KR20040099084A - Security method for broadcasting service in mobile telecommunication system - Google Patents

Abstract

PURPOSE: A security method for a broadcasting service in a mobile communication system is provided to generate an encryption key for a broadcasting service with a masked random seed and a random seed obtained with a mask value, thereby performing more thorough security function for receiving the broadcasting service. CONSTITUTION: When a BAK(Broadcast Access Key) is transmitted(31), a random seed is generated(32). An SK(Short-time encryption Key) is generated by using the BAK and the random seed(33). A base station creates crypto-synchronization information by using a time stamp value(35,36) when a broadcast security packet is to be generated, and creates an encryption mask by performing AES(Advanced Encryption Standard) algorithm with the crypto-synchronization information(34). The broadcast security packet is created by performing an XOR process for the encryption mask(37,38,39).

Description

Security method for broadcasting service in mobile communication system {SECURITY METHOD FOR BROADCASTING SERVICE IN MOBILE TELECOMMUNICATION SYSTEM}

The present invention relates to a mobile communication system, and more particularly, to a security method for providing a broadcast service to a mobile terminal.

The future communication environment is changing rapidly as it transcends the division of wired and wireless areas or the division of regions and countries. In particular, the future communication environment such as IMT-2000 (International Mobile Telecommunication 2000) is a trend that is built as an environment that provides a variety of information in real time and comprehensive as well as video and audio. The development of a mobile communication system is not only performing voice communication in an access terminal (AT) such as a cellular phone or a personal communication system (PCS). Reached to the extent possible.

1 shows the overall configuration of a typical wireless broadcast service system.

Referring to FIG. 1, a broadcasting server (BCMCS Server or Contents Server: CS) 14 is a packet data service node for broadcasting traffic data including video and / or sound for a broadcast service. (Packet Data Service Node: PDSN) 13 is transmitted to the base station (Access Node: AN) (11a, 11b). When the broadcast server 14 is connected to the packet data service node 13 through a packet communication network such as the Internet, the broadcast traffic data is generated in the form of a compressed Internet Protocol (IP) packet.

The packet data service node 13 receives user profile information for authentication of packet communication from an authentication, authorization and accounting (AAA) server 15, generates charging information for a broadcast service, and generates the authentication. And to the charging server 15. The base stations (11a, 11b) are Base Transceiver Subsystems (BTSs) 11a-1, 11a-2, 11b-1, which are responsible for the operation of the link layer and the physical layer, well known in the cellular mobile communication technology. 11b-2) and base station controllers (BSCs) 11a-3 and 11b-3, which are in charge of the operation of the network layer, and perform the interface for communication of packet data. It is connected to the packet data service node 13 via Packet Control Function Blocks (PCF) 12a, 12b.

As an example, IP multicast is used to deliver broadcast data generated by the broadcast server 14 to the base stations 11a and 11b. The base stations 11a and 11b form a multicast group that receives IP multicast data from the broadcast server 14. Membership information of the multicast group is maintained by a multicast router (MR) (not shown) connected to each of the base stations 11a and 11b.

Although not shown, the wireless broadcast service system may further include a broadcast controller (BCMCS Controller) dedicated to authentication of packet communication and generation of charging information for the broadcast service, in place of the packet data service node 13. .

In providing a broadcast service for commercial purposes in a wireless communication system, the most important is the security of the broadcast service. That is, in order to support billing over time of a broadcast service used by a user, strong security for the broadcast service within an allowed time is required. To this end, a typical wireless broadcast service system uses a broadcast security packet through link layer encryption.

FIG. 2 is a block diagram illustrating an operation of generating a broadcast security packet using typical link layer encryption.

Referring to FIG. 2, when the link layer of the base station receives a broadcast access key (BAK) 21 for encryption and decryption of broadcast data from a broadcast controller or a packet data service node, the seed layer is seeded. Create The seed is a bit sequence that is shared between the transmitters and receivers of encrypted data for secure communication, and is referred to herein as a random seed (RS) 22 in the sense that it is randomly generated within a predetermined bit size. The base station generates a short-term encryption key (SK) 23 using the random seed 22.

At the time of generating the corresponding broadcast security packet, the base station generates crypto-synchronization (Cryptosync) 26 by using a timestamp value 25 at the time of broadcast traffic transmission and the short-term encryption. An encryption mask 24 is generated by performing a known AES (Advanced Encryption Standard, Rijndael) algorithm using the key 23 and the encryption synchronization information 26. The broadcast security packet 29 is generated by performing an exclusive OR (XOR) 27 on the encryption mask 24 bitwise with the broadcast data packet 28.

The terminal generates an encryption mask in the same manner as used in the base station, and decodes the broadcast security packet received from the base station with the generated encryption mask to obtain a broadcast data packet. In order to generate an encryption mask in a terminal, a BAK, a random seed, and a timestamp value used by a base station are required. Here, the timestamp value is transmitted from the base station through an overhead message at or before the corresponding broadcast security packet becomes valid, and the BAK connects to the broadcast controller to listen to the broadcast service and receives broadcast session information of the desired broadcast service. It is obtained during the initialization process. The random seed is included in a security parameter message during transmission of broadcast traffic and transmitted from the base station to the terminal.

