CN1859714A

CN1859714A - Method for continuous'y using authentication tuple

Info

Publication number: CN1859714A
Application number: CNA2005100369271A
Authority: CN
Inventors: 王正伟; 孔杰; 周春艳
Original assignee: Huawei Technologies Co Ltd
Current assignee: Huawei Technologies Co Ltd
Priority date: 2005-08-29
Filing date: 2005-08-29
Publication date: 2006-11-08
Anticipated expiration: 2025-08-29
Also published as: CN100417285C

Abstract

The present invention discloses authentication tuple remain method, used for HLR/AUC to make administration to authentication tuple transmitted to MSC/VLR. In said method, HLR/AUC transmits authentication tuple to MSC/VLR and record authentication tuple relevant information. Said method at least includes A, HLR/AUC receiving MSC/VLR sent request authentication tuple request message, judging whether existing corresponding terminal user recording relevant information, if existing then executing step B, otherwise directly executing step C; B, HLR/AUC according to said relevant information deleting corresponded authentication tuple, then executing step C; C, HLR/AUC transmitting current correlation authentication tuple to MSC/VLR, and executing said recording transmitting relevant information operation; D, HLR/AUC receiving MSC/VLR returned authentication failing message or illegal synchronous message, deleting recorded transmitting MSC/VLR authentication tuple relevant information.

Description

A kind of method for continuous ' y using authentication tuple

Technical field

The present invention relates to the communication security technology, be specifically related to a kind of rogue attacks person of preventing and pretend to be legal terminal constantly to land the method that network is attacked network.

Background technology

In the existing 3-G (Generation Three mobile communication system), in portable terminal, preserve IMSI International Mobile Subscriber Identity IMSI, KI KI and sequence number SQNMS, preserve IMSI, KI and sequence number SQNHE at this portable terminal correspondence among the HLR/AUC of network side, to be used for portable terminal and network mutual authentication.

The existing authorizing procedure of 3G communication system is mainly: HLR/AUC produces random number RA ND, produces Expected Response XRES, encryption key CK, Integrity Key IK according to random number RA ND and KI; Produce MAC-A according to random number RA ND, sequence number SQNHE, KI KI and authentication management field AMF, according to MAC-A, SQNHE, AK and AMF obtain authentication signature AUTN (Authentication Token).Form the authentication five-tuple by RAND and XRES, CK, IK and AUTN, this five-tuple is sent to MSC/VLR preserve.Certainly, in the middle of the reality, HLR/AUC is that corresponding one or more five-tuples of answering the request of MSC/VLR just will produce send to MSC/VLR's.During authentication, MSC/VLR sends to terminal with RAND and AUTN in the corresponding five-tuple, and terminal if consistency checking does not pass through, is then returned failed authentication information to MSC/VLR according to the consistency of the KI checking AUTN that oneself preserves; If consistency checking passes through, judge then whether SQNHE belongs to acceptable scope: if belong to, then terminal judges goes out network authentication is passed through, terminal is returned the Authentication Response that terminal oneself produces to MSC/VLR, and upgrade SQNMS according to the SQNHE among the AUTN, whether the XRES in the Authentication Response that the MSC/VLR comparison terminal returns and the corresponding five-tuple the consistent legitimacy of judging terminal; Do not belong to tolerance interval if judge SQNHE, then produce again sync mark AUTS (Resynchronisation Token) according to SQNMS, network side MSC/VLR is returned synchronization request or synchronization failure (Synchronisation failure) message again, enclosing the AUTS of sync mark again of generation simultaneously, also is to comprise AUTS in the message.When network side MSC/VLR receives sync mark AUTS again, RAND in AUTS and the corresponding five-tuple is sent to HLR/AUC, HLR/AUC is according to correspondence KI that preserves and the RAND that receives, judge the legitimacy of AUTS, if illegal, then HLR/AUC returns the AUTS information unauthorized to MSC/VLR; If it is legal to judge AUTS, then HLR/AUC upgrades SQNHE according to the SQNMS among the AUTS, and produces a new authentication five-tuple and send to MSC/VLR, after MSC/VLR receives new five-tuple, and the old five-tuple that deletion is corresponding.

Long 16 bytes of above-mentioned authentication signature AUTN, comprise following content: 1) SQNHE^AK, the also SQNHE that has promptly encrypted, wherein long respectively 6 bytes of sequence number SQNHE and Anonymity Key AK with AK, SQNHE refers to be kept at the SQN of network side, to be different from the SQNMS that is kept at terminal; When needs were encrypted SQNHE, HLR/AUC produced AK according to RAND and KI, used AK that SQNHE is made XOR, thereby encrypted SQNHE; When not needing SQNHE encrypted, AK=0; 2) long 2 bytes of authentication management field AMF.3) long 8 bytes of message authentication coding MAC-A; MAC-A is used to verify the data integrity of RAND, SQNHE, AMF, is used for terminal HLR/AUC is carried out authentication.HLR/AUC calculates message authentication coding MAC-A among the AUTN according to RAND, SQNHE, KI and AMF.Like this, formed the authentication five-tuple by RAND, AUTN, XRES, CK, IK etc.

Therefore in the 3-G (Generation Three mobile communication system), authorizing procedure can ensure fully that terminal and network can not be subjected to the malice deception, thereby ensures the fail safe of terminal and network.

In the existing processing mode, HLR/AUC is when handling the request of MSC/VLR request authentication tuple, and after the corresponding authentication tuple was sent to HLR/AUC, the authentication tuple that these can be sent to MSC/VLR was left out.Here just exist security breaches to give the assailant.In the middle of the reality, when new user's logging in network, if the lane place that terminal is uploaded numbering is illegal, perhaps there is not uploading position district numbering, MSC/VLR can ask the authentication tuple to HLR/AUC, for example: disabled user A and B are respectively at two lane place logging in network, and the lane place of uploading numbering is illegal, perhaps clear-cut just uploading position district numbering not, like this, the MSC/VLR of these two lane place will obtain new authentication tuple from HLR/AUC, and behind this disabled user's login failure, the corresponding authentication tuple that deletion is obtained from HLR/AUC.The assailant can constantly repeat above-mentioned operation of landing network, causes so not only that HLR/AUC is frequent to calculate new authentication tuple, thereby increases the HLR/AUC load, also can obtain a large amount of authentication tuple data to the assailant and be used to attack KI and offer an opportunity.Certainly, an independent disabled user C also can be in same place constantly by initiating the purpose that position updating request reaches above-mentioned attacking network to network side.

If MSC/VLR does not delete the authentication tuple when login failure, then the continuous conversion user identity of assailant comes logging in network will make the MSC/VLR database data expand rapidly, normally moves thereby influence network.In the middle of the reality, the most effective attack means of assailant also comes attacking network by continuous conversion user identity logging in network.

In sum, how tackling rogue attacks person and by above-mentioned means network is attacked, reduce to greatest extent to attack and give the loss that network caused, is a problem that is worth solution.

Summary of the invention

In view of this, the present invention seeks to reduce the disabled user by constantly landing network and causing the continuous compute authentication tuple of HLR/AUC and to the influence that network causes, the loss minimum that rogue attacks is caused the network operation.

Technical scheme provided by the invention to achieve these goals is: a kind of method for continuous ' y using authentication tuple, being used for HLR/AUC manages the authentication tuple that sends to MSC/VLR, in the method, HLR/AUC is after sending to MSC/VLR with the authentication tuple, and record sends to the relevant information of these authentication tuples of MSC/VLR; Described method may further comprise the steps at least: a.HLR/AUC is when the request message of the request authentication tuple that receives MSC/VLR, judge whether to exist the relevant information of the authentication tuple that sends to MSC/VLR of counterpart terminal user's record, if exist, execution in step b then, otherwise direct execution in step c; B.HLR/AUC leaves out the authentication tuple of correspondence according to described relevant information, then execution in step c; After c.HLR/AUC will have relevant authentication tuple now and send to MSC/VLR, and carry out the operation of relevant information that described record sends to these authentication tuples of MSC/VLR; After d.HLR/AUC receives the failed authentication message or illegal synchronization message that MSC/VLR returns, the relevant information of the authentication tuple that sends to MSC/VLR of record is left out.

Preferably, described step b also comprises: the relevant information of the authentication tuple that sends to MSC/VLR that HLR/AUC will write down is left out.

Preferably, the relevant information of the authentication tuple that sends to MSC/VLR of described record is some special markings, and the relevant information that described record sends to these authentication tuples of MSC/VLR is meant that at HLR/AUC the authentication tuple that sends to MSC/VLR being increased signalment identifies the authentication tuple that these have sent to MSC/VLR; Perhaps, for each authentication tuple increases sequence number or serial number, the relevant information of the authentication tuple that sends to MSC/VLR of described record is these authentication tuple corresponding sequence number or serial numbers, or writes down the maximum of these authentication tuple corresponding sequence number or serial number; Perhaps, the relevant information of the authentication tuple that sends to MSC/VLR of described record is the SQNHE among RAND or AUTN or CK or IK or XRES or the AUTN in these authentication tuples; Perhaps, the relevant information of the authentication tuple that sends to MSC/VLR of described record is the maximum of the SQNHE among the AUTN of these authentication tuples; Perhaps, the relevant information of the authentication tuple that sends to MSC/VLR of described record is the sign that an expression has all sent to all authentication tuples of counterpart terminal user MSC/VLR.

