CN117353928A - Authentication method, authentication system, UDM and terminal - Google Patents

Authentication method, authentication system, UDM and terminal Download PDF

Info

Publication number
CN117353928A
CN117353928A CN202210742375.XA CN202210742375A CN117353928A CN 117353928 A CN117353928 A CN 117353928A CN 202210742375 A CN202210742375 A CN 202210742375A CN 117353928 A CN117353928 A CN 117353928A
Authority
CN
China
Prior art keywords
udm
time stamp
timestamp
authentication
terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210742375.XA
Other languages
Chinese (zh)
Inventor
黎靖阳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Telecom Corp Ltd
Original Assignee
China Telecom Corp Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Telecom Corp Ltd filed Critical China Telecom Corp Ltd
Priority to CN202210742375.XA priority Critical patent/CN117353928A/en
Publication of CN117353928A publication Critical patent/CN117353928A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/1458Denial of Service

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The disclosure relates to an authentication method, an authentication system, a UDM and a terminal, and relates to the technical field of communication. The method of the present disclosure comprises: the Unified Data Management (UDM) receives an authentication request of a terminal, wherein the authentication request comprises: the user hidden identifier sui, sui comprising: time stamp and verification information of the time stamp; the UDM determines whether the time stamp is tampered according to the verification information of the time stamp; the UDM determines whether the time stamp is within a valid time range under the condition that the time stamp is not tampered; the UDM executes a master authentication procedure according to the authentication request in case the timestamp is within a valid time range.

