CN1941990A - Method for verifying between user terminal apparatus and network in wireless telecommunication system - Google Patents
Method for verifying between user terminal apparatus and network in wireless telecommunication system Download PDFInfo
- Publication number
- CN1941990A CN1941990A CNA2005100483099A CN200510048309A CN1941990A CN 1941990 A CN1941990 A CN 1941990A CN A2005100483099 A CNA2005100483099 A CN A2005100483099A CN 200510048309 A CN200510048309 A CN 200510048309A CN 1941990 A CN1941990 A CN 1941990A
- Authority
- CN
- China
- Prior art keywords
- network
- authentication
- message
- algorithm
- subscriber equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The method comprises: UE transmits the authentication request message to network, which comprises the authentication reference value; the network side decides if its own authentication value accords with the reference value; if yes, it indicates a successful authentication at network side, and the network side sends the authentication response message, which comprises another authentication reference value; UE receives the authentication response message from network and decides if said another authentication value in the response message accords with the one generated from itself; if yes, it indicates a successful authentication at UE side.
Description
Technical field
The present invention relates to wireless communication system, particularly relate to a kind of method that network and subscriber terminal equipment authenticate mutually in wireless communication system, be used for the process that speed call is set up.
Background technology
The main purpose of 3-G (Generation Three mobile communication system) is to wish and can and provide seamless service any time for any place of end user on the whole world.Wherein, universal mobile telecommunications system (hereinafter to be referred as UMTS) has all obtained application as a kind of network platform of 3-G (Generation Three mobile communication system) in the network of a lot of operators.Fig. 1 is the structural framing figure of UMTS system.
Subscriber equipment 101 (hereinafter referred to as UE) is the professional or calling that is used for receiving as called, sends a device as the professional or calling of caller.Base station 102 (hereinafter referred to as Node B) is the equipment that utilizes wireless signal to communicate by transmitter-receiver spare and subscriber equipment.Air interface between UE and the NodeB relates to physical layer and medium Access Layer (hereinafter referred to as the MAC layer).Physical layer is responsible for handling and the relevant operation of wireless signal transmitting-receiving, and MAC is responsible for that different business is mapped to physical layer and gets on.RRM, distribution and the use of each sub-district are responsible for giving user equipment (UE) with the allocation of radio resources in each sub-district in control radio network controller (hereinafter referred to as CRNC) the control base station.Radio network controller (RNC) is in the difference that service wireless network controller (hereinafter referred to as SRNC) and floating radio network controller (hereinafter referred to as DRNC) can be arranged for the role of UE.SRNC is the entity that Radio Resource control connection (hereinafter referred to as RRC) is provided for subscriber equipment, just can send control signaling and receives the control signaling from network to network by its subscriber equipment.SRNC obtains the Internet resources that distribute to this user from CRNC, and this resource distribution parameter is sent to subscriber equipment by the RRC signaling.Subscriber equipment can communicate with network like this.Interface between SRNC and the subscriber equipment is the Uu interface.Serving GPRS Support Node 105 (hereinafter referred to as SGSN) is to be in charge of the mobile management state of subscriber equipment and the entity of session management state, and the negotiation of mobility of user equipment management and the service quality relevant with session also occurs between UE and the SGSN.Interface between the SRNC of SGSN and subscriber equipment is Iu, and the signaling that the transmission that is responsible for user data is set up the transmission channel of user plane and transmitted signaling connects.Gateway GPRS Support Node 106 (hereinafter referred to as GGSN) plays the function of a gateway for the transfer of data of subscriber equipment and packet data network (hereinafter referred to as PDN).GGSN is user equipment allocation Internet Protocol (hereinafter referred to as IP) address, and the data that the user sends are sign with this address all with issuing this user's data.Interface between GGSN and the SGSN is called Gn, and this interface is responsible between SGSN and GGSN business being carried out the negotiation of service quality, and the GPRS user-plane tunnel (hereinafter referred to as GTP-U) of setting up user plane is carried out transfer of data.Interface between GGSN and the PDN is Gi, and the function ratio of this interface is more extensive, can be used for the user carried out functions such as IP address assignment, authentication charging.The topmost function of GGSN is exactly reception and analyzes the data of receiving, the data that will belong to some subscriber equipmenies then pass to corresponding GTP-U tunnel and get on.
UTRAN both can be connected with these two territories simultaneously, also can only be connected with one of them territory.The target of UTRAN provides one group of unified radio bearer, and the Packet Service that it can be used to happen suddenly also can be used for traditional telephone service.Each URAN can carry out wireless coverage in certain zone, provide professional.This zone is defined as UTRAN Registration Area territory (hereinafter to be referred as URA).For described wireless coverage is provided, each URAN comprises at least one base station (hereinafter to be referred as NodeB) under a radio network controller (hereinafter to be referred as RNC) and its control.From in logic, each NodeB may comprise at least one honeycomb (hereinafter to be referred as Cell) again.RNC can link to each other with other RNC, supports because subscriber terminal equipment (hereinafter to be referred as UE) moves switching and the mobile management that is brought.CN is connected to the network of other type, thereby provides seamless service for the end user.
It is the built-in function of UTRAN that Radio Resource is handled, and CN does not define the assigned radio resource type.Usually need to set up a Radio Resource control (hereinafter to be referred as RRC) between UE and the RNC and connect, so that between UTRAN and UE, transmit a large amount of customer traffic and signaling flow.RRC has two kinds of patterns: RRC connection mode and RRC idle pulley.The pattern description of RRC the mode of identification UE identity.At the RRC idle pulley, by the identification UE relevant with CN.At the RRC connection mode, discern UE by the wireless network temporary identity (hereinafter to be referred as RNTI) of on Common transport channel, distributing to UE.
Referring to Fig. 2,, in the UMTS system, use four different area concept for the mobility functions of UE.The band of position (hereinafter to be referred as LA) and Routing Area (hereinafter to be referred as RA) are used for core net.URA and honeycomb Cell zone are used for UTRAN.Band of position LA is relevant with the CS business, and Routing Area RA is relevant with the PS business.A band of position LA is by a CN node processing.UE registers in a band of position LA, just means that also UE registers in the CN node of handling this band of position LA.A Routing Area RA is by a CN node processing.UE registers in a Routing Area RA, just means that also UE registers in the CN node of handling this Routing Area RA.In the UMTS system, MSC/VLR uses LA to come paging UE, and SGSN uses RA to come paging UE.URA and Cell zone is only visible and be used for the RRC connection mode in UTRAN.
The MSC/VLR+SGSN that merges
To the CS/PS business, CN use location area L A/ Routing Area RA.CN uses LA/RA when the professional relevant UE of beginning paging and CS/PS.MSC/VLR and SGSN can distribute to one of UE and the professional relevant temporary identity of CS/RS, TMSI/P-TMSI.This temporary identity is unique in a LA/RA.
When terminal is in the RRC connection mode, use the UTRAN interior zone.When beginning paging, uses UTRAN these zones.It is the wireless network process that the UTRAN interior zone upgrades, and should cannot see UTRAN interior zone structure outside UTRAN.At the RRC connection mode, main state is honeycomb connection status and URA connection status, can know the UE position in honeycomb level or URA level.Use Radio Network Temporary Identifier symbol (hereinafter to be referred as RNTI) as interim UE sign in UTRAN, it connects at RRC distributes to UE when setting up.Under this pattern, have only a RNC as Serving RNC, between UE and this SRNC, set up RRC and be connected.