Preferably, whether MSC/VLR may further include this failed authentication message in the failed authentication message that HLR/AUC returns be the information of the failed authentication message of first authentication tuple correspondence, after HLR/AUC receives the failed authentication message that MSC/VLR returns, earlier judge whether failed authentication message is the failed authentication message of first authentication tuple correspondence, if, then carry out the operation that the relevant information of the authentication tuple that sends to MSC/VLR that will write down is left out, otherwise, do not carry out the operation that the relevant information of the described authentication tuple that sends to MSC/VLR that will write down is left out, perhaps, relevant information according to the authentication tuple that sends to MSC/VLR that writes down is left out the authentication tuple of correspondence, and this relevant information is left out.

Preferably, HLR/AUC is when issuing the authentication tuple MSC/VLR, can also comprise in issuing message whether one oneself supported to keep the ability information of authentication tuple, MSC/VLR is judging that HLR/AUC issues when having comprised that HLR/AUC supports to keep the ability information of authentication tuple in the message of authentication tuple, just when utilizing first authentication tuple to carry out failed authentication, comprise that in failed authentication message this failed authentication message is the information of the failed authentication message of first authentication tuple correspondence.

Preferably, MSC/VLR may further include a deletion indication in the failed authentication message that HLR/AUC returns, whether indication HLR/AUC deletes and is continued to employ the authentication tuple, and delete all or part of, comprise the situation of only deleting first authentication tuple, in the steps d, comprise that also HLR/AUC leaves out the authentication tuple of correspondence according to described deletion indication.

Preferably, method according to claim 1, it is characterized in that, the time difference threshold value is set, the information that also comprises transmitting time in the relevant information of the authentication tuple that sends to MSC/VLR of described record, accordingly, comprise also among the step b that HLR/AUC judges that whether the difference of the transmitting time in current time and the described relevant information is less than the time difference threshold value that is provided with, if, then the authentication tuple of correspondence is not left out, otherwise carried out described operation of the authentication tuple of correspondence being left out according to the relevant information of the authentication tuple that sends to MSC/VLR that writes down according to the relevant information of the authentication tuple that sends to MSC/VLR that writes down.

Preferably, also comprise the deletion information of execution time started in the relevant information of the authentication tuple that sends to MSC/VLR of described record, accordingly, comprise also among the step b that HLR/AUC judges that whether the current time is less than the deletion execution time started that comprises in the described relevant information, if, then the authentication tuple of correspondence is not left out, otherwise carried out described operation of the authentication tuple of correspondence being left out according to the relevant information of the authentication tuple that sends to MSC/VLR that writes down according to the relevant information of the authentication tuple that sends to MSC/VLR that writes down.

Preferably, HLR/AUC can leave out the relevant information of the authentication tuple that sends to MSC/VLR of record when according to the relevant information of the authentication tuple that sends to MSC/VLR of record the authentication tuple of correspondence not being left out; Perhaps, the relevant information of the authentication tuple that sends to MSC/VLR that HLR/AUC will not write down is left out, but in step c, HLR/AUC is after sending to MSC/VLR with the authentication tuple, do not delete these authentication tuples, judge whether to exist the relevant information of the authentication tuple that sends to MSC/VLR that has before write down then, if there is no, then the HLR/AUC record sends to the relevant information of these authentication tuples of MSC/VLR, if exist, HLR/AUC can revise the relevant information of the authentication tuple that sends to MSC/VLR of precedence record, and the relevant information of authentication tuple that makes it to be handed down to this HLR/AUC MSC/VLR is consistent.

Preferably, the time difference threshold value is set, the information that also comprises transmitting time in the relevant information of the authentication tuple that sends to MSC/VLR of described record, accordingly, in the steps d, comprise that further HLR/AUC judges that whether the difference of the transmitting time in current time and the described relevant information is less than the time difference threshold value that is provided with, if, then carry out the operation that the relevant information of the authentication tuple that sends to MSC/VLR that will write down is left out, otherwise, do not carry out the operation that the relevant information of the authentication tuple that sends to MSC/VLR that will write down is left out, perhaps after the operation of the authentication tuple of correspondence being left out according to the relevant information of the authentication tuple that sends to MSC/VLR of record, the relevant information of the authentication tuple that sends to MSC/VLR that will write down is again left out.

Preferably, also comprise the deletion information of execution concluding time in the relevant information of the authentication tuple that sends to MSC/VLR of described record, accordingly, comprise further in the steps d that HLR/AUC judges that whether the current time is less than the effective time of implementation that comprises in the described relevant information, if, then carry out the operation that the relevant information of the authentication tuple that sends to MSC/VLR that will write down is left out, otherwise, do not carry out the operation that the relevant information of the authentication tuple that sends to MSC/VLR that will write down is left out, perhaps after the operation of the authentication tuple of correspondence being left out according to the relevant information of the authentication tuple that sends to MSC/VLR of record, the relevant information of the authentication tuple that sends to MSC/VLR that will write down is again left out.

Preferably, in above-mentioned steps c, HLR/AUC is after sending to MSC/VLR with all authentication tuples, can not produce new authentication tuple earlier, but waiting for that MSC/VLR returns the authentication successful information, and after receiving the authentication success message that MSC/VLR returns, produce new authentication tuple, in order to when MSC/VLR obtains the authentication tuple next time, can give MSC/VLR rapidly with response; Or in default time range, wait for that MSC/VLR returns failed authentication message, and when in this Preset Time scope, not receiving the failed authentication message that MSC/VLR returns, produce new authentication tuple in order to when MSC/VLR obtains the authentication tuple next time, can give MSC/VLR rapidly with response.

Preferably, MSC/VLR can carry the information of whether deleting the authentication tuple that issues in the request message of request authentication tuple, accordingly, step c also comprises, HLR/AUC judges the information of whether having carried the authentication tuple that deletion issues in the request message of request authentication tuple of MSC/VLR, if then HLR/AUC deletes this authentication tuple after the authentication tuple is sent to MSC/VLR, and process ends; Otherwise HLR/AUC does not delete these authentication tuples after the authentication tuple is sent to MSC/VLR, and record sends to the relevant information of these authentication tuples of MSC/VLR.

Preferably, MSC/VLR is only under the situation that the authentication tuple is used up during to HLR/AUC request authentication tuple, carries the information of the authentication tuple that deletion issues.

Another technical scheme provided by the invention is: a kind of method for continuous ' y using authentication tuple, being used for HLR/AUC manages the authentication tuple that sends to MSC/VLR, it is characterized in that, described method may further comprise the steps at least: a.HLR/AUC is when the request message of the request authentication tuple that receives MSC/VLR, all authentication tuples of counterpart terminal user are all sent to MSC/VLR, and do not delete these and send to MSC/VLR authentication tuple, start a timer simultaneously, and in default time range, wait for that MSC/VLR returns failed authentication message or illegal synchronization message; B.HLR judges that whether the value of timer reaches default time range, if reach, then stops timing, then execution in step c; Otherwise continue to wait for failed authentication message or illegal synchronization message that MSC/VLR returns, and obtaining stopping timing after failed authentication message that MSC/VLR returns or the illegal synchronization message, then process ends; C.HLR/AUC will before send to the authentication tuple of MSC/VLR and leave out.

Preferably, also comprise after the step c: HLR/AUC produces counterpart terminal user's new authentication tuple.

Preferably, whether may further include in the failed authentication message is the information of the failed authentication message of first authentication tuple correspondence, like this, in step b, HLR/AUC is after obtaining the failed authentication message that MSC/VLR returns, stop timing, and judge whether this failed authentication message is the failed authentication message of first authentication tuple correspondence, if, process ends then, otherwise, execution in step c.

Preferably, in step b, HLR/AUC stops timing, and judges whether this illegal synchronization message is the illegal synchronization message of first authentication tuple correspondence after obtaining the illegal synchronization message that MSC/VLR returns, if, process ends then, otherwise, execution in step c.

Preferably, MSC/VLR can carry the information of whether deleting the authentication tuple that issues in the request message of request authentication tuple, tell HLR/AUC after the authentication tuple of will being correlated with sends to MSC/VLR by this information, whether HLR/AUC deletes these authentication tuples that is handed down to MSC/VLR, accordingly, step a also comprises, HLR/AUC judges the information of whether having carried the authentication tuple that deletion issues in the request message of request authentication tuple of MSC/VLR, if, then HLR/AUC deletes this authentication tuple after the authentication tuple is sent to MSC/VLR, and process ends; Otherwise HLR/AUC does not delete these authentication tuples after the authentication tuple is sent to MSC/VLR.

Preferably, MSC/VLR can be under the situation that the authentication tuple is used up during to HLR/AUC request authentication tuple, carries the information of the authentication tuple that deletion issues.

The present invention also provides a technical scheme: be used for HLR/AUC the authentication tuple that sends to MSC/VLR is managed, described method comprises the steps: a.HLR/AUC when the request message of the request authentication tuple that receives MSC/VLR, and the authentication of will being correlated with tuple sends to MSC/VLR; B.MSC/VLR utilizes the authentication tuple that is obtained from HLR/AUC to carry out authentication, and when the authentication success, returns the authentication success message to HLR/AUC; C.HLR/AUC carries out deletion action to the authentication tuple that before sent to MSC/VLR after obtaining the authentication success message that MSC/VLR returns.