Description

Authentication method, authentication system, UDM and terminal
Technical Field
The disclosure relates to the technical field of communication, and in particular relates to an authentication method, an authentication system, a UDM and a terminal.
Background
At present, the flow of the 5G main authentication initiation stage in the standard comprises the following steps: the UE sends an identity identification SUCI (Subscription Concealed Identifier, user hidden identifier) to a service network SEAF (Security Anchor Function, security anchoring function) through an N1 interface; the SEAF uses SUCI to construct Nausf_UEAuthentication_Authenticate request, attach SNN (Serving Network Name, service network name) of current service network, and send to AUSF (Authentication Server Function, authentication service function); the AUSF verifies whether the SNN is authorized legally after receiving the request, and then stores the SNN temporarily. The nudm_ueauthentication_get request is then constructed and the sui and SNN are forwarded directly to the UDM (Unified Data Management ).
After receiving the request, the UDM analyzes the SUCI to obtain SUPI, and the UE corresponds to the SQN HE (sequence) increment, then select the master authentication algorithm, issue AV (Authentication Vector, authentication direction)Amount).
Disclosure of Invention
The inventors found that: after the UDM analyzes SUPI, the UDM directly sends the SQN corresponding to the terminal without checking whether the corresponding terminal has sent an authentication request HE Increasing this creates a safety issue. For example, an attacker intercepts the critical information sui and SNN at one of the gcb (next Generation Node B ) of the serving network, SEAF of the serving network 5GC (5 g core,5g core network), AUSF of the home network 5 GC. Because SUCI and SNN have no playback protection, they can be preserved in the original text. The attacker chooses a short time to send a large number of authentication requests. For example, the decision to send an N1 message is based on the specific location of the attacker, either Nausf_UEAuthentication_Authenticate or Nudm_UEAuthentication_get request. The effect of the last feedback to the home network UDM is that a large number of identical nudm_ue authentication_get requests are generated. The terminal corresponds to the SQN HE Will proliferate. If the home network starts to execute the 5G-AKA/EAP-AKA' flow, the home network will perform SQN HE Put in the authentication vector and transmitted to the terminal. Terminal checks authentication vector and discovers SQN HE And terminal-side SQN MS The difference between them is much larger than the threshold L set in the AMF (Authentication and key Management Field, authentication key management domain) field of the authentication vector, thereby recognizing the failure of the master authentication. And the attacker successfully realizes denial of service attack.
One technical problem to be solved by the present disclosure is: how to improve the security of the primary authentication process.
According to some embodiments of the present disclosure, there is provided an authentication method including: the Unified Data Management (UDM) receives an authentication request of a terminal, wherein the authentication request comprises: the user hidden identifier sui, sui comprising: time stamp and verification information of the time stamp; the UDM determines whether the time stamp is tampered according to the verification information of the time stamp; the UDM determines whether the time stamp is within a valid time range under the condition that the time stamp is not tampered; the UDM executes a master authentication procedure according to the authentication request in case the timestamp is within a valid time range.
In some embodiments, the verification information of the timestamp includes a first message authentication code MAC generated from the timestamp, and the UDM determining whether the timestamp is tampered with based on the verification information of the timestamp includes: the UDM generates a second MAC according to the time stamp; the UDM compares the second MAC with the first MAC and determines that the timestamp has not been tampered with if the second MAC is consistent with the first MAC.
In some embodiments, the sui further comprises: the generating, by the UDM, the second MAC from the timestamp includes: the UDM generates a shared secret key according to the temporary public key of the terminal and the private key of the home network; the UDM derives an integrity key according to the shared key; the UDM generates a second MAC from the integrity key and the timestamp.
In some embodiments, the sui further comprises: the ciphertext of the mobile subscriber identity MSIN, the UDM generating the second MAC from the integrity key and the timestamp comprises: the UDM concatenates the ciphertext of the MSIN with the timestamp, and signs the concatenated ciphertext of the MSIN with the timestamp using the integrity key to generate a second MAC.
In some embodiments, in the event that the timestamp is not tampered with, determining if the timestamp is within a valid time range comprises: under the condition that the time stamp is not tampered, determining whether the time stamp is the same as the time stamp corresponding to the last stored terminal by the UDM; when the time stamp is the same as the time stamp corresponding to the last stored terminal, the UDM determines that the time stamp is not within the valid time range.
In some embodiments, in the event that the timestamp is not tampered with, determining whether the timestamp is within a valid time range further comprises: under the condition that the time stamp is different from the time stamp corresponding to the last stored terminal, determining whether the difference value between the current time and the time stamp is smaller than a threshold value or not by the UDM; and under the condition that the difference value between the current time and the time stamp is smaller than a threshold value, determining that the time stamp is in the effective time range, and under the condition that the difference value between the current time and the time stamp is larger than or equal to the threshold value, determining that the time stamp is not in the effective time range.
In some embodiments, the timestamp and the verification information of the timestamp are configured in the schema Output field of the SUCI.
In some embodiments, the authentication request is sent to the UDM through a security anchor function SEAF and an authentication service function AUSF.
In some embodiments, the unified data management UDM receiving the authentication request of the terminal comprises: the terminal sends SUCI to SEAF through N1 interface; the SEAF generates a Nausf_UEauthentication_authentication request according to the SUCI and sends the Nausf_UEauthentication_authentication request to the AUSF; the AUSF generates a Nudm_UEAuthorization_Get request based on the Nausf_UEAuthorization_Authorization request and sends the Nudm_UEAuthorization_Get request to the UDM.
