. Alternatively, the user device 110 may be a roadside device, for example, a street lamp, a signal lamp, or other roadside devices with a wireless communication function.

The base station 120 may be a network-side device in a wireless communication system. Wherein the wireless communication system may be a fourth generation mobile communication technology (the 4th generation mobile communication,4G) system, also known as a long term evolution (Long Term Evolution, LTE) system; alternatively, the wireless communication system may be a 5G system, also known as a new air interface system or a 5G NR system. Alternatively, the wireless communication system may be a next generation system of the 5G system. Among them, the access network in the 5G system may be called NG-RAN (New Generation-Radio Access Network, new Generation radio access network).

The base station 120 may be an evolved node b (eNB) employed in a 4G system. Alternatively, the base station 120 may be a base station (gNB) in a 5G system that employs a centralized and distributed architecture. When the base station 120 adopts a centralized and distributed architecture, it generally includes a Centralized Unit (CU) and at least two Distributed Units (DUs). A protocol stack of a packet data convergence protocol (Packet Data Convergence Protocol, PDCP) layer, a radio link layer control protocol (Radio Link Control, RLC) layer, and a medium access control (Media Access Control, MAC) layer is provided in the centralized unit; a Physical (PHY) layer protocol stack is provided in the distribution unit, and the specific implementation of the base station 120 is not limited in the embodiments of the present disclosure.

A wireless connection may be established between the base station 120 and the user equipment 110 over a wireless air interface. In various embodiments, the wireless air interface is a fourth generation mobile communication network technology (4G) standard-based wireless air interface; or, the wireless air interface is a wireless air interface based on a fifth generation mobile communication network technology (5G) standard, for example, the wireless air interface is a new air interface; alternatively, the wireless air interface may be a wireless air interface based on a 5G-based technology standard of a next generation mobile communication network.

In some embodiments, an E2E (End to End) connection may also be established between the user devices 110. Such as V2V (vehicle to vehicle, vehicle-to-vehicle) communications, V2I (vehicle to Infrastructure, vehicle-to-road side equipment) communications, and V2P (vehicle to pedestrian, vehicle-to-person) communications among internet of vehicles communications (vehicle to everything, V2X).

Here, the above-described user equipment can be regarded as the terminal equipment of the following embodiment.

In some embodiments, the wireless communication system described above may also include a network management device 130.

Several base stations 120 are respectively connected to a network management device 130. The network management device 130 may be a core network device in a wireless communication system, for example, the network management device 130 may be a mobility management entity (Mobility Management Entity, MME) in an evolved packet core network (Evolved Packet Core, EPC). Alternatively, the network management device may be other core network devices, such as a Serving GateWay (SGW), a public data network GateWay (Public Data Network GateWay, PGW), a policy and charging rules function (Policy and Charging Rules Function, PCRF) or a home subscriber server (Home Subscriber Server, HSS), etc. The embodiment of the present disclosure is not limited to the implementation form of the network management device 130.

For ease of understanding by those skilled in the art, the embodiments of the present disclosure enumerate a plurality of implementations to clearly illustrate the technical solutions of the embodiments of the present disclosure. Of course, those skilled in the art will appreciate that the various embodiments provided in the embodiments of the disclosure may be implemented separately, may be implemented in combination with the methods of other embodiments of the disclosure, and may be implemented separately or in combination with some methods of other related technologies; the embodiments of the present disclosure are not so limited.

As shown in fig. 2, in this embodiment, there is provided a key distribution method, wherein the method is performed by a terminal, and the method includes:

step 21, sending first request information to a first network function;

Here, the terminal related to the present disclosure may be, but is not limited to, a mobile phone, a wearable device, a vehicle-mounted terminal, a Road Side Unit (RSU), a smart home terminal, an industrial sensing device, and/or a medical device, etc. In some embodiments, the terminal may be a Redcap terminal or a predetermined version of a new air-interface NR terminal (e.g., an NR terminal of R17).

The first network function in the present disclosure may be an access and mobility management function (AMF, access and Mobility Management Function), but is not limited to AMF. The second network function in the present disclosure may be, but is not limited to, a policy control function (PCF, policy Control Function). The third network function in the present disclosure may be a location management function (LMF, location Management Function), but is not limited to an LMF. The fourth network function in the present disclosure may be, but is not limited to being, a central key management function.

In one embodiment, first request information is sent to a first network function; wherein the first request information is used for requesting to acquire a key of the terminal broadcasting a side uplink positioning protocol (SLPP, sidelink Position Procotol) signaling or receiving a broadcasted SLPP signaling in a side uplink SL communication; the first request information indicates an identity of the terminal and an indicator requesting acquisition of the key.

In one embodiment, first request information is sent to the first network function via a registration request message; wherein the first request information is used for requesting to acquire a key of the terminal broadcasting a side uplink positioning protocol SLPP signaling or receiving a broadcasted SLPP signaling in side uplink SL communication.

In one embodiment, first request information is sent to a first network function; wherein the first request information is used for requesting to acquire a key of the terminal broadcasting a side uplink positioning protocol SLPP signaling or receiving a broadcasted SLPP signaling in side uplink SL communication. Receiving first response information sent by the first network function; wherein the first response information indicates the key.