Preferably, the described deletion action of step c is meant that authentication tuple that produces the earliest in the existing authentication tuple that before sends to MSC/VLR of deletion.

Preferably, the described deletion action of step c is meant the authentication tuple that before sent to MSC/VLR is all left out.

Preferably, when MSC/VLR first authentication tuple is carried out authentication during utilizing the authentication tuple of obtaining from HLR/AUC, under the situation that authentication is passed through, just return the authentication success message to HLR/AUC.

Preferably, MSC/VLR can carry the information of whether deleting the authentication tuple that issues in the request message of request authentication tuple, accordingly, step a also comprises, HLR/AUC judges the information of whether having carried the authentication tuple that deletion issues in the request message of request authentication tuple of MSC/VLR, if then HLR/AUC deletes this authentication tuple after the authentication tuple is sent to MSC/VLR, and process ends; Otherwise HLR/AUC is sending to MSC/VLR with the authentication tuple, and carries out subsequent step.

Preferably, HLR/AUC is when issuing the authentication tuple MSC/VLR, can in issuing message, comprise oneself whether supporting to keep the ability information of authentication tuple, MSC/VLR is judging that HLR/AUC issues when having comprised that HLR/AUC supports to keep the ability information of authentication tuple in the message of authentication tuple, just can return the authentication success message to HLR/AUC when authentication is successful.

Preferably, step a also comprises HLR/AUC after the authentication tuple is sent to MSC/VLR, and record sends to the relevant information of these authentication tuples of MSC/VLR; Correspondingly, after step c HLR/AUC was obtaining authentication success message that MSC/VLR returns, the authentication tuple that will before send to MSC/VLR according to the described relevant information of record was left out.

Preferably, step c also comprises: the relevant information of the authentication tuple that sends to MSC/VLR that HLR/AUC will write down is left out.

Preferably, step a is meant: HLR/AUC sends to MSC/VLR with all authentication tuples of counterpart terminal user when the request message of the request authentication tuple that receives MSC/VLR, and does not delete these and send to MSC/VLR authentication tuple.

Preferably, also comprise after the step c: HLR/AUC produces new authentication tuple that should the terminal use.

Description of drawings

Fig. 1 is the flow chart of the specific embodiment of the present invention one.

Fig. 2 is the flow chart of the specific embodiment of the present invention two.

Fig. 3 is the flow chart of the specific embodiment of the present invention three.

Fig. 4 is the flow chart of first embodiment of the specific embodiment of the present invention three.

Fig. 5 is the flow chart of second embodiment of the specific embodiment of the present invention three.

Embodiment

In the mobile communications network, in portable terminal, preserve IMSI International Mobile Subscriber Identity IMSI, KI KI and sequence number SQNMS, preserve IMSI, KI and sequence number SQNHE at this portable terminal correspondence among the HLR/AUC of network side, to be used for portable terminal and network mutual authentication.

This paper provides a kind of method for continuous ' y using authentication tuple, requires HLR/AUC after the authentication tuple is sent to MSC/VLR, does not delete these authentication tuples, but record sends to the relevant information of these authentication tuples of MSC/VLR.HLR/AUC is after receiving the failed authentication message that MSC/VLR returns, the relevant information of the authentication tuple that sends to MSC/VLR of record is left out, when HLR/AUC obtains the authentication tuple at next MSC/VLR, if the relevant information of the authentication tuple that sends to MSC/VLR of described record is not also left out, then the corresponding authentication tuple is left out according to the relevant information of these authentication tuples that write down.

See also Fig. 1, the specific embodiment of the present invention one is as follows:

Step 100, MSC/VLR sends the request message of request authentication tuple to HLR/AUC.

Step 101, HLR/AUC judges whether the counterpart terminal user exists the relevant information of the authentication tuple that sends to MSC/VLR of record when the request message of the request authentication tuple that receives MSC/VLR, if exist, then execution in step 103, otherwise direct execution in step 105.

Step 103, HLR/AUC leaves out the authentication tuple of correspondence according to the relevant information of the authentication tuple that sends to MSC/VLR of record, and this relevant information is left out, and execution in step 105 then.

Step 105, HLR/AUC does not delete these authentication tuples after the authentication tuple is sent to MSC/VLR, and record sends to the relevant information of these authentication tuples of MSC/VLR.

In step 103, HLR/AUC is after leaving out the authentication tuple of correspondence according to the relevant information of the authentication tuple that sends to MSC/VLR that writes down, can this relevant information not left out earlier yet, but unify deletion at certain special time, but preferred implementation is the deletion immediately in present embodiment.

HLR/AUC can identify the authentication tuple that these have sent to MSC/VLR by the authentication tuple that sends to MSC/VLR is increased signalment.Certainly, also can be by increasing sequence number or serial number for each authentication tuple, and write down the sequence number of corresponding authentication tuple or the relevant information that serial number realizes writing down these authentication tuples that send to MSC/VLR, for example, this serial number can be the SQNHE in the AUTN in the corresponding authentication tuple.Certainly, also can directly write down relevant information in the authentication tuple, or AUTN, or CK, or IK, or XRES, or the SQNHE among the AUTN waits and reaches the purpose of relevant information that record sends to these authentication tuples of MSC/VLR such as RAND.In the middle of the reality, as long as make HLR/AUC can know which authentication tuple is sent to MSC/VLR and is using.Therefore, when the SQNHE in the AUTN of the authentication tuple of described sequence number or serial number or generation is when increasing progressively, when writing down the relevant information of these authentication tuples that send to MSC/VLR, can only write down SQNHE maximum in sequence number maximum in these authentication tuples or serial number maximum or the corresponding AUTN, like this, HLR/AUC is according to described maximum, can be with SQNHE in all corresponding sequence number or serial number or the AUTN less than this peaked authentication tuple as the authentication tuple that sends to MSC/VLR, also be, when execution in step 103, HLR/AUC sends to these authentication tuples of MSC/VLR according to record relevant information is left out the authentication tuple of correspondence and is meant SQNHE in all corresponding sequence number or serial number or the AUTN is left out less than this peaked authentication tuple.If HLR/AUC has sent to MSC/VLR with all authentication tuples of counterpart terminal user, then HLR/AUC is when record sends to the relevant information of these authentication tuples of MSC/VLR, can only write down the sign of all authentication tuples of expression in usefulness, such as, this value of statistical indicant is 1 o'clock, and expression has all sent to MSC/VLR with all authentication tuples of counterpart terminal user.When being masked as 0, represent that these authentication tuples are not sent out away.Like this, HLR/AUC can indicate to come but according to this, and which authentication tuple has been sent to MSC/VLR, also be, judge whether all authentication tuples have all been sent to MSC/VLR according to this sign, for example describedly be masked as 1, or, do not send the authentication tuple to MSC/VLR, for example all are masked as 0.

Step 107 after HLR/AUC receives the failed authentication message that MSC/VLR returns, is left out the relevant information of the authentication tuple that sends to MSC/VLR of record.MSC/VLR can return failed authentication information to HLR/AUC by the failed authentication report.

Usually HLR/AUC once sends to maximum five groups of the authentication tuple of MSC/VLR, and HLR/AUC sends in the authentication tuple of MSC/VLR, authentication tuple headed by first authentication tuple.

Whether MSC/VLR may further include this failed authentication message in the failed authentication message that HLR/AUC returns be the information of the failed authentication message of first authentication tuple correspondence, like this, in the step 107, after HLR/AUC receives the failed authentication message that MSC/VLR returns, earlier judge whether failed authentication message is the failed authentication message of first authentication tuple correspondence, if, then carry out the operation that the relevant information of the authentication tuple that sends to MSC/VLR that will write down is left out, otherwise, do not carry out operation that the relevant information of the described authentication tuple that sends to MSC/VLR that will write down leaves out or the authentication tuple of correspondence is left out, and this relevant information is left out according to the relevant information of the authentication tuple that sends to MSC/VLR of record.MSC/VLR can return the failed authentication message of information that has comprised the failed authentication message that whether is first authentication tuple correspondence by the extended authentication failure reporting to HLR/AUC.

MSC/VLR may further include a deletion indication in the failed authentication message that HLR/AUC returns, whether indication HLR/AUC deletes and is continued to employ the authentication tuple, and delete all or part of, comprise the situation of only deleting first authentication tuple, like this, in the step 107, after the relevant information of the authentication tuple that sends to MSC/VLR that HLR/AUC will write down is left out, according to described deletion indication the authentication tuple of correspondence is left out again.This situation occurs in user terminal and for a long time network authentication is not passed through, perhaps Chief Web Officer time situation that subscriber terminal authority is not passed through so can be because of the problem that AUC has miscalculated an AUTN and the legal mobile phone that causes because continue to employ can't be surfed the Net always.Here main consideration is fault-tolerance.Certainly, this situation can not take place substantially, so, can not consider yet, and when this situation appears in reality, always do not land network such as customer complaint, carry out fault Shen announcement to the business hall or by the operation Service Phone to operator by validated user this moment, operator accuses according to the fault Shen, sends the order of removing corresponding authentication tuple from Ying Yetingjiekou to HLR/AUC, the authentication tuple deletion that HLR/AUC will continue to employ by this order.But the so-called fault-tolerance here also is easy to suffer rogue attacks person's attack.