In some embodiments, the method further comprises: the UDM stores the time stamp if the time stamp is within a valid time range.
According to other embodiments of the present disclosure, there is provided an authentication method including: the terminal generates a user hidden identifier, SUCI, wherein the SUCI comprises: the verification information of the time stamp is used for verifying whether the time stamp is tampered or not; the terminal sends the SUCI to a Unified Data Management (UDM); in case the UDM determines that the timestamp is within the valid time range, the terminal performs the primary authentication procedure.
In some embodiments, the verification information of the timestamp includes a first message authentication code MAC generated from the timestamp.
In some embodiments, the first MAC is generated using the following method: the terminal generates a temporary private key; the terminal generates a shared secret key according to the temporary private key and the public key of the home network; the terminal derives an integrity key according to the shared key; the terminal generates a first MAC from the integrity key and the timestamp.
In some embodiments, the sui further comprises: the ciphertext of the mobile subscriber identity MSIN is generated by the first MAC by the following method: and the terminal connects the ciphertext and the timestamp of the MSIN in series, and signs the ciphertext and the timestamp of the MSIN after the series connection by utilizing the integrity key to generate a first MAC.
In some embodiments, the timestamp and the verification information of the timestamp are configured in the schema Output field of the SUCI.
In some embodiments, the terminal sending the sui to the unified data management UDM comprises: the terminal sends SUCI to SEAF through N1 interface; the SEAF generates a Nausf_UEauthentication_authentication request according to the SUCI and sends the Nausf_UEauthentication_authentication request to the AUSF; the AUSF generates a Nudm_UEAuthorization_Get request based on the Nausf_UEAuthorization_Authorization request and sends the Nudm_UEAuthorization_Get request to the UDM.
According to still further embodiments of the present disclosure, there is provided a unified data management, UDM, comprising: the receiving module is used for receiving an authentication request of the terminal, wherein the authentication request comprises: the user hidden identifier sui, sui comprising: time stamp and verification information of the time stamp; the first determining module is used for determining whether the time stamp is tampered according to the verification information of the time stamp; the second determining module is used for determining whether the time stamp is in a valid time range or not under the condition that the time stamp is not tampered; and the execution module is used for executing the main authentication flow according to the authentication request under the condition that the time stamp is in the effective time range.
According to still further embodiments of the present disclosure, there is provided a terminal including: the generation module is used for generating a user hidden identifier SUCI, wherein the SUCI comprises: the verification information of the time stamp is used for verifying whether the time stamp is tampered or not; the sending module is used for sending the SUCI to the Unified Data Management (UDM); and the execution module is used for executing the main authentication flow when the UDM determines that the time stamp is in the valid time range.
According to still further embodiments of the present disclosure, there is provided an authentication system including: the UDM of any of the preceding embodiments, and the terminal of any of the preceding embodiments.
In some embodiments, the system further comprises: a security anchor function SEAF and an authentication service function AUSF; the SEAF is used for receiving SUCI sent by the terminal through the N1 interface, generating Nausf_UEauthentication_authentication request according to the SUCI, and sending the Nausf_UEauthentication_authentication request to the AUSF; the AUSF is used to generate a Nudm_UEAuthorization_Get request from the Nausf_UEAuthorization_Authorization request and send the Nudm_UEAuthorization_Get request to the UDM.
According to still further embodiments of the present disclosure, there is provided a communication apparatus including: a processor; and a memory coupled to the processor for storing instructions that, when executed by the processor, cause the processor to perform the authentication method of any of the embodiments described above.
In the present disclosure, the authentication request of the UDM receiving terminal includes a sui, where the sui includes: the UDM may determine whether the timestamp is tampered according to the verification information of the timestamp, if the timestamp is not tampered, may further verify whether the timestamp is within the valid time range, and if the timestamp is within the valid time range, continue to execute the primary authentication procedure. The UDM can find out whether the terminal initiates a large number of authentication requests in a short time by verifying whether the time stamp is in an effective time range, thereby effectively preventing replay attack and denial of service attack and improving the security of a main authentication process.
Other features of the present disclosure and its advantages will become apparent from the following detailed description of exemplary embodiments of the disclosure, which proceeds with reference to the accompanying drawings.
Drawings
In order to more clearly illustrate the embodiments of the present disclosure or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present disclosure, and other drawings may be obtained according to these drawings without inventive effort to a person of ordinary skill in the art.
Fig. 1 illustrates a flow diagram of an authentication method of some embodiments of the present disclosure.
Fig. 2 illustrates a format schematic diagram of a sui of some embodiments of the disclosure.
Fig. 3 shows a flow diagram of an authentication method of other embodiments of the present disclosure.
Fig. 4 illustrates a structural schematic diagram of a UDM of some embodiments of the present disclosure.
Fig. 5 illustrates a schematic structural diagram of a terminal of some embodiments of the present disclosure.
Fig. 6 illustrates a schematic diagram of an authentication system of some embodiments of the present disclosure.
Fig. 7 illustrates a schematic structural diagram of a communication device of some embodiments of the present disclosure.
Fig. 8 shows a schematic structural diagram of a communication device of other embodiments of the present disclosure.
Detailed Description