In one embodiment, first request information is sent to a first network function; wherein the first request information is used for requesting to acquire a key of the terminal broadcasting a side uplink positioning protocol SLPP signaling or receiving a broadcasted SLPP signaling in side uplink SL communication. And receiving the first response information sent by the first network function through a registration acceptance message.

In the embodiment of the disclosure, first request information is sent to a first network function; wherein the first request information is used for requesting to acquire a key of the terminal broadcasting a side uplink positioning protocol SLPP signaling or receiving a broadcasted SLPP signaling in side uplink SL communication. Here, the terminal transmits a key for requesting acquisition of a side uplink positioning protocol SLPP signaling or a SLPP signaling received broadcasting in side uplink SL communication to the first network function, so that the key can be acquired, encryption and integrity protection of data to be transmitted can be performed based on the key, and thus transmission security of the data can be ensured.

It should be noted that, as those skilled in the art may understand, the methods provided in the embodiments of the present disclosure may be performed alone or together with some methods in the embodiments of the present disclosure or some methods in the related art.

As shown in fig. 3, in this embodiment, there is provided a key distribution method, wherein the method is performed by a terminal, the method including:

step 31, receiving first response information sent by the first network function;

wherein the first response information indicates a key that the terminal broadcasts a side uplink positioning protocol SLPP signaling or receives the broadcasted SLPP signaling in side uplink SL communication.

In one embodiment, first request information is sent to a first network function; wherein the first request information is used for requesting to acquire a key of the terminal broadcasting a side uplink positioning protocol SLPP signaling or receiving the broadcasted SLPP signaling in side uplink SL communication; the first request information indicates an identity of the terminal and an indicator for requesting to acquire the key; the first network function is a network function of a network where the terminal is currently located.

As shown in fig. 4, in this embodiment, there is provided a key distribution method, where the method is performed by a first network function, the method includes:

Step 41, receiving first request information sent by a terminal;

In one embodiment, first request information sent by a terminal is received; wherein the first request information is used for requesting to acquire a key of the terminal broadcasting or receiving the SLPP signaling in the side uplink SL communication; the first request information indicates an identity of the terminal and an indicator requesting acquisition of the key.

In one embodiment, the first request information sent by the terminal is received through a registration request message; the method comprises the steps of carrying out a first treatment on the surface of the Wherein the first request information is used for requesting acquisition of a key of the terminal broadcasting or receiving the SLPP signaling in the side-link SL communication.

In one embodiment, first request information sent by a terminal is received; wherein the first request information is used for requesting acquisition of a key of the terminal broadcasting or receiving the SLPP signaling in the side-link SL communication. It is determined whether to allow the terminal to broadcast the SLPP signaling or receive the broadcasted SLPP signaling.

In one embodiment, first request information sent by a terminal is received; wherein the first request information is used for requesting acquisition of a key of the terminal broadcasting or receiving the SLPP signaling in the side-link SL communication. Based on terminal subscription information, it is determined whether to allow the terminal to broadcast the SLPP signaling or receive the broadcasted SLPP signaling.

In one embodiment, first request information sent by a terminal is received; wherein the first request information is used for requesting acquisition of a key of the terminal broadcasting or receiving the SLPP signaling in the side-link SL communication. Sending second request information to a second network function; wherein the second request information indicates a key for requesting acquisition of SLPP signaling broadcast by the terminal or SLPP signaling received broadcast in side-uplink SL communication; the second network function is a network function of a network where the terminal is currently located.

In one embodiment, first request information sent by a terminal is received; wherein the first request information is used for requesting acquisition of a key of the terminal broadcasting or receiving the SLPP signaling in the side-link SL communication. Sending second request information to a second network function; wherein the second request information indicates a key for requesting acquisition of SLPP signaling broadcast by the terminal or SLPP signaling received broadcast in side-uplink SL communication; the second request information indicates an identity of the terminal and an indicator requesting acquisition of the key.

In one embodiment, first request information sent by a terminal is received; wherein the first request information is used for requesting acquisition of a key of the terminal broadcasting or receiving the SLPP signaling in the side-link SL communication. It is determined whether to allow the terminal to broadcast the SLPP signaling or receive the broadcasted SLPP signaling. Transmitting second request information to a second network function in response to allowing the terminal to broadcast the SLPP signaling or receiving the broadcasted SLPP signaling; wherein the second request information indicates a key for requesting acquisition of SLPP signaling broadcast by the terminal or SLPP signaling received broadcast in side-uplink SL communication.

In one embodiment, first request information sent by a terminal is received; wherein the first request information is used for requesting acquisition of a key of the terminal broadcasting or receiving the SLPP signaling in the side-link SL communication. It is determined whether to allow the terminal to broadcast the SLPP signaling or receive the broadcasted SLPP signaling. Transmitting the second request information to the second network function in response to allowing the terminal to broadcast the SLPP signaling; or, in response to the SLPP signaling allowing the terminal to receive the broadcast, transmitting the second request information to the second network function.

In one embodiment, first request information sent by a terminal is received; wherein the first request information is used for requesting acquisition of a key of the terminal broadcasting or receiving the SLPP signaling in the side-link SL communication. Sending second request information to a second network function; wherein the second request information indicates a key for requesting acquisition of SLPP signaling broadcast by the terminal or SLPP signaling received broadcast in side-uplink SL communication. Receiving second response information sent by a second network function or a third network function; wherein the second response information indicates the key.