A RA is made up of a plurality of honeycombs that belong to the RNCs that is connected to same CN node, and the mapping between RA and RNCs is handled by the SGSN that has this RA.A LA is made up of a plurality of honeycombs that belong to the RNCs that is connected to same CN node, and the mapping between LA and RNCs is handled by the MSC/VLR that has this LA.RA/LA is only handled by a CN service node, i.e. SGSN or MSC/VLR.Some operator may adopt following networking mode: RA to equate with LA or a RA is one, and can only be the subclass of a LA, and just a RA can not surpass a LA.Being mapped in the RNC between LA and Cell and between RA and Cell handled.
UE carries out the business registration in the business domains separately of CN at the beginning.When UE when a URA (below be referred to as old URA) moves to a new URA, can cause that the RNC under the new URA carries out the URA renewal process, so when needed, can find this UE.Therefore, Virtual network operator just must be sure of that the UE that initiates the URA renewal is exactly this effective UE by certain proof procedure.The process of this checking is carried out integrity checking with regard to relating to RNC to the data of being transmitted between RNC and the UE.
Referring to Fig. 3, the card and being used to that each UE inside has a customizing messages that comprises the user, be used for the subscriber identification module (hereinafter to be referred as SIM) of User Recognition is handled other functions, is particularly supported the mobile device (hereinafter to be referred as ME) of user's locomotive function.Record various data and executable file on the SIM card sheet.Wherein, data division has comprised international mobile subscriber identity (hereinafter to be referred as IMSI), UE current position information, integrality secret key (hereinafter to be referred as IK) and other safety and the management information of unique permanent identification user identity.Stop in per call, mobile phone stops service fully or when terminal when a URA moves to another URA, described positional information will be updated thereupon.Positional information has comprised the anonymous identification that temporarily is used for identifying user, and it is in the inner use of each URA.According to the difference of using the RRC pattern and the difference of CS/PS business domains, this anonymous identification may be temporary user identifier (hereinafter to be referred as TMSI), grouping temporarily moved subscriber sign indicating number (hereinafter to be referred as P-TMSI) or Radio Network Temporary Identifier symbol (hereinafter to be referred as RNTI).
Directly not using IMSI and using TMSI or other temporary mark to come the purpose of the some UE of anonymous identification is consideration for secure context.Because user identity is important and responsive information, in communication, must guarantee the confidentiality of these information.The purpose of identity confidentiality is protection user's a privacy, avoids the leakage of permanent user ID IMSI information.
TMSI/P-TMSI has local feature, and is only effective in the Routing Area RA of attributed region MSC/VLR or user's registration.Outside this zone,, also should add a location area (hereinafter to be referred as LAI) or Tracking Area Identifier (hereinafter to be referred as RAI) for avoiding confusion.Relation between casual user's sign and the permanent user ID is kept among the MSC/VLR or SGSN of user's registration.
For fear of user's traceability, should not use same TMSI/P-TMSI to differentiate a user's identity for a long time usually.Referring to Fig. 4, with the PS territory is example, the renewal of P-TMSI is to be initiated by SGSN after safe mode is set up, redistribution process is as follows: at first SGSN produces a new P-TMSIn, and the mapping relations of this P-TMSIn and IMSI are stored in its database, SGSN sends P-TMSIn and a new Tracking Area Identifier RAIn to the user then; Then, after the user receives, preserve P-TMSIn and automatically behind related between deletion and the previous P-TMSIo, reply to the SGSN transmission; At last, after SGSN received and replys, deletion and old P-TMSIo's was related from database, and P-TMSIn is used for identity discrimination process subsequently.
In the UMTS system, when the user can't differentiate its identity by P-TMSI, can utilize IMSI to differentiate the identity of oneself.This process is mainly used in that the user is registered to a service network for the first time or SGSN can't obtain IMSI from P-TMSI.At this moment, send the IMSI request by SGSN to the user, replying of user is the plain text that comprises IMSI information.
For the consideration of secure context, the communication between UE and the URAN is to adopt cryptographic keys to carry out encryption equally.The cryptographic keys CK that cryptographic keys is normally preserved in the authentication center (hereinafter to be referred as AuC) of (hereinafter to be referred as HE) or the attaching position register (hereinafter to be referred as HLR) in the environment of UE local.With the PS territory different CK is arranged usually in the CS territory.Too tediously long for fear of the description that makes this patent, in the following description,, and omitted the detailed description in similar CS territory only with the example that is operating as in PS territory.
Above-mentioned CK obtains by authentication and secret key (hereinafter to be referred as the AKA) process of consulting.Described process is based on certain is only undertaken by the secret key K that SIM and HLR shared, and UE and network oneself can both be known this secret key by proving separately, thereby reach the purpose of mutual authentication.In addition, for the network enabled authentication, SIM and user's home environment is all also writing down sequence number SQN separately
MSWith sequence number SQN
HEEach user there is an independent sequence number SQN
HE, SQN
MSShown the highest sequence number that SIM accepted.The relevant SGSN transmission process of giving UE inserts request message so that it obtains the parameter of this travelling carriage.Network facet is sent authentication request, comprising a random number, after UE handles this random number by certain algorithm, sends authentication response to network facet, is judged this user's legitimacy by network facet.
Referring to Fig. 5, the detailed process of AKA is as follows: at first, UE sends the sign that can show own identity to SGSN.SGSN can be from this sign directly, the IMSI that the mapping relations of perhaps passing through the P-TMSI that stored and IMSI obtain unique permanent identification user identity indirectly with and the HLR of ownership office information.Then, SGSN sends " authentication data request " to this HLR, and request obtains the verify data corresponding with this IMSI.The classification (PS or CS) in the territory that comprises user's IMSI in " authentication data request " and asked.Afterwards, after receiving " authentication data request " of SGSN, HLR generates n Ciphering Key (hereinafter to be referred as AV) immediately, perhaps takes out required quantity from the AV database that has calculated, and according to sequence number ordering back they is sent to VLR.Figure 17 has described the generation method of AV.Wherein said AMF, f1, f2, f3, f4, f5 algorithm have exceeded scope of the present invention, have therefore saved the detailed description to them.Each AV comprises following information: random number RA ND, and XRES, cryptographic keys CK, integrality secret key IK and authentication token AUTN are responded in expectation.Once authentication and secret key that each each AV can both be used between SGSN and the SIM are consulted.
After this, when SGSN initiated once authentication and secret key and consults, its can select next AV from the AV array kind of having arranged preface, and wherein random number RA ND and authentication token AUTN sent to UE, asked the user to produce verify data.Each node is according to advanced/principle of going out earlier to the processing of AV.
Next, after SIM receives authentication request, at first calculate XMAC, and compare,, then send the refusal authentication message, and abandon this process to VLR if different with MAC among the AUTN.Also will verify the sequence number SQN that receives simultaneously whether in effective scope, if do not exist, MS sends synchronization failure message to VLR, and abandons this process.Above-mentioned two all pass through after, UE calculates RES with f2, calculates CK with f3, goes out IK with the f4 algorithm computation, and RES is sent to SGSN.