The following description of the technical solutions in the embodiments of the present disclosure will be made clearly and completely with reference to the accompanying drawings in the embodiments of the present disclosure, and it is apparent that the described embodiments are only some embodiments of the present disclosure, not all embodiments. The following description of at least one exemplary embodiment is merely illustrative in nature and is in no way intended to limit the disclosure, its application, or uses. Based on the embodiments in this disclosure, all other embodiments that a person of ordinary skill in the art would obtain without making any inventive effort are within the scope of protection of this disclosure.
The present disclosure provides an authentication method that may be used in the initiation phase of a 5G master authentication procedure, described below in connection with fig. 1-3.
Fig. 1 is a flow chart of some embodiments of an authentication method of the present disclosure. As shown in fig. 1, the method of this embodiment includes: steps S102 to S108.
In step S102, the UDM receives an authentication request of the terminal.
In some embodiments, the UDM is a UDM in a home network of the terminal, and the authentication request of the terminal is sent to the UDM via the service network. The UDM may integrate ARPF (Authentication credential Repository and Processing Function, authentication credential storage and processing function) and SIDF (Subscription Identifier De-concealing Function, subscription identifier decryption function).
In some embodiments, the authentication request is sent to the UDM through SEAF, which is a network element in the current serving network of the terminal, and AUSF, which is a network element in the home network.
In step S104, the UDM determines whether the time stamp is tampered with according to the authentication information of the time stamp.
In some embodiments, the verification information of the timestamp includes a first MAC (Message Authentication Code ) generated from the timestamp, and the UDM generates a second MAC from the timestamp; comparing the second MAC with the first MAC, and determining that the time stamp is not tampered under the condition that the second MAC is consistent with the first MAC, otherwise, determining that the time stamp is tampered.
In some embodiments, the sui further comprises: a temporary public key (Eph public key of UE) of the terminal, the UDM generating a shared key (ephshared key) from the temporary public key of the terminal and a private key (Private key of HN) of the home network; deriving an integrity key from the shared key; a second MAC is generated from the integrity key and the timestamp. The timestamp may be signed with the integrity key to generate a second MAC.
In some embodiments, the sui further comprises: the ciphertext of the MSIN (Mobile Subscriber Identification Number, the mobile subscriber's identification number), the UDM concatenates the ciphertext of the MSIN with the timestamp, and signs the concatenated ciphertext of the MSIN with the timestamp using the integrity key, generating a second MAC.
The method for generating the shared key and the integrity key by the UDM can refer to the existing standard, and is not repeated. The method of generating the first MAC by the terminal corresponds to the method of generating the second MAC by the UDM, and detailed description will be given in the following embodiments.
In some embodiments, the timestamp and the verification information of the timestamp are configured in the schema Output field of the SUCI. The temporary public key and the MSIN ciphertext of the terminal can also be configured in the Scheme Output field.
As shown in fig. 2, the sui includes a plurality of fields, for example, SUPI Type, home Network Identifier (home network identifier), routing Identifier (route identifier), protection Scheme Id (protection Scheme ID), home Network Public Key Id (home network public key ID), scheme Output, and the like. ECC ephemeral public key (Eph public key), cipert value (Ciphertext value, including MSIN Ciphertext), MAC tag value (including first MAC), time stamp (timestamp) are included in the Scheme Output field. The first MAC may be added to an existing MAC tag value subfield, and Time stamp is a new-increment subfield.
In step S106, the UDM determines whether the time stamp is within a valid time range in the case where the time stamp is not tampered with.
If the UDM determines that the timestamp is tampered with, the authentication request of the terminal is discarded. In some embodiments, the UDM determines if the timestamp is the same as the timestamp corresponding to the last stored terminal if the timestamp is not tampered with; in the case that the time stamp is the same as the time stamp corresponding to the last stored terminal, it is determined that the time stamp is not within the valid time range. Further, under the condition that the time stamp is different from the time stamp corresponding to the last stored terminal, the UDM determines whether the difference value between the current time and the time stamp is smaller than a threshold value; and determining that the time stamp is in the effective time range under the condition that the difference value between the current time and the time stamp is smaller than the threshold value, and determining that the time stamp is not in the effective time range under the condition that the difference value between the current time and the time stamp is larger than or equal to the threshold value.
For example TS HE Time stamp, TS, representing last received terminal stored by UDM MS Representing the currently received timestamp, nonce representing the current time, if TS MS ≠TS HE Then judge whether it accords with 0<Nonce-TS MS <L is a threshold value, which represents a home network customized time window threshold value. If the time stamp is unreasonable, discarding the authentication request; otherwise, continuing the subsequent main authentication flow. By adjusting L, the number of authentication requests processed by the UDM in a period of time can be limited, and replay attacks and denial of service attacks are effectively prevented.
In step S108, the UDM executes a main authentication procedure according to the authentication request in the case where the time stamp is within the valid time range.
For example, the UDM may analyze the sui to obtain the sui, select a master authentication algorithm according to the SUPI, issue an Authentication Vector (AV), and so on, which may refer to the existing standard, and will not be described herein.
In the above embodiment, the authentication request of the UDM receiving terminal includes a sui, where the sui includes: the UDM may determine whether the timestamp is tampered according to the verification information of the timestamp, if the timestamp is not tampered, may further verify whether the timestamp is within the valid time range, and if the timestamp is within the valid time range, continue to execute the primary authentication procedure. The UDM can find out whether the terminal initiates a large number of authentication requests in a short time by verifying whether the time stamp is in an effective time range, thereby effectively preventing replay attack and denial of service attack and improving the security of a main authentication process.