This fault-tolerantly also can be realized by HLR/AUC: HLR/AUC adds up at the failure reporting of an IMSI, after failure reporting arrives certain counting, is initialized as 0 with first deletion of current authentication tuple of continuing to employ and with the failure reporting counting.

HLR/AUC can be provided with a failure reporting total counter at an IMSI, is used to add up the total degree of failure reporting, and HLR/AUC can propose to report to the police to the user after the failure total degree reaches some.

In the middle of the reality, when MSC/VLR informed against authentication tuple failed authentication in judgement, MSC/VLR can take from all the authentication tuple of the respective user of HLR/AUC and leave out, and therefore, these authentication tuples can continue to use in HLR/AUC in this case.When failed authentication message is not the failed authentication message of first authentication tuple correspondence, illustrate that MSC/VLR utilizes first authentication tuple to carry out successful authentication, at this moment, MSC/VLR is when failed authentication, the authentication tuple of using when failed authentication is used in continuation, know and utilize this authentication tuple authentication success that perhaps the user roams into other MSC/VLR or the overtime nothing response of user.

HLR/AUC is when issuing the authentication tuple MSC/VLR, can also comprise in issuing message whether one oneself supported to keep the ability information of authentication tuple, MSC/VLR is judging that HLR/AUC issues in the message of authentication tuple, comprised when HLR/AUC supports to keep the ability of authentication tuple, just when utilizing first authentication tuple to carry out failed authentication, comprise that in failure reporting this failed authentication message is the information of the failed authentication message of first authentication tuple correspondence.Whether can guarantee the HLR/AUC that new MSC/VLR is compatible old like this, be the information of the failed authentication message of first authentication tuple correspondence because old HLR/AUC may not understand failed authentication message.

When writing down the relevant information of the authentication tuple that sends to MSC/VLR in this method, the information that can comprise transmitting time, like this, in the step 103, comprise that further HLR/AUC judges the poor of transmitting time in current time and the described relevant information, whether less than the time difference threshold value that is provided with, if, then the authentication tuple of correspondence is not left out, otherwise carried out described operation of the authentication tuple of correspondence being left out according to the relevant information of the authentication tuple that sends to MSC/VLR that writes down according to the relevant information of the authentication tuple that sends to MSC/VLR that writes down.

The time difference threshold value here can be included in the relevant information of the authentication tuple that sends to MSC/VLR of record, unit records also can be set separately should the time difference threshold value, makes this time difference threshold value can be applied to all terminal uses or is applied in a terminal use's the record of relevant information of the authentication tuple that repeatedly sends to MSC/VLR.

In the middle of the reality, when writing down the relevant information of the authentication tuple that sends to MSC/VLR in this method, can comprise deletion execution time started information, also be, recording step 103 is carried out beginning information effective time of deletion action, and HLR/AUC can obtain deletion according to the addend of transmitting time and time difference threshold value and carry out the time started.At this moment, comprise further in the step 103 that HLR/AUC judges that whether the current time is less than the deletion execution time started that comprises in the described relevant information, if, then the authentication tuple of correspondence is not left out, otherwise carried out described operation of the authentication tuple of correspondence being left out according to the relevant information of the authentication tuple that sends to MSC/VLR that writes down according to the relevant information of the authentication tuple that sends to MSC/VLR that writes down.

Above-mentioned time difference threshold information or effectively comprise that the situation of information of a plurality of authentication tuples is meaningful in the relevant information of time of implementation information for the authentication tuple that sends to MSC/VLR of record, and for the situation that only comprises the information of an authentication tuple in this relevant information, can not consider temporal information, certainly, also not be used in the relevant information of the authentication tuple that sends to MSC/VLR of record described time difference threshold information of record or effective time of implementation information equal time information.

In step 103, HLR/AUC can leave out the relevant information of the authentication tuple that sends to MSC/VLR of record when according to the relevant information of the authentication tuple that sends to MSC/VLR of record the authentication tuple of correspondence not being left out; Perhaps, the relevant information of the authentication tuple that sends to MSC/VLR that HLR/AUC will not write down is left out, but in step 105, HLR/AUC is after sending to MSC/VLR with the authentication tuple, do not delete these authentication tuples, judge whether to exist the relevant information of the authentication tuple that sends to MSC/VLR that has before write down then, if there is no, then the HLR/AUC record sends to the relevant information of these authentication tuples of MSC/VLR, if exist, HLR/AUC can revise the relevant information of the authentication tuple that sends to MSC/VLR of precedence record, and the relevant information of authentication tuple that makes it to be handed down to this HLR/AUC MSC/VLR is consistent.

When writing down the relevant information of the authentication tuple that sends to MSC/VLR in this method, may further include the information of transmitting time, like this, in the step 107, comprise that further HLR/AUC judges the poor of transmitting time in current time and the described relevant information, whether less than the time difference threshold value that is provided with, if, then carry out the operation that the relevant information of the authentication tuple that sends to MSC/VLR that will write down is left out, otherwise, do not carry out the operation that the relevant information of the authentication tuple that sends to MSC/VLR that will write down is left out, after perhaps carrying out the operation that the relevant information of the authentication tuple that sends to MSC/VLR that will write down leaves out, the operation that HLR/AUC leaves out the authentication tuple of correspondence according to the relevant information of the authentication tuple that sends to MSC/VLR that writes down again.

In the middle of the reality, when writing down the relevant information of the authentication tuple that sends to MSC/VLR in this method, can comprise deletion execution concluding time information, also be, recording step 107 is carried out end information effective time of deletion action, and HLR/AUC can obtain deletion according to the addend of transmitting time and time difference threshold value and carry out the concluding time.At this moment, comprise further in the step 107 that HLR/AUC judges that whether the current time is less than the deletion execution concluding time that comprises in the described relevant information, if, then carry out the operation that the relevant information of the authentication tuple that sends to MSC/VLR that will write down is left out, otherwise, do not carry out the operation that the relevant information of the authentication tuple that sends to MSC/VLR that will write down is left out, after perhaps carrying out the operation that the relevant information of the authentication tuple that sends to MSC/VLR that will write down leaves out, the operation that HLR/AUC leaves out the authentication tuple of correspondence according to the relevant information of the authentication tuple that sends to MSC/VLR that writes down again.

This method further comprises, after step 105, after HLR/AUC receives the synchronization request message that MSC/VLR sends, when judging that synchronization request message is illegal, the relevant information of the authentication tuple that sends to MSC/VLR of record left out.Because this illegal synchronization message may come from the synchronously false of rogue attacks person.If synchronization request is legal, then the authentication tuple of correspondence is left out according to the relevant information of the authentication tuple that sends to MSC/VLR that writes down, then produce new authentication tuple, and after new authentication tuple sent to MSC/VLR, do not delete this authentication tuple, and record sends to the relevant information of this authentication tuple of MSC/VLR.Usually, after MSC/VLR receives the synchronization request message of terminal, send the request message that obtains the authentication tuple to HLR/AUC, the sync mark symbol AUTS that carried terminal sends in this request message etc. are the random number in parameter and the corresponding authentication tuple synchronously, and it is synchronization request message that the parameter information that carries in the request message of HLR/AUC according to this acquisition request authentication tuple can be judged this request message.

This method comprises that further MSC/VLR after the execution authentication is passed through, returns the authentication success message to HLR/AUC, and this authentication success message can be realized by the extended authentication failure reporting.Such as increasing the failed authentication cause value is the authentication success, utilizes this failed authentication cause value of authentication success to come to transmit to HLR/AUC the information of authentication success.MSC/VLR need be after authentication not be passed through each time, all return the authentication success message to HLR/AUC, MSC/VLR can be only when first authentication tuple is carried out authentication during utilizing the authentication tuple of obtaining from HLR/AUC, just returns the authentication success message to HLR/AUC under the situation that authentication is passed through.

After the above-mentioned steps 105, HLR/AUC is after receiving the authentication success message that MSC/VLR returns, directly the authentication tuple of correspondence is left out, and the relevant information of the authentication tuple that sends to MSC/VLR that will write down is left out according to the relevant information of the authentication tuple that sends to MSC/VLR that writes down.

HLR/AUC is when issuing the authentication tuple MSC/VLR, may further include oneself and whether support to keep the ability of authentication tuple, MSC/VLR is judging that HLR/AUC issues in the message of authentication tuple, comprised when HLR/AUC supports to keep the ability of authentication tuple, just can when the authentication success, return the authentication success message to HLR/AUC.Can guarantee the HLR/AUC that new MSC/VLR is compatible old like this.

If MSC/VLR is after each execution authentication is passed through, authentication success messages that returns to HLR/AUC all, then after the step 105, HLR/AUC is after receiving the authentication success message that MSC/VLR returns, can directly first authentication tuple of correspondence be left out according to the relevant information of the authentication tuple that sends to MSC/VLR that writes down, and the relevant information of the authentication tuple that sends to MSC/VLR of amendment record, the information of first authentication tuple is left out.When the information of all authentication tuple correspondences was all left out, the relevant information of the authentication tuple that sends to MSC/VLR that HLR/AUC will write down was left out.This situation do not have above-mentioned first authentication tuple authentication by after just return the authentication success message to HLR/AUC, HLR/AUC is after receiving the authentication success message that MSC/VLR returns, directly the authentication tuple of correspondence is left out, and the implementation that the relevant information of the authentication tuple that sends to MSC/VLR that will write down is left out is good according to the relevant information of the authentication tuple that sends to MSC/VLR that writes down.

