CN117440375A

CN117440375A - Authentication method, device, system, electronic equipment and storage medium

Info

Publication number: CN117440375A
Application number: CN202210834588.5A
Authority: CN
Inventors: 张越; 王锦华; 黄铖斌; 薛伟佳; 王聪丽
Original assignee: China Telecom Corp Ltd
Current assignee: China Telecom Corp Ltd
Priority date: 2022-07-14
Filing date: 2022-07-14
Publication date: 2024-01-23

Abstract

The disclosure provides an authentication method, an apparatus, a system, an electronic device and a storage medium, wherein the authentication method comprises the following steps: receiving a binary authentication vector sent by an SEAF network element, wherein the binary authentication vector comprises an carried authentication token AUTN; verifying AUTN contained in the binary authentication vector to obtain an authentication result; generating an authentication response message based on the authentication result, wherein the authentication response message comprises a first field and a second field; and sending the authentication response message to the SEAF network element so that the SEAF network element verifies the first field, and sending a second field of the authentication response message to the UDM network element by the SEAF network element under the condition that the first field fails to be verified, and deriving an authentication result of the terminal equipment by the UDM network element according to the second field. The method and the device effectively solve the problem that the user privacy data of the terminal equipment are easy to reveal in the authentication process.

Description

Authentication method, device, system, electronic equipment and storage medium

Technical Field

The present disclosure relates to the field of communications technologies, and in particular, to an authentication method, apparatus, system, electronic device, and storage medium.

Background

AKA (authentication and key agreement) uses a challenge-response mechanism to complete identity authentication between a terminal and a network, and simultaneously negotiates a communication encryption key based on the identity authentication.

In the prior art, in a process of mutual authentication between a terminal and a network, the network sends an authentication request response to the terminal, including authentication quintuple (RAND, AUTN, XRES, CK, IK), and the terminal verifies the AUTN, including verification of a network side message authentication code MAC and a network sequence number SQN. The AKA protocol has known defects in the authentication process, and is attacked by replay of an attacker based on a failure message, and when the terminal equipment fails to authenticate the network, a specific reason of authentication failure is exposed to the attacker, so that the terminal equipment is tracked. The failure reasons of the terminal equipment are divided into MAC_FAIL (MAC authentication failure) and SYNC_FAIL (sequence number synchronization failure), an attacker can replay the used authentication quintuple, when the authentication result of the terminal equipment to the network is the synchronization failure, the attacker obtains feedback parameters carried in authentication failure response, and the attacker can determine the user position privacy information according to the feedback parameters MAC_FAIL and SYNC_FAIL.

Based on this, how to protect the private data of the terminal device in the authentication process becomes a technical problem to be solved.

It should be noted that the information disclosed in the above background section is only for enhancing understanding of the background of the present disclosure and thus may include information that does not constitute prior art known to those of ordinary skill in the art.

Disclosure of Invention

The disclosure provides an authentication method, an authentication device, an authentication system, an electronic device and a storage medium, which at least overcome the problem that user privacy data is revealed in an authentication process in the related art to a certain extent.

Other features and advantages of the present disclosure will be apparent from the following detailed description, or may be learned in part by the practice of the disclosure.

According to one aspect of the present disclosure, there is provided an authentication method applied to a terminal device, including: receiving a binary authentication vector sent by a security anchor function (SEAF (SEcurity Anchor Function) network element, wherein the binary authentication vector comprises an authentication token carried with an authentication token (autenticationtoken); verifying the AUTN contained in the binary authentication vector to obtain an authentication result; generating an authentication response message based on the authentication result, wherein the authentication response message comprises a first field and a second field; and sending the authentication response message to a SEAF network element so that the SEAF network element verifies the first field, and sending a second field of the authentication response message to a unified data management (Unified Data Management ) network element by the SEAF network element under the condition that the first field fails to be verified, wherein the UDM network element derives an authentication result of the terminal equipment according to the second field.

In one embodiment of the present disclosure, the AUTN includes a network-side message authentication code MAC (Message Authentication Code ) and a network SeQuence Number SQN (sequonce Number); verifying the AUTN contained in the binary authentication vector to obtain an authentication result, including: respectively verifying the MAC and the SQN contained in the AUTN; if the MAC fails verification, determining that the authentication result is MAC authentication failure; and if the MAC passes the verification and the SQN fails the verification, determining that the authentication result is that the serial number synchronization fails.

In one embodiment of the disclosure, the first field is a RESponse RES (RESponse) or a first random number, and the second field is an aus (AUthentication Token for Synchronisation, re-synchronization authentication token) or a second random number, where the first random number is a parameter generated by the terminal device using a random number generator and consistent with a RES format, and the second random number is a parameter generated by the terminal device using a random number generator and consistent with an aus format.

In one embodiment of the present disclosure, the two-tuple authentication vector is (RAND, AUTN).

According to another aspect of the present disclosure, there is provided an authentication method applied to a SEAF network element, including: transmitting a binary authentication vector to a terminal device, wherein the binary authentication vector comprises an AUTN; receiving an authentication response message sent by a terminal device, wherein the authentication response message is generated by the terminal device based on an authentication result obtained by verifying the AUTN, and the authentication response message comprises a first field and a second field; verifying the first field; and if the first field is not verified, sending a second field of the authentication response message to the UDM network element so that the UDM network element derives an authentication result of the terminal equipment based on the second field.

In one embodiment of the present disclosure, before sending the tuple authentication vector to the terminal device, the method further comprises: receiving a triplet authentication vector sent by an authentication service function AUSF (Authentication Server Function ) network element, wherein the triplet authentication vector comprises a hash expected response HXRES (Hash eXpected RESponse); storing the HXRES to the local of the SEAF network element; and generating a binary authentication vector based on the ternary authentication vector.

In one embodiment of the present disclosure, the triplet authentication vector is (RAND, AUTN, HXRES).

In one embodiment of the disclosure, the first field is a RES or a first random number, where the first random number is a parameter generated by the terminal device using a random number generator and consistent with a RES format; when the first field is RES, validating the first field includes: calculating a Hash RESponse HRES (Hash RESponse) based on the RES; and judging whether the HXRES and the HRES are identical or not based on the HXRES locally stored in the SEAF network element, if so, determining that the first field passes verification, and if not, determining that the first field fails verification.

In one embodiment of the disclosure, the second field is an aus or a second random number, where the second random number is a parameter generated by the terminal device using a random number generator and consistent with an aus format.

According to yet another aspect of the present disclosure, there is provided an authentication method applied to a UDM network element, including: receiving a second field contained in an authentication response message sent by an SEAF network element under the condition that the first field contained in the authentication response message is determined to be not verified by the SEAF network element, wherein the authentication response message is generated by a terminal device based on an authentication result obtained by verifying an AUTN contained in a binary authentication vector; and deducing and obtaining an authentication result of the terminal equipment according to the second field.

In one embodiment of the present disclosure, the method further comprises: receiving an authentication request of a terminal device; receiving an authentication request of a terminal device; generating a five-tuple authentication vector based on the authentication request, wherein the five-tuple authentication vector is (CK, IK, RAND, AUTN, XRES); generating a four-tuple authentication vector based on the five-tuple authentication vector, wherein the four-tuple authentication vector is (RAND, AUTN, XRES x, K) _AUSF ) And sending the four-tuple authentication vector to an AUSF network element so that the AUSF network element generates a three-tuple authentication vector based on the four-tuple authentication vector, and sending the three-tuple authentication vector to the SEAF network element.

In one embodiment of the disclosure, the first field is a RES or a first random number, where the first random number is a parameter generated by the terminal device using a random number generator and consistent with a RES format.

In one embodiment of the disclosure, the second field is an aus or a second random number, where aus=conc (SQN _MS )||MAC-S，Conc(SQN _MS ) SQN pair based on key AK for the terminal device _MS The generated hidden value, MAC-S is the re-synchronization authentication code generated by the terminal equipment based on f1 in 3GPP standard, and the SQN _MS The second random number is a parameter which is generated by the terminal equipment by utilizing a random number generator and is consistent with an AUTS format; and when the second field is AUTS, deriving an authentication result of the terminal equipment according to the second field, wherein the authentication result comprises the following steps: calculating to obtain XMAC-S based on f1 algorithm defined by 3GPP standard; based on the XMAC-S to the AUTSVerifying the MAC-S in the network; if the MAC-S verification is not passed, determining that the authentication result of the terminal equipment is MAC authentication failure; if the MAC-S verification is passed, determining that the authentication result of the terminal equipment is that the serial number synchronization fails.

In one embodiment of the present disclosure, the method further comprises: after determining that the authentication result of the terminal equipment is sequence number synchronization failure, calculating a secret key AK based on an f5 algorithm defined by the 3GPP standard; based on the key AK, a key value is derived from the Conc (SQN _MS ) Acquiring SQN _MS The method comprises the steps of carrying out a first treatment on the surface of the Based on the SQN _MS And generating a new quintuple authentication vector so that the terminal equipment can carry out network authentication again based on the new quintuple authentication vector.

According to still another aspect of the present disclosure, there is provided an authentication apparatus applied to a terminal device side, including: the system comprises a binary authentication vector receiving module, a binary authentication vector sending module and a binary authentication vector receiving module, wherein the binary authentication vector receiving module is used for receiving a binary authentication vector sent by an SEAF network element, and the binary authentication vector comprises AUTN; the authentication result obtaining module is used for verifying the AUTN contained in the binary authentication vector to obtain an authentication result; an authentication response message generation module, configured to generate an authentication response message based on the authentication result, where the authentication response message includes a first field and a second field; and the authentication response message sending module is used for sending the authentication response message to the SEAF network element so that the SEAF network element verifies the first field, and the SEAF network element sends a second field of the authentication response message to the UDM network element under the condition that the first field is not verified, and the UDM network element derives an authentication result of the terminal equipment according to the second field.

In one embodiment of the present disclosure, the AUTN comprises a network side message authentication code MAC and a network sequence number SQN; the authentication result obtaining module is further configured to verify the MAC and the SQN included in the AUTN respectively; if the MAC fails verification, determining that the authentication result is MAC authentication failure; and if the MAC passes the verification and the SQN fails the verification, determining that the authentication result is that the serial number synchronization fails.

In one embodiment of the disclosure, the first field is a response RES or a first random number, and the second field is a re-synchronization authentication token AUTS or a second random number, where the first random number is a parameter generated by the terminal device using a random number generator and consistent with RES format, and the second random number is a parameter generated by the terminal device using a random number generator and consistent with AUTS format.

According to still another aspect of the present disclosure, there is provided an authentication apparatus applied to a SEAF network element side, including: a first vector sending module, configured to send a binary authentication vector to a terminal device, where the binary authentication vector includes an AUTN; an authentication response message receiving module, configured to receive an authentication response message sent by a terminal device, where the authentication response message is generated by the terminal device based on an authentication result obtained by verifying the AUTN, and the authentication response message includes a first field and a second field; the first field verification module is used for verifying the first field; and the second field sending module is used for sending the second field of the authentication response message to the UDM network element under the condition that the first field fails to pass verification so that the UDM network element derives an authentication result of the terminal equipment based on the second field.

In one embodiment of the present disclosure, the apparatus further includes a triplet authentication vector receiving module, where the triplet authentication vector receiving module is configured to receive a triplet authentication vector sent by an authentification service function AUSF network element, where the triplet authentication vector includes a hash expected response HXRES; the device further comprises a Hash expected response storage module, wherein the Hash expected response storage module is used for storing the HXRES to the local of the SEAF network element; the device further comprises a two-tuple authentication vector generation module, wherein the two-tuple authentication vector generation module is used for generating two-tuple authentication vectors based on the three-tuple authentication vector.

In one embodiment of the disclosure, the first field is a RES or a first random number, where the first random number is a parameter generated by the terminal device using a random number generator and consistent with a RES format; when the first field is RES, the first field verification module is further configured to calculate a hash response HRES based on the RES; and judging whether the HXRES and the HRES are identical or not based on the HXRES locally stored in the SEAF network element, if so, determining that the first field passes verification, and if not, determining that the first field fails verification.

According to still another aspect of the present disclosure, there is provided an authentication apparatus applied to a UDM network element side, including: a second field receiving module, configured to receive, when the SEAF network element determines that the first field included in the authentication response message does not pass verification, a second field included in the authentication response message sent by the SEAF network element, where the authentication response message is generated by the terminal device based on an authentication result obtained by verifying an AUTN included in the binary authentication vector; and the authentication result deduction module is used for deducting and obtaining the authentication result of the terminal equipment according to the second field.

In one embodiment of the disclosure, the apparatus further includes an authentication request receiving module, where the authentication request receiving module is configured to receive an authentication request of the terminal device; the device also comprises a quintuple authentication vector generation module, wherein the quintuple authentication vector generation module is used for receiving an authentication request of the terminal equipment; generating a five-tuple authentication vector based on the authentication request, wherein the five-tuple authentication vector is (CK, IK, RAND, AUTN, XRES); generating a four-tuple authentication vector based on the five-tuple authentication vector, wherein the four-tuple authentication vector is (RAND, AUTN, XRES x, K) _AUSF ) The method comprises the steps of carrying out a first treatment on the surface of the The four-tuple authentication vector is sent to an AUSF network element, so that the AUSF network element generates the three-tuple authentication vector based on the four-tuple authentication vectorAnd sending the triplet authentication vector to the SEAF network element.

In one embodiment of the disclosure, the second field is an aus or a second random number, where aus=conc (SQN _MS )||MAC-S，Conc(SQN _MS ) SQN pair based on key AK for the terminal device _MS The generated hidden value, MAC-S is the re-synchronization authentication code generated by the terminal equipment based on f1 in 3GPP standard, and the SQN _MS The second random number is a parameter which is generated by the terminal equipment by utilizing a random number generator and is consistent with an AUTS format; the authentication result deriving module is further configured to calculate XMAC-S based on an f1 algorithm defined by the 3GPP standard when the second field is an aus; verifying the MAC-S in the AUTS based on the XMAC-S; if the MAC-S verification is not passed, determining that the authentication result of the terminal equipment is MAC authentication failure; if the MAC-S verification is passed, determining that the authentication result of the terminal equipment is that the serial number synchronization fails.

In an embodiment of the present disclosure, the apparatus further includes a new five-tuple authentication vector generation module, where the new five-tuple authentication vector generation module is configured to calculate, after determining that an authentication result of the terminal device is a sequence number synchronization failure, a key AK based on an f5×algorithm defined by a 3GPP standard; based on the key AK, a key value is derived from the Conc (SQN _MS ) Acquiring SQN _MS The method comprises the steps of carrying out a first treatment on the surface of the Based on the SQN _MS And generating a new quintuple authentication vector so that the terminal equipment can carry out network authentication again based on the new quintuple authentication vector.

According to yet another aspect of the present disclosure, there is provided an authentication system including: a UDM network element, an AUSF network element, a SEAF network element and terminal equipment;

the UDM network element is used for sending a four-element authentication vector to the AUSF network element;

the AUSF network element is used for generating a triplet authentication vector based on the quadruple authentication vector and sending the triplet authentication vector to the SEAF network element;

the SEAF network element is configured to generate a two-tuple authentication vector based on the three-tuple authentication vector, send the two-tuple authentication vector to the terminal device, where the two-tuple authentication vector includes an AUTN, and receive an authentication response message sent by the terminal device, where the authentication response message is generated by the terminal device based on an authentication result obtained by verifying the AUTN, and the authentication response message includes a first field and a second field, verify the first field, and send the second field to the UDM network element if the first field fails verification;

The terminal equipment is used for receiving the binary group authentication vector sent by the SEAF network element, verifying the AUTN contained in the binary group authentication vector to obtain an authentication result, generating an authentication response message based on the authentication result, and sending the authentication response message to the SEAF network element;

the UDM network element is further configured to receive a second field included in the authentication response message sent by the SEAF network element, and derive an authentication result of the terminal device according to the second field, where the SEAF network element determines that the first field included in the authentication response message is not verified.

According to still another aspect of the present disclosure, there is provided an electronic apparatus including: a processor; and a memory for storing executable instructions of the processor; wherein the processor is configured to perform the authentication method described above via execution of the executable instructions.

According to yet another aspect of the present disclosure, there is provided a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the above-described authentication method.

The embodiment of the disclosure provides an authentication method, an authentication device, an authentication system, electronic equipment and a storage medium, wherein the authentication method comprises the following steps: receiving a binary authentication vector sent by an SEAF network element, wherein the binary authentication vector comprises an carried authentication token AUTN; verifying AUTN contained in the binary authentication vector to obtain an authentication result; generating an authentication response message based on the authentication result, wherein the authentication response message comprises a first field and a second field; and sending the authentication response message to the SEAF network element so that the SEAF network element verifies the first field, and sending a second field of the authentication response message to the UDM network element by the SEAF network element under the condition that the first field fails to be verified, and deriving an authentication result of the terminal equipment by the UDM network element according to the second field. The SEAF network element and the UDM network element in the core network of the present disclosure deduce the authentication result of the terminal device by verifying the authentication response message, thereby effectively avoiding replay attack.

It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.

Drawings

The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the disclosure and together with the description, serve to explain the principles of the disclosure. It will be apparent to those of ordinary skill in the art that the drawings in the following description are merely examples of the disclosure and that other drawings may be derived from them without undue effort.

FIG. 1 illustrates a flow chart of an authentication method in an embodiment of the present disclosure;

FIG. 2 illustrates another authentication method flow diagram in an embodiment of the present disclosure;

FIG. 3 illustrates another authentication method flow diagram in an embodiment of the present disclosure;

FIG. 4 illustrates an interaction diagram of an authentication system in an embodiment of the present disclosure;

FIG. 5 illustrates a schematic diagram of an authentication method in an embodiment of the present disclosure;

fig. 6 shows a schematic diagram of an authentication device in an embodiment of the disclosure;

fig. 7 shows a schematic diagram of another authentication device in an embodiment of the disclosure;

fig. 8 shows a schematic diagram of another authentication device in an embodiment of the disclosure;

Fig. 9 shows a schematic diagram of an authentication system in an embodiment of the disclosure;

fig. 10 shows a block diagram of an electronic device in an embodiment of the disclosure.

Detailed Description

Example embodiments will now be described more fully with reference to the accompanying drawings. However, the exemplary embodiments may be embodied in many forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of the example embodiments to those skilled in the art. The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments.

Furthermore, the drawings are merely schematic illustrations of the present disclosure and are not necessarily drawn to scale. The same reference numerals in the drawings denote the same or similar parts, and thus a repetitive description thereof will be omitted. Some of the block diagrams shown in the figures are functional entities and do not necessarily correspond to physically or logically separate entities. These functional entities may be implemented in software or in one or more hardware modules or integrated circuits or in different networks and/or processor devices and/or microcontroller devices.

As mentioned in the background section above, the existing AKA protocol has known drawbacks in the authentication process, and is subject to replay attack by an attacker based on a failure message, and when the terminal device fails to authenticate the network, a specific cause of authentication failure is exposed to the attacker, so that the terminal device is tracked.

Based on the above, the present disclosure provides an authentication method, an apparatus, a system, an electronic device and a storage medium, where a terminal device returns an authentication response message to a core network, and an SEAF network element and a UDM network element in the core network reversely derive an authentication result of the terminal device through verification of different fields in the authentication response message.

The present exemplary embodiment will be described in detail below with reference to the accompanying drawings and examples.

First, an embodiment of the present disclosure provides an authentication method, which may be performed by a terminal device, or any electronic device with computing processing capability, where the terminal device may also be a UE (User Equipment).

Fig. 1 shows a flowchart of an authentication method in an embodiment of the present disclosure, and as shown in fig. 1, the authentication method provided in the embodiment of the present disclosure includes the following steps:

s102, receiving a binary authentication vector sent by a security anchor function SEAF network element, wherein the binary authentication vector comprises an carried authentication token AUTN;

it should be noted that the binary authentication vector may be (RAND, AUTN), where RAND is a 128-bit random number, and the SEAF network element may generate a binary authentication vector based on the ternary authentication vector sent by the AUSF network element and send the binary authentication vector to the terminal device, where the ternary authentication vector may be (RAND, AUTN, HXRES x), and after receiving the ternary authentication vector sent by the AUSF, the SEAF network element may further store HXRES in the ternary authentication vector locally in the SEAF network element, so as to verify that the terminal device returns an authentication response message.

S104, verifying the AUTN contained in the binary authentication vector to obtain an authentication result;

it should be noted that the AUTN may include a network side message authentication code MAC and a network side sequence number SQN _HN . The terminal equipment judges whether the terminal side message authentication code XMAC is consistent with the network side message authentication code MAC, and when the XMAC is inconsistent with the MAC, the authentication result of the terminal equipment is determined to be MAC authentication failure; under the condition that XMAC is consistent with MAC, the terminal equipment also judges the SQN of the network side _HN Whether in the correct range, if so, the serial number is verified and the serial number is the same asSuccessful steps; if not, the serial number fails verification, and the authentication result is that the serial number fails to synchronize. The terminal equipment firstly verifies the MAC in the AUTN, and if the MAC verification is not passed, the authentication result of the failure of the MAC authentication is directly obtained, and the SQN in the AUTN is not verified.

S106, generating an authentication response message based on the authentication result, wherein the authentication response message comprises a first field and a second field;

it should be noted that, whether the authentication result of the terminal device on the network is successful or not, an authentication response message with a unified format is returned to the SEAF network element, where the authentication response message may be composed of three fields, such as [ RES ] Cause [ Sync ], in this disclosure, the first field may be a [ RES ] field, the second field may be a [ Sync ] field, the third field may be a [ Cause ] field, and the terminal device may generate RES, a pseudo Cause value, and an AUTS according to the authentication result, and fill RES into the [ RES ] field, fill AUTS into the [ Sync ] field, and fill the pseudo Cause value into the [ Cause ] field. The generation configuration of the three fields needs to be cooperatively set according to specific scenes, and the setting rules are as follows in table 1:

TABLE 1

The authentication of the authentication response message may be implemented by a corresponding network element in the core network, where the corresponding network element in the core network may verify a field included in the authentication response message, and infer an authentication result of the terminal device, so that the core network performs a subsequent operation according to the authentication result of the terminal device.

S108, the authentication response message is sent to the SEAF network element so that the SEAF network element verifies the first field, and the SEAF network element sends the second field of the authentication response message to the Unified Data Management (UDM) network element, and the UDM network element derives an authentication result of the terminal equipment according to the second field under the condition that the first field fails verification.

It should be noted that, the terminal device sends the authentication response message to the core network, the core network derives the authentication result of the terminal device through the authentication response message, where the SEAF network element of the core network may verify the first field of the authentication response message, the SEAF network element may use an algorithm specified in the 3GPP standard TS33.501, calculate HRES according to the first field RES, and then determine whether the locally stored HXRES of the SEAF network element is consistent with HRES, if yes, the first field passes the verification, the authentication result of the terminal device on the network is successful, if no, the first field fails the verification, and the authentication result of the terminal device on the network is failed. Under the condition that the SEAF network element determines that the first field fails to pass verification, the SEAF network element sends a second field of the authentication response message to the UDM network element, the second field is AUTS, the UDM network element verifies the AUTS, and specific reasons of network authentication failure of the terminal equipment are determined, for example, when the AUTS passes verification, the authentication result of the terminal equipment is determined to be serial number synchronization failure, and when the AUTS fails to pass verification, the authentication result of the second field is determined to be MAC authentication failure.

In the authentication method provided by the embodiment of the present disclosure, in a 5G (5 th-generation, fifth generation mobile communication) authentication scenario, a terminal device returns an authentication response message to a core network, where the authentication response message includes a plurality of fields, each field is cooperatively configured to function, and an effect of hiding an authentication result of the terminal device can be achieved without using a key, and an SEAF network element and a UDM network element in the core network reversely deduce the authentication result of the terminal device through verification of different fields in the authentication response message.

Furthermore, the authentication method disclosed by the disclosure can be completed by the functions of the corresponding network elements in the existing core network, the original 5G signaling flow is not required to be changed, a new key and an encryption flow are not required to be introduced, the authentication result or the authentication response message is not subjected to encryption processing, and the password operation pressure of the terminal side and the core network is not increased.

In one embodiment of the present disclosure, the AUTN comprises a network side message authentication code MAC and a network sequence number SQN; verifying the AUTN contained in the binary authentication vector to obtain an authentication result, wherein the authentication result comprises the following steps: respectively verifying the MAC and the SQN contained in the AUTN; if the MAC fails verification, determining that the authentication result is the MAC authentication failure; if the MAC passes the verification and the SQN fails the verification, determining that the authentication result is that the serial number synchronization fails.

In one embodiment of the disclosure, the first field is a response RES or a first random number, and the second field is a re-synchronization authentication token AUTS or a second random number, where the first random number is a parameter generated by the terminal device using a random number generator and consistent with the RES format, and the second random number is a parameter generated by the terminal device using a random number generator and consistent with the AUTS format. It should be noted that the first random number and the second random number may be pseudo random numbers, and the pseudo random numbers are random number sequences that are uniformly distributed and calculated by a deterministic algorithm. The first random number may be consistent with the RES-x length and the character form, and the second random number may be consistent with the aus length and the character form, so as to confuse the judgment of an attacker and protect the location privacy of the user terminal. In addition, when the first random number and the second random number are verified, since the values of the first random number and the RES are different and the values of the second random number and the AUTS are different, the verification results of the SEAF network element on the first field and the UDM network element on the second field are both verification results and are not passed.

In an embodiment of the present disclosure, another authentication method is provided in an embodiment of the present disclosure, which may be applied to a SEAF network element, referring to another authentication method flowchart shown in fig. 2, and may include the following steps:

s202, sending a binary authentication vector to a terminal device, wherein the binary authentication vector comprises an AUTN;

s204, receiving an authentication response message sent by the terminal equipment, wherein the authentication response message is generated by the terminal equipment based on an authentication result obtained by verifying the AUTN, and the authentication response message comprises a first field and a second field;

s206, verifying the first field;

and S208, if the first field fails to pass verification, sending a second field of the authentication response message to the UDM network element so that the UDM network element derives an authentication result of the terminal equipment based on the second field.

It should be noted that, in one embodiment of the present disclosure, when the authentication response message is [ res×cause ] [ Sync ], after the core network receives the authentication response message returned by the terminal device, the SEAF network element in the core network may verify the [ res× ] field according to a manner specified in 3GPP standard TS33.501, the authentication result passing through the representative terminal device is successful authentication, the authentication result failing through the representative terminal device is verified, at this time, the SEAF network element is required to send the [ Sync ] field of the authentication response message to the UDM network element, the UDM network element verifies the [ Sync ] field by verifying the [ Sync ] field, and determines a specific Cause of the authentication failure of the terminal device, the UDM network element may verify the [ Sync ] field according to a manner specified in 3GPP standard TS33.102, when the [ Sync ] field passes through the verification, it is determined that the Cause of the authentication failure of the terminal device is serial number synchronization failure, and when the [ Sync ] field fails through the verification, it is determined that the Cause of the authentication failure of the terminal device is MAC authentication failure. In addition, the [ Cause ] field of the authentication response message is used as a flag bit, so that independent verification is not needed, and the authentication result of the terminal equipment is not influenced by the core network.

In one embodiment of the present disclosure, before sending the tuple authentication vector to the terminal device, the method further comprises: receiving a triplet authentication vector sent by an AUSF network element of an authentication service function, wherein the triplet authentication vector comprises a hash expected response HXRES; storing HXRES locally to the SEAF network element; based on the triplet authentication vector, a triplet authentication vector is generated.

In one embodiment of the disclosure, the first field is a RES x or a first random number, where the first random number is a parameter generated by the terminal device using a random number generator and consistent with a RES x format; when the first field is RES, validating the first field includes: calculating a hash response HRES based on RES; based on the HXRES locally stored in the SEAF network element, judging whether the HXRES and the HRES are identical, if so, determining that the first field passes verification, and if not, determining that the first field fails verification.

In one embodiment of the present disclosure, the second field is an aus or a second random number, wherein the second random number is a parameter generated by the terminal device using a random number generator and consistent with the aus format.

In an embodiment of the present disclosure, another authentication method is provided in an embodiment of the present disclosure, which may be applied to a UDM network element, referring to another authentication method flowchart shown in fig. 3, and may include the following steps:

s302, receiving a second field contained in an authentication response message sent by the SEAF network element under the condition that the first field contained in the authentication response message is determined to be not verified by the SEAF network element, wherein the authentication response message is generated by the terminal equipment based on an authentication result obtained by verifying an AUTN contained in a binary authentication vector;

s304, according to the second field, deriving an authentication result of the terminal equipment.

Note that, in one embodiment of the present disclosure, aus=conc (SQN _MS )||MAC-S，Conc(SQN _MS ) To use the key AK to pair SQN _MS The generated hidden value, MAC-s=f1×k (SQN _MS The RAND AMF), and the MAC-S is a re-synchronization authentication code generated by the terminal device using the f1 algorithm. After receiving the second field, the UDM network element calculates a key AK using an f5 algorithm to obtain a value from the Conc (SQN _MS ) The SQN is obtained _MS And calculating XMAC-S by using f1 algorithm to finish verification of the second field, if the verification is not passed, the authentication result of the terminal equipment to the network is MAC authentication failure, and if the verification is passed, the authentication result of the terminal equipment to the network is serial number synchronization failure. Furthermore, the UDM network element will use SQN _MS Resetting SQN _HN To generate a next new authentication vector.

In one embodiment of the present disclosure, the method further comprises: receiving an authentication request of a terminal device; receiving an authentication request of a terminal device; generating a five-tuple authentication vector based on the authentication request, wherein the five-tuple authentication vector is (CK, IK, RAND, AUTN, XRES); generating a four-tuple authentication vector based on the five-tuple authentication vector, wherein the four-tuple authentication vector is (RAND, AUTN, XRES x, K) _AUSF ) The method comprises the steps of carrying out a first treatment on the surface of the And sending the quadruple authentication vector to the AUSF network element so that the AUSF network element generates a triple authentication vector based on the quadruple authentication vector, and sending the triple authentication vector to the SEAF network element. Here, RAND is a random number, CK (Integrity Key), IK (ciper Key, encryption Key).

It should be noted that, the UDM network element generates a quintuple authentication vector according to the authentication request of the terminal device, generates a tetratuple authentication vector according to the quintuple authentication vector, and sends the tetratuple authentication vector to the AUSF network element in the nudm_authentication_get response, where the tetratuple authentication vector is (RAND, AUTN, XRES x, K) _AUSF ) If the nudm_authentication_get request message contains the sui, the UDM network element also carries the parameter sui in the nudm_authentication_get response. The AUSF network element temporarily stores XRES and the received SUCI (Subscription Concealed Identifier, user hidden identifier) or SUPI (Subscription Permanent Identifier, user permanent identifier) locally to the AUSF network element, which may also store K _AUSF Stored locally at the AUSF network element. The AUSF network element then creates a 5G AV (Authentication Vector ): HXRES is derived from XRES according to TS33.501 Annex A.5 and K according to TS33.501 Annex A.6 _AUSF Deriving K _SEAF Using the derived HXRES and K _SEAF Replace 5G HE AV (RAND, AUTN, XRES X, K) _AUSF ) XRES and K _AUSF Obtain 5G AV (RAND, AUTN, HXRES, K) _SEAF ). The AUSF network element sends Nausf_UEauthentication_authentication response message to the SEAF network element, and the message carries 5G AV (RAND, AUTN, HXRES, K) _SEAF ). The SEAF network element establishes for the terminal through NAS message Authentication-RequestAnd (3) preparing to initiate an authentication process, sending the binary authentication vector carrying the authentication parameters RAND and the AUTN to the terminal equipment, and after receiving the binary authentication vector, verifying the AUTN by the terminal equipment.

In one embodiment of the present disclosure, the five-tuple authentication vector may be an authentication vector AV, the four-tuple authentication vector may be a 5G HE AV, and the three-tuple authentication vector may be a 5G SE AV.

In one embodiment of the disclosure, the first field is a RES or a first random number, where the first random number is a parameter generated by the terminal device using a random number generator and consistent with the RES format.

In one embodiment of the present disclosure, the second field is an aus or a second random number, where aus=conc (SQN _MS )||MAC-S，Conc(SQN _MS ) SQN for terminal equipment based on key AK _MS The generated hidden value, MAC-S is the re-synchronous authentication code generated by the terminal equipment based on f1 algorithm in 3GPP standard, SQN _MS The method comprises the steps that the maximum SQN value currently stored by terminal equipment is used as a second random number, and the second random number is a parameter which is generated by the terminal equipment by using a random number generator and is consistent with an AUTS format; when the second field is AUTS, deriving an authentication result of the terminal equipment according to the second field, wherein the authentication result comprises: calculating to obtain XMAC-S based on f1 algorithm defined by 3GPP standard; verifying the MAC-S in the AUTS based on the XMAC-S; if the MAC-S verification is not passed, determining that the authentication result of the terminal equipment is MAC authentication failure; if the MAC-S verification is passed, determining that the authentication result of the terminal equipment is that the serial number synchronization fails. It should be noted that, here, whether the MAC-S passes the verification may be determined by determining whether the XMAC-S and the MAC-S are identical, and if the XMAC-S and the MAC-S are identical, the MAC-S verification passes, and it is determined that the authentication result of the terminal device is that the serial number authentication fails; if the XMAC-S is inconsistent with the MAC-S, the MAC-S verification is not passed, and the authentication result of the terminal equipment is determined to be MAC authentication failure.

In one embodiment of the present disclosure, the method further comprises: after determining that the authentication result of the terminal equipment is that the sequence number synchronization fails, calculating to obtain a secret key AK based on an f5 algorithm defined by the 3GPP standard; based on the key AK, the key value from Conc (SQN _MS ) Middle getTaking SQN _MS The method comprises the steps of carrying out a first treatment on the surface of the SQN-based _MS And generating a new quintuple authentication vector so that the terminal equipment can perform network authentication again based on the new quintuple authentication vector.

The other authentication method provided in the embodiment of the present disclosure is the same as the technical problem solved by the authentication method, and meanwhile, the technical effects achieved are the same, which is not described in detail herein.

Fig. 4 shows an interaction method between a terminal device 410, a SEAF network element 420, an AUSF network element 430, and a UDM network element 440, as shown in fig. 4, including:

s402, the terminal equipment sends an authentication request to the UDM network element;

s404, generating a quintuple authentication vector by the UDM network element based on the authentication request, and generating a tetratuple authentication vector based on the quintuple authentication vector;

s406, the UDM network element sends a four-element authentication vector to the AUSF network element;

s408, the AUSF network element generates a triplet authentication vector based on the quadruple authentication vector;

s410, the AUSF network element sends a triplet authentication vector to the SEAF network element;

S412, the SEAF network element generates a binary authentication vector based on the ternary authentication vector;

s414, the SEAF network element sends a binary group authentication vector to the terminal equipment;

s416, the terminal equipment verifies the AUTN in the binary authentication vector to obtain an authentication result, and generates an authentication response message based on the authentication result;

s418, the terminal equipment sends an authentication response message to the SEAF network element, wherein the authentication response message comprises a first field and a second field;

s420, the SEAF network element sends a second field to the UDM network element under the condition that the first field is determined to be not verified;

s422, deducing the authentication result of the terminal equipment based on the second field.

The authentication method disclosed by the disclosure has the same technical problems as the authentication method, and meanwhile, the realized technical effects are the same, and are not described in detail herein.

Fig. 5 is a diagram showing a scenario in which a terminal device applying the scheme of the present disclosure is under replay attack by an attacker or a malicious base station, where the 5G network may be a 5G core network, the attacker or the malicious base station may eavesdrop on RAND and AUTN sent by the core network to the terminal device, and after the core network sends an authentication request message to a non-target UE and a target UE, the authentication request message carries RAND, AUTN, key set identifier ngi and inter-architecture anti-bidding descending ABBA, the attacker or the malicious base station may also intercept binary group authentication vector (RAND, AUTN) in the authentication request message, and acquire an authentication response message ([ RES x ] [ use ] [ Sync ]) from the terminal device by using the intercepted or eavesdropped RAND or AUTN, since a field in the authentication response message can only be verified by a corresponding network element of the core network, the attacker or the malicious base station cannot verify a field in the authentication response message, thereby the real authentication result of the terminal device can not be obtained, replay attack is effectively avoided, and the attacker is prevented from illegally tracking the terminal device to protect the user location.

Based on the same inventive concept, an authentication device is also provided in the embodiments of the present disclosure, such as the following embodiments. Since the principle of solving the problem of the embodiment of the device is similar to that of the embodiment of the method, the implementation of the embodiment of the device can be referred to the implementation of the embodiment of the method, and the repetition is omitted.

Fig. 6 shows a schematic diagram of an authentication apparatus in an embodiment of the disclosure, where, as shown in fig. 6, the apparatus may be applied to a side of a terminal device, and includes:

a binary authentication vector receiving module 610, configured to receive a binary authentication vector sent by a SEAF network element, where the binary authentication vector includes AUTN;

an authentication result obtaining module 620, configured to verify AUTN included in the binary authentication vector to obtain an authentication result;

an authentication response message generation module 630, configured to generate an authentication response message based on the authentication result, where the authentication response message includes a first field and a second field;

and the authentication response message sending module 640 is configured to send an authentication response message to the SEAF network element, so that the SEAF network element verifies the first field, and if the first field fails to be verified, the SEAF network element sends a second field of the authentication response message to the UDM network element, and the UDM network element derives an authentication result of the terminal device according to the second field.

In one embodiment of the present disclosure, the AUTN comprises a network side message authentication code MAC and a network sequence number SQN; the authentication result obtaining module 620 is further configured to verify the MAC and the SQN included in the AUTN, respectively; if the MAC fails verification, determining that the authentication result is the MAC authentication failure; if the MAC passes the verification and the SQN fails the verification, determining that the authentication result is that the serial number synchronization fails.

In one embodiment of the disclosure, the first field is a response RES or a first random number, and the second field is a re-synchronization authentication token AUTS or a second random number, where the first random number is a parameter generated by the terminal device using a random number generator and consistent with the RES format, and the second random number is a parameter generated by the terminal device using a random number generator and consistent with the AUTS format.

The embodiment of the present disclosure also provides another authentication device, referring to another schematic diagram of the authentication device shown in fig. 7, which may be applied to a SEAF network element side, including:

a first vector sending module 710, configured to send a binary authentication vector to a terminal device, where the binary authentication vector includes AUTN;

An authentication response message receiving module 720, configured to receive an authentication response message sent by the terminal device, where the authentication response message is generated by the terminal device based on an authentication result obtained by verifying the AUTN, and the authentication response message includes a first field and a second field;

a first field verification module 730, configured to verify the first field;

and a second field sending module 740, configured to send the second field of the authentication response message to the UDM network element if the first field fails to pass verification, so that the UDM network element derives an authentication result of the terminal device based on the second field.

In one embodiment of the present disclosure, the apparatus further includes a triplet authentication vector receiving module, where the triplet authentication vector receiving module is configured to receive a triplet authentication vector sent by an authentification service function AUSF network element, where the triplet authentication vector includes a hash expected response HXRES; the device further comprises a Hash expected response storage module, wherein the Hash expected response storage module is used for storing HXRES to the local of the SEAF network element; the device further comprises a two-tuple authentication vector generation module for generating a two-tuple authentication vector based on the three-tuple authentication vector.

In one embodiment of the disclosure, the first field is a RES x or a first random number, where the first random number is a parameter generated by the terminal device using a random number generator and consistent with a RES x format; when the first field is RES, the first field verification module 730 is further configured to calculate a hash response HRES based on RES; based on the HXRES locally stored in the SEAF network element, judging whether the HXRES and the HRES are identical, if so, determining that the first field passes verification, and if not, determining that the first field fails verification.

The embodiment of the present disclosure also provides another authentication device, referring to another schematic diagram of the authentication device shown in fig. 8, which may be applied to a side of a UDM network element, including:

a second field receiving module 810, configured to receive, when the SEAF network element determines that the first field included in the authentication response message does not pass verification, a second field included in the authentication response message sent by the SEAF network element, where the authentication response message is generated by the terminal device based on an authentication result obtained by verifying an AUTN included in the binary authentication vector;

And the authentication result deriving module 820 is configured to derive an authentication result of the terminal device according to the second field.

In one embodiment of the disclosure, the apparatus further includes an authentication request receiving module, where the authentication request receiving module is configured to receive an authentication request of the terminal device; the device also comprises a quintuple authentication vector generation module, wherein the quintuple authentication vector generation module is used for receiving an authentication request of the terminal equipment; generating a five-tuple authentication vector based on the authentication request, wherein the five-tuple authentication vector is (CK, IK, RAND, AUTN, XRES); generating a four-tuple authentication vector based on the five-tuple authentication vector, wherein the four-tuple authentication vector is (RAND, AUTN, XRES x, K) _AUSF ) The method comprises the steps of carrying out a first treatment on the surface of the And sending the quadruple authentication vector to the AUSF network element so that the AUSF network element generates a triple authentication vector based on the quadruple authentication vector, and sending the triple authentication vector to the SEAF network element.

In one embodiment of the present disclosure, the second field is an aus or a second random number, where aus=conc (SQN _MS )||MAC-S，Conc(SQN _MS ) SQN for terminal equipment based on key AK _MS The generated hidden value, MAC-S is the re-synchronous authentication code generated by the terminal equipment based on f1 algorithm in 3GPP standard, SQN _MS The method comprises the steps that the maximum SQN value currently stored by terminal equipment is used as a second random number, and the second random number is a parameter which is generated by the terminal equipment by using a random number generator and is consistent with an AUTS format; the authentication result deriving module 820 is further configured to calculate XMAC-S based on an f1 algorithm defined by the 3GPP standard when the second field is an aus; verifying the MAC-S in the AUTS based on the XMAC-S; if the MAC-S verification is not passed, determining that the authentication result of the terminal equipment is MAC authentication failure; if the MAC-S verification is passed, determining that the authentication result of the terminal equipment is that the serial number synchronization fails.

In one embodiment of the present disclosure, the apparatus further includes a new five-tuple authentication vector generation moduleAfter determining that the authentication result of the terminal equipment is sequence number synchronization failure, calculating a secret key AK based on an f5 algorithm defined by the 3GPP standard; based on the key AK, the key value from Conc (SQN _MS ) Acquiring SQN _MS The method comprises the steps of carrying out a first treatment on the surface of the SQN-based _MS And generating a new quintuple authentication vector so that the terminal equipment can perform network authentication again based on the new quintuple authentication vector.

Based on the same inventive concept, an authentication system is also provided in the embodiments of the present disclosure, as follows. Since the principle of solving the problem of the system embodiment is similar to that of the method embodiment, the implementation of the system embodiment can be referred to the implementation of the method embodiment, and the repetition is omitted.

Fig. 9 shows a schematic diagram of an authentication system according to an embodiment of the disclosure, as shown in fig. 9, the system includes: UDM network element 440, AUSF network element 430, SEAF network element 420, and terminal device 410;

wherein, the UDM network element 440 is configured to send a four-tuple authentication vector to the AUSF network element 430;

an AUSF network element 430, configured to generate a triplet authentication vector based on the quadruple authentication vector, and send the triplet authentication vector to the SEAF network element 420;

the SEAF network element 420 is configured to generate a binary authentication vector based on the ternary authentication vector, send the binary authentication vector to the terminal device 410, where the binary authentication vector includes an AUTN, and receive an authentication response message sent by the terminal device 410, where the authentication response message is generated by the terminal device 410 based on an authentication result obtained by verifying the AUTN, and the authentication response message includes a first field and a second field, verify the first field, and send the second field to the UDM network element 440 if the first field fails to pass the verification;

The terminal device 410 is configured to receive the binary authentication vector sent by the SEAF network element 420, verify AUTN included in the binary authentication vector to obtain an authentication result, generate an authentication response message based on the authentication result, and send the authentication response message to the SEAF network element 420;

the UDM network element 440 is further configured to, when the SEAF network element 420 determines that the first field included in the authentication response message is not verified, receive the second field included in the authentication response message sent by the SEAF network element 420, and derive an authentication result of the terminal device 410 according to the second field.

Those skilled in the art will appreciate that the various aspects of the present disclosure may be implemented as a system, method, or program product. Accordingly, various aspects of the disclosure may be embodied in the following forms, namely: an entirely hardware embodiment, an entirely software embodiment (including firmware, micro-code, etc.) or an embodiment combining hardware and software aspects may be referred to herein as a "circuit," module "or" system.

An electronic device 1000 according to such an embodiment of the present disclosure is described below with reference to fig. 10. The electronic device 1000 shown in fig. 10 is merely an example and should not be construed as limiting the functionality and scope of use of the disclosed embodiments.

As shown in fig. 10, the electronic device 1000 is embodied in the form of a general purpose computing device. Components of electronic device 1000 may include, but are not limited to: the at least one processing unit 1010, the at least one memory unit 1020, and a bus 1030 that connects the various system components, including the memory unit 1020 and the processing unit 1010.

Wherein the storage unit stores program code that is executable by the processing unit 1010 such that the processing unit 1010 performs steps according to various exemplary embodiments of the present disclosure described in the above section of the present specification. For example, the processing unit 1010 may perform the following steps of the method embodiment described above: receiving a binary authentication vector sent by a security anchor function SEAF network element, wherein the binary authentication vector comprises an carried authentication token AUTN; verifying AUTN contained in the binary authentication vector to obtain an authentication result; generating an authentication response message based on the authentication result, wherein the authentication response message comprises a first field and a second field; and sending the authentication response message to the SEAF network element so that the SEAF network element verifies the first field, and sending a second field of the authentication response message to the Unified Data Management (UDM) network element by the SEAF network element under the condition that the first field fails to verify, and deriving an authentication result of the terminal equipment by the UDM network element according to the second field.

The memory unit 1020 may include readable media in the form of volatile memory units such as Random Access Memory (RAM) 10201 and/or cache memory unit 10202, and may further include Read Only Memory (ROM) 10203.

The storage unit 1020 may also include a program/utility 10204 having a set (at least one) of program modules 10205, such program modules 10205 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each or some combination of which may include an implementation of a network environment.

Bus 1030 may be representing one or more of several types of bus structures including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or a local bus using any of a variety of bus architectures.

The electronic device 1000 can also communicate with one or more external devices 1040 (e.g., keyboard, pointing device, bluetooth device, etc.), with one or more devices that enable a user to interact with the electronic device 1000, and/or with any device (e.g., router, modem, etc.) that enables the electronic device 1000 to communicate with one or more other computing devices. Such communication may occur through an input/output (I/O) interface 1050. Also, electronic device 1000 can communicate with one or more networks such as a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the Internet, through network adapter 1060. As shown, the network adapter 1060 communicates with other modules of the electronic device 1000 over the bus 1030. It should be appreciated that although not shown, other hardware and/or software modules may be used in connection with the electronic device 1000, including, but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, data backup storage systems, and the like.

From the above description of embodiments, those skilled in the art will readily appreciate that the example embodiments described herein may be implemented in software, or may be implemented in software in combination with the necessary hardware. Thus, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (may be a CD-ROM, a U-disk, a mobile hard disk, etc.) or on a network, including several instructions to cause a computing device (may be a personal computer, a server, a terminal device, or a network device, etc.) to perform the method according to the embodiments of the present disclosure.

In an exemplary embodiment of the present disclosure, a computer-readable storage medium, which may be a readable signal medium or a readable storage medium, is also provided. On which a program product is stored which enables the implementation of the method described above of the present disclosure. In some possible implementations, various aspects of the disclosure may also be implemented in the form of a program product comprising program code for causing a terminal device to carry out the steps according to the various exemplary embodiments of the disclosure as described in the "exemplary methods" section of this specification, when the program product is run on the terminal device.

More specific examples of the computer readable storage medium in the present disclosure may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.

In this disclosure, a computer readable storage medium may include a data signal propagated in baseband or as part of a carrier wave, with readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.

Alternatively, the program code embodied on a computer readable storage medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.

In particular implementations, the program code for carrying out operations of the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device, partly on a remote computing device, or entirely on the remote computing device or server. In the case of remote computing devices, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., connected via the Internet using an Internet service provider).

It should be noted that although in the above detailed description several modules or units of a device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit in accordance with embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into a plurality of modules or units to be embodied.

Furthermore, although the steps of the methods in the present disclosure are depicted in a particular order in the drawings, this does not require or imply that the steps must be performed in that particular order or that all illustrated steps be performed in order to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step to perform, and/or one step decomposed into multiple steps to perform, etc.

From the description of the above embodiments, those skilled in the art will readily appreciate that the example embodiments described herein may be implemented in software, or may be implemented in software in combination with the necessary hardware. Thus, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (may be a CD-ROM, a U-disk, a mobile hard disk, etc.) or on a network, including several instructions to cause a computing device (may be a personal computer, a server, a mobile terminal, or a network device, etc.) to perform the method according to the embodiments of the present disclosure.

Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This disclosure is intended to cover any adaptations, uses, or adaptations of the disclosure following the general principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.

Claims

1. An authentication method, applied to a terminal device, comprising:

receiving a binary authentication vector sent by a security anchor function SEAF network element, wherein the binary authentication vector comprises an carried authentication token AUTN;

verifying the AUTN contained in the binary authentication vector to obtain an authentication result;

generating an authentication response message based on the authentication result, wherein the authentication response message comprises a first field and a second field;

and sending the authentication response message to a SEAF network element so that the SEAF network element verifies the first field, and under the condition that the first field fails to be verified, sending a second field of the authentication response message to a Unified Data Management (UDM) network element by the SEAF network element, and deriving an authentication result of the terminal equipment by the UDM network element according to the second field.

2. The authentication method of claim 1, wherein the AUTN comprises a network side message authentication code MAC and a network sequence number SQN;

verifying the AUTN contained in the binary authentication vector to obtain an authentication result, including:

respectively verifying the MAC and the SQN contained in the AUTN;

if the MAC fails verification, determining that the authentication result is MAC authentication failure;

And if the MAC passes the verification and the SQN fails the verification, determining that the authentication result is that the serial number synchronization fails.

3. The authentication method according to claim 1, wherein the first field is a response RES or a first random number, and the second field is a re-synchronization authentication token AUTS or a second random number, wherein the first random number is a parameter generated by the terminal device using a random number generator and is consistent with RES format, and the second random number is a parameter generated by the terminal device using a random number generator and is consistent with AUTS format.

4. The authentication method of claim 1, wherein the two-tuple authentication vector is (RAND, AUTN).

5. An authentication method, applied to a SEAF network element, comprising:

transmitting a binary authentication vector to a terminal device, wherein the binary authentication vector comprises an AUTN;

receiving an authentication response message sent by a terminal device, wherein the authentication response message is generated by the terminal device based on an authentication result obtained by verifying the AUTN, and the authentication response message comprises a first field and a second field;

verifying the first field;

And if the first field is not verified, sending a second field of the authentication response message to the UDM network element so that the UDM network element derives an authentication result of the terminal equipment based on the second field.

6. The authentication method of claim 5, wherein before sending the two-tuple authentication vector to the terminal device, the method further comprises:

receiving a triplet authentication vector sent by an AUSF network element of an authentication service function, wherein the triplet authentication vector comprises a hash expected response HXRES;

storing the HXRES to the local of the SEAF network element;

and generating a binary authentication vector based on the ternary authentication vector.

7. The authentication method of claim 6, wherein the triplet authentication vector is (RAND, AUTN, HXRES).

8. The authentication method according to claim 5, wherein the first field is RES or a first random number, and wherein the first random number is a parameter generated by the terminal device using a random number generator and is consistent with RES format; when the first field is RES,

validating the first field includes:

calculating a hash response HRES based on the RES;

And judging whether the HXRES and the HRES are identical or not based on the HXRES locally stored in the SEAF network element, if so, determining that the first field passes verification, and if not, determining that the first field fails verification.

9. The authentication method of claim 5, wherein the second field is an aus or a second random number, wherein the second random number is a parameter generated by the terminal device using a random number generator and conforming to an aus format.

10. An authentication method, applied to a UDM network element, comprising:

receiving a second field contained in an authentication response message sent by an SEAF network element under the condition that the first field contained in the authentication response message is determined to be not verified by the SEAF network element, wherein the authentication response message is generated by a terminal device based on an authentication result obtained by verifying an AUTN contained in a binary authentication vector;

and deducing and obtaining an authentication result of the terminal equipment according to the second field.

11. The authentication method of claim 10, wherein the method further comprises:

receiving an authentication request of a terminal device;

generating a five-tuple authentication vector based on the authentication request, wherein the five-tuple authentication vector is (CK, IK, RAND, AUTN, XRES);

Generating a four-tuple authentication vector based on the five-tuple authentication vector, wherein the four-tuple authentication vector is (RAND, AUTN, XRES x, K) _AUSF )；

And sending the four-tuple authentication vector to an AUSF network element so that the AUSF network element generates a three-tuple authentication vector based on the four-tuple authentication vector, and sending the three-tuple authentication vector to the SEAF network element.

12. The authentication method according to claim 10, wherein the first field is a RES-or a first random number, and wherein the first random number is a parameter generated by the terminal device using a random number generator and is consistent with a RES-format.

13. The authentication method according to claim 10, wherein the second field is an AUTS or a second random number, wherein AUTS = Conc (SQN _MS )||MAC-S，Conc(SQN _MS ) SQN pair based on key AK for the terminal device _MS The generated hidden value, MAC-S is theThe terminal equipment generates a resynchronous authentication code based on f1 algorithm in 3GPP standard, and the SQN _MS The second random number is a parameter which is generated by the terminal equipment by utilizing a random number generator and is consistent with an AUTS format; when the second field is an AUTS,

deriving an authentication result of the terminal device according to the second field, including:

Calculating to obtain XMAC-S based on f1 algorithm defined by 3GPP standard;

verifying the MAC-S in the AUTS based on the XMAC-S;

if the MAC-S verification is not passed, determining that the authentication result of the terminal equipment is MAC authentication failure;

if the MAC-S verification is passed, determining that the authentication result of the terminal equipment is that the serial number synchronization fails.

14. The authentication method of claim 13, wherein the method further comprises:

after determining that the authentication result of the terminal equipment is sequence number synchronization failure, calculating a secret key AK based on an f5 algorithm defined by the 3GPP standard;

based on the key AK, a key value is derived from the Conc (SQN _MS ) Acquiring SQN _MS ；

Based on the SQN _MS And generating a new quintuple authentication vector so that the terminal equipment can carry out network authentication again based on the new quintuple authentication vector.

15. An authentication apparatus, applied to a terminal device side, comprising:

the system comprises a binary authentication vector receiving module, a binary authentication vector sending module and a binary authentication vector receiving module, wherein the binary authentication vector receiving module is used for receiving a binary authentication vector sent by an SEAF network element, and the binary authentication vector comprises AUTN;

the authentication result obtaining module is used for verifying the AUTN contained in the binary authentication vector to obtain an authentication result;

An authentication response message generation module, configured to generate an authentication response message based on the authentication result, where the authentication response message includes a first field and a second field;

and the authentication response message sending module is used for sending the authentication response message to the SEAF network element so that the SEAF network element verifies the first field, and the SEAF network element sends a second field of the authentication response message to the UDM network element under the condition that the first field is not verified, and the UDM network element derives an authentication result of the terminal equipment according to the second field.

16. An authentication device, which is applied to a SEAF network element side, comprising:

a first vector sending module, configured to send a binary authentication vector to a terminal device, where the binary authentication vector includes an AUTN;

an authentication response message receiving module, configured to receive an authentication response message sent by a terminal device, where the authentication response message is generated by the terminal device based on an authentication result obtained by verifying the AUTN, and the authentication response message includes a first field and a second field;

the first field verification module is used for verifying the first field;

And the second field sending module is used for sending the second field of the authentication response message to the UDM network element under the condition that the first field fails to pass verification so that the UDM network element derives an authentication result of the terminal equipment based on the second field.

17. An authentication device, applied to a side of a UDM network element, comprising:

a second field receiving module, configured to receive, when the SEAF network element determines that the first field included in the authentication response message does not pass verification, a second field included in the authentication response message sent by the SEAF network element, where the authentication response message is generated by the terminal device based on an authentication result obtained by verifying an AUTN included in the binary authentication vector;

and the authentication result deduction module is used for deducting and obtaining the authentication result of the terminal equipment according to the second field.

18. An authentication system, comprising: a UDM network element, an AUSF network element, a SEAF network element and terminal equipment;

19. An electronic device, comprising:

a processor; and

a memory for storing executable instructions of the processor;

wherein the processor is configured to perform the authentication method of any one of claims 1 to 14 via execution of the executable instructions.

20. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the authentication method according to any one of claims 1 to 14.