4 is a message flow diagram illustrating signaling for a typical broadcast service. For convenience of description, the base station (AN) and the packet control unit (PCF) are collectively referred to as a base station / packet control unit (AN / PCF).

Referring to FIG. 4, when a user requests a start of a broadcast service by operating a menu screen or pressing a predetermined hotkey in step 100, the terminal AT transmits a packet data service node for packet data communication in step 105. Establish a PDSN and Point to Point Protocol (PPP) connection. Although not shown, the terminal may receive information on broadcast services that can be provided in the network in advance before the process 100.

In step 110, the packet data service node delivers a BMCCS Request Message including a BCMCS Request Message containing a Content Name representing information about a broadcast service that a user wants to listen to. In step 115, in response to the broadcast service request, the BCMCS controller, together with relevant information about the requested broadcast service (protocol stack, multicast IP address, broadcast identifier), and security information (BAK, BAK) required for broadcast reception. Valid time). When all relevant information of the desired broadcast service is obtained, the terminal terminates the radio channel and PPP connection in step 120.

In step 125, the terminal receives a broadcast overhead message transmitted on a control channel. The broadcast overhead message includes information on a physical channel for receiving a broadcast along with sector information related to a base station (sector in the case of a sector type base station) that the terminal is serving and information on neighbor cells. In step 130, the terminal transmits a registration message including an identifier (BCMCSFlowID or logical channel ID) of the broadcast service that the user wants to listen to. The registration message is a message normally used for location registration in a cellular system, and is used for a request for a broadcast service.

In step 135, the base station checks whether the requested broadcast service is already in progress. If it is determined that the requested broadcast service is not in progress or necessary for billing, the base station connects a bearer path to the packet data service node and performs an IP connection procedure to a broadcast server (BCMCS Server). To perform. In step 140, broadcast traffic from the broadcast server reaches the base station.

In step 145, the base station starts transmitting packets for broadcast service to deliver broadcast traffic. At this time, the base station transmits a security layer packet including a security parameter message to the first broadcast service packet, and further includes broadcast security packets if there is room. As described above, the security layer packet includes a random seed necessary for decoding the broadcast security packets.

Thereafter, the base station continues to transmit packets for broadcast service, including broadcast security packets, in steps 150 to 155. If the random seed is changed, in step 160, the base station transmits the new random seed to the broadcast service packet again and continuously transmits subsequent broadcast security packets as shown in step 165.

In the conventional broadcast security operating as described above, since the random seed, which is information necessary for decoding broadcast security packets, is transmitted as an in-band signal, all terminals monitoring the broadcast channel can know the random seed. . Therefore, in order to limit the accessibility to the broadcast channel of the terminal it is necessary to ensure the stability of the BAK transmitted in the outband (outband) signal. Even when BAK is exposed, the easiest way to minimize the reception of illegal broadcasting service is to change BAK frequently.

In the case of BAK, it is impossible to change it frequently because it is a value that can be obtained only by connecting to a broadcast controller. In fact, BAK is designed to have a shelf life of at least one week and at least one month. Therefore, a terminal that has abnormally obtained a BAK, that is, a terminal which does not have a right to receive a broadcast service, may be able to listen to a broadcast.

In addition, in the conventional broadcast security, only information available for charging a broadcast service is BAK. As described above, since the BAK has a relatively long valid time, the BAK has an effective time regardless of the time that the terminal actually used the broadcast service. Therefore, there was a problem that the billing had to be added uniformly.

Accordingly, the present invention, which was devised to solve the problems of the prior art operating as described above, provides a security method for providing a broadcast service in a mobile communication system.

The present invention provides a method for improving the security of broadcast traffic by using a security parameter that can be changed at a relatively short time in a mobile communication system.

The present invention provides a method for delivering a security parameter necessary for a broadcast service only to an authorized user according to authentication in a mobile communication system.

An embodiment of the present invention includes a base station providing a broadcast service to a terminal through a wireless channel and a packet data service node connecting the base station to a broadcast server through a packet data network, wherein the broadcast is encrypted by the terminal in a mobile communication system. In the method of receiving the service,

Receiving a mask parameter message including a mask value for receiving a desired broadcast service from the base station;

Receiving a packet for a broadcast service including a masked seed and a broadcast security packet from the base station through a wireless broadcast channel;

Obtaining a seed from the masked seed using the mask value, and generating an encryption key with the seed;

And decrypting the broadcast security packet with the encryption key.