Further embodiments of the authentication method of the present disclosure are described below in conjunction with fig. 3.
Fig. 3 is a flow chart of some embodiments of an authentication method of the present disclosure. As shown in fig. 3, the method of this embodiment includes: steps S302 to S316.
In step S302, the terminal generates a sui.
The SUCI includes: and the time stamp corresponding to the SUCI and verification information of the time stamp. In some embodiments, the terminal generates a time stamp and verification information of the time stamp, and adds the time stamp and verification information of the time stamp to the sui. For example, the terminal adds the time stamp and the verification information of the time stamp to the Scheme Output field of the sui.
In some embodiments, the verification information of the timestamp includes a first MAC generated from the timestamp. Further, the terminal generates a temporary private key (Eph private key of UE); generating a shared key (Eph shared key) from the temporary private key and a Public key (Public key of HN) of the home network; deriving an integrity key from the shared key; the first MAC is generated from the integrity key and the timestamp. The terminal may sign the timestamp with the integrity key to generate a first MAC.
In some embodiments, the sui further comprises: and the terminal concatenates the ciphertext of the MSIN with the time stamp, and signs the concatenated ciphertext of the MSIN with the time stamp by utilizing the integrity key to generate a first MAC. As shown in fig. 2, the Scheme Output field may include: ECC ephemeral public key (Eph public key), cipert value (Ciphertext value, including MSIN Ciphertext), MAC tag value (including first MAC), time stamp (timestamp).
The terminal can generate an elliptic curve temporary key pair (comprising a temporary public key and a temporary private key), derive a shared key with a home network public key, and calculate the first MAC in series with the MSIN ciphertext and the TS, and the specific key generation method can refer to the existing standard and will not be described again.
In step S304, the terminal transmits the sui to the SEAF of the service network through the N1 interface.
In step S306, the SEAF generates a ausf_ueauthentication_authentication request from the sui and sends the request to the AUSF of the home network.
The SEAF constructs a Nausf_UEauthentication_authentication request by using SUCI, and can attach SNN of the current service network to the AUSF.
In step S308, the AUSF generates a Nudm_UEauthentication_get request from the Nausf_UEauthentication_authentication request and sends it to the UDM.
The AUSF may verify that the SNN is authorized legitimately after receiving the ausf_ue authentication_authentication request, and then temporarily store the SNN. The nudm_ueauthentication_get request is then constructed and the suis and SNNs are forwarded to the UDM. The authentication request of the terminal received by the UDM in the foregoing embodiment may be a nudm_ue authentication_get request sent by the AUSF.
In step S310, the UDM determines whether the time stamp is tampered according to the authentication information of the time stamp, and if so, the UDM discards the authentication request of the terminal, otherwise, performs step S312.
After receiving the authentication request, the UDM of the home network generates a shared key through a temporary public key of the terminal, derives a confidentiality key according to the shared key, decrypts MSIN, and is used for generating SUPI, derives an integrity key according to the shared key, and verifies whether the timestamp is tampered or not.
In step S312, the UDM determines whether the time stamp is within the valid time range, and if so, performs step S314, otherwise the UDM discards the authentication request of the terminal.
In step S314, the UDM stores the time stamp,
the UDM replaces the time stamp corresponding to the last stored terminal with the time stamp to store.
In step S316, the UDM and the terminal execute a main authentication procedure according to the authentication request.
The above embodiments, in order to solve the problem that the lack of states of the sui in the prior art results in that an attacker can use the states of the sui to implement replay attacks and denial of service attacks, propose to use a timestamp to mark the states of the sui. The time stamp is added in the SUCI, so that the standard requirement is met, meanwhile, the business logic of network elements such as the intermediate SEAF and AUSF cannot be influenced, the SUCI time stamp does not use the long-term key K of the USIM, but uses the shared key of the current Session, the algorithm continuity is good, and the invasiveness is small. The timestamp in the SUCI only needs to be signed and does not need to be encrypted, so that the computing power resource can be saved, and the time delay is reduced. The examination of the time stamp considers the condition of replay attack of the new time stamp and the old time stamp, the added time complexity O (1), the space complexity O (1) and the realization is simple and convenient.
The present disclosure also provides a UDM, described below in connection with fig. 4.
Fig. 4 is a block diagram of some embodiments of a UDM of the present disclosure. As shown in fig. 4, the UDM40 of this embodiment includes: the receiving module 410, the first determining module 420, the second determining module 430, and the executing module 440.
The receiving module 410 is configured to receive an authentication request of a terminal, where the authentication request includes: the user hidden identifier sui, sui comprising: time stamp and verification information of the time stamp.
In some embodiments, the timestamp and the verification information of the timestamp are configured in the schema Output field of the SUCI.
In some embodiments, the authentication request is sent to the UDM through a security anchor function SEAF and an authentication service function AUSF.
The first determining module 420 is configured to determine whether the timestamp is tampered according to the verification information of the timestamp.
In some embodiments, the verification information of the timestamp includes a first message authentication code MAC generated from the timestamp, and the first determining module 420 is configured to generate a second MAC from the timestamp; the second MAC is compared with the first MAC, and if the second MAC is consistent with the first MAC, the timestamp is determined not to be tampered.
In some embodiments, the sui further comprises: the first determining module 420 is configured to generate a shared key according to the temporary public key of the terminal and a private key of the home network; deriving an integrity key from the shared key; a second MAC is generated from the integrity key and the timestamp.