In one embodiment, first request information sent by a terminal is received; wherein the first request information is used for requesting acquisition of a key of the terminal broadcasting or receiving the SLPP signaling in the side-link SL communication. Receiving the second response information sent by the third network function through a notification message (for example, nlmf_broadcast_circumscribing keydata); wherein the second response information indicates the key.

In one embodiment, first request information sent by a terminal is received; wherein the first request information is used for requesting acquisition of a key of the terminal broadcasting or receiving the SLPP signaling in the side-link SL communication. Sending second request information to a second network function; wherein the second request information indicates a key for requesting acquisition of SLPP signaling broadcast by the terminal or SLPP signaling received broadcast in side-uplink SL communication. Receiving second response information sent by a second network function or a third network function; wherein the second response information indicates the key. The key is stored.

In one embodiment, first request information sent by a terminal is received; wherein the first request information is used for requesting acquisition of a key of the terminal broadcasting or receiving the SLPP signaling in the side-link SL communication. Sending first response information to the terminal; wherein the first response information indicates the key.

In one embodiment, first request information sent by a terminal is received; wherein the first request information is used for requesting acquisition of a key of the terminal broadcasting or receiving the SLPP signaling in the side-link SL communication. Transmitting the first response information to the terminal through a registration acceptance message; wherein the first response information indicates the key.

In one embodiment, first request information sent by a terminal is received; wherein the first request information is used for requesting acquisition of a key of the terminal broadcasting or receiving the SLPP signaling in the side-link SL communication. It is determined whether to allow the terminal to broadcast the SLPP signaling or receive the broadcasted SLPP signaling. Transmitting the first response information to the terminal in response to determining to allow the terminal to broadcast the SLPP signaling; or, in response to determining to allow the terminal to receive the SLPP signaling of the broadcast, transmitting the first response information to the terminal.

As shown in fig. 5, in this embodiment, there is provided a key distribution method, where the method is performed by a first network function, the method includes:

step 51, determining whether to allow the terminal to broadcast the SLPP signaling or receive the broadcasted SLPP signaling.

In one embodiment, first request information sent by a terminal is received; wherein the first request information is used for requesting acquisition of a key of the terminal broadcasting or receiving the SLPP signaling in the side-link SL communication. It is determined whether to allow the terminal to broadcast the SLPP signaling or receive the broadcasted SLPP signaling. Transmitting second request information to a second network function in response to allowing the terminal to broadcast the SLPP signaling or receiving the broadcasted SLPP signaling; wherein the second request information indicates a key for requesting acquisition of SLPP signaling broadcast by the terminal or SLPP signaling received broadcast in side-uplink SL communication; the second network function is a network function of a network where the terminal is currently located.

As shown in fig. 6, in this embodiment, there is provided a key distribution method, where the method is performed by a first network function, the method includes:

step 61, sending second request information to a second network function;

wherein the second request information indicates a key for requesting acquisition of SLPP signaling broadcast by the terminal or SLPP signaling received broadcast in side-uplink SL communication; the second network function is a network function of a network where the terminal is currently located.

As shown in fig. 7, in this embodiment, there is provided a key distribution method, where the method is performed by a first network function, the method includes:

step 71, receiving second response information sent by the second network function or the third network function;

wherein the second response information indicates a key of the terminal broadcasting SLPP signaling or receiving the broadcasted SLPP signaling in side uplink SL communication.

In one embodiment, first request information sent by a terminal is received; wherein the first request information is used for requesting acquisition of a key of the terminal broadcasting or receiving the SLPP signaling in the side-link SL communication. Sending second request information to a second network function; wherein the second request information indicates a key for requesting acquisition of SLPP signaling broadcast by the terminal or SLPP signaling received broadcast in side-uplink SL communication. Receiving second response information sent by a second network function or a third network function; wherein the second response information indicates the key; the second network function is a network function of a network where the terminal is currently located.

As shown in fig. 8, in this embodiment, there is provided a key distribution method, where the method is performed by a first network function, the method includes:

step 81, sending first response information to the terminal;

wherein the first response information indicates a key of the terminal broadcasting SLPP signaling or receiving the broadcasted SLPP signaling in side uplink SL communication.

As shown in fig. 9, in this embodiment, there is provided a key distribution method, wherein the method is performed by a second network function or a third network function, the method including:

step 91, sending third request information to a fourth network function;

In one embodiment, sending the third request information to the fourth network function; wherein the third request information indicates a key for requesting acquisition of SLPP signaling broadcast by the terminal or SLPP signaling received broadcast in side-uplink SL communication. Receiving third response information sent by the fourth network function; wherein the third response information indicates the key.

In one embodiment, sending the third request information to the fourth network function; wherein the third request information indicates a key for requesting acquisition of SLPP signaling broadcast by the terminal or SLPP signaling received broadcast in side-uplink SL communication. Receiving third response information sent by the fourth network function; wherein the third response information indicates the key. Sending second response information to the first network function; wherein the second response information indicates the key.

In one embodiment, the third request information is sent to a fourth network function; wherein the third request information indicates a key for requesting acquisition of SLPP signaling broadcast by the terminal or SLPP signaling received broadcast in side-uplink SL communication. Receiving third response information sent by the fourth network function; wherein the third response information indicates the key. Sending the second response information to the first network function through a notification message (e.g., nlmf_broadcast_circumscribing keydata); wherein the second response information indicates the key.