Another embodiment of the present invention is encrypted by the base station in a mobile communication system including a base station providing a broadcast service to a terminal through a wireless channel and a packet data service node connecting the base station to a broadcast server through a packet data network. In the method for providing a broadcast service,

Transmitting a mask parameter message including a mask value for the desired broadcast service to the terminal when receiving the desired broadcast service by the terminal;

Generating a broadcast security packet by encrypting broadcast data for the desired broadcast service with an encryption key generated with a seed for the broadcast service;

Masking the seed with the mask value, and transmitting a packet for a broadcast service including the masked seed and the broadcast security packet to the terminal through a wireless broadcast channel.

1 is a diagram showing the overall configuration of a typical wireless broadcast service system.

Figure 2 is a block diagram showing the operation of generating a broadcast security packet applying the typical link layer encryption.

3 is a diagram illustrating a configuration of a packet for a broadcast service including broadcast security packets.

4 is a message flow diagram illustrating signaling for a typical broadcast service.

5 is a block diagram showing an operation of generating a broadcast security packet to which link layer encryption is applied according to the present invention;

6 is a diagram illustrating an example of configuration of an X mask parameter message according to the present invention;

7 illustrates another example of configuration of an X mask parameter message according to the present invention.

8 illustrates another example of configuration of an X mask parameter message according to the present invention;

9 illustrates another example of configuration of an X mask parameter message according to the present invention;

10 is a message flow diagram illustrating signaling for a broadcast service according to an embodiment of the present invention.

11 is a diagram illustrating an example of configuration of a security parameter message according to the present invention;

12 illustrates another example of a security parameter message configuration according to the present invention.

13 is a view showing an example of a configuration of a broadcast overhead message that can specify whether or not to use the X mask value in accordance with the present invention.

14 illustrates an example of a configuration of a logical channel registration message for requesting an X mask according to the present invention.

15 is a message flow diagram illustrating an operation of notifying a terminal of an X mask value according to the present invention.

In the following description of the present invention, detailed descriptions of well-known functions or configurations will be omitted if it is determined that the detailed description of the present invention may unnecessarily obscure the subject matter of the present invention. Terms to be described later are terms defined in consideration of functions in the present invention, and may be changed according to intentions or customs of users or operators. Therefore, the definition should be made based on the contents throughout the specification.

In the present invention described below, the broadcast traffic is secured by using a security parameter that can be changed at a relatively short time. In particular, the security parameters are delivered only to users who are allowed in accordance with authentication, using outband signals.

5 is a block diagram illustrating an operation of generating a broadcast security packet to which link layer encryption is applied according to the present invention.

Referring to FIG. 5, when the link layer of the base station receives a broadcast access key BAK 31 for encryption and decryption of broadcast data from a broadcast controller or a packet data service node, the seed layer is seeded. Generate (32). The seed is a bit sequence shared between the transmitters and receivers of the encrypted data for secure communication, and is referred to herein as random seed (RS) in the sense that it is randomly generated within a predetermined bit size. A short-term encryption key (SK) 33 is generated using the BAK 31 and the random seed 32.

Here, the base station transmits a masked random seed using a predetermined mask value (hereinafter referred to as an X mask value) and transmits the mask value to a control channel or a forward traffic channel, unlike a conventional method of transmitting a random seed to a terminal. It is transmitted on the X mask parameter message in the form of outband signal transmitted through the packet. The X mask value is a security parameter that changes every relatively short time. The X mask parameter message is transmitted from a base station to a terminal through a control channel or a forward traffic channel, and only a specific terminal can be received or can be received by all terminals or specific terminals receiving broadcasts in a cell.

The base station generates a Crypto-Synchronization (Cryptosync) 36 using a timestamp value 35 at the time point of generating a broadcast security packet, and the short-term encryption key 33 and the An encryption mask 34 is generated by performing a known AES (Advanced Encryption Standard, Rijndael) algorithm using the encryption synchronization information 33. The broadcast security packet 39 is generated by performing an exclusive OR operation 37 bitwise with the encryption mask 34 on the broadcast data packet 38.

The terminal acquires a BAK for a desired broadcast service by accessing a broadcast controller during initialization of a broadcast service, and obtains a random seed masked from a base station at the start of a broadcast service or at a predetermined period. The X mask value for the masked random seed is received from the base station to the terminal in the X mask parameter message received through the control channel or the forward traffic channel.

The terminal obtains a random seed from the masked random seed with the X mask value, generates a short-period encryption key with the obtained random seed and the obtained BAK, and receives a timestamp value received from a base station at a predetermined time point. Generate encryption synchronization information with. Thereafter, the terminal generates an encryption mask with the short-term encryption key and the encryption synchronization information, and obtains a broadcast data packet by decoding the broadcast security packet received from the base station with the generated encryption mask. On the other hand, the X mask used in the embodiment of the present invention can be used any mask having a similar role as a general X mask.

The X mask value for the broadcast service is included in the X mask parameter message and transmitted from the base station to the terminal. The X mask parameter message is transmitted through the control channel or the forward traffic channel. For example, when the base station changes the X mask value, the X mask parameter message receives the currently valid X mask value at the request of the UE for registration. Transmit the X mask parameter message to the terminal.

6 shows an example of configuration of an X mask parameter message according to the present invention.

Referring to FIG. 6, the X mask parameter message includes a Message ID field used for distinguishing types of messages, an XMask Sequence Number field indicating a sequence number incremented by one each time the X mask is changed, and an X mask value. It consists of an XMask field containing. The XMask Sequence Number field ensures that the terminal and the base station use the same X mask value.

The Next XMask Included field indicates whether to include the next X mask value further. If this value is set to 1, the next X mask value is included in the Next XMask field. At this time, the sequence number of the next X mask is 'sequence number + 1' indicated by the XMask Sequence Number field. The Reserved field is used for byte alignment. 6 may be used when a common X mask is used regardless of the type of broadcast service being broadcast in a corresponding cell.

7 shows another example of configuration of an X mask parameter message according to the present invention.

Referring to FIG. 7, the X mask parameter message carries a plurality of X mask values at the same time. The Message ID field identifies the type of message. The XMask Sequence Number field indicates a sequence number of a first included X mask value, and sequence numbers of X mask values included thereafter are incremented by one from the first sequence number. The XMask Count field indicates the number of X mask values included in this message. That is, the X mask parameter message includes as many 'X mask values as indicated in the' XMask Count field 'in the XMask fields. If the value of the XMask Count field is 0, the Xmask parameter message contains only one Xmask value. In addition, the sequence numbers of the included X mask values are incremented by one from the first sequence number. In the case of using the message as shown in FIG. 7, the common X mask may be used regardless of the broadcast service broadcast in the corresponding cell.

8 shows another example of configuration of an X mask parameter message according to the present invention.

Referring to FIG. 8, the X mask parameter message is an example used when a different X mask is used for each broadcast service. The Message ID field identifies the type of message. The length of the broadcast service identifier (BCMCSFlowIDLength) field is used to obtain the length of the broadcast service identifier (BCMCSFlowID) field, and the length of the broadcast service identifier (BCMCSFlowID) field is (BCNCSFlowIDLength + 1) x 8 bits. The broadcast service identifier count (BCMCSFLowCount) field indicates the number of BCMCSFlowIDs included in the Xmask parameter message, and different Xmasks are delivered for each BCMCSFlowID. The BCMCSFlowID field is a value used to distinguish a broadcast service, and information of an X mask used for each BCMCSFlowID is also transmitted. The same Xmask field according to the preceding broadcast service identifier ID (XMaskSameAsPreviousBCMCSFlow) field is the same as the Xmask applied to the broadcast traffic distinguished by the BCMCSFlowID included in the Xmask applied to the broadcast traffic identified by the preceding BCMCSFlowID. In this case, the mask is not used. In this case, the overlapping XMask is not informed. When the XMaskSameAsPreviousBCMCSFlow field is set to '1', the XMaskSequenceNumber field, the XMaskCount field, and the XMask information field are not included for this BCMCSFlowID. The XMaskSequenceNumber field indicates a sequence number of the first included X mask value, and the sequence numbers of the X mask values included thereafter are incremented by one from the first sequence number. The XMaskCount field indicates the number of X mask values included in this message. That is, the X mask parameter message includes X mask values as many as the value indicated by the XMaskCount field. If the value of the XMaskCount field is 0, the Xmask parameter message contains only one Xmask value.

9 shows another example of configuration of an X mask parameter message according to the present invention.

Referring to FIG. 9, the X mask parameter message is an example of using a common X mask regardless of a broadcast service or using a different X mask for each broadcast service as one message. (Combination of FIG. 6 and FIG. 8) The Message ID field distinguishes types of messages. The CommonXMaskIndicator field is an indicator indicating whether a common X mask used regardless of a broadcast service is included or whether a different X mask is included for each broadcast service. When the CommonXMaskIndicator field is 1, only the CommonXMaskSequenceNumber field, the CommonXMaskCount field, the CommonXMask field, and the Reserved field are included. In contrast, when the CommonXMaskIndicator field is 0, the broadcast service identifier length (BCMCSFlowIDLength) field, broadcast service count (BCMCSFlowCount) field, broadcast service identifier (BCMCSFlowID) field, XMaskSequenceNumber field, XMaskCount field, XMask information field and Reserved field are included. The Common XMaskSequenceNumber field indicates a sequence number of the first included X mask value when using a common XMask regardless of a broadcast service, and the sequence numbers of the X mask values included thereafter are the first. The values are incremented by one from the first sequence number. The Common X Mask Count field indicates the number of X mask values included in this message when a common X Mask is used regardless of a broadcast service. That is, the X mask parameter message includes as many X mask values as the value indicated by the Common X Mask Count field. If the value of the CommonXMaskCount field is 0, then the Xmask parameter message contains only one Xmask value. The Common X Mask information field includes an X mask to be used in common. The BCMCSFlowIDLength field is used to obtain the length of the BCMCSFlowID field, and the length of the BCMCSFlowID field is (BCNCSFlowIDLength + 1) x 8 bits. The BCMCSFLowCount field indicates the number of BCMCSFlowIDs included in the Xmask parameter message, and different Xmasks are delivered for each BCMCSFlowID. The BCMCSFlowID field is a value used to distinguish a broadcast service, and information of an X mask used for each BCMCSFlowID is also transmitted. The XMaskSameAsPreviousBCMCSFlow field indicates when the Xmask applied to the broadcast traffic identified by the preceding BCMCSFlowID uses the same Xmask as the Xmask applied to the broadcast traffic identified by the BCMCSFlowID previously included in this BCMCSFlowID. Do not tell XMask. If the XMaskSameAsPreviousBCMCSFlow field is set to '1', the XMaskSequenceNumber field, XMaskCount field, and XMask field are not included for this BCMCSFlowID. The XMaskSequenceNumber field indicates a sequence number of the first included X mask value, and the sequence numbers of the X mask values included thereafter are incremented by one from the first sequence number. The XMaskCount field indicates the number of X mask values included in this message. That is, the X mask parameter message includes as many X mask values as the value indicated in the XMaskCount field. If the value of the XMaskCount field is 0, the Xmask parameter message contains only one Xmask value. The Reserved field is used for byte alignment.

10 is a message flow diagram illustrating signaling for a broadcast service according to an embodiment of the present invention. For convenience of description, the base station (AN) and the packet control unit (PCF) are collectively referred to as a base station / packet control unit (AN / PCF).

Referring to FIG. 10, when a user requests a start of a broadcast service by operating a menu screen or pressing a predetermined hotkey in step 200, the terminal AT transmits a packet data service node for packet data communication in step 205. Establish a PDSN and Point to Point Protocol (PPP) connection. Although not shown, the terminal may receive information about broadcast services that can be provided in the network in advance before the process 200.

In step 210, the packet data service node delivers a BMCCS Request Message including a BCMCS Request Message containing a Content Name representing information about a broadcast service that a user wants to listen to. In step 215, in response to the broadcast service request, the BCMCS controller, together with the relevant information about the requested broadcast service (protocol stack, multicast IP address, broadcast identifier), and security information necessary for reception of a broadcast (BAK, BAK). Valid time). When all relevant information of the desired broadcast service is obtained, the terminal terminates the radio channel and PPP connection in step 120.

In step 225, the terminal receives a broadcast overhead message transmitted on a control channel. The broadcast overhead message includes information on a physical channel for receiving a broadcast along with sector information related to a base station (sector in the case of a sector type base station) that the terminal is serving and information on neighbor cells. In step 230, the terminal transmits a registration (BCMCSFlowRegistration) message including the identifier (BCMCSFlowID or logical channel ID) of the broadcast service that the user wants to listen to the base station. The registration message is a message normally used for location registration in a cellular system, and is used for a request for a broadcast service.

In step 235, the base station authenticates whether the user of the terminal is a valid user who can use the corresponding broadcast service, and if the authentication is successful, and transmits the information for the charging of the terminal to the AAA server. In this case, the process 235 is not necessarily performed, and is selectively processed according to the service provider's requirements. That is, if necessary, one of authentication and billing may be performed, or both processes may be omitted. On the other hand, assuming that authentication and billing are performed simultaneously in step 235, and that authentication and billing are simultaneously performed in step 235, when the authentication is successful, in step 240, the base station has an X mask value of X. The mask parameter message is transmitted to the terminal. The X mask parameter message is not always transmitted in response to the registration message, but may be transmitted or omitted according to the needs of the base station.

In step 245, the base station checks whether the requested broadcast service is already in progress, and if it is determined that the requested broadcast service is not in progress or necessary for billing, etc., the bearer to the packet data service node. Connect the path and perform the IP connection procedure to the broadcast server (BCMCS Server). In step 250, broadcast traffic from the broadcast server reaches the base station.

In step 255, the base station starts transmitting BCMCS packets for delivery of broadcast traffic. At this time, the base station transmits a security layer packet including a security parameter message in the first broadcast service packet (BCMCS packet), and further includes broadcast security packets if there is room. . As described above, the security layer packet includes a random seed masked for decoding broadcast security packets. Here, the security layer packet is for signaling, and the broadcast security packets are for broadcast traffic.

Thereafter, the base station continues to transmit BCMCS packets including broadcast security packets in step 260. When a predetermined registration timer expires or when an autonomous handoff occurs, in step 265, the terminal transmits a registration message including an identifier of a broadcast service currently in service to the base station. In step 270, the base station registers the registration message. In response to the message, user authentication is processed and information for broadcasting charging of the terminal is updated. Likewise, process 270 is optionally performed. If the user authentication is successful in step 270, the base station transmits an X mask parameter message including the current valid X mask value to the terminal in step 275, and broadcasts the broadcast security packets in step 280. Continue to transmit BCMCS packets.

If the random seed is changed, in step 285, the base station transmits a new random seed in a BCMCS packet and continuously transmits subsequent broadcast security packets as in step 290.

In the above, the base station performs user authentication in response to a registration message of the terminal, and then illustrates and describes an embodiment of providing an X mask value. Can be. For example, the base station provides an X mask value in accordance with user authentication through the AAA server and registers the authenticated terminal in the authentication list at the time of initial registration to start a broadcast service. After the registration message is received from the terminal, it checks whether the corresponding terminal is listed in the authentication list, and if the authentication list is entered, provides the X mask value without user authentication. Perform.

In another embodiment, the base station arbitrarily performs user authentication of the terminal without receiving a registration message of the terminal, provides an X mask value according to the result, and writes the authenticated terminal in the authentication list. Similarly, the base station then checks whether it is arbitrarily written in the authentication list for the terminals in the broadcast service and provides an X mask value according to the result.

In the present invention, the security parameter message includes a random number and a sequence number indicating a currently valid X mask value. The sequence number is used to distinguish the valid X mask value at the present time when the terminal has a plurality of X mask values, and is also used to detect whether an incorrect X mask value is used.

FIG. 11 illustrates an example of a security parameter message configuration according to the present invention. The message configuration shown here is for a case where the same X mask value is applied to random seeds while using a plurality of different random seeds for each broadcast service. .

Referring to FIG. 11, the security parameter message includes a Message ID field used for identifying a message type, a BAK Sequence Number field used for identifying a BAK for decoding, and an X mask valid at the present time. An XMask Sequence Number field used for distinguishing values, a Blocks Per Random Seed field indicating the number of BCMCS packets that can be decoded using one random seed, and a random seed included in this message. And a Random Seed Count field indicating the number of fields and at least one Random Seed field included when the value of the Random Seed Count field is not zero. When the value of the Blocks Per Random Seed field is 2, the included random seed value is applied to the following two BMCs.

12 illustrates another example of a security parameter message configuration according to the present invention. The message configuration shown here is for a case where unique X mask values are applied to each random seed while using a plurality of different random seeds for each broadcast service. will be.

Referring to FIG. 12, the security parameter message uses a Message ID field used for identifying a message type, a BAK Sequence Number field used for identifying a BAK for decoding, and one random seed. The Blocks Per Random Seed field, which indicates the number of BCMCS packets decodable, the Random Seed Count field, which indicates the number of random seeds included in the message, and the value of the Random Seed Count field may not be 0. It consists of at least one Random Seed field included in the case and an XMask Sequence Number field used to distinguish the valid X mask value at the present time. When the value of the Blocks Per Random Seed field is 2, the included random seed value is applied to the following two BMCs.

11 and 12, the random seed value included in the random seed field is not a direct random seed, but a random seed masked by an X mask value. The terminal stores the X mask values received through the X mask parameter message and sequence values thereof, and retrieves an X mask value corresponding to the sequence value indicated by the XMask Sequence Number field, and uses the retrieved X mask value to be Random. The random seed is obtained by masking the masked random seed included in the Seed field.

In the above, an operation of generating an encryption key for a broadcast service with a random seed at a base station and providing a masked random seed with an X mask value to the terminal has been described. If the base station intends to provide the random seed itself to the terminal without using the X mask value, the base station specifies whether to use the X mask value in the broadcast overhead message.

13 shows an example of a broadcast overhead message configuration that can specify whether to use the X mask value in accordance with the present invention.

Referring to FIG. 13, the broadcast parameter message includes a Message ID field used for distinguishing types of messages, a BCMCSFlowIDLength field used to obtain the length of the BCMCSFlowID field, a BCMCSFlowCount field indicating the number of valid broadcast service channels, A BCMCSFlowID field included according to the value of the BCMCSFlowCount field and an XMaskUsed field indicating whether a masked random seed is provided. If the XMaskUsed field is set to '00', the base station transmits the unmasked random seed to the security parameter message to the terminal. When the XMaskUsed field is set to '01', a common X mask is used regardless of a broadcast service, and when the XMaskUsed field is set to '10', an X mask is used for each broadcast service. If the XMaskUsed field is set to '01' or '10', the base station sends the masked random seed to the security parameter message to the terminal and transmits the X mask value for the masked random seed through the X mask parameter message. To send.

On the other hand, when the terminal does not have an X mask or when a security parameter message having an X mask sequence number different from the information of the stored X mask is received, the terminal cannot decode the broadcast encryption packet and thus the broadcast service. Is not available. In this case, the terminal requests an X mask by transmitting a logical channel registration message to the base station.

14 illustrates an example of a configuration of a BMCCSFlowRegistration message for requesting an X mask according to the present invention. Here, the logical channel registration message is a registration message used for a broadcast service, and actually means a registration message used for notifying the system of a location of a terminal in a cellular system.

Referring to FIG. 12, a broadcast channel registration message includes a Message ID field used for distinguishing types of messages, a BCMCSFlowIDLength field used to obtain a length of a BCMCSFlowID field, and currently received broadcast service identifiers (BCMCSFlowIDs). That is, it includes a BCMCSFlowCount field indicating the number of broadcast channel identifiers, at least one BCMCSFlowID field included according to the value of the BCMCSFlow field, and an XMaskRequest field indicating whether an X mask is required by the terminal. If the XMaskRequest field is set to '0', this indicates that the terminal is already using the correct X mask value, and if the XMaskRequest field is set to '1', the terminal has an incorrect X mask value. Because it has a value, it indicates that the base station is requesting a correct X mask value.

15 is a message flow diagram illustrating an operation of notifying a terminal of an X mask value according to the present invention.

Referring to FIG. 15, in step 300, the terminal receives broadcast traffic of a desired broadcast service. In step 305, when the terminal receives the broadcast overhead message and finds that the broadcast traffic of the desired broadcast service is encrypted using the X mask, the terminal checks whether the X mask for the desired broadcast service already exists. That is, the terminal checks whether the X mask corresponding to the X mask sequence number extracted from the security parameter message included in the broadcast service packet carrying the broadcast traffic is already stored. If the corresponding X mask has already been stored, the broadcast mask is decoded using the X mask, otherwise proceed to step 310.

In step 310, the terminal transmits a registration message set to XMask Request = 1 to the base station. In step 315, the base station performs an authentication procedure of the terminal as necessary and updates the charging information. If the authentication is successful, in step 320, the base station transmits an X mask parameter message including an X mask value currently valid to the terminal to the terminal. In step 325, the UE decodes the broadcast security packet received from the base station with the X mask parameter obtained from the X mask parameter message.

Although the base station updates the X mask arbitrarily or periodically in the embodiment of FIG. 15, it is obvious that the base station may update the X mask in response to the request of the terminal.

Meanwhile, in the detailed description of the present invention, specific embodiments have been described, but various modifications are possible without departing from the scope of the present invention. Therefore, the scope of the present invention should not be limited to the described embodiments, but should be defined not only by the scope of the following claims, but also by those equivalent to the scope of the claims.

In the present invention operating as described in detail above, the effects obtained by the representative ones of the disclosed inventions will be briefly described as follows.

The present invention enables the charging of a broadcast service of a user by using an X mask having a relatively short valid period, that is, a security parameter, while minimizing additional overhead increase. The present invention does not provide the terminal with an additional security parameter necessary for decoding broadcast traffic when the terminal does not transmit a signal message for use as a charging basis to the base station, thereby forcing more efficient charging by forcing registration of the broadcast service of the terminal. Make it possible.

Claims (25)

A mobile communication system comprising a base station providing a broadcast service to a terminal through a wireless channel and a packet data service node connecting the base station to a broadcast server through a packet data network, , Receiving a mask parameter message including a mask value for receiving a desired broadcast service from the base station; Receiving a packet for a broadcast service including a masked seed and a broadcast security packet from the base station through a wireless broadcast channel; Obtaining a seed from the masked seed using the mask value, and generating an encryption key with the seed; And decrypting the broadcast security packet with the encryption key. The method of claim 1, wherein the mask parameter message, A mask field indicating the mask value, a sequence field indicating a sequence number corresponding to the mask value, an information field indicating whether a next mask value is included, and a next mask field indicating a next mask value; And a next mask field is optionally included according to the value of the information field, and the sequence number of the next mask value is a value added by 1 to the value indicated by the sequence field. The method of claim 1, wherein the mask parameter message, A sequence field indicating a sequence number, a mask count field indicating a number of mask fields included, and at least one mask field sequentially including at least one mask value according to a value of the mask count field, and the sequence The sequence number indicated by the field indicates a sequence number of a first mask value of the at least one mask value. The packet for a broadcast service according to claim 2 or 3, And for the masked seed, further comprising a sequence number corresponding to a valid mask value in a current period. The method of claim 1, wherein the mask parameter message is And receiving in response to a registration message transmitted to request the provision of a desired broadcast service to the base station. The method of claim 1, further comprising receiving a packet for a broadcast service including a next broadcast security packet without a masked seed from the base station through the wireless broadcast channel, and having the encryption key generated using the previously received mask value. And decoding the next broadcast security packet. The method according to claim 1, wherein if a mask value required for decoding the broadcast security packet is not normally received, a registration message including a request field set to a value for requesting a mask value is transmitted to the base station, and the registration message is transmitted to the base station. In response, receiving a mask parameter message comprising a valid mask value. The method of claim 1, further comprising receiving a broadcast overhead message from the base station including an information field indicating whether to use broadcast service parameters and a mask value in an initialization procedure for the broadcast service. The method. The method of claim 1, The mask parameter message, A message identifier field for distinguishing message types, a broadcast service identifier ID for identifying a broadcast service, a field indicating a length of a broadcast service identifier field, a broadcast service identifier count field indicating a number of broadcast service identifiers, and a broadcast service identifier ID And the same mask field according to the previous broadcast service identifier ID using the same mask applied to the broadcast traffic, a mask sequence number field indicating a sequence number corresponding to the mask value, a mask count field, and mask information. Said method. The method of claim 1, The mask parameter message, Common mask sequence number field, common mask count field, common when the identifier field for identifying a message type, a common mask indicator field, and the same mask information according to the preceding broadcast service, and the same mask information according to the preceding broadcast service is 1 A mask information field, and if the same mask information according to the preceding broadcast service is 0, a broadcast service identifier length field, a broadcast service count field, a broadcast service identifier field, a mask sequence number field, and a mask count information field are included. Said method. The method of claim 7, wherein The registration message, And a message identifier field, a broadcast service identifier field, a field indicating a length of the broadcast service identifier field, a broadcast service count field, and a mask request field indicating whether a mask is required by the terminal. The method of claim 8, The overhead message, And a message identifier field, a broadcast service identifier field, a field indicating a length of the broadcast service identifier field, a broadcast service count field, and a mask use field indicating whether a masked random seed is provided. A method of providing an encrypted broadcast service by a base station in a mobile communication system comprising a base station providing a broadcast service to a terminal through a wireless channel and a packet data service node connecting the base station to a broadcast server through a packet data network. In Transmitting a mask parameter message including a mask value for the desired broadcast service to the terminal when receiving the desired broadcast service by the terminal; Generating a broadcast security packet by encrypting broadcast data for the desired broadcast service with an encryption key generated with a seed for the broadcast service; And masking the seed with the mask value, and transmitting a packet for a broadcast service including the masked seed and the broadcast security packet to the terminal through a wireless broadcast channel. The method of claim 13, wherein the transmitting of the mask parameter message comprises: And performing a user authentication on the terminal and transmitting the mask parameter message including the mask value when the authentication is successful. The method of claim 13, wherein the mask parameter message, A mask field indicating the mask value, a sequence field indicating a sequence number corresponding to the mask value, an information field indicating whether a next mask value is included, and a next mask field indicating a next mask value; And a next mask field is optionally included according to the value of the information field, and the sequence number of the next mask value is a value added by 1 to the value indicated by the sequence field. The method of claim 13, wherein the mask parameter message, A sequence field indicating a sequence number, a mask count field indicating a number of mask fields included, and at least one mask field sequentially including at least one mask value according to a value of the mask count field, and the sequence The sequence number indicated by the field indicates a sequence number of a first mask value of the at least one mask value. The method of claim 15 or 16, wherein the broadcast service packet, And for the masked seed, further comprising a sequence number corresponding to a valid mask value in a current period. The method of claim 13, wherein the mask parameter message, Wherein the method is transmitted in response to a registration message received to request provision of a desired broadcast service from the terminal. The method of claim 13, After transmitting the broadcast service packet including the masked seed, transmitting the broadcast service packet including a next broadcast security packet without the masked seed, wherein the next broadcast security packet is the seed. And encrypting the encryption key generated with the encryption key. The method of claim 13, further comprising: receiving a registration message including a request field set to a value for requesting a mask value from the terminal, and transmitting a mask parameter message including a valid mask value to the terminal in response to the registration message; The method further comprises a process. The method of claim 13, further comprising transmitting a broadcast overhead message including an information field indicating whether to use broadcast service parameters and a mask value to the terminal during an initialization procedure for the broadcast service. The method. The method of claim 13, The mask parameter message, A message identifier field for distinguishing message types, a broadcast service identifier field for distinguishing a broadcast service, a field indicating a length of a broadcast service identifier field, a broadcast service identifier count field indicating a number of broadcast service identifiers, and a broadcast service identifier ID And a same mask field according to a previous broadcast service identifier ID using a mask applied to broadcast traffic, a mask sequence number field indicating a sequence number corresponding to the mask value, a mask count field, and a mask information field. Said method. The method of claim 13, The mask parameter message, The common mask sequence number field, the common mask count field, and the common mask when the identifier field indicating the message type, the common mask indicator field, and the same mask information according to the previous broadcast service are included, and the same mask information according to the previous broadcast service is 1. An information field, and when the same mask information according to the preceding broadcast service is 0, a field indicating a length of a broadcast service identifier field, a broadcast service count field, a broadcast service identifier field, a mask sequence number field, and a mask count information field are included. The method characterized in that. The method of claim 20, The registration message, And a message identifier field, a broadcast service identifier field, a field indicating a length of the broadcast service identifier field, a broadcast service count field, and a mask request field indicating whether a mask is required by the terminal. The method of claim 13, The overhead message, And a message identifier field, a broadcast service identifier field, a length field of the broadcast service identifier field, a broadcast service count field, and a mask use field indicating whether a masked random seed is provided.