In some embodiments, the sui further comprises: the first determining module 420 is configured to concatenate the ciphertext of the MSIN with the timestamp, and sign the concatenated ciphertext of the MSIN with the timestamp by using the integrity key, so as to generate the second MAC.
The second determining module 430 is configured to determine whether the timestamp is within a valid time range if the timestamp is not tampered with.
In some embodiments, the second determining module 430 is configured to determine, if the timestamp is not tampered, whether the timestamp is the same as the timestamp corresponding to the last stored terminal; in the case that the time stamp is the same as the time stamp corresponding to the last stored terminal, it is determined that the time stamp is not within the valid time range.
In some embodiments, the second determining module 430 is configured to determine, if the timestamp is different from the timestamp corresponding to the terminal stored last time, whether the difference between the current time and the timestamp is less than a threshold; and determining that the time stamp is in the effective time range under the condition that the difference value between the current time and the time stamp is smaller than the threshold value, and determining that the time stamp is not in the effective time range under the condition that the difference value between the current time and the time stamp is larger than or equal to the threshold value.
The execution module 440 is configured to execute the primary authentication procedure according to the authentication request if the timestamp is within the valid time range.
In some embodiments, the UDM40 further comprises: the storage module 450 is configured to store the timestamp if the timestamp is within the valid time range.
The present disclosure also provides a terminal, described below in connection with fig. 5.
Fig. 5 is a block diagram of some embodiments of a terminal of the present disclosure. As shown in fig. 5, the terminal 50 of this embodiment includes: the generation module 510, the transmission module 520, and the execution module 530.
The generating module 510 is configured to generate a user hidden identifier sui, where sui includes: and the verification information of the time stamp is used for verifying whether the time stamp is tampered or not.
In some embodiments, the timestamp and the verification information of the timestamp are configured in the schema Output field of the SUCI.
In some embodiments, the verification information of the timestamp includes a first message authentication code MAC generated from the timestamp.
In some embodiments, the generation module 510 is configured to generate a temporary private key; generating a shared secret key according to the temporary private key and the public key of the home network; deriving an integrity key from the shared key; the first MAC is generated from the integrity key and the timestamp.
In some embodiments, the sui further comprises: the generation module 510 is configured to concatenate the ciphertext of the MSIN with the timestamp, and sign the concatenated ciphertext of the MSIN with the timestamp by using the integrity key, so as to generate the first MAC.
The sending module 520 is configured to send the sui to the unified data management UDM.
The execution module 530 is configured to execute the primary authentication procedure if the UDM determines that the timestamp is within a valid time range.
The present disclosure also provides an authentication system, described below in connection with fig. 6.
Fig. 6 is a block diagram of some embodiments of an authentication system of the present disclosure. As shown in fig. 6, the system 6 of this embodiment includes: UDM40, terminal 50 of any of the previous embodiments.
In some embodiments, the system 6 further comprises: the SEAF62 is used for receiving SUCI sent by the terminal through the N1 interface, generating Nausf_UEauthentication_authentication request according to the SUCI, and sending the Nausf_UEauthentication_authentication request to the AUSF64;
the AUSF64 is used to generate a nudm_ueauthentication_get request from the nausf_ueauthentication_authentication request and send it to the UDM40.
The communication means (UDM, terminal, SEAF, or AUSF) in embodiments of the present disclosure may each be implemented by various computing devices or computer systems, as described below in connection with fig. 7 and 8.
Fig. 7 is a block diagram of some embodiments of the communications device of the present disclosure. As shown in fig. 7, the apparatus 70 of this embodiment includes: a memory 710 and a processor 720 coupled to the memory 710, the processor 720 being configured to perform the authentication method in any of the embodiments of the present disclosure based on instructions stored in the memory 710.
The memory 710 may include, for example, system memory, fixed nonvolatile storage media, and so forth. The system memory stores, for example, an operating system, application programs, boot Loader (Boot Loader), database, and other programs.
Fig. 8 is a block diagram of further embodiments of the communication device of the present disclosure. As shown in fig. 8, the apparatus 80 of this embodiment includes: memory 810 and processor 820 are similar to memory 710 and processor 720, respectively. Input/output interfaces 830, network interfaces 840, storage interfaces 850, and the like may also be included. These interfaces 830, 840, 850 and the memory 810 and processor 820 may be connected by, for example, a bus 860. The input/output interface 830 provides a connection interface for input/output devices such as a display, a mouse, a keyboard, a touch screen, and the like. The network interface 840 provides a connection interface for various networking devices, such as may be connected to a database server or cloud storage server, or the like. Storage interface 850 provides a connection interface for external storage devices such as SD cards, U-discs, and the like.
It will be appreciated by those skilled in the art that embodiments of the present disclosure may be provided as a method, system, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present disclosure may take the form of a computer program product embodied on one or more computer-usable non-transitory storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
The present disclosure is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the disclosure. It will be understood that each flowchart and/or block of the flowchart illustrations and/or block diagrams, and combinations of flowcharts and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The foregoing description of the preferred embodiments of the present disclosure is not intended to limit the disclosure, but rather to enable any modification, equivalent replacement, improvement or the like, which fall within the spirit and principles of the present disclosure.