In one embodiment, receiving second request information sent by a first network function of the terminal; wherein the second request information indicates a key for requesting acquisition of SLPP signaling broadcast by the terminal or SLPP signaling received broadcast in side-uplink SL communication. Sending third request information to a fourth network function; wherein the third request information indicates a key for requesting acquisition of SLPP signaling broadcast by the terminal or SLPP signaling received broadcast in side-uplink SL communication.

In one embodiment, receiving second request information sent by a first network function of the terminal; wherein the second request information indicates a key for requesting acquisition of SLPP signaling broadcast by the terminal or SLPP signaling received broadcast in side-uplink SL communication; the second request information indicates an identity of the terminal and an indicator requesting acquisition of the key. Sending third request information to a fourth network function; wherein the third request information indicates a key for requesting acquisition of SLPP signaling broadcast by the terminal or SLPP signaling received broadcast in side-uplink SL communication.

As shown in fig. 10, in this embodiment, there is provided a key distribution method, wherein the method is performed by a second network function or a third network function, the method including:

step 101, receiving third response information sent by the fourth network function;

wherein the third response information indicates a key of the terminal broadcasting SLPP signaling or receiving the broadcasted SLPP signaling in side uplink SL communication.

As shown in fig. 11, in this embodiment, there is provided a key distribution method, wherein the method is performed by a second network function or a third network function, the method including:

step 111, sending second response information to the first network function;

As shown in fig. 12, in this embodiment, there is provided a key distribution method, wherein the method is performed by a second network function or a third network function, the method including:

step 121, receiving second request information sent by a first network function of the terminal;

wherein the second request information indicates a key for requesting acquisition of SLPP signaling broadcast by the terminal or SLPP signaling received broadcast in side-uplink SL communication.

As shown in fig. 13, in this embodiment, there is provided a key distribution method, wherein the method is performed by a fourth network function, and the method includes:

step 131, receiving third request information sent by a second network function or a third network function of the terminal;

In one embodiment, third request information sent by a second network function or a third network function of the terminal is received; wherein the third request information indicates a key for requesting acquisition of SLPP signaling broadcast by the terminal or SLPP signaling received broadcast in side-uplink SL communication. The key is generated in response to receiving the third request information.

In one embodiment, third request information sent by a second network function or a third network function of the terminal is received; wherein the third request information indicates a key for requesting acquisition of SLPP signaling broadcast by the terminal or SLPP signaling received broadcast in side-uplink SL communication. The key is generated in response to receiving the third request information. The key includes one of: an asymmetric private key and a public key; symmetric integrity and encryption keys.

In one embodiment, third request information sent by a second network function or a third network function of the terminal is received; wherein the third request information indicates a key for requesting acquisition of SLPP signaling broadcast by the terminal or SLPP signaling received broadcast in side-uplink SL communication. Transmitting third response information to the second network function or the third network function; wherein the third response information indicates the key.

In one embodiment, third request information sent by a second network function or a third network function of the terminal is received; wherein the third request information indicates a key for requesting acquisition of SLPP signaling broadcast by the terminal or SLPP signaling received broadcast in side-uplink SL communication. The key is generated in response to receiving the third request information. The key includes one of: asymmetric private and public keys symmetric integrity and encryption keys. Transmitting third response information to the second network function or the third network function; wherein the third response information indicates the key.

As shown in fig. 14, in this embodiment, there is provided a key distribution method, wherein the method is performed by a fourth network function, the method including:

step 141, generating a key for the terminal to broadcast SLPP signaling or receive the broadcasted SLPP signaling in side-link SL communication.

In one embodiment, third request information sent by a second network function or a third network function of the terminal is received; wherein the third request information indicates a key for requesting acquisition of SLPP signaling broadcast by the terminal or SLPP signaling received broadcast in side-uplink SL communication. The key is generated in response to receiving the third request information. The key includes one of: an asymmetric private key and a public key; symmetric integrity and encryption keys. Transmitting third response information to the second network function or the third network function; wherein the third response information indicates the key.

As shown in fig. 15, in this embodiment, there is provided a key distribution method, wherein the method is performed by a fourth network function, the method including:

step 151, sending third response information to the second network function or the third network function;

As shown in fig. 16, a system is provided in the present embodiment, wherein the system includes at least one of a first network function 161, a second network function 162, a third network function 163, and a fourth network function 164; the first network function 161 is configured to implement a method implemented by the first network function 161; the second network function 162 is configured to implement a method implemented by the second network function 162; the third network function 163 is configured to implement a method implemented by the third network function 163.

For a better understanding of the embodiments of the present disclosure, the following further describes the technical solution of the present disclosure by means of 2 exemplary embodiments:

in one embodiment, for a terminal capable of ranging or SL positioning, it should be able to broadcast SLPP signaling without having to perform discovery and link setup procedures. Thus, the security key can be provided to the terminal during the registration process.

In one embodiment, in order to perform SLPP signaling broadcasting, it is assumed that information on whether to allow a ranging or SL positioning-capable terminal to broadcast and/or receive SLPP signaling is included in UE subscription information. Based on such information in the subscription information, the core network may then determine to provide the UE with the required security keys when the UE registers with the network.

In one embodiment, for ranging or SL positioning services, two or more UEs involved in the service may be subscribed to different operators. If the involved UEs are subscribed to different operators, it is not possible for a 5GC NF in one public land mobile network (PLMN, public Land Mobile Network) to create the same security key for all involved UEs belonging to different PLMNs. It is therefore proposed to use a centralized key management function that can be connected to different PLMNs for creating and providing security keys to the 5GC NF in the different PLMNs. The 5GC NF then provides the security key to the UE in its own PLMN.

In one embodiment, the 5GC NF that provides the security key may be the PCF that sends the key to the UE as part of the UE security policy configuration information; or may be an LMF that sends keys to UEs using existing procedures defined in clause 6.14.2 of 3gpp TS 23.273 [ 3 ].

Example 1:

as shown in fig. 17, there is provided a key distribution method in the present embodiment, the method including:

step 1701, a UE (B-UE) to which SLPP signaling is to be broadcasted sends (may be periodically) a registration request message (corresponding to the first request information in the present disclosure) to its AMF, the registration request message containing a B-UE ID and an indicator of the request broadcast key (corresponding to the key in the present disclosure).

Step 1702, AMF and unified data management (UDM, unified Data Management) of B-UE check whether B-UE is allowed to broadcast SLPP signaling according to UE subscription information.

Step 1703, if the B-UE is allowed to broadcast SLPP signaling, the AMF of the B-UE sends a UE policy creation request (corresponding to the second request information in the present disclosure) to the PCF of the B-UE, indicating that the broadcasting key is the broadcasting key of the broadcasting party is requested.

Step 1704, the PCF of the B-UE sends a key request (corresponding to the third request information in the present disclosure) to the central key management function requesting a broadcast key for broadcasting SLPP signaling.

Step 1705, a central key management function (central key management function or centralized key management function) generates a broadcast key for broadcasting SLPP signaling. The broadcast key may be: such as a pair of asymmetric private and public keys, or a pair of symmetric integrity and encryption keys.

Step 1706, the central key management function returns the broadcast key (e.g., private key) in the key response (corresponding to the third response information in the present disclosure) to the PCF of the B-UE.

Step 1707, the PCF of the B-UE returns the broadcast key to the AMF of the B-UE in a UE policy creation response (corresponding to the second response information in the present disclosure).

Step 1708, the AMF of the B-UE sends a broadcast key to the B-UE in a registration accept message (corresponding to the first response information in this disclosure).

In step 1709, the UE (R-UE) that is to receive the broadcast SL positioning signaling sends (may be periodically) a registration request message (corresponding to the first request information in the present disclosure) to its AMF, the registration request message containing the R-UE ID and an indicator of the request broadcast key.

Step 1710, the AMF of the R-UE checks with the UDM whether the R-UE is allowed to receive the broadcasted SLPP signaling against the UE subscription information.

Step 1711, if the R-UE is allowed to receive the broadcasted SLPP signaling, the AMF of the R-UE sends a UE policy creation request (corresponding to the second request information in the present disclosure) to the PCF of the R-UE, indicating that the broadcast key of the receiver is requested.

Step 1712, the PCF of the R-UE sends a key request (corresponding to the third request information in the present disclosure) to the central key management function to request a key for receiving the broadcasted SLPP signaling.

In step 1713, the central key management function returns the key for receiving the broadcasted SLPP signaling in the key response (corresponding to the third response information in the present disclosure) to the PCF of the R-UE. The key may be, for example, the public key of the asymmetric private/public key created in step 1705.

In a UE policy creation response (corresponding to the second response information in this disclosure), the PCF of the R-UE returns a key for receiving the broadcasted SLPP signaling to the AMF of the R-UE, step 1714.

In step 1715, the AMF of the R-UE sends a key for receiving the broadcasted SLPP signaling to the R-UE in a registration accept message (corresponding to the first response information in the present disclosure).

Step 1716, the B-UE begins broadcasting SLPP signaling protected by a broadcast key received from the network.

In step 1717, the R-UE begins listening for the broadcasted message. When broadcast signaling is received from the B-UE, the R-UE verifies the broadcast message with the key received from the network.

It should be noted that each broadcast key is allocated a valid timer. When the timer expires, the UE needs to request a new broadcast key by initiating the periodic registration procedure again.

In one embodiment, the 5GC NF that provides the security key to the UE may also be the LMF that distributes the encryption key of the broadcast assistance data as defined in clause 6.14.2 of 3gpp TS 23.273 [ 3 ]. The UE to be broadcasted with SLPP signaling uses it when it needs to acquire positioning assistance data from the core network. In this case, the UE will send a request to the AMF, which selects the LMF for invoking network assistance data transmission. The LMF needs to acquire a security key to protect network assistance data before starting to transmit the network assistance data.

Example 2:

as shown in fig. 18, there is provided a key distribution method in this embodiment, the method including:

Step 1801, after receiving the network assistance data transmission request, the LMF of the B-UE sends a key request to the central key management function, requesting the UE to use a broadcast key (corresponding to the key in the present disclosure) for broadcasting SLPP signaling.

Step 1802, the central key management function returns the security key for SLPP signaling broadcast to the LMF of the B-UE.

Step 1803, LMF of B-UE invokes nlmf_broadcast_cipheringkeydata notification service operation to AMF of B-UE containing security key received for SLPP signaling Broadcast.

Step 1804, the AMF of the B-UE stores the broadcast key received from the LMF of the B-UE.

Step 1805, the B-UE to be broadcasted SLPP signaling sends a (periodic) registration request message to its AMF, the registration request message containing the B-UE ID and an indicator requesting a broadcast key.

Step 1806, the AMF of the B-UE checks with the UDM whether the B-UE is allowed to broadcast SLPP signaling according to the UE subscription information.

Step 1807, the AMF of the B-UE sends the stored broadcast key to the B-UE in a registration accept message.

Step 1808, as in step 1801, the LMF of the R-UE sends a key request to the central key management function to request a key for the UE to receive the broadcasted SLPP signaling.

Step 1809, the central key management function returns a security key for receiving the broadcasted SLPP signaling to the LMF of the R-UE.

Step 1810, the LMF of the R-UE invokes the Nlmf_Broadcast_CipheringKeyData notification service operation to the AMF of the R-UE containing the received security key.

Step 1811, AMF of R-UE stores the broadcast key received from LMF of R-UE.

In step 1812, the R-UE to receive the broadcasted SLPP signaling sends (may be periodically) a registration request message to its AMF, the registration request message containing the R-UE ID and an indicator requesting the broadcast key.

Step 1813, the AMF of the R-UE checks whether the R-UE is allowed to receive the broadcasted SLPP signaling against the UE subscription information through the UDM.

Step 1814, in the registration accept message, the AMF of the R-UE sends the stored broadcast key to the R-UE.

Step 1815, B-UE starts broadcasting SLPP signaling protected by a broadcast key received from the network.

Step 1816, the R-UE starts listening to the broadcasted message. When broadcast signaling is received from the B-UE, the R-UE verifies the broadcast message with the key received from the network.

In the case where the LMF requests the broadcast key from the central key management function, only the symmetric key can be generated because the LMF does not know whether the requesting UE intends to broadcast or receive SLPP signaling before transmitting the registration request.

As shown in fig. 19, in an embodiment of the present disclosure, there is provided a key distribution apparatus, wherein the apparatus includes:

A transmitting module 191 configured to transmit the first request information to the first network function;

As shown in fig. 20, an embodiment of the present disclosure provides a key distribution apparatus, where the apparatus includes:

a receiving module 201 configured to receive first request information sent by a terminal;

As shown in fig. 21, in an embodiment of the present disclosure, there is provided a key distribution apparatus, wherein the apparatus includes:

a transmitting module 211 configured to transmit the third request information to the fourth network function;

As shown in fig. 22, an embodiment of the present disclosure provides a key distribution apparatus, where the apparatus includes:

a receiving module 221 configured to receive third request information transmitted by the second network function or the third network function of the terminal;

The embodiment of the disclosure provides a communication device, which comprises:

a processor;

a memory for storing processor-executable instructions;

wherein the processor is configured to: for executing executable instructions, implements a method that is applicable to any of the embodiments of the present disclosure.

The processor may include, among other things, various types of storage media, which are non-transitory computer storage media capable of continuing to memorize information stored thereon after a power down of the communication device.

The processor may be coupled to the memory via a bus or the like for reading the executable program stored on the memory.

The embodiments of the present disclosure also provide a computer storage medium, where the computer storage medium stores a computer executable program that when executed by a processor implements the method of any embodiment of the present disclosure.

The specific manner in which the various modules perform the operations in the apparatus of the above embodiments have been described in detail in connection with the embodiments of the method, and will not be described in detail herein.

As shown in fig. 23, one embodiment of the present disclosure provides a structure of a terminal.

Referring to the terminal 800 shown in fig. 23, the present embodiment provides a terminal 800, which may be embodied as a mobile phone, a computer, a digital broadcast terminal, a messaging device, a game console, a tablet device, a medical device, a fitness device, a personal digital assistant, or the like.

Referring to fig. 23, the terminal 800 may include one or more of the following components: a processing component 802, a memory 804, a power component 806, a multimedia component 808, an audio component 810, an input/output (I/O) interface 812, a sensor component 814, and a communication component 816.

The processing component 802 generally controls overall operation of the terminal 800, such as operations associated with display, telephone calls, data communications, camera operations, and recording operations. The processing component 802 may include one or more processors 820 to execute instructions to perform all or part of the steps of the methods described above. Further, the processing component 802 can include one or more modules that facilitate interactions between the processing component 802 and other components. For example, the processing component 802 can include a multimedia module to facilitate interaction between the multimedia component 808 and the processing component 802.

The memory 804 is configured to store various types of data to support operations at the device 800. Examples of such data include instructions for any application or method operating on the terminal 800, contact data, phonebook data, messages, pictures, videos, and the like. The memory 804 may be implemented by any type or combination of volatile or nonvolatile memory devices such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disk.

The power supply component 806 provides power to the various components of the terminal 800. The power components 806 may include a power management system, one or more power sources, and other components associated with generating, managing, and distributing power for the terminal 800.

The multimedia component 808 includes a screen between the terminal 800 and the user that provides an output interface. In some embodiments, the screen may include a Liquid Crystal Display (LCD) and a Touch Panel (TP). If the screen includes a touch panel, the screen may be implemented as a touch screen to receive input signals from a user. The touch panel includes one or more touch sensors to sense touches, swipes, and gestures on the touch panel. The touch sensor may sense not only the boundary of a touch or sliding action, but also the duration and pressure associated with the touch or sliding operation. In some embodiments, the multimedia component 808 includes a front camera and/or a rear camera. The front camera and/or the rear camera may receive external multimedia data when the device 800 is in an operational mode, such as a shooting mode or a video mode. Each front camera and rear camera may be a fixed optical lens system or have focal length and optical zoom capabilities.

The audio component 810 is configured to output and/or input audio signals. For example, the audio component 810 includes a Microphone (MIC) configured to receive external audio signals when the terminal 800 is in an operation mode, such as a call mode, a recording mode, and a voice recognition mode. The received audio signals may be further stored in the memory 804 or transmitted via the communication component 816. In some embodiments, audio component 810 further includes a speaker for outputting audio signals.

The I/O interface 812 provides an interface between the processing component 802 and peripheral interface modules, which may be a keyboard, click wheel, buttons, etc. These buttons may include, but are not limited to: homepage button, volume button, start button, and lock button.

The sensor assembly 814 includes one or more sensors for providing status assessment of various aspects of the terminal 800. For example, the sensor assembly 814 may detect an on/off state of the device 800, a relative positioning of the assemblies, such as a display and keypad of the terminal 800, the sensor assembly 814 may also detect a change in position of the terminal 800 or a component of the terminal 800, the presence or absence of user contact with the terminal 800, an orientation or acceleration/deceleration of the terminal 800, and a change in temperature of the terminal 800. The sensor assembly 814 may include a proximity sensor configured to detect the presence of nearby objects without any physical contact. The sensor assembly 814 may also include a light sensor, such as a CMOS or CCD image sensor, for use in imaging applications. In some embodiments, the sensor assembly 814 may also include an acceleration sensor, a gyroscopic sensor, a magnetic sensor, a pressure sensor, or a temperature sensor.

The communication component 816 is configured to facilitate communication between the terminal 800 and other devices, either wired or wireless. The terminal 800 may access a wireless network based on a communication standard, such as Wi-Fi,2G, or 3G, or a combination thereof. In one exemplary embodiment, the communication component 816 receives broadcast signals or broadcast related information from an external broadcast management system via a broadcast channel. In one exemplary embodiment, the communication component 816 further includes a Near Field Communication (NFC) module to facilitate short range communications. For example, the NFC module may be implemented based on Radio Frequency Identification (RFID) technology, infrared data association (IrDA) technology, ultra Wideband (UWB) technology, bluetooth (BT) technology, and other technologies.

In an exemplary embodiment, the terminal 800 can be implemented by one or more Application Specific Integrated Circuits (ASICs), digital Signal Processors (DSPs), digital Signal Processing Devices (DSPDs), programmable Logic Devices (PLDs), field Programmable Gate Arrays (FPGAs), controllers, microcontrollers, microprocessors, or other electronic elements for executing the methods described above.

In an exemplary embodiment, a non-transitory computer readable storage medium is also provided, such as memory 804 including instructions executable by processor 820 of terminal 800 to perform the above-described method. For example, the non-transitory computer readable storage medium may be ROM, random Access Memory (RAM), CD-ROM, magnetic tape, floppy disk, optical data storage device, etc.

As shown in fig. 24, an embodiment of the present disclosure shows a structure of a base station. For example, base station 900 may be provided as a network-side device. Referring to fig. 24, base station 900 includes a processing component 922 that further includes one or more processors and memory resources represented by memory 932 for storing instructions, such as applications, executable by processing component 922. The application programs stored in memory 932 may include one or more modules that each correspond to a set of instructions. Further, processing component 922 is configured to execute instructions to perform any of the methods described above as applied at the base station.

Base station 900 may also include a power component 926 configured to perform power management for base station 900, a wired or wireless network interface 950 configured to connect base station 900 to a network, and an input output (I/O) interface 958. The base station 900 may operate based on an operating system stored in memory 932, such as Windows Server TM, mac OS XTM, unixTM, linuxTM, freeBSDTM, or the like.

Other embodiments of the invention will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This disclosure is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the invention and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the invention being indicated by the following claims.

It is to be understood that the invention is not limited to the precise arrangements and instrumentalities shown in the drawings, which have been described above, and that various modifications and changes may be effected without departing from the scope thereof. The scope of the invention is limited only by the appended claims.

Claims

1. A key distribution method, wherein the method is performed by a terminal, the method comprising:

sending first request information to a first network function;

2. The method of claim 1, wherein the sending the first request information to the first network function comprises:

and sending the first request information to the first network function through a registration request message.

3. The method of claim 1, wherein the first request information indicates an identity of the terminal and an indicator requesting acquisition of the key.

4. The method of claim 1, wherein the method further comprises:

Receiving first response information sent by the first network function;

wherein the first response information indicates the key.

5. The method of claim 4, wherein the receiving the first response information sent by the first network function comprises:

and receiving the first response information sent by the first network function through a registration acceptance message.

6. The method according to claims 1 to 5, wherein the first network function is an access and mobility management function, AMF.

7. A key distribution method, wherein the method is performed by a first network function, the method comprising:

receiving first request information sent by a terminal;

8. The method of claim 7, wherein the receiving the first request information transmitted by the terminal comprises:

and receiving the first request information sent by the terminal through a registration request message.

9. The method of claim 7, wherein the first request information indicates an identity of the terminal and an indicator requesting acquisition of the key.

10. The method of claim 7, wherein the method further comprises:

it is determined whether to allow the terminal to broadcast the SLPP signaling or receive the broadcasted SLPP signaling.

11. The method of claim 10, wherein the determining whether to allow the terminal to broadcast the SLPP signaling or receive the broadcasted SLPP signaling comprises:

based on terminal subscription information, it is determined whether to allow the terminal to broadcast the SLPP signaling or receive the broadcasted SLPP signaling.

12. The method of claim 11, wherein the method further comprises:

sending second request information to a second network function;

13. The method of claim 12, wherein the second network function is a policy control function, PCF.

14. The method of claim 13, wherein the sending the second request information to the second network function comprises:

transmitting the second request information to the second network function in response to allowing the terminal to broadcast the SLPP signaling;

Or alternatively, the process may be performed,

the second request information is transmitted to the second network function in response to the SLPP signaling allowing the terminal to receive broadcasting.

15. The method of claim 12, wherein the second request information indicates an identity of the terminal and an indicator requesting acquisition of the key.

16. The method of claim 12, wherein the method further comprises:

receiving second response information sent by a second network function or a third network function;

wherein the second response information indicates the key.

17. The method of claim 16, wherein the third network function is a location management function, LMF.

18. The method of claim 16, wherein the receiving the second response information sent by the third network function comprises:

and receiving the second response information sent by the third network function through a notification message.

19. The method of claim 16, wherein the method further comprises:

the key is stored.

20. The method of claim 7, wherein the method further comprises:

sending first response information to the terminal;

wherein the first response information indicates the key.

21. The method of claim 20, wherein the sending the first response information to the terminal comprises:

transmitting the first response information to the terminal in response to determining to allow the terminal to broadcast the SLPP signaling;

or alternatively, the process may be performed,

the first response information is transmitted to the terminal in response to determining to allow the terminal to receive the SLPP signaling of the broadcast.

22. The method of claim 20, wherein the sending the first response information to the terminal comprises:

and sending the first response information to the terminal through a registration acceptance message.

23. The method according to claims 7 to 22, wherein the first network function is an access and mobility management function, AMF.

24. A key distribution method, wherein the method is performed by a second network function or a third network function, the method comprising:

sending third request information to a fourth network function;

wherein the third request information indicates a key for requesting acquisition of SLPP signaling broadcast by the terminal or SLPP signaling received broadcast in side-link SL communication.

25. The method of claim 24, wherein the method further comprises:

Receiving third response information sent by the fourth network function;

wherein the third response information indicates the key.

26. The method of claim 25, wherein the method further comprises:

sending second response information to the first network function;

wherein the second response information indicates the key.

27. The method of claim 26, performed by a third network function in response to the method; the sending the second response information to the first network function includes:

and sending the second response information to the first network function through a notification message.

28. The method of claim 24, wherein the method further comprises:

receiving second request information sent by a first network function of a terminal;

29. The method of claim 24, wherein the second request information indicates an identity of the terminal and an indicator requesting acquisition of the key.

30. A method according to any of claims 24 to 29, wherein the second network function is a PCF, the third network function is an LMF and/or the fourth network function is a central key management function.

31. A key distribution method, wherein the method is performed by a fourth network function, the method comprising:

32. The method of claim 31, wherein the method further comprises:

the key is generated in response to receiving the third request information.

33. The method of claim 2, wherein the key comprises one of:

an asymmetric private key and a public key;

symmetric integrity and encryption keys.

34. The method of claim 31, wherein the method further comprises:

transmitting third response information to the second network function or the third network function;

wherein the third response information indicates the key.

35. A method according to any of claims 31 to 34, wherein the second network function is a PCF, the third network function is an LMF and/or the fourth network function is a central key management function.

36. A system, wherein the system comprises at least one of a first network function, a second network function, a third network function, and a fourth network function; said first network function being adapted to implement the method of claims 7 to 23; said second network function being adapted to implement the method of claims 24 to 30; the third network function is configured to implement the methods of claims 31 to 35.

37. The system of claim 36, wherein the first network function is an AMF, the second network function is a PCF, the third network function is an LMF, and/or the fourth network function is a central key management function.

38. A key distribution apparatus, wherein the apparatus comprises:

wherein the first request information is used for requesting to acquire a key of the terminal broadcasting or receiving the SLPP signaling in the side uplink SL communication; the second network function is a network function of a network where the terminal is currently located.

39. A key distribution apparatus, wherein the apparatus comprises:

40. A key distribution apparatus, wherein the apparatus comprises:

41. A key distribution apparatus, wherein the apparatus comprises:

42. A communication device, comprising:

an antenna;

a memory;

a processor, coupled to the antenna and the memory, respectively, configured to control the transceiving of the antenna by executing computer-executable instructions stored on the memory, and to enable the method provided in any one of claims 1 to 6, 7 to 23, 24 to 30, or 31 to 35.

43. A computer storage medium storing computer executable instructions which, when executed by a processor, are capable of carrying out the method provided in any one of claims 1 to 6, 7 to 23, 24 to 30 or 31 to 35.