MSC/VLR is after the execution authentication is passed through, return the sequence number that may further include corresponding authentication tuple in the authentication success message to HLR/AUC, like this, after the above-mentioned steps 105, HLR/AUC is after receiving the authentication success message that MSC/VLR returns, can be directly the authentication tuple of corresponding sequence number be left out according to the relevant information of the authentication tuple that sends to MSC/VLR of sequence number that comprises in the authentication success message and record, and the relevant information of the authentication tuple that sends to MSC/VLR of amendment record, the information of the pairing authentication tuple of described sequence number is left out.When the information of all authentication tuple correspondences was all left out, the relevant information of the authentication tuple that sends to MSC/VLR that HLR/AUC will write down was left out.Usually HLR/AUC once sends to maximum five groups of the authentication tuple of MSC/VLR, and MSC/VLR and HLR/AUC can consult with 0 to 4, and perhaps 1 to 5 five numbers are represented the sequence number of corresponding authentication tuple.This implementation does not have above-mentioned implementation good yet.

Usually, in above-mentioned steps 105, HLR/AUC can produce the authentication tuple again after all authentication tuples are all sent to MSC/VLR, in order to next time when MSC/VLR obtains the authentication tuple, can give MSC/VLR with response rapidly.Obviously, in this case, the authentication tuple of preserving at user among the HLR/AUC had both existed usually and had sent to MSC/VLR, also existed also not send to MSC/VLR's.Therefore, which authentication tuple is the relevant information that sends to the authentication tuple of MSC/VLR by record can distinguish effectively is sent to MSC/VLR in usefulness, and which authentication tuple does not also send.

As a kind of optimization, in above-mentioned steps 105, HLR/AUC is after sending to MSC/VLR with all authentication tuples, can not produce new authentication tuple earlier, but waiting for that MSC/VLR returns the authentication successful information, and after receiving the authentication success message that MSC/VLR returns, produce new authentication tuple, in order to when MSC/VLR obtains the authentication tuple next time, can give MSC/VLR rapidly with response; Or in default time range, wait for that MSC/VLR returns failed authentication message, and when in this Preset Time scope, not receiving the failed authentication message that MSC/VLR returns, produce new authentication tuple in order to when MSC/VLR obtains the authentication tuple next time, can give MSC/VLR rapidly with response.If when in the Preset Time scope, receiving the failed authentication message that MSC/VLR returns, illustrate that MSC/VLR utilizes first authentication tuple and terminal authentication to get nowhere, at this moment, way according to MSC/VLR, MSC/VLR will take from the authentication tuple of HLR/AUC and leave out, and at this moment, HLR/AUC can continue to reuse these authentication tuples, therefore, do not need to produce new authentication tuple.If in the Preset Time scope, do not receive the failed authentication message that MSC/VLR returns, illustrate that MSC/VLR utilizes first authentication tuple and terminal authentication success.At this moment, MSC/VLR can preserve other authentication tuple except first authentication tuple of taking from HLR/AUC, at this moment, HLR/AUC can not reuse these authentication tuples again, therefore, HLR/AUC need produce new authentication tuple, in order to when MSC/VLR obtains the authentication tuple next time, can give MSC/VLR with response rapidly.

MSC/VLR can carry the information of whether deleting the authentication tuple that issues in the request message of request authentication tuple, tell HLR/AUC after the authentication tuple of will being correlated with sends to MSC/VLR by this information, whether HLR/AUC deletes these authentication tuples that is handed down to MSC/VLR.Like this, step 105 further comprises, HLR/AUC judges the information of whether having carried the authentication tuple that deletion issues in the request message of request authentication tuple of MSC/VLR, if HLR/AUC judges the information of having carried the authentication tuple that deletion issues in the request message of request authentication tuple of MSC/VLR, then HLR/AUC deletes this authentication tuple after the authentication tuple is sent to MSC/VLR, and process ends, certainly, before the process ends, can judge whether also to exist counterpart terminal user's authentication tuple, if there is no, can produce give MSC/VLR with quick response when MSC/VLR obtains the authentication tuple next time authentication tuple that should the terminal use; If HLR/AUC judges the information of not carrying the authentication tuple that issues about deletion in the request message of request authentication tuple of MSC/VLR, then HLR/AUC is after sending to MSC/VLR with the authentication tuple, do not delete these authentication tuples, and record sends to the relevant information of these authentication tuples of MSC/VLR.

MSC/VLR can be only under the situation that the authentication tuple is used up during to HLR/AUC request authentication tuple, carry the information of the authentication tuple that deletion issues.When MSC/VLR does not still have respective user information in VLR, or the user is when just having roamed into this MSC/VLR, is carrying the information of not deleting the authentication tuple that issues to HLR/AUC request authentication tuple the time.

Because, when having validated user in VLR, perhaps the user is not when roaming into this MSC/VLR, if there is the disabled user to attack, among the VLR authentication tuple may be arranged, this authentication tuple may be before to obtain from HLR/AUC, or from a last MSC/VLR of user's roaming, obtain, after perhaps just the authentication tuple is used up, when MSC/VLR obtains the authentication tuple from HLR/AUC, the authentication tuple that obtains can continue as validated user and use, and authentication just can't pass the corresponding authentication tuple is left out when MSC/VLR can not attack because of rogue attacks person.And, when the user roams, when current VLR can obtain the authentication tuple at the VLR of the next roaming of response, the authentication tuple that to not use up sends to the described next roaming VLR of request authentication tuple, therefore, also can not cause the waste of authentication tuple, therefore, it is unnecessary that HLR/AUC keeps the authentication tuple, and MSC/VLR can carry the information of deleting the authentication tuple that issues to HLR/AUC request authentication tuple the time.

Another kind of method for continuous ' y using authentication tuple provided herein, HLR/AUC is when the message of the request authentication tuple that receives MSC/VLR, all authentication tuples of counterpart terminal user are sent out all give MSC/VLR, do not delete these authentication tuples, do not write down the relevant information of these authentication tuples that send to MSC/VLR yet.But in default time range, wait for that MSC/VLR returns failed authentication message, and when not receiving the failed authentication message that MSC/VLR returns in this Preset Time scope, HLR/AUC leaves out these authentication tuples, and produces new authentication tuple.

See also Fig. 2, the specific embodiment of the present invention two is as follows:

Step 201, HLR/AUC is when the request message of the request authentication tuple that receives MSC/VLR, all authentication tuples of counterpart terminal user are all sent to MSC/VLR, and do not delete these and send to MSC/VLR authentication tuple, start a timer simultaneously, and in default time range, wait for that MSC/VLR returns failed authentication message or illegal synchronization message.

Step 203, HLR judges whether the value of timer reaches default time range, if reach, then stops timing, and execution in step 205 then; Otherwise, enter step 207.

Step 205, HLR/AUC will before send to the authentication tuple of MSC/VLR and leave out, and execution in step 209 then.

Step 207 continue to be waited for failed authentication message or illegal synchronization message that MSC/VLR returns, and is obtaining stopping timing after failed authentication message that MSC/VLR returns or the illegal synchronization message, then process ends.

Step 209, HLR/AUC produces counterpart terminal user's new authentication tuple, process ends then.

In this method, whether may further include in the failed authentication message is the information of the failed authentication message of first authentication tuple correspondence, like this, in step 203, HLR/AUC is after obtaining the failed authentication message that MSC/VLR returns, stop timing, and judge whether this failed authentication message is the failed authentication message of first authentication tuple correspondence, if, process ends then, otherwise, execution in step 205.

MSC/VLR can come to return the failed authentication message of information that has comprised the failed authentication message that whether is first authentication tuple correspondence to HLR/AUC by the extended authentication failure reporting.

In step 209, can further include the authentication tuple that HLR/AUC judges whether to exist the counterpart terminal user, if there is no, then produce new authentication tuple that should the terminal use, otherwise, do not produce new authentication tuple that should the terminal use.

After HLR/AUC receives the synchronization request message of MSC/VLR transmission, judge according to the KI of oneself preserving whether synchronization request message is legal, specifically how to judge, can repeat no more here referring to the 3GPP protocol specification.HLR/AUC can also judge whether this synchronization message is the synchronization message of first authentication tuple correspondence according to the random number of the corresponding authentication tuple of being uploaded by MSC in the synchronization message.Such as, HLR/AUC relatively in the synchronization message in random number and the first authentication tuple random number whether identical, if identical, illustrate that then this synchronization message is the synchronization message of first authentication tuple correspondence.Like this, in step 203, HLR/AUC stops timing, and judges whether this illegal synchronization message is the synchronization message of first authentication tuple correspondence after obtaining the illegal synchronization message that MSC/VLR returns, if, process ends then, otherwise, execution in step 205.

HLR/AUC is when issuing the authentication tuple MSC/VLR, can also comprise in issuing message whether one oneself supported to keep the ability information of authentication tuple, MSC/VLR is judging that HLR/AUC issues when having comprised that HLR/AUC supports to keep the ability information of authentication tuple in the message of authentication tuple, just when utilizing first authentication tuple to carry out failed authentication, comprise that in failure reporting this failed authentication message is the information of the failed authentication message of first authentication tuple correspondence.