Claims (21)

1. An authentication method, comprising:
the Unified Data Management (UDM) receives an authentication request of a terminal, wherein the authentication request comprises the following steps: a user hidden identifier, sui, the sui comprising: a time stamp and verification information of the time stamp;
the UDM determines whether the time stamp is tampered according to the verification information of the time stamp;
the UDM determines whether the time stamp is in a valid time range under the condition that the time stamp is not tampered;
and under the condition that the time stamp is in the effective time range, the UDM executes a main authentication flow according to the authentication request.
2. The authentication method of claim 1, wherein the verification information of the timestamp comprises a first message authentication code MAC generated from the timestamp, and the UDM determining whether the timestamp was tampered with from the verification information of the timestamp comprises:
the UDM generates a second MAC according to the timestamp;
the UDM compares the second MAC with the first MAC and determines that the timestamp has not been tampered with if the second MAC is consistent with the first MAC.
3. The authentication method of claim 2, wherein the sui further comprises: the temporary public key of the terminal, the UDM generating a second MAC from the timestamp comprising:
the UDM generates a shared secret key according to the temporary public key of the terminal and the private key of the home network;
the UDM derives an integrity key according to the shared key;
the UDM generates a second MAC from the integrity key and the timestamp.
4. The authentication method of claim 3, wherein the sui further comprises: the ciphertext of the mobile subscriber identity MSIN, the UDM generating a second MAC from the integrity key and the timestamp comprising:
and the UDM connects the ciphertext of the MSIN and the timestamp in series, and signs the ciphertext of the MSIN and the timestamp after being connected in series by utilizing the integrity key to generate the second MAC.
5. The authentication method of claim 1, wherein the UDM determining if the timestamp is within a valid time range if the timestamp is not tampered with comprises:
under the condition that the time stamp is not tampered, the UDM determines whether the time stamp is the same as the time stamp corresponding to the terminal stored last time;
and under the condition that the time stamp is the same as the time stamp corresponding to the terminal stored last time, the UDM determines that the time stamp is not in the effective time range.
6. The authentication method of claim 5, wherein the UDM determining if the timestamp is within a valid time range if the timestamp is not tampered with further comprises:
the UDM determines whether the difference value between the current time and the time stamp is smaller than a threshold value or not under the condition that the time stamp is different from the time stamp corresponding to the terminal stored last time;
and under the condition that the difference value between the current time and the time stamp is smaller than a threshold value, determining that the time stamp is in an effective time range, and under the condition that the difference value between the current time and the time stamp is larger than or equal to the threshold value, determining that the time stamp is not in the effective time range.
7. The authentication method of claim 1, wherein the timestamp and verification information of the timestamp are configured in a Scheme Output field of the sui.
8. The authentication method according to claim 1, wherein the authentication request is sent to the UDM by a security anchor function SEAF and an authentication service function AUSF.
9. The authentication method of claim 8, wherein the unified data management UDM receiving the authentication request of the terminal comprises:
the terminal sends the SUCI to the SEAF through an N1 interface;
the SEAF generates a Nausf_UEauthentication_authentication request according to the SUCI and sends the Nausf_UEauthentication_authentication request to the AUSF;
and the AUSF generates a Nudm_UEAuthority_get request according to the Nausf_UEAuthority_Authority request and sends the Nudm_UEAuthority_get request to the UDM.
10. The authentication method of claim 1, further comprising:
the UDM stores the time stamp if the time stamp is within a valid time range.
11. An authentication method, comprising:
the terminal generates a user hidden identifier, SUCI, wherein the SUCI comprises: the time stamp corresponding to the SUCI and verification information of the time stamp are used for verifying whether the time stamp is tampered or not;
the terminal sends the SUCI to a Unified Data Management (UDM);
and in the case that the UDM determines that the time stamp is within a valid time range, the terminal executes a main authentication flow.
12. The authentication method of claim 11, wherein the verification information of the timestamp comprises a first message authentication code MAC generated from the timestamp.
13. The authentication method of claim 12, wherein the first MAC is generated using the method of:
the terminal generates a temporary private key;
the terminal generates a shared secret key according to the temporary private key and a public key of a home network;
the terminal derives an integrity key according to the shared key;
the terminal generates the first MAC according to the integrity key and the timestamp.
14. The authentication method of claim 12, wherein the sui further comprises: the first MAC generates ciphertext of the mobile subscriber identity code MSIN by adopting the following method:
and the terminal connects the ciphertext of the MSIN and the timestamp in series, and signs the ciphertext of the MSIN and the timestamp after being connected in series by utilizing the integrity key to generate the first MAC.
15. The authentication method of claim 11, wherein the timestamp and verification information of the timestamp are configured in a Scheme Output field of the sui.
16. The authentication method of claim 11, wherein the terminal transmitting the sui to a unified data management UDM comprises:
the terminal sends the SUCI to the SEAF through an N1 interface;
the SEAF generates a Nausf_UEauthentication_authentication request according to the SUCI and sends the Nausf_UEauthentication_authentication request to the AUSF;
and the AUSF generates a Nudm_UEAuthority_get request according to the Nausf_UEAuthority_Authority request and sends the Nudm_UEAuthority_get request to the UDM.
17. A unified data management, UDM, comprising:
the receiving module is used for receiving an authentication request of the terminal, wherein the authentication request comprises: a user hidden identifier, sui, the sui comprising: a time stamp and verification information of the time stamp;
the first determining module is used for determining whether the time stamp is tampered according to the verification information of the time stamp;
a second determining module, configured to determine, if the timestamp is not tampered, whether the timestamp is within a valid time range;
and the execution module is used for executing a main authentication flow according to the authentication request under the condition that the time stamp is in the effective time range.
18. A terminal, comprising:
a generating module, configured to generate a user hidden identifier sui, where the sui includes: the time stamp corresponding to the SUCI and verification information of the time stamp are used for verifying whether the time stamp is tampered or not;
the sending module is used for sending the SUCI to a Unified Data Management (UDM);
and the execution module is used for executing a main authentication flow when the UDM determines that the time stamp is in a valid time range.
19. An authentication system, comprising: the UDM of claim 17 and the terminal of claim 18.
20. The authentication system of claim 19, further comprising: a security anchor function SEAF and an authentication service function AUSF;
the SEAF is used for receiving the SUCI sent by the terminal through the N1 interface, generating a Nausf_UEAuthentication_Authenticate request according to the SUCI, and sending the Nausf_UEAuthenticate request to the AUSF;
the AUSF is used for generating a Nudm_UEAuthority_get request according to the Nausf_UEAuthority_Authority request and sending the Nudm_UEAuthority_get request to the UDM.
21. A communication apparatus, comprising:
a processor; and
a memory coupled to the processor for storing instructions that, when executed by the processor, cause the processor to perform the authentication method of any of claims 1-16.
CN202210742375.XA 2022-06-28 2022-06-28 Authentication method, authentication system, UDM and terminal Pending CN117353928A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210742375.XA CN117353928A (en) 2022-06-28 2022-06-28 Authentication method, authentication system, UDM and terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210742375.XA CN117353928A (en) 2022-06-28 2022-06-28 Authentication method, authentication system, UDM and terminal