At last, SGSN compares the XRES among RES and the AV identical then authentication success, otherwise authentification failure after receiving RES from UE.Because what MS and HLR calculating CK used all is with a kind of algorithm f3; what calculating IK used all is with a kind of algorithm f4; so the CK that is drawn, IK must be identical; like this through after mutual authentication and the secret key negotiation; SIM and SGSN pass to the CK in this process, IK the ME and the RNC of concrete execution encryption and integrity protection function respectively, for the secure communication of UE and RNC is later on used.
Mutual authentication between UE and the network comprises authentification of user and network authentication two aspects: authentification of user makes service network can confirm user's identity, and thereby the service network that network authentication makes the user can confirm that it is using is to authorize and can provide service to him through its local environment HE that registers, and wherein the person has also comprised and confirms that this mandate is up-to-date.In order to achieve the above object, when generally between user and network, connecting, all need to carry out each other authentication at every turn.Authentication process in the UMTS system comprises two kinds of mechanism of AKA and local authentication.Wherein, the AKA process process that to be exactly above-mentioned use carry out from the Ciphering Key of user local environment HE.When the user is registered to a service network for the first time, perhaps in registered service network, send service request (SERVICE REQUEST), position updating request (LOCATIONUPDATE REQUEST), routing region updating request (ROUTING AREA UPDATEREQUEST), attach to network request (ATTAH REQUEST), after breaking away from orders such as network requests (DETACHREQUEST) and reconstruction connection request (CONNECTION RE-ESTABLISHMENTREQUEST), when the local authentication number of times that the IK that adopts last AKA to produce can carry out had reached KB limit, service network was initiated this AKA process.Alternative local authentication mechanism is to use the integrality secret key IK that is produced in the last AKA process between user and the service network.When the user sends service request (SERVICEREQUEST) in registered service network, position updating request (LOCATION UPDATE REQUEST), routing region updating request (ROUTING AREA UPDATE REQUEST), attach to network request (ATTAHREQUEST), after breaking away from orders such as network requests (DETACH REQUEST) and reconstruction connection request (CONNECTION RE-ESTABLISHMENT REQUEST), and the local authentication number of times that adopts the last IK that AKA produced to carry out has not been when also having reached KB limit, and service network is initiated this local authentication process.Know that therefrom the blanking time that the AKA process takes place is longer; And the blanking time that the local authentication process takes place is shorter.
Fig. 6 has described and has carried out local authentication in the UMTS system and be connected the initial procedure of setting up.
In step 601, UE is kept at transmission the value of the parameter S TART on the SIM card in the process of setting up the RRC connection, and " security capabilities of UE " information is given RNC.If UE has this ability, also may transmit GSM grade 2 and 3 abilities in the above-mentioned steps.The security capabilities information of described UE comprise UE the various cryptographic algorithm UEA and the protection algorithm integrallty UIA that can support.The security capabilities information of START value and UE is stored in the Serving RNC (hereinafter to be referred as SRNC).If connecting to set up at RRC has transmitted GSM grade 2 and 3 abilities in the process, RNC need store the GSM territory cryptographic capabilities (referring to step 607) of UE.
In step 602, UE and give VLR/SGSN by the 3rd layer of initial message.Described the 3rd layer of message comprises " connection management service request (CM_SERVICE_REQUEST), position updating request (LOCATION UPDATE REQUEST), routing region updating request (ROUTING AREA UPDATE REQUEST), attach to network request (ATTAHREQUEST), page response types such as (PAGING RESPONSE).It has comprised user identification information may and set of cipher key identification (hereinafter to be referred as KSI) information.KSI wherein is meant last when authenticating in CS territory or PS territory, the sign to the CK/IK group of being distributed by this territory.
In step 603, if desired, user's identify label IMSI is confirmed in certain interactive operation between network internal and network and the UE.According to the KB limit that IK can allow, may exist the AKA process to come authenticated user and produce new secret key IK and CK.Simultaneously, network can give this IK/CK set of dispense a KSI sign.The process of AKA has description in Fig. 4.
In step 604, the SGSN decision allows the various UIA and the UEA algorithm of use, and according to priority queueing.
In step 605, SGSN initiates integrity protection and cryptographic operation by sending RANAP message " safe mode command (Security_mode_command) " to RNC.The parameter that " safe mode command " message is carried comprises permission RNC various UIA tabulations of using and the IK that will use according to priority arrangement.If later communication will be encrypted, also comprise in the so above-mentioned message according to the various UEA tabulations of priority arrangement and the CK that will use.If carried out new AKA process before, issue the message of RNC so and should indicate this point.This indication just means that the START value will be reset 0 when using new secret key.Otherwise, RNC will use resulting START value in the step 601.
In step 606; RNC compares the UIA/UEA of UE support and the UIA/UEA of its permission to use after receiving " safe mode command Security_mode_command " message; in the algorithm list that UE supports; select the UIA/UEA algorithm of limit priority for use; and generate random value FRESH, begin to start the down link integrity protection.If the demand in " safe mode command Security_mode_command " message of being received can not be satisfied, RNC sends " safe mode refusal SECURITY MODE REJECT " message to SGSN so.
In step 607, RNC produces " safe mode command Security_mode_command " message.Under message in comprised the security capabilities of UE, optionally GSM cryptographic capabilities (if RNC receives this information in step 601) if, UIA and the FRESH parameter that will use and use the so required UEA of encryption.In out of Memory (as the beginning encryption indicator) also may be included in.Encrypt and integrity protection secret key groups because UE can have two covers in CS territory and PS territory simultaneously, so network must add a CN territory and indicate, show that what will use is the CS territory or the secret key group in PS territory.Before sending message, RNC produces the message authentication code MAC-I that is used for integrity protection, and it is attached in the message.
In step 608, after receiving Security_mode_command (safe mode command) message that RNC sends, UE confirms that at first " security capabilities of UE " in this message is with " security capabilities of the UE " unanimity in the step 601.Equally, if in step 601, comprised GSM grade ability, so also to verify it equally.UE is according to the parameter in the Security_mode_command message that receives; use UIA, the START of storage of indication and the FRESH parameter of reception; calculate XMAC-I, by the MAC-I of relatively reception and the XMAC-I of generation, whether the checking integrity protection is successful.
In step 609, if the successful implementation integrity protection, UE will generate MAC-I, send the Security_mode_complete that comprises MAC-I to RNC.If there is not the successful implementation integrity protection, so at UE with regard to ending said process.
In step 610, in case receive response message " safe mode is finished (Security_mode_complete) ", SRNC calculates the XMAC-I of message.SRNC is by the MAC-I of relatively reception and the XMAC-I of generation, and whether the checking integrity protection is successful.
In step 611, if be proved to be successful, RNC sends the RANAP message Security_mode_complete that comprises selecteed algorithm to SGSN, thereby finishes the local authentication process.
" safe mode command Security_mode_command " message that mails to UE has begun descending integrity protection, that is to say, this message and the later downstream message that mails to UE all use new integrity protection configuration to protect." safe mode is finished Security_mode_complete " message of sending from UE has begun up integrity protection, that is to say that this message and the later upstream message from UE all use the configuration of new integrity protection to protect.When needs use encryption, set up the exchange encrypt time started in the process in safe mode between RNC and the UE.This is encrypted the time started and has just set RLC sequence number or the CFN sequence number that uses new encryption configuration to begin descending encryption and up encryption.
In the UMTS system, when certain UE makes a call to another travelling carriage or fixed network user on Random Access Channel, the PLMN grid will begin a series of operation.At first, when UE made a call, the RRM RRC unit among the UE was by inserting the foundation of process initiation signaling link at random.This process channel request message and security capabilities message on Random Access Channel are given RNC by NodeB.If RNC successfully receives, then this request is sent to the RRM RRC unit among the RNC, distributes a dedicated channel by it, and send immediate assignment message on access grant channel.UE mainly also is provided with timer, repeated call at a certain time interval when exhaling process starting.If still can not receive response, then abandon current calling by the pre-determined number repeated call.
After UE receives immediate assignment message, be transformed on the dedicated channel of appointment, thereby and set up main signaling link between the RNC.Until radio traffic channel distributes all signalings in the past all to carry out on this dedicated channel, the signaling in the communication process after Traffic Channel is connected then is to carry out in associated control channel after this.Connection management CM unit among the UE continues to start the process of setting up data link with the business request information of issuing data link layer.This service request is actually " connection management service request (the CM_SERVICE_REQUEST) " message that is embedded into the 3rd layer described in the complete step 602, hands over RNC to issue SGSN's.
Then, as the case may be, after the mutual authentication between UE and the network, UE carries out integrity check to the message that receives, and its mobile management layer MM monitors the startup of integrity protection simultaneously.And SGSN receives " safe mode the is finished Security_mode_complete " message from RNC, and the security control process successfully starts.Encrypt if desired, certain time after the activation, UE and RNC just can begin to have carried out the encipherment protection of business datum, channel logo, signaling etc.
In like manner, the mobile terminated process also similarly, the safe procedures later at random access procedure is the same with above-mentioned process.
Below the place that the prior art problem need be improved will be described.
Existing UMTS system configuration exists upgradability poor, and call set-up time is long, many shortcomings such as system configuration complexity.At present, 3G (Third Generation) Moblie partner plan (3GPP) standardization body that is responsible to define the UMTS standard is carrying out the relevant criterion work of the long-term evolution (hereinafter to be referred as LTE) of UMTS system, wherein one of target of long-term evolution is exactly that speed call is set up process, reduces call set-up time.At all types of target of the long-term evolution of UMTS system, the system configuration after the long-term evolution that each company has all proposed to wish, wherein the system configuration after a kind of long-term evolution of proposition is as shown in Figure 7 and Figure 8.
The base station of evolution (hereinafter referred to as ENB) concentrated the function of base station and RNC in the UMTS system among Fig. 7, functions such as the transmitting-receiving of main responsible wireless signal is connected with the signaling between the subscriber equipment, mobile management, the GGSN of evolution (hereinafter referred to as E-GGSN) has then concentrated the function of SGSN and GGSN in the UMTS system, mainly be responsible for mobile management, with the interface of PDN network, the negotiation of quality of service etc.
Base station ENB among Fig. 8 is little with the base station functions difference among the UMTS, all is reception and the transmission of being responsible for wireless signal, also has the function of part MAC layer; RNC function class among anchor point anchor and the UMTS seemingly is responsible for that wireless resource allocation in the encrypting and decrypting, control ENB of user data is connected with signaling between the subscriber equipment and the management of user mobility when being in connection status.The function of E-GGSN has then merged SGSN in the UMTS system and the function of GGSN, mainly be responsible for mobile management, with the interface of PDN network, the negotiation of quality of service etc.
For simplicity, in the description of this invention below, will be not limited to a certain architecture.And the ENB among Fig. 7 and the ENB among Fig. 8 and anchor point anchor are called E-RAN, and E-GGSN is called E-CN.
From connecting on the process of setting up, the user always wishes to set up this calling as soon as possible after keying in the other side's number, press-to-talk key usually.And according to the introduction of front, set up after the main signaling link between UE and the RRC, need carry out the mutual authentication between UE and the network, could continue this calling afterwards; And the mutual authentication process between UE wherein and the network will the expensive time.Therefore, only form the requirement simplify the connection setup time that also is not enough to satisfy enough weak points that LTE proposes from system.
Summary of the invention
The present invention quickens user's service access process in order to reduce call set-up time, has proposed a kind of new short UE consuming time and the method for internetwork authentication mechanism each other, thus the process that speed call is set up.
To achieve these goals, according to the present invention, proposed the method that authenticates between subscriber terminal equipment and network in a kind of wireless communication system, said method comprising the steps of: UE transmits authentication request message to network, and described authentication request message comprises the authentication reference value; Network judges whether the authentication value that himself produces is consistent with the authentication reference value, if consistent, then represent the network side authentication success and send authentication response message to UE that described authentication response message comprises another authentication reference value; And UE receives the described authentication response message that sends from network, and verifies whether described another authentication reference value that is comprised in the described authentication response message is consistent with the authentication value that himself is produced, if consistent, subscriber terminal equipment side authentication success then.
Preferably, described authentication request message comprises cryptographic algorithm, protection algorithm integrallty and the authentication parameter information that UE adopts.
Preferably, the authentication value that self produced of described network is to produce with the key information that parameter information and network produced according to described cryptographic algorithm, protection algorithm integrallty, authentication.
Preferably, the authentication value that self produced of described UE is to produce with parameter information and key information according to described cryptographic algorithm, protection algorithm integrallty, authentication that UE self is preserved.
Preferably, described authentication comprises FRESH random number and START value with parameter information.
Preferably, the key information that described network produced comprises encryption key message and integrity protection key information.
Preferably, described encryption key message and integrity protection key information are produced by the part of the core network entity in the network.
Preferably, the cryptographic algorithm that authentication request message comprised that transmits to network of UE and protection algorithm integrallty are cryptographic algorithm and the protection algorithm integrallties that a plurality of cryptographic algorithm that provide from network and selected, the described UE of protection algorithm integrallty can support.
Preferably, described random number FRESH is by Web broadcast.
Preferably, described random number FRESH is intrinsic by UE self.
Preferably, described random number FRESH is renewable.
Description of drawings
Below in conjunction with the detailed description of preferred embodiment of accompanying drawing to being adopted, above-mentioned purpose of the present invention, advantage and feature will become apparent by reference, wherein:
Fig. 1 shows the figure of the network configuration of UMTS;
Fig. 2 is the figure that is used for explaining the relation between the UMTS system zones of different;
Fig. 3 shows the composition structure chart of UE;
Fig. 4 shows the figure of temporary mark assigning process;
Fig. 5 shows the figure of AKA process;
Fig. 6 shows local authentication and the figure that is connected the process of foundation;
Fig. 7 shows the figure of a kind of architecture of E-UTMS;
Fig. 8 shows the figure of the another kind of architecture of E-UTMS;
Fig. 9 shows the figure according to the process that authenticates mutually between network of the present invention and the equipment;
Figure 10 is used to explain that MAC-I calculates and the figure of checking;
Figure 11 shows the figure according to the process that authenticates mutually between the network of first embodiment of the invention and the equipment;
Figure 12 shows the figure according to the process that authenticates mutually between the network of second embodiment of the invention and the equipment;
Figure 13 shows the figure according to the forwards mode of the embodiment of the invention;
Figure 14 shows in the mutual authentication process according to the embodiment of the invention, the flow chart of the operation of UE;
Figure 15 shows in the mutual authentication process according to the embodiment of the invention, the flow chart of the operation of the node of E-RAN;
Figure 16 shows in the mutual authentication process according to the embodiment of the invention, the flow chart of the operation of the node of E-CN; And
Figure 17 is the figure that is used to explain the generation of authentication vector group.
Embodiment
At first, it should be noted that the present invention can Fig. 7 or the architecture of Fig. 8 be the basis, but and not only be confined to this two kinds of architectures.
Describe in detail according to a preferred embodiment of the invention below with reference to the accompanying drawings.
Fig. 9 shows the figure according to the process that authenticates mutually between network of the present invention and the equipment.
When subscriber equipment and network communicate, at first will send message to network with reference to as described in the figure 6 as above, this message can be service request in the UMTS system, routing region updating etc.The present invention does not limit the message content that article one sends.In article one message, UE will calculate MAC-I and checking MAC-I according to the method for describing among Figure 10 according to existing parameter.The parameter of calculating MAC-I is respectively IK, COUNT-I, MESSAGE, DIRECTION and FRESH.
Under specific circumstances, carry out periodic routing region updating such as subscriber equipment in same place, subscriber equipment might twice process can send the identical message of content when communicating with network.Simultaneously, also might some illegal user can intercept a subscriber equipment that normally communicates to the message content that network sent, this validated user that disguises oneself as in suitable then sends the message that comprises this content to network once more.At this time, network is from the legal users or the user of camouflage with regard to needing to distinguish the message of being received.Described FRESH parameter is exactly in order to reach this purpose.When parameters such as all the other IK, COUNT-I, MESSAGE and DIRECTION when being used to calculate MAC-I were identical, twice computational process adopted different FRESH parameters also can produce different MAC-I.At this time, have only real legal users equipment just to know IK, and then can calculate the MAC-I that makes new advances.
IK produces in authentication process, specifically can be referring to the description of Fig. 6.Because subscriber equipment might be preserved a plurality of IK, issue in article one message of network at subscriber equipment so, UE will tell which network IK and CK that it is used for encrypting with integrity protection be.IK and CK represent with a sequence number, the combination of IK of this sequence number unique identification and CK.That just know after E-CN receives this sequence number that subscriber equipment uses has been which IK and CK.
COUNT-I is the parameter that UE oneself preserves.This value is when subscriber equipment begins to communicate with network, is undertaken initialized by a START.START is the parameter that UE oneself preserves, and this parameter all will update when the user returns idle condition each, the value of renewal be with at that time COUNT-I or COUNT-C the highest 20 consistent, on the basis of this value, add 2 then.
MESSAGE is exactly the message itself that will carry out integrity protection.
DIRECTION identifies the direction of this message, be by subscriber equipment issue network upstream message or issue the downstream message of subscriber equipment by network.
The acquisition of this value of FRESH is one of content of the present invention, can be described below.
These five parameters are input in the middle of the algorithm f9, will calculate MAC-I.
After receiving terminal is received MAC-I,, calculate XMAC-I according to the algorithm and the input parameter on Figure 10 the right.Then MAC-I that receives and the XMAC-I that calculates are compared.If both equate, so just can think that transmitting terminal is the legal users terminal or the network equipment.
Subscriber equipment will be packaged to article one message that network sends then, and the inside will comprise MAC-I (step 902).After wireless access network is received this message, can preserve MAC-I, and this article one message is carried out necessary processing.For example,, MAC-I is extracted from message, remaining content is transmitted to E-CN in step 903.Perhaps the message that subscriber equipment is sent utilizes the message of Iu+ interface to encapsulate, and sends to E-CN.After E-CN receives this article one message, check whether this subscriber equipment has legal sign such as P-TMSI, which the used IK that carries out integrity protection and the CK sequence of encryption be.E-CN sends safe mode command (step 904) to Radio Access Network then, comprise in this message will carry out encrypted secret key CK and carry out the IK that integrality comprises, and cryptographic algorithm, integrality comprises algorithm.This message also has other functions such as user plane foundation, quality of service negoriation etc., but these are not given unnecessary details at this because it doesn't matter with the present invention.After RAN receives the IK that carries out integrity protection, will verify (step 905) according to the process Figure 10 from the MAC-I1 that subscriber equipment is received.If the verification passes, RAN produces a MAC-I2 (step 906) again, and the producing method of this value is the same with the method that subscriber equipment produces MAC-I, imports 5 parameters and arrives after the f9 algorithm, just can obtain this result.RAN is included in MAC-I in the message safety mode command that will issue subscriber equipment (step 907) then, and this message comprises cryptographic algorithm in addition, and integrality comprises parameters such as algorithm.If in step 904, message is also carried out functions such as quality of service negoriation, user plane foundation, so in step 907, and the function that also should have similar user radio carrying to set up.After subscriber equipment is received safe mode command, the MAC-I in other is taken out, utilize the algorithm among Figure 10 then, check whether this MAC-I does not pass through any modification (step 908).If, show that then this RAN can believe, be the legal network equipment.
To describe below according to the first embodiment of the present invention and second embodiment.
In the present invention, the acquisition of FRESH parameter can embody by different embodiment.
Figure 11 shows the figure according to the process that authenticates mutually between the network of first embodiment of the invention and the equipment.
E-CN (core network entity just) determines cryptographic algorithm and the protection algorithm integrallty that present networks will be used, and this can be one or more.If a plurality of,, represent the difference of priority so according to the difference of the order that provides.For example E-CN wants to allow subscriber equipment preferentially use algorithm 1 under competent prerequisite, the selection algorithm 2 that takes second place, and selection algorithm 3 once more in the message safety pattern broadcasting of step 1101, can comprise algorithm 1, algorithm 2 and algorithm 3 so.After E-RAN receives this broadcast, just in its all sub-districts, broadcast these algorithms and priority (step 1102) thereof.In the safe mode broadcast, not only comprise cryptographic algorithm and the integrality that network selects by subscriber equipment and comprise algorithm, comprise that also network wants the FRESH value that allows subscriber equipment use, in the description of the use of this parameter in Figure 10 good explanation is arranged.After subscriber equipment is received these parameters, just preserve them, so that when the calcaneus rete network communicates, use.
When subscriber equipment is want to communicate with network; it sends article one message and gives E-RAN (step 1103); comprise the encryption key that it will use and the sequence number of integrity protection key in this message; the MAC-I that step calculated by Figure 10; and the cryptographic algorithm and the protection algorithm integrallty of its selection, parameters such as user ID.After receiving article one message that receives from subscriber equipment as E-RAN, just preserve MAC-I, cryptographic algorithm and protection algorithm integrallty are with whole E-CN (step 1104) that are transmitted to of other parts or the message of message.This process can be told about in Figure 13 in detail.When E-CN receives after article one message of subscriber equipment transmission, check whether cryptographic algorithm and protection algorithm integrallty that the user selects be legal.By checking KSI, know that subscriber equipment is encrypted or what the employed key of integrity protection is respectively.Generally also comprise parameters such as user's sign such as P-TMSI in this message.After E-CN knows that this subscriber equipment is validated user, send Security Mode Command message (step 1105) to E-RAN, comprise in this message that network wants to allow subscriber equipment and E-RAN encrypt the algorithm that uses with integrity protection.What this algorithm can be selected in step 1103 with subscriber equipment oneself is the same.In the message that if this parameter is not included in this step 1105 to be transmitted; all the selected cryptographic algorithm of default user equipment and protection algorithm integrallty can use otherwise the cryptographic algorithm and the protection algorithm integrallty that just use network and reconfigured for E-RAN and subscriber equipment so.Also comprise encryption key CK in the message that step 1105 transmitted and integrality comprises key IK, these two parameters are passed to E-RAN, thereby make E-RAN can carry out integrity protection and cryptographic operation to downlink signaling and data.
After E-RAN receives safe mode command (step 1105); IK by the network transmission; and the protection algorithm integrallty that in the message that step 1103 transmitted, comprises of subscriber equipment, the MAC-I that receives in step 1103 according to the method for operation among Figure 10, is verified whether this MAC-I is correct.If correct, illustrate that this subscriber equipment is a legal UE, otherwise be exactly illegal.If this subscriber equipment is legal; E-RAN just sends Security Mode Command message (step 1106) to subscriber equipment; comprise network in this message and want the cryptographic algorithm and the protection algorithm integrallty that reconfigure; if in step 1105; do not comprise cryptographic algorithm and integrality comprises algorithm, in the message that step 1106 transmitted, also do not comprise cryptographic algorithm so and integrality comprises algorithm.E-RAN calculates a MAC-I simultaneously, and it is included in the safe mode command, sends to UE.The protection algorithm integrallty that MAC-I uses should be an algorithm related in the step 1105, otherwise is exactly that subscriber equipment is informed E-RAN's in step 1103.
After subscriber equipment was received safe mode command, if do not protect cryptographic algorithm and protection algorithm integrallty in this message, whether the protection algorithm integrallty that just utilizes user oneself to select was correct according to the method validation MAC-I of Figure 10.Otherwise just verify according to the protection algorithm integrallty that comprises in this message.If checking is correct, so just think that this network is legal, the operation below continuing.
A distortion of present embodiment, network is broadcast enciphering algorithm and protection algorithm integrallty not, but just selects one in oneself the security capabilities by subscriber equipment, same li informs E-RAN in step 1103.
Figure 12 is second embodiment of the present invention.
E-GGSN (core network entity just) determines cryptographic algorithm and the protection algorithm integrallty that present networks will be used, and this can be one or more.If a plurality of,, represent the difference of priority so according to the difference of the order that provides.For example E-GGSN wants to allow subscriber equipment preferentially use algorithm 1 under competent prerequisite, the selection algorithm 2 that takes second place, and selection algorithm 3 once more in the broadcasting of message safety pattern (step 1201), can comprise algorithm 1, algorithm 2 and algorithm 3 so.After E-RAN receives this message, just in its all sub-districts, broadcast these algorithms and priority (step 1202) thereof.In the safe mode broadcast that step 1202 transmitted, comprise cryptographic algorithm and the integrality that network selects by subscriber equipment and comprise algorithm.After subscriber equipment is received these parameters, just preserve them, so that when the calcaneus rete network communicates, use.
When subscriber equipment is want to communicate with network; it sends article one message and gives E-RAN (step 1203); comprise the encryption key that it will use and the sequence number of integrity protection key in this message; the MAC-I that step calculated by Figure 10; and the cryptographic algorithm and the protection algorithm integrallty of its selection; user ID is used for producing the parameters such as FRESH value of MAC-I.When wherein calculating MAC-I, used FRESH value can be a random number, also can be that START adds a random number or adds a fixing value.
Receive as E-RAN (step 1203) after article one message that receives from subscriber equipment, just preserve MAC-I, FRESH, cryptographic algorithm and protection algorithm integrallty are with whole E-GGSN (step 1203) that are transmitted to of other parts or the message of message.This process can be told about in Figure 13 in detail.Receive as E-CN (step 1204) after article one message that sends from subscriber equipment, check whether cryptographic algorithm and protection algorithm integrallty that the user selects be legal.By checking KSI, know that subscriber equipment is encrypted or what the employed key of integrity protection is respectively.In this message that step 1204 transmitted, generally also comprise parameters such as user's sign such as P-TMSI.After E-CN knows that this subscriber equipment is validated user, send Security Mode Command message (step 1205) to E-RAN, comprise in this message that network wants to allow subscriber equipment and E-RAN encrypt the algorithm that uses with integrity protection.What this algorithm can be selected in step 1203 with subscriber equipment oneself is the same.In the message that if this parameter is not included in this step 1205 to be transmitted; all the selected cryptographic algorithm of default user equipment and protection algorithm integrallty can use otherwise the cryptographic algorithm and the protection algorithm integrallty that just use network and reconfigured for E-RAN and subscriber equipment so.Also comprise encryption key CK in the message that is transmitted and integrality comprises key IK in step 1205, these two parameters are passed to E-RAN, thereby make E-RAN can carry out integrity protection and cryptographic operation to downlink signaling and data.
After E-RAN receives safe mode command (step 1205); IK by the network transmission; and subscriber equipment related protection algorithm integrallty and FRESH value in step 1203, just to the MAC-I that in step 1203, receives according to the method for operation among Figure 10, verify whether this MAC-I correct.If correct, illustrate that this subscriber equipment is a legal UE, otherwise be exactly illegal.If this subscriber equipment is legal; E-RAN just sends Security Mode Command message (step 1206) to subscriber equipment; comprise network in this message and want the cryptographic algorithm and the protection algorithm integrallty that reconfigure; if in step 1205; do not comprise cryptographic algorithm and integrality comprises algorithm, in step 1206, also do not comprise cryptographic algorithm so and integrality comprises algorithm.E-RAN calculates a MAC-I simultaneously, and it is included in the safe mode command, sends to UE.The protection algorithm integrallty that MAC-I uses should be the algorithm that comprises in the step 1205, otherwise is exactly that subscriber equipment is informed E-RAN's in step 1203.
After subscriber equipment was received safe mode command, if do not protect cryptographic algorithm and protection algorithm integrallty in this message, whether the protection algorithm integrallty that just utilizes user oneself to select was correct according to the method validation MAC-I of Figure 10.Otherwise just verify according to the protection algorithm integrallty that comprises in this message.If checking is correct, so just think that this network is legal, the operation below continuing.
The accommodation of this embodiment is exactly to carry a new FRESH value in the Security Mode Command message that transmits in step 1206, and is to carry out integrity protection by this new FRESH in this message that step 1206 transmitted.After subscriber equipment is received the safe mode command that transmits in step 1206 then, it is carried out integrity check with the FRESH that comprises in this message.If pass through, represent that then this network is believable.
A distortion of present embodiment, network is broadcast enciphering algorithm and protection algorithm integrallty not, but just selects one in oneself the security capabilities by subscriber equipment, same li informs E-RAN in step 1203.
Subscriber equipment and network do not use the FRESH parameter when in fact can arrange to calculate MAC-I in advance.At this time, different in order to guarantee the MAC-I that twice calculating produced of identical content, employed COUN-I is different in the time of can making twice calculating.Because COUNT-I is undertaken initializedly by START, this that is to say that to make when calculating for twice employed START different.Therefore, as a distortion of present embodiment, network can be specified one for the new START value of using next time to user network equipment in last once communication process.Like this, in next communication process, user network equipment uses the START value of this appointment to carry out MAC-I and calculates.The same START value of being preserved of using of network is carried out MAC-I calculating.At this time, described START value can be passed to network by user communication device in next communication process, perhaps pass to user communication device by network, also can not transmit.If transmit, the recipient can verify the employed START value of this communication process, and whether own START value of being preserved is the same.
Equally, as another distortion of present embodiment, subscriber equipment uses a new START value in each communication process.Like this, user network equipment and network use this START value to carry out MAC-I calculating.At this time, described START value need be passed to network by user communication device.Network can be preserved employed START value last time, thereby verifies whether the employed START value of this communication process is the same with own START value of being preserved.
Figure 13 has described how subscriber equipment carries out Signalling exchange with network method.
A special interface Uu+ is arranged and at the corresponding message title of this interface between subscriber equipment and the E-RAN.The message that wherein has is to blame the signaling of transmission from the subscriber equipment to E-CN, and this signaling can be called the L3 signaling.This can be similar with initial directly transmission INITIAL DIRECTTRANSFER and up direct transmission UPLINK DIRECT TRANSFER and descending direct transmission DOWNLINK DIRECT TRANSFER among the present UMTS.The signaling of L3 just is included in these special Uu+ interface messages.
After E-RAN receives this class message, just L3 signaling wherein is transmitted to E-CN or is transmitted to UE.Interface Iu+ between E-RAN and the E-CN be responsible for transmitting signaling between subscriber equipment and the E-CN message can with initial UE message INITIAL UE MESSAGE among the UMTS and directly transmission DIRECT TRANSFER be similar.The signaling of L3 just is included in these special Iu+ interface messages.
Figure 13 1301 and 1302 by the signaling between this machine-processed transmission user equipment and the E-CN.Signaling between UE transmission 1301UE and the E-RAN except comprising the L3 signaling, also comprises the information unit that UE allows E-RAN handle to E-RAN in this message.Similarly, E-RAN is transmitted to E-CN with the L3 signaling after receiving this message, E-RAN transmits the L3 signaling to the signaling that E-GGSN sends between 1302E-RAN and the E-CN, not only comprise the L3 signaling in this message, also comprise the information unit that this E-RAN allows E-GGSN handle.
Subscriber equipment and E-CN carry out Signalling exchange and can also be undertaken by 1311 and 1312 these two steps.1311 with the title of 1312 these two message can be the same, also can be different, but these two message are wanted between the interface between the interface between UE and the E-RAN and E-RAN and the E-CN and can be mapped one by one.E-RAN can extract some information unit in 1311 message, does not pass to E-CN.Also can on this message basis, add some new information unit, send to E-CN by 1302 then.
What Figure 14 described is the action behavior of UE of the present invention.
Subscriber equipment is received the safe mode broadcast (step 1401) in the broadcast, protecting network is selected by subscriber equipment in the message cryptographic algorithm and protection algorithm integrallty and priority thereof.Subscriber equipment is preserved these information, so that carry out using mutual the time with network.If comprise FRESH in the broadcast, subscriber equipment also will be preserved this parameter (step 1402) so.When subscriber equipment will be when network sends article one message, according to the process of describing among Figure 10, calculating will send the MAC-I of message, and it is included in article one message, sends to E-RAN (step 1403).This message also will comprise cryptographic algorithm and the protection algorithm integrallty that subscriber equipment will use.UE receives the safe mode command that network sends, and takes out MAC-I wherein, verifies (step 1404) according to the method that Figure 10 describes.If be proved to be successful, just continue subsequent operation.Otherwise UE thinks that network is illegal, withdraws from the communication process with network.
What Figure 15 described is the action behavior of E-RAN of the present invention.
What E-RAN received that E-CN sends will be in the message " safe mode broadcasting " (step 1501) of its Cell Broadcast CB safe mode, comprise in this message that the cryptographic algorithm that will broadcast and protection algorithm integrallty reach priority separately.E-RAN informs subscriber equipment with cryptographic algorithm and protection algorithm integrallty and priority separately in the mode of Cell Broadcast CB in the broadcasting of the system information of subdistricts of its control then.If corresponding to the first embodiment of the present invention (Figure 11 is described), E-RAN also needs to broadcast the FRESH parameter.Receive as E-RAN (step 1502) after article one message of subscriber equipment, use the protection algorithm integrallty that comprises in this message, and other relevant parameters checkings MAC-I wherein whether correct (step 1503).E-RAN will preserve selected cryptographic algorithm of subscriber equipment and protection algorithm integrallty.If in step 1501, E-RAN has broadcasting FRESH value, and the FRESH that uses when step 1503 is tested MAC-I is exactly in the broadcast so, carries out the employed FRESH of integrity protection otherwise this message should comprise the user.The method of checking MAC-I is carried out (step 1504) according to the description of Figure 10.If the verification passes, so in step 1505, E-RAN transmits article one message of receiving from subscriber equipment to E-CN.Otherwise, just think that with regard to E-RAN subscriber equipment is the disabled user, finishes this process.In step 1506,, if wherein protect cryptographic algorithm or protection algorithm integrallty, so just cover the selected algorithm of subscriber equipment, otherwise just use the selected algorithm of subscriber equipment when E-RAN receives after the safe mode command of E-CN transmission.E-RAN sends Security Mode Command message to subscriber equipment, carries the MAC-I that E-RAN calculates in this message, and the cryptographic algorithm and the protection algorithm integrallty of E-CN change.
Figure 16 has described the action behavior of E-CN of the present invention.
E-CN sends the safe mode broadcast to E-RAN, allows E-RAN cryptographic algorithm that radio network is set in the sub-district of its control and protection algorithm integrallty and priority (step 1601) separately.Receive (step 1602) after article one message of the subscriber equipment of transmitting from E-RAN cryptographic algorithm and protection algorithm integrallty that this message protection UE selects as E-CN.E-CN checks whether the sign of subscriber equipment in this message such as P-TMSI identify a validated user (step 1603).If, so just send Security Mode Command message (step 1604) to E-RAN, comprise the sign of subscriber equipment in this message, and network is wanted the cryptographic algorithm and the complete preservation algorithm that allow subscriber equipment use.If E-CN does not want to change cryptographic algorithm and the protection algorithm integrallty that the user selects, this message is not just carried any algorithm information so, and is last, in step 1605, and EO.
By aforesaid the present invention, can make that the call establishment of E-UMTS is short, speed is fast, reaches the purpose of optimizing UMTS.
Although below show the present invention in conjunction with the preferred embodiments of the present invention, one skilled in the art will appreciate that under the situation that does not break away from the spirit and scope of the present invention, can carry out various modifications, replacement and change to the present invention.Therefore, the present invention should not limited by the foregoing description, and should be limited by claims and equivalent thereof.
Claims (16)
1, the method that authenticates between subscriber terminal equipment and network in a kind of wireless communication system said method comprising the steps of:
Network-termination device transmits authentication request message to network, and described authentication request message comprises the authentication reference value;
Network judges whether the authentication value that himself produces is consistent with the authentication reference value, if consistent, then represent the network side authentication success and send authentication response message to network-termination device that described authentication response message comprises another authentication reference value; And
Network-termination device receives the described authentication response message that sends from network, and verify whether described another authentication reference value that is comprised in the described authentication response message is consistent with the authentication value that himself is produced, if unanimity, then subscriber terminal equipment side authentication success.
2, method according to claim 1 is characterized in that cryptographic algorithm, protection algorithm integrallty and authentication parameter information that described authentication request message comprises network-termination device and adopts.
3, method according to claim 1 is characterized in that: the authentication value that described network self is produced is to produce with the key information that parameter information and network produced according to described cryptographic algorithm, protection algorithm integrallty, authentication.
4, method according to claim 1 is characterized in that: the authentication value that described network-termination device self is produced is to produce with parameter information and key information according to described cryptographic algorithm, protection algorithm integrallty, authentication that network-termination device self is preserved.
5, according to claim 2, one of 3 and 4 described methods, it is characterized in that: described authentication comprises FRESH random number or START value with parameter information.
6,, it is characterized in that the key information that described network produces comprises encryption key message and integrity protection key information according to claim 3 or 4 described methods.
7, method according to claim 6 is characterized in that described encryption key message and integrity protection key information are produced by the part of the core network entity in the network.
8, method according to claim 2 is characterized in that cryptographic algorithm that authentication request message comprised that network-termination device transmits to network and protection algorithm integrallty are cryptographic algorithm and the protection algorithm integrallties that a plurality of cryptographic algorithm that provide from network and selected, the described network-termination device of protection algorithm integrallty can be supported.
9, method according to claim 5 is characterized in that: described random number FRESH is by Web broadcast.
10, method according to claim 5 is characterized in that: described random number FRESH is produced by network-termination device self.
11, method according to claim 5 is characterized in that described random number FRESH is renewable.
12, method according to claim 1, it is characterized in that described authentication response message comprise network side again assignment give cryptographic algorithm, protection algorithm integrallty and the authentication parameter information of network-termination device.
13, method according to claim 5 is characterized in that described START value is the network appointment.
14, method according to claim 5 is characterized in that described START value is that network-termination device self produces.
15, method according to claim 5, it is characterized in that network or subscriber equipment receive the START value after, verify whether this START value the same with its START value of preserving.
16. method according to claim 5 is characterized in that, subscriber equipment uses a new START value in each communication process.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2005100483099A CN1941990A (en) | 2005-09-30 | 2005-12-28 | Method for verifying between user terminal apparatus and network in wireless telecommunication system |
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200510107775 | 2005-09-30 | ||
| CNA2005100483099A CN1941990A (en) | 2005-09-30 | 2005-12-28 | Method for verifying between user terminal apparatus and network in wireless telecommunication system |
| CN200510107775.X | 2005-12-28 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1941990A true CN1941990A (en) | 2007-04-04 |
Family
ID=37959675
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2005100483099A Pending CN1941990A (en) | 2005-09-30 | 2005-12-28 | Method for verifying between user terminal apparatus and network in wireless telecommunication system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1941990A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2010078724A1 (en) * | 2009-01-08 | 2010-07-15 | 中兴通讯股份有限公司 | Local authentication method in mobile communication system |
| US9014714B2 (en) | 2008-07-03 | 2015-04-21 | Lg Electronics Inc. | Method of providing location privacy |
| CN109428853A (en) * | 2017-08-21 | 2019-03-05 | 华为技术有限公司 | A kind of communication means and relevant device |
| CN110225490A (en) * | 2013-11-29 | 2019-09-10 | 日本电气株式会社 | Mobile communication system and its method and network node and its method |
-
2005
- 2005-12-28 CN CNA2005100483099A patent/CN1941990A/en active Pending
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9014714B2 (en) | 2008-07-03 | 2015-04-21 | Lg Electronics Inc. | Method of providing location privacy |
| CN102084674B (en) * | 2008-07-03 | 2016-05-04 | Lg电子株式会社 | The method of location privacy is provided |
| WO2010078724A1 (en) * | 2009-01-08 | 2010-07-15 | 中兴通讯股份有限公司 | Local authentication method in mobile communication system |
| CN110225490A (en) * | 2013-11-29 | 2019-09-10 | 日本电气株式会社 | Mobile communication system and its method and network node and its method |
| US11856074B2 (en) | 2013-11-29 | 2023-12-26 | Nec Corporation | Apparatus, system and method for MTC |
| CN109428853A (en) * | 2017-08-21 | 2019-03-05 | 华为技术有限公司 | A kind of communication means and relevant device |
| US10999736B2 (en) | 2017-08-21 | 2021-05-04 | Huawei Technologies Co., Ltd. | Communication method and related device |
| CN109428853B (en) * | 2017-08-21 | 2021-06-29 | 华为技术有限公司 | Communication method and related equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110419205B (en) | Method for integrity protection of user plane data | |
| CN1156196C (en) | Integrity check in communication system | |
| TWI724132B (en) | Method of wireless communication, apparatus for wireless communication and computer program for performing the method | |
| US11856402B2 (en) | Identity-based message integrity protection and verification for wireless communication | |
| KR102315881B1 (en) | Mutual authentication between user equipment and an evolved packet core | |
| CN1185903C (en) | A system for ensuring encrypted communication after handover | |
| AU2007232622B2 (en) | System and method for optimizing authentication procedure during inter access system handovers | |
| CN1310476C (en) | Method for building session connection to wireless local network user | |
| EP3761598B1 (en) | Generating keys for protection in next generation mobile networks | |
| US10306432B2 (en) | Method for setting terminal in mobile communication system | |
| CN103179558B (en) | Group system group exhales encryption implementation method and system | |
| CN1298194C (en) | Radio LAN security access method based on roaming key exchange authentication protocal | |
| EP3371993B1 (en) | Method, ue and network node for protecting user privacy in networks | |
| CN1848994A (en) | Method for realizing right discrimination of microwave cut-in global interoperating system | |
| CN104285422A (en) | Secure communications for computing devices utilizing proximity services | |
| CN1857024A (en) | Enhanced security design for cryptography in mobile communication systems | |
| CN1666190A (en) | Method of registering home address of a mobile node with a home agent | |
| EP2854329B1 (en) | Method, system, and device for securely establishing wireless local area network | |
| KR101625037B1 (en) | Privacy-Enhancing Security Protocol in LTE Initial Attack | |
| JP2023539174A (en) | Privacy of relay selection in sliced cellular networks | |
| CN1937487A (en) | LTE authentication and encryption method | |
| CN112087724A (en) | Communication method, network equipment, user equipment and access network equipment | |
| CN101047505A (en) | Method and system for setting safety connection in network application PUSH service | |
| CN1941990A (en) | Method for verifying between user terminal apparatus and network in wireless telecommunication system | |
| CN1728636A (en) | Method of the attestion at client end |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20070404 |