MSC/VLR can carry the information of whether deleting the authentication tuple that issues in the request message of request authentication tuple, tell HLR/AUC after the authentication tuple of will being correlated with sends to MSC/VLR by this information, whether HLR/AUC deletes these authentication tuples that is handed down to MSC/VLR, accordingly, also comprise in the step 201, HLR/AUC judges the information of whether having carried the authentication tuple that deletion issues in the request message of request authentication tuple of MSC/VLR, if, then HLR/AUC deletes this authentication tuple after the authentication tuple is sent to MSC/VLR, and process ends, certainly, before the process ends, can produce give MSC/VLR with quick response when MSC/VLR obtains the authentication tuple next time authentication tuple that should the terminal use; Otherwise HLR/AUC does not delete these authentication tuples after the authentication tuple is sent to MSC/VLR.

MSC/VLR can be only under the situation that the authentication tuple is used up during to HLR/AUC request authentication tuple, carry the information of the authentication tuple that deletion issues.

The third method for continuous ' y using authentication tuple provided herein, HLR/AUC is when the request message of the request authentication tuple that receives MSC/VLR, to have relevant authentication tuple now and send to MSC/VLR, do not delete these and send to MSC/VLR authentication tuple, but after obtaining the authentication success message that MSC/VLR returns, the authentication tuple that will before send to MSC/VLR is again left out.

See also Fig. 3, the specific embodiment of the present invention three is as follows:

301, HLR/AUC will have relevant authentication tuple now and send to MSC/VLR when the request message of the request authentication tuple that receives MSC/VLR.

303, MSC/VLR utilizes the authentication tuple that is obtained from HLR/AUC to carry out authentication, and when the authentication success, returns the authentication success message to HLR/AUC.

305, HLR/AUC carries out deletion action to the authentication tuple that before sent to MSC/VLR after obtaining the authentication success message that MSC/VLR returns.

In step 305, described deletion action is meant that authentication tuple that produces the earliest in the existing authentication tuple that before sends to MSC/VLR of deletion.Like this, after five authentication tuples send to MSC/VLR, have only when MSC/VLR has returned five authentication success messages, HLR/AUC just can all leave out these five authentication tuples.

In step 305, described deletion action also can be meant all to be left out the authentication tuple that before sent to MSC/VLR.This processing mode will help to improve the treatment effeciency of MSC/VLR and HLR/AUC, because, MSC/VLR only need return an authentication success message and get final product, general, returning the authentication success message to HLR/AUC when utilizing first authentication tuple authentication successful gets final product, and in the authentication tuple of utilizing this to obtain, during the success of follow-up authentication tuple authentication, do not need to return the authentication success message to HLR/AUC again, thereby also simplified the processing of HLR/AUC.In the embodiment of back, will launch at this mode.

For rogue attacks person, when it pretends to be the legal terminal user to land network, MSC/VLR can't pass through its authentication, therefore, also just can't return the authentication success message, like this to HLR/AUC, HLR/AUC just can not delete the authentication tuple that before sent to MSC/VLR, like this, just can not cause the waste of authentication tuple, thereby reduce the loss that is caused when rogue attacks person attacks.

In first kind of embodiment of this method, HLR/AUC is after sending to MSC/VLR with the authentication tuple, do not delete these authentication tuples, but record sends to the relevant information of these authentication tuples of MSC/VLR, and or the like the message of the first authentication tuple of MSC/VLR Returning utilization authentication success, after obtaining the message that MSC/VLR utilizes the success of first authentication tuple authentication, HLR/AUC leaves out the authentication tuple of correspondence according to the relevant information of these authentication tuples that send to MSC/VLR of record.

See also Fig. 4, Fig. 4 is first embodiment of above-mentioned embodiment three.

Step 401, HLR/AUC will have relevant authentication tuple now and send to MSC/VLR when the request message of the request authentication tuple that receives MSC/VLR, and carry out the operation of relevant information that described record sends to these authentication tuples of MSC/VLR.

Step 403, MSC/VLR utilizes the authentication tuple that is obtained from HLR/AUC to carry out authentication, and when the authentication success, returns the authentication success message to HLR/AUC.

Step 405, HLR/AUC is after obtaining the authentication success message that MSC/VLR returns, and the relevant information that sends to these authentication tuples of MSC/VLR according to record will before send to the authentication tuple of MSC/VLR and leave out.

In step 405, can also comprise that the relevant information of the authentication tuple that sends to MSC/VLR that HLR/AUC will write down is left out.

HLR/AUC can identify the authentication tuple that these have sent to MSC/VLR by the authentication tuple that sends to MSC/VLR is increased signalment.Certainly, also can be by increasing sequence number or serial number for each authentication tuple, and write down the sequence number of corresponding authentication tuple or the relevant information that serial number realizes writing down these authentication tuples that send to MSC/VLR, for example, this serial number can be the SQNHE in the AUTN in the corresponding authentication tuple.Certainly, also can directly write down relevant information in the authentication tuple, or AUTN, or CK, or IK, or XRES, or the SQNHE among the AUTN waits and reaches the purpose of relevant information that record sends to these authentication tuples of MSC/VLR such as RAND.In the middle of the reality, as long as make HLR/AUC can know which authentication tuple is sent to MSC/VLR and is using.Therefore, when the SQNHE in the AUTN of the authentication tuple of described sequence number or serial number or generation is when increasing progressively, when writing down the relevant information of these authentication tuples that send to MSC/VLR, can only write down SQNHE maximum in sequence number maximum in these authentication tuples or serial number maximum or the corresponding AUTN, like this, HLR/AUC is according to described maximum, can be with SQNHE in all corresponding sequence number or serial number or the AUTN less than this peaked authentication tuple as the authentication tuple that sends to MSC/VLR, also be, when execution in step 405, the authentication tuple that HLR/AUC sends to these authentication tuples of MSC/VLR according to record relevant information will before send to MSC/VLR is left out and is meant SQNHE in all corresponding sequence number or serial number or the AUTN is left out less than this peaked authentication tuple.If HLR/AUC has sent to MSC/VLR with all authentication tuples of counterpart terminal user, then HLR/AUC is when record sends to the relevant information of these authentication tuples of MSC/VLR, can only write down the sign of all authentication tuples of expression in usefulness, such as, this value of statistical indicant is 1 o'clock, and expression has all sent to MSC/VLR with all authentication tuples of counterpart terminal user.When being masked as 0, represent that these authentication tuples are not sent out away.Like this, HLR/AUC can indicate to come but according to this, and which authentication tuple has been sent to MSC/VLR, also be, judge whether all authentication tuples have all been sent to MSC/VLR according to this sign, for example describedly be masked as 1, or, do not send the authentication tuple to MSC/VLR, for example all are masked as 0.

In the method, when MSC/VLR can only first authentication tuple be carried out authentication during utilizing the authentication tuple of obtaining from HLR/AUC, under the situation that authentication is passed through, just return the authentication success message to HLR/AUC.

MSC/VLR can carry the information of whether deleting the authentication tuple that issues in the request message of request authentication tuple, tell HLR/AUC after the authentication tuple of will being correlated with sends to MSC/VLR by this information, whether HLR/AUC deletes these authentication tuples that is handed down to MSC/VLR, accordingly, also comprise in the step 401, HLR/AUC judges the information of whether having carried the authentication tuple that deletion issues in the request message of request authentication tuple of MSC/VLR, if, then HLR/AUC deletes this authentication tuple after the authentication tuple is sent to MSC/VLR, and process ends; Otherwise HLR/AUC does not delete these authentication tuples after the authentication tuple is sent to MSC/VLR, and record sends to the relevant information of these authentication tuples of MSC/VLR.

In second kind of embodiment of this method, HLR/AUC is when the message of the request authentication tuple that receives MSC/VLR, all authentication tuples of counterpart terminal user are sent out all give MSC/VLR, do not delete these authentication tuples, do not write down the relevant information of these authentication tuples that send to MSC/VLR yet.But wait for the message of the first authentication tuple of MSC/VLR Returning utilization authentication success, after obtaining the message that MSC/VLR utilizes the success of first authentication tuple authentication, HLR/AUC leaves out these authentication tuples, and produces new authentication tuple.

See also Fig. 5, Fig. 5 is second embodiment of above-mentioned embodiment three.

Step 501, HLR/AUC sends to MSC/VLR with all authentication tuples of counterpart terminal user when the request message of the request authentication tuple that receives MSC/VLR, and does not delete these and send to MSC/VLR authentication tuple.

Step 503, MSC/VLR utilizes first authentication tuple to carry out authentication after obtaining the authentication tuple that HLR/AUC returns, and when the authentication success, returns the authentication success message to HLR/AUC.

Step 505, HLR/AUC leaves out the authentication tuple that before sent to MSC/VLR after obtaining the authentication success message that MSC/VLR returns.

Step 507, HLR/AUC produces new authentication tuple that should the terminal use.

In step 507, HLR/AUC produces new authentication tuple, is for when MSC/VLR obtains the authentication tuple next time, can give MSC/VLR with response rapidly.

In step 503, comprise that further MSC/VLR is when utilizing first authentication tuple to carry out authentication, if failed authentication then returns failed authentication message to HLR/AUC.Accordingly, in step 305, HLR/AUC does not produce new authentication tuple, that is, HLR/AUC continues to reuse the authentication tuple that had before sent to MSC/VLR, process ends then.

In step 507, can further include the authentication tuple that HLR/AUC judges whether to exist the counterpart terminal user, if there is no, then produce new authentication tuple that should the terminal use, otherwise, do not produce new authentication tuple that should the terminal use.

In step 503, MSC/VLR can only just return the authentication success message to HLR/AUC when utilizing first authentication tuple to carry out the authentication success.

MSC/VLR can return the authentication success message to HLR/AUC by the extended authentication failure reporting.Such as increasing the failed authentication cause value is the authentication success, utilizes this failed authentication cause value of authentication success to come to transmit to HLR/AUC the information of authentication success.

HLR/AUC is when issuing the authentication tuple MSC/VLR, can in issuing message, comprise oneself whether supporting to keep the ability information of authentication tuple, MSC/VLR is judging that HLR/AUC issues in the message of authentication tuple, comprised when HLR/AUC supports to keep the ability information of authentication tuple, just can when the authentication success, return the authentication success message to HLR/AUC.

In step 507, a kind ofly change bad method and be easy to expect, be exactly that HLR/AUC does not produce new authentication tuple after the authentication tuple that will before send to MSC/VLR is left out, send to MSC/VLR but when next MSC/VLR obtains the authentication tuple, produce the authentication tuple more again.Do like this, give the response meeting of MSC/VLR untimely.

MSC/VLR can carry the information of whether deleting the authentication tuple that issues in the request message of request authentication tuple, tell HLR/AUC after the authentication tuple of will being correlated with sends to MSC/VLR by this information, whether HLR/AUC deletes these authentication tuples that is handed down to MSC/VLR, accordingly, also comprise in the step 501, HLR/AUC judges the information of whether having carried the authentication tuple that deletion issues in the request message of request authentication tuple of MSC/VLR, if, then HLR/AUC deletes this authentication tuple after the authentication tuple is sent to MSC/VLR, and process ends, certainly, before the process ends, can produce give MSC/VLR with quick response when MSC/VLR obtains the authentication tuple next time authentication tuple that should the terminal use; Otherwise HLR/AUC does not delete these authentication tuples after the authentication tuple is sent to MSC/VLR.

In the above-mentioned the whole bag of tricks, MSC/VLR is a circuit domain equipment, and for the network of packet domain, corresponding equipment can be SGSN.

Be appreciated that the above only for preferred embodiment of the present invention,, all any modifications of being done within the spirit and principles in the present invention, be equal to replacement, improvement etc., all should be included within protection scope of the present invention not in order to restriction the present invention.

Claims

1. a method for continuous ' y using authentication tuple is used for HLR/AUC the authentication tuple that sends to MSC/VLR is managed, and in the method, HLR/AUC is after sending to MSC/VLR with the authentication tuple, and record sends to the relevant information of these authentication tuples of MSC/VLR; Described method may further comprise the steps at least:

A.HLR/AUC is when the request message of the request authentication tuple that receives the MSC/VLR transmission, judge whether to exist the relevant information of the authentication tuple that sends to MSC/VLR of counterpart terminal user's record, if exist, execution in step b then, otherwise direct execution in step c;

B.HLR/AUC leaves out the authentication tuple of correspondence according to described relevant information, then execution in step c;

After c.HLR/AUC will have relevant authentication tuple now and send to MSC/VLR, and carry out the operation of relevant information that described record sends to these authentication tuples of MSC/VLR;

After d.HLR/AUC receives the failed authentication message or illegal synchronization message that MSC/VLR returns, the relevant information of the authentication tuple that sends to MSC/VLR of record is left out.

2. method according to claim 1 is characterized in that, described step b also comprises: the relevant information of the authentication tuple that sends to MSC/VLR that HLR/AUC will write down is left out.

3. method according to claim 1, it is characterized in that, the relevant information of the authentication tuple that sends to MSC/VLR of described record is some special markings, and the relevant information that described record sends to these authentication tuples of MSC/VLR is meant that at HLR/AUC the authentication tuple that sends to MSC/VLR being increased signalment identifies the authentication tuple that these have sent to MSC/VLR; Perhaps, for each authentication tuple increases sequence number or serial number, the relevant information of the authentication tuple that sends to MSC/VLR of described record is these authentication tuple corresponding sequence number or serial numbers, or writes down the maximum of these authentication tuple corresponding sequence number or serial number; Perhaps, the relevant information of the authentication tuple that sends to MSC/VLR of described record is the SQNHE among RAND or AUTN or CK or IK or XRES or the AUTN in these authentication tuples; Perhaps, the relevant information of the authentication tuple that sends to MSC/VLR of described record is the maximum of the SQNHE among the AUTN of these authentication tuples; Perhaps, the relevant information of the authentication tuple that sends to MSC/VLR of described record is the sign that an expression has all sent to all authentication tuples of counterpart terminal user MSC/VLR.

4. method according to claim 1, it is characterized in that, whether MSC/VLR may further include this failed authentication message in the failed authentication message that HLR/AUC returns be the information of the failed authentication message of first authentication tuple correspondence, after HLR/AUC receives the failed authentication message that MSC/VLR returns, earlier judge whether failed authentication message is the failed authentication message of first authentication tuple correspondence, if, then carry out the operation that the relevant information of the authentication tuple that sends to MSC/VLR that will write down is left out, otherwise, do not carry out the operation that the relevant information of the described authentication tuple that sends to MSC/VLR that will write down is left out, perhaps, relevant information according to the authentication tuple that sends to MSC/VLR that writes down is left out the authentication tuple of correspondence, and this relevant information is left out.

5. method according to claim 4, it is characterized in that, HLR/AUC is when issuing the authentication tuple MSC/VLR, can also comprise in issuing message whether one oneself supported to keep the ability information of authentication tuple, MSC/VLR is judging that HLR/AUC issues when having comprised that HLR/AUC supports to keep the ability information of authentication tuple in the message of authentication tuple, just when utilizing first authentication tuple to carry out failed authentication, comprise that in failed authentication message this failed authentication message is the information of the failed authentication message of first authentication tuple correspondence.

6. method according to claim 1, it is characterized in that, MSC/VLR may further include a deletion indication in the failed authentication message that HLR/AUC returns, whether indication HLR/AUC deletes and is continued to employ the authentication tuple, and delete all or part of, comprise the situation of only deleting first authentication tuple, in the steps d, comprise that also HLR/AUC leaves out the authentication tuple of correspondence according to described deletion indication.

7. method according to claim 1, it is characterized in that, the time difference threshold value is set, the information that also comprises transmitting time in the relevant information of the authentication tuple that sends to MSC/VLR of described record, accordingly, comprise also among the step b that HLR/AUC judges that whether the difference of the transmitting time in current time and the described relevant information is less than the time difference threshold value that is provided with, if, then the authentication tuple of correspondence is not left out, otherwise carried out described operation of the authentication tuple of correspondence being left out according to the relevant information of the authentication tuple that sends to MSC/VLR that writes down according to the relevant information of the authentication tuple that sends to MSC/VLR that writes down.

8. method according to claim 1, it is characterized in that, also comprise the deletion information of execution time started in the relevant information of the authentication tuple that sends to MSC/VLR of described record, accordingly, comprise also among the step b that HLR/AUC judges that whether the current time is less than the deletion execution time started that comprises in the described relevant information, if, then the authentication tuple of correspondence is not left out, otherwise carried out described operation of the authentication tuple of correspondence being left out according to the relevant information of the authentication tuple that sends to MSC/VLR that writes down according to the relevant information of the authentication tuple that sends to MSC/VLR that writes down.

9. according to claim 7 or 8 described methods, it is characterized in that, in step b, HLR/AUC can leave out the relevant information of the authentication tuple that sends to MSC/VLR of record when according to the relevant information of the authentication tuple that sends to MSC/VLR of record the authentication tuple of correspondence not being left out; Perhaps, the relevant information of the authentication tuple that sends to MSC/VLR that HLR/AUC will not write down is left out, but in step c, HLR/AUC is after sending to MSC/VLR with the authentication tuple, do not delete these authentication tuples, judge whether to exist the relevant information of the authentication tuple that sends to MSC/VLR that has before write down then, if there is no, then the HLR/AUC record sends to the relevant information of these authentication tuples of MSC/VLR, if exist, HLR/AUC can revise the relevant information of the authentication tuple that sends to MSC/VLR of precedence record, and the relevant information of authentication tuple that makes it to be handed down to this HLR/AUC MSC/VLR is consistent.

10. method according to claim 1, it is characterized in that, the time difference threshold value is set, the information that also comprises transmitting time in the relevant information of the authentication tuple that sends to MSC/VLR of described record, accordingly, in the steps d, comprise that further HLR/AUC judges that whether the difference of the transmitting time in current time and the described relevant information is less than the time difference threshold value that is provided with, if, then carry out the operation that the relevant information of the authentication tuple that sends to MSC/VLR that will write down is left out, otherwise, do not carry out the operation that the relevant information of the authentication tuple that sends to MSC/VLR that will write down is left out, perhaps after the operation of the authentication tuple of correspondence being left out according to the relevant information of the authentication tuple that sends to MSC/VLR of record, the relevant information of the authentication tuple that sends to MSC/VLR that will write down is again left out.

11. method according to claim 1, it is characterized in that, also comprise the deletion information of execution concluding time in the relevant information of the authentication tuple that sends to MSC/VLR of described record, accordingly, comprise further in the steps d that HLR/AUC judges that whether the current time is less than the effective time of implementation that comprises in the described relevant information, if, then carry out the operation that the relevant information of the authentication tuple that sends to MSC/VLR that will write down is left out, otherwise, do not carry out the operation that the relevant information of the authentication tuple that sends to MSC/VLR that will write down is left out, perhaps after the operation of the authentication tuple of correspondence being left out according to the relevant information of the authentication tuple that sends to MSC/VLR of record, the relevant information of the authentication tuple that sends to MSC/VLR that will write down is again left out.

12. method according to claim 1, it is characterized in that, in above-mentioned steps c, HLR/AUC can not produce new authentication tuple earlier after all authentication tuples are all sent to MSC/VLR, but is waiting for that MSC/VLR returns the authentication successful information, and after receiving the authentication success message that MSC/VLR returns, produce new authentication tuple,, can give MSC/VLR rapidly with response in order to when MSC/VLR obtains the authentication tuple next time; Or in default time range, wait for that MSC/VLR returns failed authentication message, and when in this Preset Time scope, not receiving the failed authentication message that MSC/VLR returns, produce new authentication tuple in order to when MSC/VLR obtains the authentication tuple next time, can give MSC/VLR rapidly with response.

13. method according to claim 1, it is characterized in that, MSC/VLR can carry the information of whether deleting the authentication tuple that issues in the request message of request authentication tuple, accordingly, step c also comprises, HLR/AUC judges the information of whether having carried the authentication tuple that deletion issues in the request message of request authentication tuple of MSC/VLR, if, then HLR/AUC deletes this authentication tuple after the authentication tuple is sent to MSC/VLR, and process ends; Otherwise HLR/AUC does not delete these authentication tuples after the authentication tuple is sent to MSC/VLR, and record sends to the relevant information of these authentication tuples of MSC/VLR.

14. method according to claim 13 is characterized in that, MSC/VLR is only under the situation that the authentication tuple is used up during to HLR/AUC request authentication tuple, carries the information of the authentication tuple that deletion issues.

15. a method for continuous ' y using authentication tuple is used for HLR/AUC the authentication tuple that sends to MSC/VLR is managed, and it is characterized in that described method may further comprise the steps at least:

A.HLR/AUC is when the request message of the request authentication tuple that receives MSC/VLR, all authentication tuples of counterpart terminal user are all sent to MSC/VLR, and do not delete these and send to MSC/VLR authentication tuple, start a timer simultaneously, and in default time range, wait for that MSC/VLR returns failed authentication message or illegal synchronization message;

B.HLR judges that whether the value of timer reaches default time range, if reach, then stops timing, then execution in step c; Otherwise continue to wait for failed authentication message or illegal synchronization message that MSC/VLR returns, and obtaining stopping timing after failed authentication message that MSC/VLR returns or the illegal synchronization message, then process ends;

C.HLR/AUC will before send to the authentication tuple of MSC/VLR and leave out.

16. method according to claim 15 is characterized in that, also comprises after the step c: HLR/AUC produces counterpart terminal user's new authentication tuple.

17. method according to claim 15, it is characterized in that whether be the information of the failed authentication message of first authentication tuple correspondence, like this if may further include in the failed authentication message, in step b, HLR/AUC stops timing, and judges whether this failed authentication message is the failed authentication message of first authentication tuple correspondence after obtaining the failed authentication message that MSC/VLR returns, if, process ends then, otherwise, execution in step c.

18. method according to claim 17, it is characterized in that, HLR/AUC is when issuing the authentication tuple MSC/VLR, can also comprise in issuing message whether one oneself supported to keep the ability information of authentication tuple, MSC/VLR is judging that HLR/AUC issues when having comprised that HLR/AUC supports to keep the ability information of authentication tuple in the message of authentication tuple, just when utilizing first authentication tuple to carry out failed authentication, comprise that in failed authentication message this failed authentication message is the information of the failed authentication message of first authentication tuple correspondence.

19. method according to claim 15, it is characterized in that, in step b, HLR/AUC stops timing, and judges whether this illegal synchronization message is the illegal synchronization message of first authentication tuple correspondence after obtaining the illegal synchronization message that MSC/VLR returns, if, process ends then, otherwise, execution in step c.

20. method according to claim 15, it is characterized in that, MSC/VLR can carry the information of whether deleting the authentication tuple that issues in the request message of request authentication tuple, tell HLR/AUC after the authentication tuple of will being correlated with sends to MSC/VLR by this information, whether HLR/AUC deletes these authentication tuples that is handed down to MSC/VLR, accordingly, step a also comprises, HLR/AUC judges the information of whether having carried the authentication tuple that deletion issues in the request message of request authentication tuple of MSC/VLR, if, then HLR/AUC deletes this authentication tuple after the authentication tuple is sent to MSC/VLR, and process ends; Otherwise HLR/AUC does not delete these authentication tuples after the authentication tuple is sent to MSC/VLR.

21. method according to claim 20 is characterized in that, MSC/VLR can be under the situation that the authentication tuple is used up during to HLR/AUC request authentication tuple, carries the information of the authentication tuple that deletion issues.

22. a method for continuous ' y using authentication tuple is used for HLR/AUC the authentication tuple that sends to MSC/VLR is managed, described method comprises the steps:

A.HLR/AUC is when the request message of the request authentication tuple that receives MSC/VLR, and the authentication of will being correlated with tuple sends to MSC/VLR;

B.MSC/VLR utilizes the authentication tuple that is obtained from HLR/AUC to carry out authentication, and when the authentication success, returns the authentication success message to HLR/AUC;

C.HLR/AUC carries out deletion action to the authentication tuple that before sent to MSC/VLR after obtaining the authentication success message that MSC/VLR returns.

23. method according to claim 22 is characterized in that, the described deletion action of step c is meant that authentication tuple that produces the earliest in the existing authentication tuple that before sends to MSC/VLR of deletion.

24. method according to claim 22 is characterized in that, the described deletion action of step c is meant all to be left out the authentication tuple that before sent to MSC/VLR.

25. method according to claim 24 is characterized in that, when MSC/VLR first authentication tuple is carried out authentication during utilizing the authentication tuple of obtaining from HLR/AUC, just returns the authentication success message to HLR/AUC under the situation that authentication is passed through.

26. method according to claim 24, it is characterized in that, MSC/VLR can carry the information of whether deleting the authentication tuple that issues in the request message of request authentication tuple, accordingly, step a also comprises, HLR/AUC judges the information of whether having carried the authentication tuple that deletion issues in the request message of request authentication tuple of MSC/VLR, if, then HLR/AUC deletes this authentication tuple after the authentication tuple is sent to MSC/VLR, and process ends; Otherwise HLR/AUC is sending to MSC/VLR with the authentication tuple, and carries out subsequent step.

27. method according to claim 26 is characterized in that, MSC/VLR is only under the situation that the authentication tuple is used up during to HLR/AUC request authentication tuple, carries the information of the authentication tuple that deletion issues.

28. method according to claim 24, it is characterized in that, HLR/AUC is when issuing the authentication tuple MSC/VLR, can in issuing message, comprise oneself whether supporting to keep the ability information of authentication tuple, MSC/VLR is judging that HLR/AUC issues when having comprised that HLR/AUC supports to keep the ability information of authentication tuple in the message of authentication tuple, just can return the authentication success message to HLR/AUC when authentication is successful.

29. method according to claim 24 is characterized in that, step a also comprises HLR/AUC after the authentication tuple is sent to MSC/VLR, and record sends to the relevant information of these authentication tuples of MSC/VLR; Correspondingly, after step c HLR/AUC was obtaining authentication success message that MSC/VLR returns, the authentication tuple that will before send to MSC/VLR according to the described relevant information of record was left out.

30. method according to claim 29 is characterized in that, step c also comprises: the relevant information of the authentication tuple that sends to MSC/VLR that HLR/AUC will write down is left out.

31. method according to claim 29, it is characterized in that, the relevant information of the authentication tuple that sends to MSC/VLR of described record is some special markings, and the relevant information that described record sends to these authentication tuples of MSC/VLR is meant that at HLR/AUC the authentication tuple that sends to MSC/VLR being increased signalment identifies the authentication tuple that these have sent to MSC/VLR; Perhaps, for each authentication tuple increases sequence number or serial number, the relevant information of the authentication tuple that sends to MSC/VLR of described record is these authentication tuple corresponding sequence number or serial numbers, or writes down the maximum of these authentication tuple corresponding sequence number or serial number; Perhaps, the relevant information of the authentication tuple that sends to MSC/VLR of described record is the SQNHE among RAND or AUTN or CK or IK or XRES or the AUTN in these authentication tuples; Perhaps, the relevant information of the authentication tuple that sends to MSC/VLR of described record is the maximum of the SQNHE among the AUTN of these authentication tuples; Perhaps, the relevant information of the authentication tuple that sends to MSC/VLR of described record is the sign that an expression has all sent to all authentication tuples of counterpart terminal user MSC/VLR.

32. the method for stating according to claim 24, it is characterized in that, step a is meant: HLR/AUC sends to MSC/VLR with all authentication tuples of counterpart terminal user when the request message of the request authentication tuple that receives MSC/VLR, and does not delete these and send to MSC/VLR authentication tuple.

33. method according to claim 32 is characterized in that, also comprises after the step c: HLR/AUC produces new authentication tuple that should the terminal use.