Publications (1)

Publication Number Publication Date
CN117353928A true CN117353928A (en) 2024-01-05

Family

ID=89356182

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210742375.XA Pending CN117353928A (en) 2022-06-28 2022-06-28 Authentication method, authentication system, UDM and terminal

Country Status (1)

Country Link
CN (1) CN117353928A (en)

Similar Documents

Publication Publication Date Title
CN108965230B (en) Secure communication method, system and terminal equipment
US10601801B2 (en) Identity authentication method and apparatus
Chen et al. Lightweight and provably secure user authentication with anonymity for the global mobility network
CN112154638B (en) System and method for distributed verification of online identity
CN107483383B (en) Data processing method, terminal, background server and storage medium
CN106357396A (en) Digital signature method, digital signature system and quantum key card
CN112039918B (en) Internet of things credible authentication method based on identification cryptographic algorithm
CN111130798B (en) Request authentication method and related equipment
CN106612267B (en) Verification method and verification device
CN101771992A (en) Method, equipment and system for protection of confidentiality of international mobile subscriber identifier IMSI
CN113572765B (en) Lightweight identity authentication key negotiation method for resource-limited terminal
CN111901795B (en) Access method, core network equipment and micro base station management server
CN110719167B (en) Block chain-based signcryption method with timeliness
CN109451504B (en) Internet of things module authentication method and system
CN110572392A (en) Identity authentication method based on HyperLegger network
CN112383401B (en) User name generation method and system for providing identity authentication service
CN115473655B (en) Terminal authentication method, device and storage medium for access network
CN115549930B (en) Verification method for logging in operating system
CN115801287A (en) Signature authentication method and device
CN112995140B (en) Safety management system and method
CN112423277B (en) Security certificate recovery in bluetooth mesh networks
CN117353928A (en) Authentication method, authentication system, UDM and terminal
Luo et al. DIAM: Diversified identity authentication mechanism for 5G multi-service system
CN110855694A (en) Improved network authentication detection method and system
CN110650012A (en) Improved SDN network attack detection method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination