WO2006050663A1 - Method of setting security key - Google Patents

Method of setting security key Download PDF

Info

Publication number
WO2006050663A1
WO2006050663A1 PCT/CN2005/001872 CN2005001872W WO2006050663A1 WO 2006050663 A1 WO2006050663 A1 WO 2006050663A1 CN 2005001872 W CN2005001872 W CN 2005001872W WO 2006050663 A1 WO2006050663 A1 WO 2006050663A1
Authority
WO
WIPO (PCT)
Prior art keywords
mobile terminal
skey
security key
network device
random number
Prior art date
Application number
PCT/CN2005/001872
Other languages
French (fr)
Chinese (zh)
Inventor
Kunyang Dong
Zhengwei Wang
Chunyan Zhou
Zhiming Zhu
Tianzhen Huang
Jie Kong
Shangbin Wang
Original Assignee
Huawei Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co., Ltd. filed Critical Huawei Technologies Co., Ltd.
Publication of WO2006050663A1 publication Critical patent/WO2006050663A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0431Key distribution or pre-distribution; Key agreement

Definitions

  • the present invention relates to information security technologies, and in particular to a security key setting method in a mobile communication network. Background of the invention
  • the current mobile terminals adopt the method of separating the card, that is, the mobile terminal itself and the user card storing the information for the wireless network user of the danger certificate are two independent parts, and they can be combined at the time of use.
  • the current user card is mainly used for the subscriber identity module card in the wireless communication system, such as the subscriber identity module (SM) card of the Global System for Mobile Communications (GSM) system, the USIM card of the Universal Mobile Telecommunications System (UMTS), and code division multiple access. (CDMA) Communication system UIM card and so on.
  • SM subscriber identity module
  • GSM Global System for Mobile Communications
  • UMTS Universal Mobile Telecommunications System
  • CDMA code division multiple access.
  • Another advantage of this method is that mobile communication operators can perform mobile services such as number-release work and can be separated from the sales of mobile terminals, thus facilitating the development of mobile services and the relative sales of terminals. Independent: Brings great flexibility to mobile business operations and terminal sales.
  • the use of the machine card separation method brings great convenience to the user, and also causes the mobile terminal to be stolen and robbed. Because in the machine card separation mode, as long as a new SM card is replaced on the stolen mobile terminal, it can be used without any hindrance. In this way, the thief can resell the stolen mobile terminal for profit. In this way, the user not only loses economic benefits, but also needs to go through a series of procedures at the communication operator, such as changing the number of contracts. According to the user, it brings great inconvenience to the user. At the same time, the loss of the mobile terminal, the common information that the user saves in the mobile terminal, such as the directory record, etc., will also be lost, which will cause the user's daily life and work [ ⁇ Impact.
  • a more common method is to set password protection on the mobile terminal. For example, if the power-on password is set on the mobile terminal, the correct power-on password needs to be input every time the power is turned on, and the mobile terminal can perform subsequent operations such as registering with the network. If the power-on password is not entered correctly, the mobile terminal cannot be used normally. In this way, even if the thief gets the user's mobile terminal, it cannot be used and sold because the correct password cannot be entered. Therefore, this method solves the problem that the mobile terminal is easily stolen to some extent. However, for this method, the legitimate user needs to input the password every time the computer is turned on, which will bring great trouble to the legitimate user.
  • Another solution is to build a large number of device identification registers (EDO devices, and put the international mobile device identity (MEI) of the stolen mobile terminal into the corresponding EIR blacklist.
  • EEO devices device identification registers
  • MEI international mobile device identity
  • the mobile terminal logs in every time.
  • the IMEI is reported to the network, and the related network device needs to go to the EIR device to check whether the MEI corresponding to the mobile terminal is added to the blacklist. If the MEI of the mobile terminal is found in the blacklist, the network considers The mobile terminal is a stolen terminal, and the user of the mobile terminal is an illegal user, thereby rejecting the network service.
  • the thief can also profit from the obtained mobile terminal because it cannot be used again, thereby fundamentally solving the mobile terminal. It is easy to be stolen.
  • the user card can authenticate the mobile communication network, and after the authentication succeeds, the user card It can be used normally, and after the authentication fails, the user card cannot be used normally in the mobile communication network.
  • this method can only solve the problem of user card security in the mobile terminal, and cannot solve the problem of theft of the mobile terminal itself. For example, after a thief steals a mobile terminal of a legitimate user, the user card of the legitimate user can be replaced with a user card, so that the existing authentication method can successfully authenticate the user card, so that the thief can still use the thief.
  • the stolen mobile terminal cannot prohibit the stolen mobile terminal from continuing to use, so that the anti-theft function of the mobile terminal cannot be achieved.
  • the second generation mobile communication network does not support the terminal authentication of the network separated by the machine card. Therefore, the anti-theft problem cannot be solved.
  • the applicant has proposed to store a security key corresponding to the mobile terminal in the communication network and the mobile terminal, and use the security key to perform authentication on the network by the mobile terminal, thereby Completely solve the problem of anti-theft of mobile terminals.
  • the applicant continues to propose a method of setting a security key. Summary of the invention
  • an object of the present invention is to provide a security key setting method in a mobile communication network to set a consistent security key in two devices of a mobile communication network, thereby implementing authentication using a security key.
  • a security key setting method in a mobile communication network includes at least:
  • a Generate a random number
  • ' b The network device and the mobile terminal set the security key according to the random number in a mutually matching manner.
  • Step b at this point includes:
  • the network device generates a security key according to the random number generated by itself
  • the network device sends the random number to the mobile terminal
  • the mobile terminal generates a security key based on the random number received from the network device.
  • step b includes:
  • the mobile terminal generates a security key according to the random number generated by the mobile terminal
  • the mobile terminal sends the random number to the network device
  • the network device generates a security key based on the random number received from the mobile terminal.
  • the invention also provides a security key setting method in a mobile communication network, which at least comprises:
  • a mobile terminal sends a set security key command to the network device
  • the network device and the mobile terminal generate a security key in a mutually matching manner.
  • step b includes:
  • the network device After receiving the setting security key command, the network device generates a security key, and then sends a security key setting success command to the mobile terminal;
  • the mobile terminal After receiving the security key setting success command, the mobile terminal generates a security key in a manner that matches the security key generation mode of the network device.
  • the method may further include pre-setting a plurality of security key generation modes in the network device and the mobile terminal, and respectively establishing a setting mode flag, where the network device and the mobile terminal set the security key according to the matching manner according to the setting mode flag.
  • the corresponding setting method generates a security key.
  • the method may further include: the mobile terminal selects one of the plurality of setting modes, and sends the setting mode flag corresponding to the selected setting mode to the network device by using the setting security key command.
  • the method may further include: the network device selecting a setting mode from the plurality of setting modes, and transmitting, by the security key setting success command, the setting mode flag corresponding to the selected setting mode to the mobile terminal.
  • the network device or the mobile terminal After the network device or the mobile terminal generates the security key, it may further comprise the step of checking whether the security key is a weak key, and regenerating the security key if it is determined that the security key is a weak key.
  • the security key is generated by generating a security key based on one or a combination of any of CK, IK, and KI. And it can be further based on the feature information of the mobile terminal user card and/or the mobile terminal feature information.
  • the step of synchronizing the respective terminal authentication sequence numbers stored by the network device and the mobile terminal may be further included after the step b.
  • the network device may be an HLR/AUC, and the method further includes the step of the HLR/AUC generating an authentication key according to the set security key and transmitting the authentication set to the MSC/VLR, the MSC/VLR receiving the The authentication set is saved after the authentication set.
  • one of the network device and the mobile terminal in the mobile communication network first generates a random number, and then sends the random number to the other party, and the two parties generate corresponding correspondence according to the same random number.
  • Security key In this way, both the network device and the mobile terminal generate security keys that are consistent with each other, so that each of the security keys can be used for related calculation and judgment when performing authentication, thereby improving the effectiveness of the mobile terminal anti-theft, and thus improving The security of the mobile terminal.
  • the security key setting method of the present invention ensures the security of the set security key itself.
  • FIG. 1 is a flow chart of a first embodiment of setting a security key in accordance with the present invention.
  • 2 is a flow chart of a second embodiment of setting a security key in accordance with the present invention.
  • 3 is a flow chart of a third embodiment of setting a security key in accordance with the present invention.
  • 4 is a flow chart of a fourth embodiment of setting a security key in accordance with the present invention.
  • Figure 5 is a flow diagram of a fifth embodiment of setting a security key in accordance with the present invention.
  • Figure 6 is a message flow diagram of the mobile terminal canceling the terminal security function.
  • Figure 7 is a message flow diagram of the network device canceling the terminal security function.
  • Figure 8 is a message flow diagram of a mobile terminal and network device update authentication vector.
  • FIG. 9 is a flow chart of a first embodiment of an authentication process in accordance with the present invention.
  • Figure 10 is a flow diagram of a second embodiment of an authentication process in accordance with the present invention.
  • Figure 11 is a flow diagram of a third embodiment of an authentication process in accordance with the present invention.
  • Figure 12 is a flow diagram of a fourth embodiment of an authentication process in accordance with the present invention.
  • Figure 13 is a flow chart of a fifth embodiment of an authentication process in accordance with the present invention.
  • Figure 14 is a flow chart of a sixth embodiment of the authentication process of the present invention. Mode for carrying out the invention
  • Fig. 1 shows a flow chart of a first embodiment of a security key setting method according to the present invention.
  • the mobile terminal transmits a Set Security Key (SKEY) command to the HLR/AUC on the network side.
  • SKEY command can be set through the mobile communication network.
  • the MSC/VLR forwarding in the network that is, the mobile terminal sends a SKEY command to the MSC/VLR, and then the MSC/VLR sends the command from the mobile terminal to the HLR7AUC.
  • the HLR and the AUC are usually integrated in one device, which functions as both a home location register and a certificate center, so the device is referred to herein as HLR/AUC 0.
  • the HLR 7AUC generates a random number ( RAND ) upon receipt of the command.
  • RAND random number
  • HLR/AUC uses its own random number generator to generate a RAND.
  • the HLR/AUC In step 103, the HLR/AUC generates a SKEY using one of CK:, IK, and KI, or any combination thereof, and its own generated RAND. For each mobile terminal, the HLR/AUC can pre-store information such as CK, IK, and KI.
  • step 104 after generating the SKEY, the HLR/AUC sends a SKEY setting success command to the mobile terminal, where the command includes the generated RAND.
  • the SKEY setup success command here can also be forwarded through the MSC/VLR.
  • step 105 after receiving the SKEY setting success command including the RAND, the mobile terminal generates the SKEY by using a generation method corresponding to the network device, that is, using one of CK:, IK, and KI, or any combination thereof, and receiving from the network.
  • the RAND of the device generates S EY.
  • the mobile terminal can pre-store information such as CK, IK, and KI, and the mobile terminal can save the information by the mobile terminal and the current user card.
  • information such as CK and IK can be obtained from the user card, and the KI is generally stored in the user card. Therefore, the process of generating the SKEY by the mobile terminal may be performed by the mobile terminal program and the user card.
  • the latter mentioned mobile terminal can save information such as CK, IK, and KI, and the operation of generating SKEY.
  • the HLR/AUC in step 103 can be one of CK, IK, and KI. Or any combination of them and RAND performs algorithm calculation to generate SKEY.
  • the mobile terminal in step 105, the mobile terminal also performs corresponding algorithm calculation on one of CK, IK and KI or any combination thereof and RAND to generate SKEY.
  • step 101 is not necessary, and the HLR/AUC can actively generate the RAND and initiate the subsequent process.
  • step 104 the HLR/AUC can also directly send the AND to the mobile terminal. It can be understood that the network device sends a single RAOT to the terminal, indicating that the network device sets the SKEY successfully, and accordingly, when the setting is unsuccessful, the setting can be back. The failed command does not carry any information.
  • various SKEY settings can be pre-stored in the mobile terminal and the network device, and a SKEY setting mode flag is set for each setting mode, for example, the flag of the first SKEY setting mode is set to 1, and the first The settings for the two SKEY settings are set to 2, and so on.
  • the mobile terminal may select one of a plurality of setting modes in advance, and send a setting mode flag corresponding to the selected setting mode to the HLR/AUC by setting the SK Y command, and the HLR/AUC uses the setting mode.
  • the SI EY setting method corresponding to the flag is used to generate SKEY.
  • the mobile terminal after receiving the HLR/AUC RAND, the mobile terminal also uses the same setting method selected by itself to generate SKEY, thus ensuring the consistency of the SKEY generated on both sides.
  • one of the plurality of setting modes may be selected by the HLR/AUC, and the SKEY is generated according to the setting mode, and then the setting party flag corresponding to the selected setting mode is sent to the mobile terminal through the SKEY setting success command, and the mobile terminal is SKEY is generated using the SKEY setting method corresponding to the _£ mode flag. This also ensures the consistency of the SKEYs on both sides.
  • the HLR/AUC can further check whether the SKEY is a weak key. If yes, then AND is regenerated, and SKEY is regenerated according to the RA > until the SKEY is checked to be not a weak key. If SKEY is checked If it is not a weak key, subsequent processing is performed, that is, the RAND is sent to the mobile terminal through the SKEY setting success command.
  • a weak key for example, a binary 128-bit key.
  • a string of "0" keys, a string of "1" keys is generally considered to be a weak key that is easily compromised. To determine whether a key is a weak key, various methods of the prior art can be used, and will not be described in detail herein.
  • RAND is generated by the HLR/AUC, and the RAKD is transmitted to the mobile terminal.
  • RAND can also be generated by the mobile terminal and RAND is sent to the HLR/AUC.
  • the second embodiment of the present invention is proposed, and the flow thereof is as shown in FIG.
  • the mobile terminal first generates a RAND.
  • a mobile terminal generates its own RAND using its own random number generator.
  • the mobile terminal sends a Set SKEY command to the HLR/AUC, and includes the RAND in the command.
  • the SKEY command can be forwarded through the MSC/VLR in the mobile communication network, that is, the mobile terminal sends a SKEY command to the MSC/VLR, and then the MSC/VLR sends the command from the mobile terminal to the HLR/AUC.
  • step 203 after receiving the command, the HLR/AUC generates SKEY using one of CK, IK, and KI, or any combination thereof, and RAND received from setting the SKEY command.
  • step 204 after generating the SKEY, the HLR/AUC sends a SKEY setting success command to the mobile terminal indicating that the HLR/AUC has successfully set the SKEY.
  • the SKEY setting success command here can also be forwarded through the MSC/VLR.
  • step 205 after receiving the SKEY setting success command, the mobile terminal generates SKEY by using a generation method corresponding to the network device, that is, generating SKEY by using one of CK, IK, and KI or any combination thereof and the RAND generated by itself.
  • the HLR/AUC can be one of CK, IK, and KI or it Any combination of them and RAND perform algorithm calculation to generate SKEY.
  • the mobile terminal in step 205 also performs corresponding algorithm calculation on one of CK, IK and KI or any combination thereof and RAND to generate SKEY.
  • step 202 the mobile terminal can directly send RAND to the HLR/AUC without including the RAND in the set SKEY command.
  • the mobile terminal can also self-produce SKEY after sending the SKEY command, without waiting for the response of the HLR/AUC, that is, the HLR/AUC does not need to send the SKEY setting success command to the mobile terminal, but is moved by the mobile terminal.
  • the terminal and HLR/AUC are automatically set to SKEY.
  • the mobile terminal can first send the KEY according to the RAND, and then send the RAND to the HLR/AUC, and the HLR/AUC generates the SKEY after receiving the RAMD.
  • various SKEY setting modes can be pre-protected in the mobile terminal and the network device, and a SKEY setting mode is established for each setting mode.
  • the mobile terminal may select one of a plurality of setting modes in advance, and send a setting mode flag corresponding to the selected setting mode to the HLR/AUC by setting a SKEY command, and the HLR/AUC uses the setting mode flag.
  • the corresponding SKEY setting method generates SKEY.
  • the mobile terminal after receiving the SKEY A function command from the HLR/AUC, the mobile terminal also uses the same setting method selected by itself to generate the SKEY, thereby ensuring the consistency of the SKEY generated on both sides.
  • the HLR/AUC can further check whether the SKEY_ is a weak key. If yes, the mobile terminal is notified, for example, a key setting failure command is sent to the mobile terminal, and the reason for the failure is a weak key. After the mobile terminal receives the key to the key setting failure command, the RAND is regenerated and resent. RAND, HLR/AUC then regenerate SKEY according to the new RAND until the SKEY is checked to be not a weak key. If the SKEY is not a weak key, it sends a key setting to the mobile terminal. Command.
  • the mobile terminal can also determine for itself whether the SKEY is a weak key. If yes, regenerate RAND and regenerate a new SKEY based on RAND until the SKEY is checked for a weak key. The new RAND is then sent to the HLR/AUC, which generates the SKEY based on the RAND.
  • both the mobile terminal and the HLR/AUC perform weak key check, and any one of them needs to regenerate RAND when it detects that the generated key is a weak key.
  • the mobile terminal may also generate the SKEY first, and then send the RAND to the network device. After receiving the RAND, the network device generates the SKEY by itself, and no longer needs to return the SKEY setting success command to the mobile terminal.
  • Fig. 3 shows a third embodiment of the present invention in which it is not necessary to generate RAND, but the SKEY is generated directly based on the respective related information currently known. The specific process is shown in Figure 3.
  • a set SKEY command is first sent by the mobile terminal to the HLR 7AUC.
  • the SKEY command can be forwarded through the MSC/VLR in the mobile communication network, that is, the mobile terminal sends a SKEY command to the MSC/VLR, and then the MSC/VLR sends the command from the mobile terminal to the HLR/AUC 0.
  • step 302 after receiving the command, the HLR/AUC generates SKEY using one of CK, IK, and KI, or any combination thereof.
  • step 303 after generating the SKEY, the HLR/AUC sends a SKEY setting success command to the mobile terminal indicating that the HLR/AUC has successfully set the SKEY.
  • the 'SKEY setting success command here' can also be forwarded through the MSC/VLR.
  • step 304 after receiving the SKEY setting success command, the mobile terminal generates SKEY by using a generation method corresponding to the network device, that is, generating SKEY by using one of CK, IK, and KI or any combination thereof.
  • the HLR/AUC in step 302 can directly use one of CK:, D or KI as the SKEY.
  • the mobile terminal directly uses one of CK, IK or KI as the SKEY.
  • the HLR/AUC may perform an algorithmic calculation on one of CK, IK, and KI, or any combination thereof, to generate an SKEY, in which case the mobile terminal in step 304 also has one of CK, IK, and KI or Any combination of them performs a corresponding algorithm calculation to generate SKEY.
  • the mobile terminal may also generate the SKEY by itself after sending the SKEY command, without waiting for the response of the HLR/AUC, that is, the HLR/AUC does not need to send the SKEY setting success command to the mobile terminal, but by the mobile terminal.
  • the mobile terminal can be SKEY, and then the SKEY command is sent to the HLR/AUC, and the HLR/AUC generates the SKEY after receiving the command.
  • various SKEY setting modes can be pre-stored in the mobile terminal and the network device, and a SKEY setting mode flag is established for each setting mode.
  • the mobile terminal may select one of a plurality of setting modes in advance, and send a setting mode flag corresponding to the selected setting mode to the HLR/AUC by setting a SKEY command, and the HLR/AUC uses the setting mode flag.
  • the corresponding SKEY setting method is used to generate SKEY.
  • the mobile terminal after receiving the SKEY success command from HLR/AUC, the mobile terminal also uses the same setting method selected by itself to generate SKEY, thus ensuring the consistency of SKEY generated on both sides.
  • the HLR/AUC can further check whether the SKEY is a weak key. If yes, the mobile terminal is notified that both parties regenerate the SKEY until the SKEY is checked to be not a weak key. If the SKEY is checked not to be a weak key, subsequent processing is performed. In addition, it can be understood that the mobile terminal can also determine for itself whether the SKEY is a weak key. If yes, both parties regenerate SKEY until the SKEY is checked. Check is not a weak key.
  • Fig. 4 shows a fourth embodiment of the invention.
  • the mobile terminal sends a Set SKEY command to the HLR/AUC.
  • the SKEY command can be forwarded through the MSC/VLR in the mobile communication network, that is, the mobile terminal sends a SKEY command to the MSC/VLR, and then the MSC/VLR sends the command from the mobile terminal to the HLR/AUC 0.
  • the HLR/AUC uses the CK, IK, and KI, or any combination thereof, to generate the SKEY.
  • step 403 after generating the SKEY, the HLR/AUC encrypts the SKEY by CK to form a ciphertext of the SKEY.
  • the HLR/AUC sends the SKEY ciphertext to the mobile terminal.
  • step 405 after receiving the SKEY ciphertext, the mobile terminal decrypts the SKEY ciphertext by using its own CK to obtain the plaintext of the SKEY.
  • the HLR/AUC in step 402 can also generate the SKEY by other methods, which is not limited by the present invention. Regardless of the method used to generate the SKEY, as long as the SKEY is encrypted to obtain the ciphertext and the ciphertext is transmitted to the mobile terminal, the mobile terminal decrypts the ciphertext to obtain the SKEY plaintext, which belongs to the embodiment of the fourth embodiment of the present invention. .
  • Fig. 5 shows a fifth embodiment of the present invention.
  • the mobile terminal generates a SKEY using one of CK, I, and KI, or any combination thereof.
  • step 502 the mobile terminal encrypts the SKEY with its own CK to form a ciphertext of the SKEY.
  • step 503 the mobile terminal sends the SKEY ciphertext to the HLR/AUC.
  • step 504 the HLR/AUC uses its own CK pair after receiving the SKEY ciphertext.
  • the SKEY ciphertext is decrypted to obtain the plaintext of SKEY.
  • the mobile terminal in step 501 can also be generated by other methods.
  • SKEY the present invention does not limit this. No matter what method is used to generate SKEY, as long as The SKEY is encrypted to obtain the ciphertext and the ciphertext is transmitted to the network device, and the network device decrypts the ciphertext to obtain the SKEY plaintext, which is an embodiment of the spirit of the embodiment.
  • a plurality of SKEY i history modes can be pre-stored in the mobile terminal and the network device, and a SKEY setting mode flag is established for each setting mode.
  • the mobile terminal may select one of a plurality of setting modes in advance, and send a setting mode flag corresponding to the selected setting mode to the HLR/AUC by setting a SKEY command, and the HLR/AUC uses the SKEY setting mode corresponding to the setting mode flag. To generate SKEY.
  • the setting method can also be selected and transmitted to the mobile terminal by the HLR/AUC.
  • the mobile terminal or HLR/AUC that first generates the SKEY it can be further checked whether the SKEY is a weak key. If so, regenerate the SKEY until the SKEY is checked for a weak key. For example, when it is checked that the generated SKEY is a weak key, a setting method can be replaced to regenerate the SKEY.
  • the above various methods may further include setting a SKEY startup flag SFLAG. For example, when SFLAG is 1, it indicates that the terminal security function is activated. When SFLAG is 0, the terminal security function is turned off. HLR/AUC and the mobile terminal can set SFLAG to 1 after setting the key SKEY. Of course, you can also disable the terminal security function by setting SKEY to 0. When SKEY is not 0, it indicates that the terminal security function is enabled. In practice, an open/close command can be set to set the value of SFLAG, or SKEY can be set to 0 by setting the clear SKEY setting to achieve the purpose of turning off the terminal security function.
  • the setting information can be used to determine the parameter information used when generating SKEY. For example: only CK and only ⁇ , only RAND and CK, only CK and IMSI, only KI and SKEY, and KI and RAND and IMSI, etc. Wait.
  • the setting information can also be used to determine the algorithm information used when generating the SKEY, that is, the different calculations used to generate the SKEY are determined by different setting methods. Law. For example, the ciphertext is obtained by CK encryption IMSI as SKEY, or the IMS is digested by IK to obtain a digest as SKEY, and so on.
  • the mobile terminal user card feature information such as the MSI information, the user card electronic serial number ESN, or the mobile terminal feature may be further considered in the calculation.
  • Information such as IMEI information, mobile terminal electronic serial number ESN, or both user card feature information and mobile terminal feature information.
  • the mobile terminal when the mobile terminal calculates the SKEY, it can be completely calculated by the mobile terminal program. At this time, the mobile terminal program should have the corresponding algorithm computing capability; or the calculation can be performed entirely in the user card, that is, the mobile terminal will
  • the information such as RAND is transmitted to the user card, and the user card calculates according to the information of CK, IK, KI, etc., and transmits the obtained SKEY to the mobile terminal program; of course, the user card and the mobile terminal program can also perform correspondingly Calculate to get SKEY.
  • the steps of generating the SKEY by the network device are respectively implemented by the user card and the mobile terminal program, thereby obtaining the SKEY corresponding to the SKEY generated by the network device.
  • the step of synchronizing the terminal authentication sequence number msSQN may be further added after the mobile terminal and the network device have set the SKEY.
  • the msSQN may be determined by the network device, and the msSQN is transmitted to the mobile terminal, and then the mobile terminal saves the msS.QN received from the network device, thereby implementing synchronization of the msSQN.
  • the network device and the mobile terminal respectively update their own msSQN, for example, the current value is set to a protocol agreed value, such as 1, and so on, thereby implementing synchronization of the msSQN.
  • the mobile terminal determines the msSQN. value in advance, and adds the msSQN information to the SKEY setting command sent to the network device, and the network sets the msSQN received from the mobile terminal to implement synchronization of the msSQN.
  • the HLR/AUC can generate a security key based on the newly set security key.
  • the authentication set used for the right, and the authentication set is sent to the MSC/VLR.
  • the MSC/VLR saves the authentication set after receiving the authentication set, so that the authentication set can be used to implement subsequent authentication. Since the subsequent authentication processing is not the scope of the present invention, a detailed description thereof is omitted here.
  • the HLR/AUC may also delete the end user related information from the MSC/VLR in which the terminal roams. In this way, when the mobile terminal authenticates, the MSC/VLR actively requests the HLR/AUC to send the authentication set. At this time, the HLR/AUC can send the authentication authentication set generated by using the newly set security key to the MSC/VLR. Thus, the purpose of updating the authentication set of the mobile terminal in the MSC/VLR is achieved indirectly.
  • SKEY For the generation of SKEY, you can learn from the KI information stored in the SIM card or USM card.
  • the security terminal When the user first starts the terminal security function, the security terminal generates a RAND, submits it to the SIM or USM card, and the SM or USM card uses KI and RAKD.
  • the algorithm saved by itself calculates SRES, which can be used as SKEY.
  • HLR/AUC uses KI and RAND to calculate SRES using its own saved algorithm. This SRES can be used as the SKEY corresponding to the terminal stored on the network side.
  • the mobile terminal can provide an interface to the client to activate, cancel the terminal security function or update the SKEY. After the user enters the corresponding startup password, the mobile terminal can initiate a message to the network, cancel the security function, or update the SKEY. The update SKEY is actually included in the startup terminal security process, and nothing special.
  • the message flow of the mobile terminal to start and cancel the terminal security function is shown in Figure 6.
  • the message can be carried over the USSD, so there will be no new requirements for the MSC supporting the USSD function.
  • the UE indicates whether to activate or deactivate the security function in the UE_Security_Request message (the function of updating the SKEY may be included in the startup function), and if the security function is started, the number of tracers generating the SKEY (RA D1 ) needs to be carried in the message.
  • the MSC does not process any messages related to this and transparently transmits it to the HLR.
  • the HLR After receiving the message, the HLR initiates a UE-Security-Auth-Req message carrying the random number RA D2.
  • the UE When receiving the UE-Security_Auth-Req message, the UE calculates SRES2 according to the KI in RAND2 and SM USIM, and sends SRES2 to the HLR in the UE-Security_Autli_Rsp message.
  • the HLR When the HLR receives the UE_Security_Auth-Rsp message, it verifies that the SRES2 is legal. If it is legal, the HLR performs corresponding processing according to the indication in the UE_Security_Request message. If the UE is in the Security-Request message, it is a request to start the security function. Use the RAND1 in the message to generate the SKEY, and save it in the user data, and then send back the UE_Security_ Response message indicating "Start security function succeeded"; If the UE-Security-Request message is "Cancel security function", delete the corresponding user SKEY of the data, loopback UE—Security—The Response message indicates “cancel the security function successfully”. If the HLR verifies that the SRES2 is invalid, it indicates in the UE-Security_Response message that the corresponding function requested by the UE fails.
  • the message should be canceled from the network side, or the above message can be used, but the sending direction is reversed.
  • the operator's customer service hotline confirms the legality of the user's identity through the carrier's customer service hotline, the user can initiate the operation of canceling the security function of the user terminal at the console.
  • the security terminal After the security terminal starts the security function, cancels the security function or updates the SKey, it needs the authentication vector in the new MSC/SGS.
  • the process of updating the authentication vector can be completed by the HLR and the security terminal. Updating the authentication vector can borrow the Cancel Location and Attach procedures already defined in 3GPP, as shown in Figure 8.
  • the HLR finds that after successfully starting, canceling the terminal security function or updating the SKey, the HLR Send a Cancel Location message to the MSC/SGSN, and set the Cancellation Type in the message to "Subscription Withdraw". At this time, the MSC/SGSN will immediately delete the context information of the relevant user.
  • the security terminal After receiving the Detach Request message sent by the MSC/VLR, the security terminal sends a Detach Accept message. If the security terminal finds that the security function state has changed at this time (for example, from a security state to a non-secure state, or from a non-secure state to a security state, or an SKey update is performed), an attach procedure is automatically initiated; Otherwise, it will be processed as specified in the agreement.
  • the MSC/SGS After receiving the attach request of the secure terminal again, the MSC/SGS will go to the HLR to obtain the subscription and authentication data, thereby completing the update of the authentication data.
  • the non-secure terminal will continue to use the user card to check the network. Right, at this time, the authentication between the user card and the network will not pass. At this time, the MSC will transmit the authentication failure report to the HLR. The HLR will close the security function set for the original security terminal and restart the user card. The authentication process, and update the authentication set in the MSC/VLR, at this time, the non-secure terminal can pass the normal authentication.
  • the HLR will close the security function set for the original security terminal and restart the user card.
  • the above authentication set may also be referred to as an authentication tuple, and may also be referred to as an authentication vector.
  • the SRES and XRES generated by the mobile terminal indicate that the mobile
  • the response value generated by the terminal in response to the network authentication of the mobile terminal or the user card may be different in 3G and 2G, but the actual meaning of the response value is used for the network to the terminal or the user.
  • the purpose of card authentication is unchanged. Therefore, in some cases, SRES can be written as XRES, or XRES can be written as SRES.
  • the above MSC/VLR is circuit i or device.
  • ⁇ "the MSC/VLR device should be the SGSN.
  • the mobile terminal can secure its own security by performing authentication on the network, thereby indirectly achieving the anti-theft purpose. Specifically, the following embodiments are included.
  • step 901 the mobile terminal first saves an SKEY, where the SKEY is the same as the SKE ⁇ stored on the network device side corresponding to itself.
  • step 902 after receiving the authentication information from the network device side, the mobile terminal determines whether the authentication of the network is passed according to the authentication information and the SKEY saved by itself. If yes, the mobile terminal can access the network normally in step 903. If it does not pass, it determines its own method and stops its normal use in step 904.
  • Stopping your normal use here may not allow you to access the network, or directly power off or shut down, etc., and you can also send a short message to inform relatives or friends or security agencies.
  • Fig. 10 shows a second embodiment of the authentication process.
  • the mobile terminal first saves a SKEY, where the SKEY is consistent with the SKEY of the network device side corresponding to its own SKEY.
  • the terminal and the network side respectively store a pair of symmetric keys, which are usually the same for symmetric keys.
  • step 1002 after receiving the RAND and ⁇ UTN from the MSC/VLR, the mobile terminal calculates a MAC value according to its SKEY and the received RAND, SQ, and compares the calculated MAC value with the MAC value in the AUTN. Is it consistent, if Inconsistent, it is determined in step 1003 that the authentication of the network fails; otherwise, it is determined in step 1004 whether the AUTN is acceptable. If yes, it is determined in step 1005 that the authentication of the network is successful, otherwise in step 1006, the SQN synchronization command is initiated to the network. .
  • step 1004 it is determined whether the AUTN is acceptable or not by determining the SQN therein.
  • the mobile terminal and the network side pre-store a synchronized SQN.
  • the terminal determines whether the AUTN can be determined by comparing whether the SQN in the saved SQN and the AUTN meets the predetermined condition.
  • the predetermined condition may be that the difference between the SQN in the AUTN and the SQN saved by the mobile terminal itself is within a predetermined range. If the mobile terminal judges that the difference between the SQN in the AUTN and the self-saved SQN is within the predetermined range, it is determined that the AUTN is acceptable, otherwise it is determined that the AUTN is unacceptable.
  • the mobile terminal After the mobile terminal determines that the authentication of the network is passed, it updates the saved SQN by using the SQN in the received AUTN.
  • the AMF is further considered in step 1002, for example, using its own SKEY, received RAND, SQN, and AMF to generate a MAC value, where SQN and AMF are carried in the AUTN.
  • step 1002 a step of determining whether to perform authentication on the network according to SKEY may be further included. If yes, step 1002 is performed; otherwise, the step of authenticating the network according to SKEY is not performed, that is, according to the existing process.
  • the RAND and the AUTN are sent to the user card, and the user card authenticates the network.
  • the SQN here can use the same SQN as the prior art, that is, the SQN for user card authentication, that is, the SQN corresponding to the network and the user card.
  • the present invention additionally provides a separate SQN dedicated to mobile terminal authentication, and the mobile terminal and the HLR/AUC also perform synchronization processing on the SQN.
  • the SQN and user cards are saved separately.
  • the SQN can take the same value.
  • Fig. 11 shows a third embodiment of the authentication process.
  • step 1101 first, a SKEY corresponding to the authentication of the mobile terminal is saved in the device and the mobile terminal.
  • the SKEY saved by the network side device may be the SKEY corresponding to the mobile terminal feature information, or may be corresponding.
  • the SKEY is saved by the IMSI of the user card.
  • the network side device can also save the SKEY according to the user's mobile terminal number MSISDN.
  • step 1102 the network device first generates an RAND when generating authentication information for a mobile terminal.
  • step 1103 the network device generates authentication information using the SKEY and the generated RAND corresponding to the mobile terminal.
  • the network device transmits the authentication information to the corresponding mobile terminal.
  • step 1105 after receiving the authentication information from the network device side, the mobile terminal determines whether the authentication of the network is passed according to the authentication information and the SKEY saved by itself, and the result is passed. In step 1106, the network can be normally accessed. If not, the normal access to the network is not allowed in step 1107.
  • the SQN saved by itself is updated using the received AUTN.
  • Fig. 12 shows a fourth embodiment of the authentication process.
  • step 1201 the SKEY corresponding to the authentication of the mobile terminal is first saved in the HLR/ATJC and the mobile terminal.
  • the HLR 7AUC generates a RAMD using its own random number generator.
  • the HLR/AUC calculates XRES, CK, and IK using its own stored authentication key (KI) and its own generated RAND.
  • the HLR/AUC generates a MAC using the SKEY "and RAND and SQN of the corresponding mobile terminal stored in advance.
  • the SQN here is currently known, for example, pre-set.
  • the HLR/AUC combines the MAC and the known SQN into an AUTN.
  • the AMF is further considered in step 1204, such as generating a MAC using SKEY, RAND, SQN, and AMF, where the AMF is also preset.
  • AMF is further considered in step 1205, that is, the MAC, SQN, and AMF are collectively combined into an AUTN.
  • the HLR/AUC groups RAND, AUTN, XRES CK, and IK into an authentication set.
  • the HLR/AUC sends the authentication set to the MSC/VLR.
  • step 1208 during authentication, the MSC/VLR extracts RAND and AUTN in the corresponding authentication set of the mobile terminal, and sends the authentication information to the mobile terminal as the authentication information of the present invention.
  • This step may be started by the mobile terminal sending a trigger message to the network side.
  • the MSC/VLR initiates an answer request to the terminal, for example, when the mobile terminal starts to log in to the network, the MSC/VLR initiates an authentication request to the terminal.
  • This step may be initiated by the network side. For example, when the mobile terminal does not initiate a related request for a long time, the network side initiates an authentication process.
  • step 1209 after receiving the RAND and AUTN from the MSC/VLR, the mobile terminal calculates a MAC value according to its own S EY and the received RAND and SQN, and compares the calculated MAC value with the MAC value in the AUTN. If they are inconsistent, if they are inconsistent, it is determined in step 1210 that the authentication of the network fails; otherwise, in step 1211, it is determined whether the AUTN is acceptable. If yes, it is determined in step 1212 that the authentication of the network is successful; otherwise, if not acceptable, Then in step 1213, the mobile terminal initiates an SQ synchronization command to the network.
  • determining whether the AUTN is acceptable may be implemented by determining whether the SQN in the AUTN and the SQN saved by itself satisfy a predetermined condition, and if so, determining AUTN is acceptable, otherwise it is determined that AUTN is unacceptable.
  • the predetermined condition may be that the difference between the SQN in the AUTN and the SQN saved by itself is within a predetermined range.
  • step 1213 the mobile terminal sends a synchronization command of the synchronous SQN to the network side, and synchronizes the terminal and the SQN corresponding to the network through the synchronization process.
  • the SQN synchronization process refer to the description of the SQN synchronization in the prior art, and refer to the related protocol of the 3GPP 33.102/29.002, and details are not described herein again.
  • the SQN saved by the received AUTN is used to update the saved SQN.
  • the AMF is further considered in step 1209, for example, using its own SKEY, the received RAND, the SQN, and the AMF to generate a MAC value, where the SQN and the AMF are carried in the AUTN.
  • the foregoing describes the processing of authenticating the network by the mobile terminal of the present invention.
  • the present invention may further include the process of authenticating the mobile terminal by the network, that is, after step 1212, continuing to perform subsequent authentication of the terminal by the network. step.
  • steps 1301-1313 and steps 1201-1213 are identical, and the description will not be repeated.
  • the mobile terminal transmits RAND to the user card.
  • the user card generates XRES, CK, and IK using its own KI and the received RAND.
  • the user card transmits the generated XRES to the mobile terminal.
  • the mobile terminal transmits the XRES received from the subscriber card to the MSC/VLR.
  • the MSC/VLR compares whether the XRES received from the mobile terminal and the corresponding authentication set XRES of the mobile terminal received from the HLR/AUC are consistent. If they are consistent, it is determined in step 1319 that the network authenticates the mobile terminal; otherwise, in step 1320, it is determined that the network failed to authenticate the mobile terminal.
  • the mobile terminal in order to be compatible with the existing processing, the mobile terminal can transmit the AUTN while transmitting the RAND, so that the user card can further authenticate the network according to the AUTN and its own KI.
  • the mobile terminal can set the AUTN sent to the user card to a special value indicating that the mobile terminal authenticates the network, and the user card only uses KI and RAND after determining that the AUTN is the special value.
  • XRES, CK, and IK and no longer authenticate the network based on AUTN and KI.
  • the mobile terminal before the mobile terminal sends the XRES received from the user card to the MSC/VLR, it can determine whether the network is a second generation mobile communication network. If yes, the mobile terminal can derive the second according to XRES, CK, IK, etc. SRES2g (Signed Response Symbol Response) and KC2g (Cipher Key) are used to authenticate the network, and the generated SRES2g is used instead of XRES to transmit to the MSC/VLR, and KC2g and the network side are used for encryption and decryption of related communication.
  • SRES2g Signed Response Symbol Response
  • KC2g Cipher Key
  • the relevant derivation method has suggestions in the relevant protocols in the existing 3GPP, and will not be described here.
  • XRES, CK, IK can also be generated by SKEY and RAND, and in this case, the sixth embodiment as shown in Fig. 14 is proposed.
  • step 1401 the SKEY corresponding to the mobile terminal authentication is first saved in the HLR/AUC and the mobile terminal.
  • step 1402 HL /AUC uses its own random number generator to generate a RAND.
  • step 1403 the HLR/AUC calculates XRES, CK, and IK using the pre-stored SKEY of the corresponding mobile terminal and the RAND generated by itself.
  • the HLR/AUC generates a MAC using the SKEY and RAND and SQN of the corresponding mobile terminal stored in advance.
  • the SQN here is currently known, such as pre-set Set it up.
  • HL /AUC combines the MAC and the known SQN into AUTO.
  • the AMF is further considered in step 1404, such as using SKEY, RA D SQN, and AMF to generate the MAC, where the AMF is also pre-set.
  • AMF is further considered in step 1405, that is, the MAC, SQN, and AMF are combined into an AUTN.
  • the HLR/AUC groups RAND, AUTN, XRES, CK, and IK into an authentication set.
  • the HLR/AUC sends the authentication set to the MSC/VLR.
  • step 1408 during authentication, the MSC/VLR extracts the RAND and the AUTN in the corresponding authentication set of the mobile terminal, and sends the authentication information to the mobile terminal as the authentication information of the present invention.
  • step 1409 after receiving the RAND and AUTO from the MSC/VLR, the mobile terminal calculates a MAC value according to its SKEY and the received RAND and SQN, and compares the calculated MAC value and the MAC value in the AUTN. Consistently, if not, it is determined in step 1410 that the authentication of the network fails; otherwise, in step 1411, it is determined whether the AUTN is acceptable. If yes, it is determined in step 1412 that the authentication of the network is successful; otherwise, in step 1413, the mobile terminal proceeds to The network initiates an SQN synchronization command.
  • determining whether the AUTN is acceptable may be implemented by determining whether the SQN in the AUTN and the SQN saved by itself satisfy a predetermined condition. If the predetermined condition is met, determining that the AUTN is acceptable, otherwise determining that the AUT is unreachable' Accepted.
  • the predetermined condition may be that the difference between the SQN in the AUTN and the self-saved SQN is within a predetermined range. ⁇
  • the mobile terminal determines that the SQN is unacceptable, the mobile terminal sends an SQN unacceptable command to the network side, for example, initiates a synchronous SQN synchronization command, and synchronizes the terminal with the corresponding SQN saved by the network through the synchronization process.
  • the SQN saved by the received AUTN is used to update the saved SQN.
  • the AMF is further considered in step 1409, for example, using its own SKEY, received RAND, SQN, and AMF to generate a MAC value, where SQN and AMF are carried in the AUTO.
  • the mobile terminal generates XRES, CK, and IK using its own SKEY and the received RAND. Send the XRES generated by yourself to the MSC/VLR.
  • step 1415 the MSC/VLR compares whether the XRES received from the mobile terminal and the corresponding authentication set XRES of the mobile terminal received from the HLR/AUC are consistent. If they are consistent, it is determined in step 1416 that the network authenticates the mobile terminal; otherwise, in step 1417, it is determined that the network failed to authenticate the mobile terminal.
  • the network device such as the MSC/VLR
  • the MSC/VLR may send authentication information such as RAND and AUTN to the mobile terminal through an authentication command at a time, and in the second generation mobile communication network, the MSC/VLR may need to pass two or more times.
  • the authentication information such as RAND and AUTN is sent to the mobile terminal through the authentication command of the second generation network.
  • the authentication failure report may be further notified to the MSC/VLR, and the MSC/VLR notifies the HLR/AUC of the authentication failure report.
  • the HLR/AUC After receiving the terminal authentication failure report reported by the MSC/VLR, the HLR/AUC sets the terminal to an insecure state, that is, turns off the security function of the terminal, that is, generates an authentication set according to a normal non-security setting manner. That is, reusing KI completely replaces SKEY to generate an authentication set, and updates the authentication set in the MSC/VLR.
  • the non-secure terminal when a user card used in a secure terminal is inserted into a non-secure terminal, the non-secure terminal notifies the HLR/AUC via the MSC/VLR, and the HLR/AUC closes the security of the corresponding terminal. After the function, the authentication set is regenerated, and the authentication set in the MSC/VLR is updated, so that the non-secure terminal can pass the network authentication at the next authentication.
  • the above authentication set may also be referred to as an authentication tuple or an authentication vector.
  • the SRES and XRES generated by the mobile terminal indicate the response value generated by the mobile terminal in response to the network authentication of the mobile terminal or the user card.
  • the algorithm for generating the response value may be different.
  • its practical significance as a response value is that the purpose for the network to authenticate the terminal or user card is unchanged. Therefore, in some cases, you can write SRES as XRES or XRES as SRES.
  • the above MSC/VLR device is a circuit domain device, and for a packet domain network, the corresponding MSC/VLR device may be an SGSN.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A method of setting security key in a mobile communication network includes at least the steps of generating a random number by a mobile terminal or network equipment, then transmitting the random number to the other party, and respectively setting the security key based on the random number in corresponding manner by the network equipment and mobile terminal. Alternatively, the mobile terminal sets the security key and transmits setting-security-key command to the network equipment; and, the network equipment generates the security key in the same manner as that of mobile terminal after receiving the setting-security-key command.

Description

安全密钥的设置方法  Security key setting method
技术领域 Technical field
本发明涉及信息安全技术, 具体涉及移动通信网络中的安全密钥设 置方法。 发明背景  The present invention relates to information security technologies, and in particular to a security key setting method in a mobile communication network. Background of the invention
目前的移动终端大多数采用机卡分离的方式, 也就是移动终端本身 和保存了用于险证无线网络用户的信息的用户卡是两个独立的部分, 在 使用时将它们结合在一起即可。 目前的用户卡主要是用于无线通信系统 中的用户标识模块卡, 例如全球移动通信 ( GSM )系统的用户标识模块 ( SM )卡、通用移动通信系统( UMTS )的 USIM卡、码分多址( CDMA ) 通信系统的 UIM卡等等。这种方式具有 4艮多突出的优点,例如用户想更 换一个移动终 '端的话, 只需要购买一个新的移动终端并且将原有的 SIM 卡插入到新的移动终端即可, 这样, 由于用户的信息不需要改变, 因此 用户也不需要向通信运行商办理任何更换移动终端的手续。 这种方式还 有一个更加突出的优点是, 移动通信运营商开展移动业务比如放号等工 作可以和移动终端的销售工作艮好地分离开来, 从而便于移动业务的开 展, 以及终端销售的相对独 :, 给移动业务营运和终端销售带来很大的 灵活性。  Most of the current mobile terminals adopt the method of separating the card, that is, the mobile terminal itself and the user card storing the information for the wireless network user of the danger certificate are two independent parts, and they can be combined at the time of use. . The current user card is mainly used for the subscriber identity module card in the wireless communication system, such as the subscriber identity module (SM) card of the Global System for Mobile Communications (GSM) system, the USIM card of the Universal Mobile Telecommunications System (UMTS), and code division multiple access. (CDMA) Communication system UIM card and so on. This method has the advantage of more than 4 points. For example, if the user wants to replace a mobile terminal, he only needs to purchase a new mobile terminal and insert the original SIM card into the new mobile terminal. The information does not need to be changed, so the user does not need to go through any formalities for changing the mobile terminal to the communication carrier. Another advantage of this method is that mobile communication operators can perform mobile services such as number-release work and can be separated from the sales of mobile terminals, thus facilitating the development of mobile services and the relative sales of terminals. Independent: Brings great flexibility to mobile business operations and terminal sales.
但是采用机卡分离方式给用户带来极大方便的同时, 也导致移动终 端被盗和被抢现象时有发生。 因为在机卡分离方式下, 只要在所盗抢的 移动终端上换上一个新的 SM卡就可以毫无障碍地使用。这样盗贼可以 将所盗抢的移动终端再销售出去从而获利。 这样, 用户不但经济利益受 到损失, 而且还需要去通信运营商处办理一系列手续, 例如更改签约数 据, 给用户带来了很大的不便, 同时, 移动终端的丟失, 用户保存在移 动终端里的常用信息, 比如号码簿记录等等也会丟失, 将给用户日常生 活和工作造成 [艮大的影响。 However, the use of the machine card separation method brings great convenience to the user, and also causes the mobile terminal to be stolen and robbed. Because in the machine card separation mode, as long as a new SM card is replaced on the stolen mobile terminal, it can be used without any hindrance. In this way, the thief can resell the stolen mobile terminal for profit. In this way, the user not only loses economic benefits, but also needs to go through a series of procedures at the communication operator, such as changing the number of contracts. According to the user, it brings great inconvenience to the user. At the same time, the loss of the mobile terminal, the common information that the user saves in the mobile terminal, such as the directory record, etc., will also be lost, which will cause the user's daily life and work [艮大Impact.
为了解决移动终端容易被盗抢的问题, 一种比较常用的方法是在移 动终端上设置密码保护。 例如在移动终端上设置开机密码, 每次开机时 都需要输入正确的开机密码, 移动终端才能执行向网络注册等后续操 作。 如果开机密码输入不正确 , 该移动终端就不能正常使用。 这样盗贼 即使得到了用户的移动终端 , 也会因为不能输入正确的密码而不能使用 和销售。 因此, 这种方法在一定程度上解决了移动终端容易被盗抢的问 题。 但是, 对于这一种方法而言, 合法用户在每次开机时也需要输入密 码, 将给合法用户带来非常大的麻烦。 因此, 目前 4艮多用户因为觉得这 样每次输入开机密码太麻烦而没有设置这样的开机密码, 使得这种解决 方法难以被用户接受并得到实际的应用 , 从而并不能从根本上解决移动 终端容易被盗抢的问题。  In order to solve the problem that the mobile terminal is easily stolen, a more common method is to set password protection on the mobile terminal. For example, if the power-on password is set on the mobile terminal, the correct power-on password needs to be input every time the power is turned on, and the mobile terminal can perform subsequent operations such as registering with the network. If the power-on password is not entered correctly, the mobile terminal cannot be used normally. In this way, even if the thief gets the user's mobile terminal, it cannot be used and sold because the correct password cannot be entered. Therefore, this method solves the problem that the mobile terminal is easily stolen to some extent. However, for this method, the legitimate user needs to input the password every time the computer is turned on, which will bring great trouble to the legitimate user. Therefore, at present, more than 4 users feel that it is too troublesome to input the power-on password every time and does not set such a power-on password, making this solution difficult for the user to accept and get the actual application, so that the mobile terminal cannot be fundamentally solved. The problem of being stolen.
还有一种解决方法是建设大量的设备标识寄存器 (EDO设备, 并 将那些被盗移动终端的国际移动设备标识( MEI )放入相应的 EIR的黑 名单中。 这样, 移动终端在每次开机登录网络时, 将其 IMEI上报给网 络, 相关网络设备都需要到 EIR设备中检查该移动终端所对应的 MEI 是否被加入到黑名单中,如果在黑名单中发现了该移动终端的 MEI, 网 络认为该移动终端为被盗终端, 该移动终端的用户为非法用户, 从而拒 绝其网络业务。 这样盗贼同样会因为所得到的移动终端不能再次使用而 不能从中获利, 从而可以从根本上解决移动终端容易被盗抢的问题。 但 是这种方法需要建设大量的 EIR设备, 需要增加网络设备的建设, 既增 加了网络运营商的成本, 同时也给网络运营商带来不便。 另外, 通过更 改移动终端程序,使移动终端在向网络上报 MEI时,上报一个假 IMEI, 从而欺骗了网絡, 使网络不能判断该移动终端是否为被盗终端。 Another solution is to build a large number of device identification registers (EDO devices, and put the international mobile device identity (MEI) of the stolen mobile terminal into the corresponding EIR blacklist. Thus, the mobile terminal logs in every time. In the network, the IMEI is reported to the network, and the related network device needs to go to the EIR device to check whether the MEI corresponding to the mobile terminal is added to the blacklist. If the MEI of the mobile terminal is found in the blacklist, the network considers The mobile terminal is a stolen terminal, and the user of the mobile terminal is an illegal user, thereby rejecting the network service. The thief can also profit from the obtained mobile terminal because it cannot be used again, thereby fundamentally solving the mobile terminal. It is easy to be stolen. However, this method requires the construction of a large number of EIR equipment, which requires an increase in the construction of network equipment, which increases the cost of the network operator and also causes inconvenience to the network operator. In addition, by changing the mobile terminal The program causes the mobile terminal to report a fake IMEI when reporting the MEI to the network. Thereby, the network is deceived, so that the network cannot judge whether the mobile terminal is a stolen terminal.
在目前有些移动通信网络, 如第三代移动通信网絡的通用移动通信 系统(UMTS ), 所使用的鉴权方法中, 用户卡可以对移动通信网络进行 鉴权, 当鉴权成功后, 用户卡可以正常使用, 而当鉴权失败后, 用户卡 不能在移动通信网络中正常使用。 但是这种方法只能解决移动终端中用 户卡安全性问题, 而不能解决移动终端本身防盗的问题。 例如, 盗贼盗 抢了合法用户的移动终端之后, 可以将合法用户的用户卡更换为自己的 用户卡, 这样在现有的鉴权方法中该用户卡将会鉴权成功 , 这样盗贼依 然可以使用该盗抢的移动终端而不能禁止被盗移动终端继续使用, 从而 不能达到对移动终端进行防盗的作用。 而第二代移动通信网络也不支持 机卡分离的终端对网络鉴权, 因此, 也不能解决防盗问题。  In some current mobile communication networks, such as the Universal Mobile Telecommunications System (UMTS) of the third generation mobile communication network, the user card can authenticate the mobile communication network, and after the authentication succeeds, the user card It can be used normally, and after the authentication fails, the user card cannot be used normally in the mobile communication network. However, this method can only solve the problem of user card security in the mobile terminal, and cannot solve the problem of theft of the mobile terminal itself. For example, after a thief steals a mobile terminal of a legitimate user, the user card of the legitimate user can be replaced with a user card, so that the existing authentication method can successfully authenticate the user card, so that the thief can still use the thief. The stolen mobile terminal cannot prohibit the stolen mobile terminal from continuing to use, so that the anti-theft function of the mobile terminal cannot be achieved. The second generation mobile communication network does not support the terminal authentication of the network separated by the machine card. Therefore, the anti-theft problem cannot be solved.
为了解决移动终端的防盗问题, 本申请人已经提出在通信网络和移 动终端中分别保存一个对应该移动终端的安全密钥 , 并利用该安全密钥 来进行移动终端对网络的鉴权, 从而可以彻底解决移动终端防盗的问 题。 但是目前在现有技术中还没有如何设置安全密钥的技术, 因此本申 请人继续提出一种安全密钥的设置方法。 发明内容  In order to solve the problem of anti-theft of the mobile terminal, the applicant has proposed to store a security key corresponding to the mobile terminal in the communication network and the mobile terminal, and use the security key to perform authentication on the network by the mobile terminal, thereby Completely solve the problem of anti-theft of mobile terminals. However, at present, there is no technology for setting a security key in the prior art, and therefore the applicant continues to propose a method of setting a security key. Summary of the invention
有鉴于此, 本发明的发明目的是提供一种移动通信网络中的安全密 钥设置方法, 以在移动通信网络的两个设备中设置相一致的安全密钥, 从而实现利用安全密钥进行鉴权的技术, 并因此提高移动终端的安全 性。  In view of the above, an object of the present invention is to provide a security key setting method in a mobile communication network to set a consistent security key in two devices of a mobile communication network, thereby implementing authentication using a security key. The technology of the right, and thus the security of the mobile terminal.
本发明的上述目的是通过如下的技术方案予以实现的:  The above object of the present invention is achieved by the following technical solutions:
一种移动通信网络中的安全密钥设置方法, 至少包括:  A security key setting method in a mobile communication network includes at least:
a. 生成一个随机数; ' b. 网络设备和移动终端根据该随机数按照相互匹配的方式设置安 全密钥。 a. Generate a random number; ' b. The network device and the mobile terminal set the security key according to the random number in a mutually matching manner.
其中步驟 a中所述生成随机数是由网络设备生成随机数。 此时步骤 b包括:  The generating the random number in step a is generating a random number by the network device. Step b at this point includes:
网络设备根据自己生成的随机数生成安全密钥;  The network device generates a security key according to the random number generated by itself;
网络设备将该随机数发送给移动终端;  The network device sends the random number to the mobile terminal;
移动终端根据接收自网络设备的随机数生成安全密钥。  The mobile terminal generates a security key based on the random number received from the network device.
步骤 a中所述生成随机数是由移动终端生成随机数, 此时步驟 b包 括:  The random number generated in step a is generated by the mobile terminal, and step b includes:
移动终端根据自己生成的随机数生成安全密钥;  The mobile terminal generates a security key according to the random number generated by the mobile terminal;
移动终端将该随机数发送给网络设备;  The mobile terminal sends the random number to the network device;
网络设备根据接收自移动终端的随机数生成安全密钥。  The network device generates a security key based on the random number received from the mobile terminal.
本发明还提供了一种移动通信网络中的安全密钥设置方法, 至少包 括:  The invention also provides a security key setting method in a mobile communication network, which at least comprises:
a. 移动终端向网络设备发送设置安全密钥命令;  a mobile terminal sends a set security key command to the network device;
b. 网络设备和移动终端按照相互匹配的方式生成安全密钥。  b. The network device and the mobile terminal generate a security key in a mutually matching manner.
其中步驟 b包括:  Where step b includes:
网络设备收到设置安全密钥命令后生成安全密钥, 然后向移动终端 发送安全密钥设置成功命令;  After receiving the setting security key command, the network device generates a security key, and then sends a security key setting success command to the mobile terminal;
移动终端在接收到安全密钥设置成功命令后, 按照和网络设备的安 全密钥生成方式相匹配的方式生成安全密钥。  After receiving the security key setting success command, the mobile terminal generates a security key in a manner that matches the security key generation mode of the network device.
该方法可以进一步包括在网络设备和移动终端中预先设置多种安全 密钥生成方式并分别建立设置方式标志, 所述网络设备和移动终端按照 相互匹配的方式设置安全密钥是根据该设置方式标志对应的设置方式 生成安全密钥。 该方法可以进一步包括: 移动终端从多种设置方式中选择一种设置 方式, 并将所选择的设置方式对应的设置方式标志通过所述设置安全密 钥命令发送给网络设备。 The method may further include pre-setting a plurality of security key generation modes in the network device and the mobile terminal, and respectively establishing a setting mode flag, where the network device and the mobile terminal set the security key according to the matching manner according to the setting mode flag. The corresponding setting method generates a security key. The method may further include: the mobile terminal selects one of the plurality of setting modes, and sends the setting mode flag corresponding to the selected setting mode to the network device by using the setting security key command.
该方法可以进一步包括: 网络设备从多种设置方式中选择一种设置 方式, 并将所选择的设置方式对应的设置方式标志通过一个安全密钥设 置成功命令发送给移动终端。  The method may further include: the network device selecting a setting mode from the plurality of setting modes, and transmitting, by the security key setting success command, the setting mode flag corresponding to the selected setting mode to the mobile terminal.
网络设备或移动终端生成安全密钥后可以进一步包括检查该安全密 钥是否是弱密钥的步驟, 并在判断安全密钥是弱密钥的情况下重新生成 安全密钥。  After the network device or the mobile terminal generates the security key, it may further comprise the step of checking whether the security key is a weak key, and regenerating the security key if it is determined that the security key is a weak key.
生成安全密钥是根据 CK、 IK和 KI中的一项或任意项的组合生成安 全密钥。并可以进一步根据移动终端用户卡的特征信息和 /或移动终端特 征信息来进行。  The security key is generated by generating a security key based on one or a combination of any of CK, IK, and KI. And it can be further based on the feature information of the mobile terminal user card and/or the mobile terminal feature information.
在步骤 b之后可以进一步包括网络设备和移动终端同步各自保存的 终端鉴权序列号的步骤。  The step of synchronizing the respective terminal authentication sequence numbers stored by the network device and the mobile terminal may be further included after the step b.
网络设备可以是 HLR/AUC,此时该方法进一步包括 HLR/AUC根据 设置的安全密钥生成鉴权皋并将该鉴权集发送到 MSC/VLR的步骤, 所 述 MSC/VLR在接收到该鉴权集后保存该鉴权集。  The network device may be an HLR/AUC, and the method further includes the step of the HLR/AUC generating an authentication key according to the set security key and transmitting the authentication set to the MSC/VLR, the MSC/VLR receiving the The authentication set is saved after the authentication set.
从本发明的技术方案可以看出, 通过在移动通信网络中的网络设备 和移动终端中的一方首先产生一个随机数, 然后将随机数发送给另一 方, 双方根据相同的随机数相应地生成一致的安全密钥。 这样网络设备 和移动终端都生成了相互保持一致的安全密钥, 从而可以在进行鉴权时 各自使用自己的安全密钥进行相关计算和判断, 由此提高了移动终端防 盗的效杲, 并因此提高了移动终端的安全性。  It can be seen from the technical solution of the present invention that one of the network device and the mobile terminal in the mobile communication network first generates a random number, and then sends the random number to the other party, and the two parties generate corresponding correspondence according to the same random number. Security key. In this way, both the network device and the mobile terminal generate security keys that are consistent with each other, so that each of the security keys can be used for related calculation and judgment when performing authentication, thereby improving the effectiveness of the mobile terminal anti-theft, and thus improving The security of the mobile terminal.
另外, 由于本发明的安全密钥设置方法中网络设备和移动终端各自 生成安全密钥, 而没有安全密钥本身在两个设备之间的传送过程, 这样 即使非法用户获取了中间的传送信息, 也不能根据获取的信息得到确定 的安全密钥。 因此本发明的安全密钥设置方法保证了设置的安全密钥本 身的安全性。 附图简要说明 In addition, since the network device and the mobile terminal each generate a security key in the security key setting method of the present invention, there is no transmission process of the security key itself between the two devices, such that Even if an illegal user acquires the intermediate transmission information, the determined security key cannot be obtained based on the acquired information. Therefore, the security key setting method of the present invention ensures the security of the set security key itself. BRIEF DESCRIPTION OF THE DRAWINGS
图 1是根据本发明的设置安全密钥的第一具体实施例的流程图。 图 2是根据本发明的设置安全密钥的第二具体实施例的流程图。 图 3是根据本发明的设置安全密钥的第三具体实施例的流程图。 图 4是根据本发明的设置安全密钥的第四具体实施例的流程图。 图 5是根据本发明的设置安全密钥的第五具体实施例的流程图。 图 6是移动终端取消终端安全功能的消息流程图。  1 is a flow chart of a first embodiment of setting a security key in accordance with the present invention. 2 is a flow chart of a second embodiment of setting a security key in accordance with the present invention. 3 is a flow chart of a third embodiment of setting a security key in accordance with the present invention. 4 is a flow chart of a fourth embodiment of setting a security key in accordance with the present invention. Figure 5 is a flow diagram of a fifth embodiment of setting a security key in accordance with the present invention. Figure 6 is a message flow diagram of the mobile terminal canceling the terminal security function.
图 7是网络设备取消终端安全功能的消息流程图。  Figure 7 is a message flow diagram of the network device canceling the terminal security function.
图 8是移动终端和网络设备更新鉴权向量的消息流程图。  Figure 8 is a message flow diagram of a mobile terminal and network device update authentication vector.
图 9是根据本发明的鉴权处理的第一具体实施例的流程图。  9 is a flow chart of a first embodiment of an authentication process in accordance with the present invention.
图 10是根据本发明的鉴权处理的第二具体实施例的流程图。  Figure 10 is a flow diagram of a second embodiment of an authentication process in accordance with the present invention.
图 11是根据本发明的鉴权处理的第三具体实施例的流程图。  Figure 11 is a flow diagram of a third embodiment of an authentication process in accordance with the present invention.
图 12是根据本发明的鉴权处理的第四具体实施例的流程图。  Figure 12 is a flow diagram of a fourth embodiment of an authentication process in accordance with the present invention.
图 13是根据本发明的鉴权处理的第五具体实施例的流程图。  Figure 13 is a flow chart of a fifth embodiment of an authentication process in accordance with the present invention.
图 14是 居本发明的鉴权处理的第六具体实施例的流程图。 实施本发明的方式  Figure 14 is a flow chart of a sixth embodiment of the authentication process of the present invention. Mode for carrying out the invention
下面结合附图和具体实施例对本发明进行详细说明。  The invention will be described in detail below with reference to the drawings and specific embodiments.
图 1 示出了根据本发明的安全密钥设置方法的第一实施例的流程 图。 如图 1所示, 在步驟 101 , 移动终端向网络侧的 HLR/AUC发送设 置安全密钥 (SKEY )命令。 这里设置 SKEY命令可以通过移动通信网 络中的 MSC/VLR转发, 也就是移动终端将设置 SKEY命令发送给 MSC/VLR,然后 MSC/VLR将来自移动终端的该命令发送给 HLR7AUC。 由于本领域技术人员公知, HLR和 AUC通常集成在一个设备中, 该设 备同时起到归属位置寄存器和睑证中心的作用, 因此这里将该设备称为 HLR/AUC0 Fig. 1 shows a flow chart of a first embodiment of a security key setting method according to the present invention. As shown in FIG. 1, in step 101, the mobile terminal transmits a Set Security Key (SKEY) command to the HLR/AUC on the network side. Here the SKEY command can be set through the mobile communication network. The MSC/VLR forwarding in the network, that is, the mobile terminal sends a SKEY command to the MSC/VLR, and then the MSC/VLR sends the command from the mobile terminal to the HLR7AUC. As is well known to those skilled in the art, the HLR and the AUC are usually integrated in one device, which functions as both a home location register and a certificate center, so the device is referred to herein as HLR/AUC 0.
在步驟 102, HLR7AUC在接收到该命令后产生一个随机数 ( RAND )。 比如, HLR/AUC使用自己的随机数产生器产生一个 RAND。  At step 102, the HLR 7AUC generates a random number ( RAND ) upon receipt of the command. For example, HLR/AUC uses its own random number generator to generate a RAND.
在步骤 103 , HLR/AUC利用 CK:、 IK和 KI中的一个或者它们的任 何组合以及自己产生的 RAND 生成 SKEY。 针对每个移动终端, HLR/AUC可以预先保存 CK、 IK和 KI等信息。  In step 103, the HLR/AUC generates a SKEY using one of CK:, IK, and KI, or any combination thereof, and its own generated RAND. For each mobile terminal, the HLR/AUC can pre-store information such as CK, IK, and KI.
在步骤 104, HLR/AUC在生成 SKEY之后, 向移动终端发送一个 SKEY设置成功命令,该命令中包含所产生的 RAND。当然,这里的 SKEY 设置成功命令也可以通过 MSC/VLR转发。  In step 104, after generating the SKEY, the HLR/AUC sends a SKEY setting success command to the mobile terminal, where the command includes the generated RAND. Of course, the SKEY setup success command here can also be forwarded through the MSC/VLR.
在步骤 105, 移动终端在接收到包含 RAND的 SKEY设置成功命令 后, 采用和网络设备相应的生成方法生成 SKEY, 也就是利用 CK:、 IK 和 KI中的一个或者它们的任何组合以及接收自网络设备的 RAND生成 S EY。  In step 105, after receiving the SKEY setting success command including the RAND, the mobile terminal generates the SKEY by using a generation method corresponding to the network device, that is, using one of CK:, IK, and KI, or any combination thereof, and receiving from the network. The RAND of the device generates S EY.
移动终端可以预先保存 CK、 IK和 KI等信息,移动终端对于这些信 息的保存可以是由移动终端和当前用户卡共同来保存的。 一般地, 移动 终端成功登录网络并通过用户卡鉴权后, 可以从用户卡中得到 CK、 IK 等信息, 而 KI一般保存在用户卡中。 因此, 移动终端生成 SKEY的过 程, 可以是由移动终端程序和用户卡共同完成的。 后面提到的移动终端 保存 CK、 IK和 KI等信息, 以及生成 SKEY的操作, 都可以包括这种 情况。  The mobile terminal can pre-store information such as CK, IK, and KI, and the mobile terminal can save the information by the mobile terminal and the current user card. Generally, after the mobile terminal successfully logs in to the network and authenticates through the user card, information such as CK and IK can be obtained from the user card, and the KI is generally stored in the user card. Therefore, the process of generating the SKEY by the mobile terminal may be performed by the mobile terminal program and the user card. The latter mentioned mobile terminal can save information such as CK, IK, and KI, and the operation of generating SKEY.
在此实施例中, 步骤 103中 HLR/AUC可以对 CK、 IK和 KI中的一 个或者它们的任何组合以及 RAND进行算法计算生成 SKEY,在这种情 况下, 步骤 105中移动终端也对 CK、 IK和 KI中的一个或者它们的任 何组合以及 RAND进行相应的算法计算生成 SKEY。 In this embodiment, the HLR/AUC in step 103 can be one of CK, IK, and KI. Or any combination of them and RAND performs algorithm calculation to generate SKEY. In this case, in step 105, the mobile terminal also performs corresponding algorithm calculation on one of CK, IK and KI or any combination thereof and RAND to generate SKEY.
可以理解,步骤 101并不是必须的, HLR/AUC可以主动产生 RAND 并发起后续流程。 另外, 步骤 104中 HLR/AUC也可以直接将 AND发 送给移动终端, 可以理解, 网络设备向终端发送一个单独的 RAOT就表 示网络设备设置 SKEY成功, 相应地, 设置不成功时, 可以在 回设置 失败的命令里不携带任何信息。  It can be understood that step 101 is not necessary, and the HLR/AUC can actively generate the RAND and initiate the subsequent process. In addition, in step 104, the HLR/AUC can also directly send the AND to the mobile terminal. It can be understood that the network device sends a single RAOT to the terminal, indicating that the network device sets the SKEY successfully, and accordingly, when the setting is unsuccessful, the setting can be back. The failed command does not carry any information.
另外,可以在移动终端和网络设备中预先保存多种 SKEY 置方式, 并对每一种设置方式建立一个 SKEY设置方式标志, 例如^ 1奇第一种 SKEY设置方式的标志设置为 1, 将第二种 SKEY设置方式的 示志设置 为 2, 等等。 在步驟 101中, 移动终端可以预先从多种设置方式中选择 一种, 并将对应所选择的设置方式的设置方式标志通过设置 SK Y命令 发送给 HLR/AUC, HLR/AUC即使用该设置方式标志对应的 SI EY设置 方式来生成 SKEY。 同样, 移动终端在接收到来自 HLR/AUC RAND 后, 也使用自己选择的同样的设置方式来生成 SKEY, 从而保 正了两侧 生成的 SKEY的一致性。  In addition, various SKEY settings can be pre-stored in the mobile terminal and the network device, and a SKEY setting mode flag is set for each setting mode, for example, the flag of the first SKEY setting mode is set to 1, and the first The settings for the two SKEY settings are set to 2, and so on. In step 101, the mobile terminal may select one of a plurality of setting modes in advance, and send a setting mode flag corresponding to the selected setting mode to the HLR/AUC by setting the SK Y command, and the HLR/AUC uses the setting mode. The SI EY setting method corresponding to the flag is used to generate SKEY. Similarly, after receiving the HLR/AUC RAND, the mobile terminal also uses the same setting method selected by itself to generate SKEY, thus ensuring the consistency of the SKEY generated on both sides.
当然, 也可以由 HLR/AUC在多种设置方式中选择一种, 根据该 设置方式生成 SKEY, 然后将对应所选择的设置方式的设置方 标志通 过 SKEY设置成功命令发送给移动终端,移动终端即使用该设 _£方式标 志对应的 SKEY设置方式来生成 SKEY。这样也能保证两侧生 的 SKEY 的一致性。  Of course, one of the plurality of setting modes may be selected by the HLR/AUC, and the SKEY is generated according to the setting mode, and then the setting party flag corresponding to the selected setting mode is sent to the mobile terminal through the SKEY setting success command, and the mobile terminal is SKEY is generated using the SKEY setting method corresponding to the _£ mode flag. This also ensures the consistency of the SKEYs on both sides.
另外, HLR/AUC在产生 SKEY之后, 可以进一步检查该 SKEY是 否是一个弱密钥。如果是, 则重新生成 AND, 并根据该 RA >重新生 成 SKEY, 直到该 SKEY经过检查不是弱密钥为止。 如果 SKEY经检查 不是弱密钥,则执行后续处理,也就是将 RAND通过 SKEY设置成功命 令发送给移动终端。 密码学中, 针对同一种算法, 存在一些密钥, 和密 钥空间中一般密钥相比, 更加容易被攻破, 这样的密钥被称为弱密钥, 比如, 对于二进制的 128位密钥, 一串 "0" 密钥, 一串 "1" 密钥一般 被认为是容易被攻破的弱密钥。 判断一个密钥是否是弱密钥可以采用现 有技术的多种方法, 这里不再详细说明。 In addition, after generating the SKEY, the HLR/AUC can further check whether the SKEY is a weak key. If yes, then AND is regenerated, and SKEY is regenerated according to the RA > until the SKEY is checked to be not a weak key. If SKEY is checked If it is not a weak key, subsequent processing is performed, that is, the RAND is sent to the mobile terminal through the SKEY setting success command. In cryptography, there are some keys for the same algorithm, which are easier to break than the general key in the key space. Such a key is called a weak key, for example, a binary 128-bit key. A string of "0" keys, a string of "1" keys is generally considered to be a weak key that is easily compromised. To determine whether a key is a weak key, various methods of the prior art can be used, and will not be described in detail herein.
在第一实施例中, 由 HLR/AUC产生 RAND, 并将 RAKD发送给移 动终端。 实际情况下, 也可以由移动终端产生 RAND, 并将 RAND发送 给 HLR/AUC。 为此本发明提出了第二实施例, 其流程如图 2所示。  In the first embodiment, RAND is generated by the HLR/AUC, and the RAKD is transmitted to the mobile terminal. In practice, RAND can also be generated by the mobile terminal and RAND is sent to the HLR/AUC. To this end, the second embodiment of the present invention is proposed, and the flow thereof is as shown in FIG.
在步赛 201 , 移动终端首先产生一个 RAND。 比如, 移动终端利用 自己的随机数产生器生成一个 RAND。  In the step 201, the mobile terminal first generates a RAND. For example, a mobile terminal generates its own RAND using its own random number generator.
在步糠 202, 移动终端向 HLR/AUC发送设置 SKEY命令, 并在该 命令中包含该 RAND。这里设置 SKEY命令可以通过移动通信网络中的 MSC/VLR转发, 也就是移动终端将设置 SKEY命令发送给 MSC/VLR, 然后 MSC/VLR将来自移动终端的该命令发送给 HLR/AUC  In step 202, the mobile terminal sends a Set SKEY command to the HLR/AUC, and includes the RAND in the command. Here, the SKEY command can be forwarded through the MSC/VLR in the mobile communication network, that is, the mobile terminal sends a SKEY command to the MSC/VLR, and then the MSC/VLR sends the command from the mobile terminal to the HLR/AUC.
在步驟 203, HLR/AUC在接收到该命令后, 利用 CK、 IK和 KI中 的一个或者它们的任何组合以及从设置 SKEY命令中接收的 RAND生成 SKEY。  In step 203, after receiving the command, the HLR/AUC generates SKEY using one of CK, IK, and KI, or any combination thereof, and RAND received from setting the SKEY command.
在步骤 204, HLR/AUC在生成 SKEY之后, 向移动终端发送一个表 示 HLR/AUC已经成功设置 SKEY的 SKEY设置成功命令。 当然, 这里 的 SKEY设置成功命令也可以通过 MSC/VLR转发。  In step 204, after generating the SKEY, the HLR/AUC sends a SKEY setting success command to the mobile terminal indicating that the HLR/AUC has successfully set the SKEY. Of course, the SKEY setting success command here can also be forwarded through the MSC/VLR.
在步骤 205, 移动终端在接收到 SKEY设置成功命令后, 采用和网 络设备相应的生成方法生成 SKEY,也就是利用 CK、 IK和 KI中的一个 或者它们的任何組合和自己产生的 RAND生成 SKEY。  In step 205, after receiving the SKEY setting success command, the mobile terminal generates SKEY by using a generation method corresponding to the network device, that is, generating SKEY by using one of CK, IK, and KI or any combination thereof and the RAND generated by itself.
其中, 步骤 203中 HLR/AUC可以对 CK、 IK和 KI中的一个或者它 们的任何组合以及 RAND进行算法计算生成 SKEY, 在这种情况下, 涉 骤 205中移动终端也对 CK、 IK和 KI中的一个或者它们的任何组合以 及 RAND进行相应的算法计算生成 SKEY。 Wherein, in step 203, the HLR/AUC can be one of CK, IK, and KI or it Any combination of them and RAND perform algorithm calculation to generate SKEY. In this case, the mobile terminal in step 205 also performs corresponding algorithm calculation on one of CK, IK and KI or any combination thereof and RAND to generate SKEY.
可以理解,步骤 202中移动终端可以直接向 HLR/AUC发送 RAND, 而不需要将 RAND包含在设置 SKEY命令中。  It can be understood that in step 202, the mobile terminal can directly send RAND to the HLR/AUC without including the RAND in the set SKEY command.
这里, 移动终端也可以在发送设置 SKEY 命令之后即自行生威 SKEY, 而不需要等待 HLR/AUC的响应, 也就是说, HLR/AUC不需要 向移动终端发送 SKEY设置成功命令, 而是由移动终端和 HLR/AUC洛 自分别设置 SKEY。 另外, 可以理解, 移动终端可以先根据 RAND生威 SKEY,然后再将 RAND发送给 HLR/AUC , HLR/AUC在接收到该 RAMD 之后生成 SKEY。  Here, the mobile terminal can also self-produce SKEY after sending the SKEY command, without waiting for the response of the HLR/AUC, that is, the HLR/AUC does not need to send the SKEY setting success command to the mobile terminal, but is moved by the mobile terminal. The terminal and HLR/AUC are automatically set to SKEY. In addition, it can be understood that the mobile terminal can first send the KEY according to the RAND, and then send the RAND to the HLR/AUC, and the HLR/AUC generates the SKEY after receiving the RAMD.
和第一实施例类似, 这里也可以在移动终端和网络设备中预先保 ^ 多种 SKEY设置方式,并对每一种设置方式建立一个 SKEY设置方式 志。 在步骤 202中, 移动终端可以预先从多种设置方式中选择一种, 并 将对应所选择的设置方式的设置方式标志通过设置 SKEY命令发送 合 HLR/AUC, HLR/AUC即使用该设置方式标志对应的 SKEY设置方式耒 生成 SKEY。 同样, 移动终端在接收到来自 HLR/AUC的设置 SKEY A 功命令后, 也使用自己选择的同样的设置方式来生成 SKEY, 从而保 ^正 了两侧生成的 SKEY的一致性。  Similar to the first embodiment, various SKEY setting modes can be pre-protected in the mobile terminal and the network device, and a SKEY setting mode is established for each setting mode. In step 202, the mobile terminal may select one of a plurality of setting modes in advance, and send a setting mode flag corresponding to the selected setting mode to the HLR/AUC by setting a SKEY command, and the HLR/AUC uses the setting mode flag. The corresponding SKEY setting method generates SKEY. Similarly, after receiving the SKEY A function command from the HLR/AUC, the mobile terminal also uses the same setting method selected by itself to generate the SKEY, thereby ensuring the consistency of the SKEY generated on both sides.
另外, HLR/AUC在产生 SKEY之后, 可以进一步检查该 SKEY _ 否是一个弱密钥。 如果是, 则通知移动终端, 比如, 给移动终端发 it一 个密钥设置失败命令, 并且携带的失败原因为弱密钥, 移动终端接 t到 密钥设置失败命令后, 重新生成 RAND并重新发送 RAND, HLR/AUC 再才 据新的 RAND重新生成 SKEY,直到该 SKEY经过检查不是弱密钥 为止。 如果 SKEY经检查不是弱密钥, 则向移动终端发送密钥设置 ^功 命令。 In addition, after the SLR is generated, the HLR/AUC can further check whether the SKEY_ is a weak key. If yes, the mobile terminal is notified, for example, a key setting failure command is sent to the mobile terminal, and the reason for the failure is a weak key. After the mobile terminal receives the key to the key setting failure command, the RAND is regenerated and resent. RAND, HLR/AUC then regenerate SKEY according to the new RAND until the SKEY is checked to be not a weak key. If the SKEY is not a weak key, it sends a key setting to the mobile terminal. Command.
可以理解, 如果移动终端自行产生 SKEY, 移动终端也可以自己判 断 SKEY是否是一个弱密钥。 如果是, 则重新生成 RAND, 并重新根据 RAND生成新的 SKEY, 直到该 SKEY经过检查不是弱密钥为止。 然后 才将新的 RAND发送给 HLR/AUC, HLR/AUC根据 RAND生成 SKEY。  It can be understood that if the mobile terminal generates the SKEY by itself, the mobile terminal can also determine for itself whether the SKEY is a weak key. If yes, regenerate RAND and regenerate a new SKEY based on RAND until the SKEY is checked for a weak key. The new RAND is then sent to the HLR/AUC, which generates the SKEY based on the RAND.
当然, 也可以理解, 移动终端和 HLR/AUC都进行弱密钥检查, 其 中任意一方检查出产生的密钥为弱密钥时, 都要求重新产生 RAND。  Of course, it can be understood that both the mobile terminal and the HLR/AUC perform weak key check, and any one of them needs to regenerate RAND when it detects that the generated key is a weak key.
另外, 移动终端也可以先产生 SKEY, 然后将 RAND发送给网络设 备, 网络设备在接收到该 RAND后自行产生 SKEY, 而不再需要向移动 终端返回 SKEY设置成功命令。  In addition, the mobile terminal may also generate the SKEY first, and then send the RAND to the network device. After receiving the RAND, the network device generates the SKEY by itself, and no longer needs to return the SKEY setting success command to the mobile terminal.
图 3示出了本发明的第三实施例, 其中不需要生成 RAND, 而是直 接才艮据各自当前已知的相关信息生成 SKEY。 其具体流程包括如图 3所 示。  Fig. 3 shows a third embodiment of the present invention in which it is not necessary to generate RAND, but the SKEY is generated directly based on the respective related information currently known. The specific process is shown in Figure 3.
在步骤 301 , 首先由移动终端向 HLR7AUC发送一个设置 SKEY命 令。 这里设置 SKEY命令可以通过移动通信网络中的 MSC/VLR转发, 也就是移动终端将设置 SKEY命令发送给 MSC/VLR, 然后 MSC/VLR 将来自移动终端的该命令发送给 HLR/AUC 0 In step 301, a set SKEY command is first sent by the mobile terminal to the HLR 7AUC. Here, the SKEY command can be forwarded through the MSC/VLR in the mobile communication network, that is, the mobile terminal sends a SKEY command to the MSC/VLR, and then the MSC/VLR sends the command from the mobile terminal to the HLR/AUC 0.
在步骤 302, HLR/AUC在接收到该命令后, 利用 CK、 IK和 KI中 的一个或者它们的任何组合生成 SKEY。  In step 302, after receiving the command, the HLR/AUC generates SKEY using one of CK, IK, and KI, or any combination thereof.
在步骤 303, HLR/AUC在生成 SKEY之后,向移动终端发送一个表 示 HLR/AUC已经成功设置 SKEY的 SKEY设置成功命令。 当然, 这里 '的 SKEY设置成功命令也可以通过 MSC/VLR转发。  In step 303, after generating the SKEY, the HLR/AUC sends a SKEY setting success command to the mobile terminal indicating that the HLR/AUC has successfully set the SKEY. Of course, the 'SKEY setting success command here' can also be forwarded through the MSC/VLR.
在步驟 304, 移动终端在接收到 SKEY设置成功命令后, 采用和网 络设备相应的生成方法生成 SKEY,也就是利用 CK、 IK和 KI中的一个 或者它们的任何组合生成 SKEY。 其中 , 步骤 302中 HLR/AUC可以直接将 CK:、 D 或 KI中的一个作 为 SKEY, 此时步骤 304中移动终端也直接将 CK、 IK或 KI中的一个作 为 SKEY。 或者, 步骤 302中 HLR/AUC可以对 CK、 IK和 KI中的一个 或者它们的任何组合进行算法计算生成 SKEY,在这种情况下,步驟 304 中移动终端也对 CK、 IK和 KI中的一个或者它们的任何组合进行相应 的算法计算生成 SKEY。 In step 304, after receiving the SKEY setting success command, the mobile terminal generates SKEY by using a generation method corresponding to the network device, that is, generating SKEY by using one of CK, IK, and KI or any combination thereof. The HLR/AUC in step 302 can directly use one of CK:, D or KI as the SKEY. In this step, the mobile terminal directly uses one of CK, IK or KI as the SKEY. Alternatively, in step 302, the HLR/AUC may perform an algorithmic calculation on one of CK, IK, and KI, or any combination thereof, to generate an SKEY, in which case the mobile terminal in step 304 also has one of CK, IK, and KI or Any combination of them performs a corresponding algorithm calculation to generate SKEY.
这里, 移动终端也可以在发送设置 SKEY 命令之后即自行生成 SKEY, 而不需要等待 HLR/AUC的响应, 也就是说, HLR/AUC不需要 向移动终端发送 SKEY设置成功命令, 而是由移动终端和 HLR/AUC各 自分別设置 SKEY。 另外, 可以理解, 移动终端可以先生成 SKEY, 然 后向 HLR/AUC发送设置 SKEY命令, HLR/AUC在接收到该命令之后 生成 SKEY。  Here, the mobile terminal may also generate the SKEY by itself after sending the SKEY command, without waiting for the response of the HLR/AUC, that is, the HLR/AUC does not need to send the SKEY setting success command to the mobile terminal, but by the mobile terminal. Set SKEY separately from HLR/AUC. In addition, it can be understood that the mobile terminal can be SKEY, and then the SKEY command is sent to the HLR/AUC, and the HLR/AUC generates the SKEY after receiving the command.
这里也可以在移动终端和网络设备中预先保存多种 SKEY设置方 式,并对每一种设置方式建立一个 SKEY设置方式标志。在步骤 301中, 移动终端可以预先从多种设置方式中选择一种, 并将对应所选择的设置 方式的设置方式标志通过设置 SKEY命令发送给 HLR/AUC, HLR/AUC 即使用该设置方式标志对应的 SKEY设置方式来生成 SKEY。 同样, 移 动终端在接收到来自 HLR/AUC的设置 SKEY成功命令后, 也使用自己 选择的同样的设置方式来生成 SKEY, 从而保证了两侧生成的 SKEY的 一致性。  Here, various SKEY setting modes can be pre-stored in the mobile terminal and the network device, and a SKEY setting mode flag is established for each setting mode. In step 301, the mobile terminal may select one of a plurality of setting modes in advance, and send a setting mode flag corresponding to the selected setting mode to the HLR/AUC by setting a SKEY command, and the HLR/AUC uses the setting mode flag. The corresponding SKEY setting method is used to generate SKEY. Similarly, after receiving the SKEY success command from HLR/AUC, the mobile terminal also uses the same setting method selected by itself to generate SKEY, thus ensuring the consistency of SKEY generated on both sides.
另外, HLR/AUC在产生 SKEY之后, 可以进一步检查该 SKEY是 否是一个弱密钥。 如果是, 则通知移动终端, 双方重新产生 SKEY, 直 到该 SKEY经过检查不是弱密钥为止。 如果 SKEY经检查不是弱密钥, 则执行后续处理。 另外, 可以理解, 移动终端也可以自己判断 SKEY是 否是一个弱密钥。 如果是, 双方重新产生 SKEY, 直到该 SKEY经过检 查不是弱密钥为止。 In addition, after generating the SKEY, the HLR/AUC can further check whether the SKEY is a weak key. If yes, the mobile terminal is notified that both parties regenerate the SKEY until the SKEY is checked to be not a weak key. If the SKEY is checked not to be a weak key, subsequent processing is performed. In addition, it can be understood that the mobile terminal can also determine for itself whether the SKEY is a weak key. If yes, both parties regenerate SKEY until the SKEY is checked. Check is not a weak key.
图 4示出了本发明的第四实施例。在步驟 401 ,移动终端向 HLR/AUC 发送设置 SKEY命令。这里设置 SKEY命令可以通过移动通信网络中的 MSC/VLR转发, 也就是移动终端将设置 SKEY命令发送给 MSC/VLR, 然后 MSC/VLR将来自移动终端的该命令发送给 HLR/AUC0 Fig. 4 shows a fourth embodiment of the invention. At step 401, the mobile terminal sends a Set SKEY command to the HLR/AUC. Here, the SKEY command can be forwarded through the MSC/VLR in the mobile communication network, that is, the mobile terminal sends a SKEY command to the MSC/VLR, and then the MSC/VLR sends the command from the mobile terminal to the HLR/AUC 0.
在步骤 402, HLR/AUC在接收到该命令后 , HLR/AUC利用 CK、 IK 和 KI中的一个或者它们的任何组合生成 SKEY。  At step 402, after receiving the command, the HLR/AUC uses the CK, IK, and KI, or any combination thereof, to generate the SKEY.
在步骤 403, HLR/AUC在生成 SKEY之后 ,通过 CK加密该 SKEY, 形成 SKEY的密文。  In step 403, after generating the SKEY, the HLR/AUC encrypts the SKEY by CK to form a ciphertext of the SKEY.
在步驟 404, HLR/AUC向移动终端发送 SKEY的密文。  At step 404, the HLR/AUC sends the SKEY ciphertext to the mobile terminal.
在步骤 405, 移动终端在接收到 SKEY密文后, 利用自己的 CK对 SKEY密文进行解密, 得到 SKEY的明文。  In step 405, after receiving the SKEY ciphertext, the mobile terminal decrypts the SKEY ciphertext by using its own CK to obtain the plaintext of the SKEY.
当然可以理解, 步驟 402 中 HLR/AUC也可以通过其他方法生成 SKEY, 本发明对此不进行限制。 不管采用什么方法产生 SKEY, 只要 对该 SKEY进行加密得到密文并将该密文传送给移动终端, 移动终端再 对密文进行解密得到 SKEY明文, 都属于本实施例 4青神的一种体现。  It is of course understood that the HLR/AUC in step 402 can also generate the SKEY by other methods, which is not limited by the present invention. Regardless of the method used to generate the SKEY, as long as the SKEY is encrypted to obtain the ciphertext and the ciphertext is transmitted to the mobile terminal, the mobile terminal decrypts the ciphertext to obtain the SKEY plaintext, which belongs to the embodiment of the fourth embodiment of the present invention. .
图 5示出了本发明的第五实施例。 在步驟 501 , 移动终端利用 CK、 I 和 KI中的一个或者它们的任何组合生成 SKEY。  Fig. 5 shows a fifth embodiment of the present invention. At step 501, the mobile terminal generates a SKEY using one of CK, I, and KI, or any combination thereof.
在步骤 502, 移动终端利用自己的 CK加密该 SKEY, 形成 SKEY 的密文。  In step 502, the mobile terminal encrypts the SKEY with its own CK to form a ciphertext of the SKEY.
在步驟 503 , 移动终端向 HLR/AUC发送 SKEY的密文。  In step 503, the mobile terminal sends the SKEY ciphertext to the HLR/AUC.
在步骤 504, HLR/AUC在接收到 SKEY密文后, 利用自己的 CK对 In step 504, the HLR/AUC uses its own CK pair after receiving the SKEY ciphertext.
SKEY密文进行解密 , 得到 SKEY的明文。 The SKEY ciphertext is decrypted to obtain the plaintext of SKEY.
当然可以理解, 步驟 501 中移动终端也可以通过其他方法生成 Of course, it can be understood that the mobile terminal in step 501 can also be generated by other methods.
SKEY, 本发明对此不进行限制。 不管采用什么方法产生 SKEY, 只要 对该 SKEY进行加密得到密文并将该密文传送给网络设备, 网络设备再 对密文进行解密得到 SKEY明文, 都属于本实施例精神的一种体现。 SKEY, the present invention does not limit this. No matter what method is used to generate SKEY, as long as The SKEY is encrypted to obtain the ciphertext and the ciphertext is transmitted to the network device, and the network device decrypts the ciphertext to obtain the SKEY plaintext, which is an embodiment of the spirit of the embodiment.
对于第四和第五实施例, 可以在移动终端和网络设备中预先保存多 种 SKEY i史置方式,并对每一种设置方式建立一个 SKEY设置方式标志。 移动终端可以预先从多种设置方式中选择一种, 并将对应所选择的设置 方式的设置方式标志通过设置 SKEY命令发送给 HLR/AUC, HLR/AUC 即使用该设置方式标志对应的 SKEY设置方式来生成 SKEY。 设置方式 也可以由 HLR/AUC选择并传送给移动终端。  For the fourth and fifth embodiments, a plurality of SKEY i history modes can be pre-stored in the mobile terminal and the network device, and a SKEY setting mode flag is established for each setting mode. The mobile terminal may select one of a plurality of setting modes in advance, and send a setting mode flag corresponding to the selected setting mode to the HLR/AUC by setting a SKEY command, and the HLR/AUC uses the SKEY setting mode corresponding to the setting mode flag. To generate SKEY. The setting method can also be selected and transmitted to the mobile terminal by the HLR/AUC.
另外, 对于首先产生 SKEY的移动终端或者 HLR/AUC来说, 可以 进一步检查该 SKEY是否是一个弱密钥。 如果是, 重新生成 SKEY, 直 到该 SKEY经过检查不是弱密钥为止。 比如, 检查到生成的 SKEY是弱 密钥时, 可以更换一种设置方式来重新生成 SKEY。  In addition, for the mobile terminal or HLR/AUC that first generates the SKEY, it can be further checked whether the SKEY is a weak key. If so, regenerate the SKEY until the SKEY is checked for a weak key. For example, when it is checked that the generated SKEY is a weak key, a setting method can be replaced to regenerate the SKEY.
上述各种方法中, 可以进一步包括设置一个 SKEY 启动标志 SFLAG,比如,当 SFLAG为 1时,表示启动了终端安全功能,当 SFLAG 为 0时, 表示关闭了终端安全功能。 HLR/AUC和移动终端在设置密钥 SKEY后, 可以将 SFLAG设置为 1。 当然, 也可以通过将 SKEY设置为 0表示关闭终端安全功能, 而当 SKEY不为 0时, 表示启动了终端安全 功能。 实际当中, 可以设置一条打开 /关闭命令用于设置 SFLAG的值, 也可以通过设置清除 SKEY设置来将 SKEY置为 0, 从而达到关闭终端 安全功能的目的。  The above various methods may further include setting a SKEY startup flag SFLAG. For example, when SFLAG is 1, it indicates that the terminal security function is activated. When SFLAG is 0, the terminal security function is turned off. HLR/AUC and the mobile terminal can set SFLAG to 1 after setting the key SKEY. Of course, you can also disable the terminal security function by setting SKEY to 0. When SKEY is not 0, it indicates that the terminal security function is enabled. In practice, an open/close command can be set to set the value of SFLAG, or SKEY can be set to 0 by setting the clear SKEY setting to achieve the purpose of turning off the terminal security function.
上述各种方法中, 对应的设置方式可以多种多样。 通过设置方式可 以确定生成 SKEY时所使用的参数信息, 比如: 仅有 CK和仅有 ΓΚ, 仅 有 RAND和 CK, 仅有 CK和 IMSI, 仅有 KI和 SKEY, 同时有 KI和 RAND和 IMSI等等。 通过设置方式还可以确定生成 SKEY时所使用的 算法信息, 即, 通过不同的设置方式确定生成 SKEY时使用的不同的算 法。 比如, 通过 CK加密 IMSI得到密文作为 SKEY, 或通过 IK对 IMSI 进行摘要运算得到摘要作为 SKEY, 等等。 Among the above various methods, the corresponding setting manners can be various. The setting information can be used to determine the parameter information used when generating SKEY. For example: only CK and only ΓΚ, only RAND and CK, only CK and IMSI, only KI and SKEY, and KI and RAND and IMSI, etc. Wait. The setting information can also be used to determine the algorithm information used when generating the SKEY, that is, the different calculations used to generate the SKEY are determined by different setting methods. Law. For example, the ciphertext is obtained by CK encryption IMSI as SKEY, or the IMS is digested by IK to obtain a digest as SKEY, and so on.
上述各种方法中,在网络设备和移动终端计算生成 SKEY的情况下, 计算时还可以进一步考虑移动终端用户卡特征信息, 例如 MSI信息、 用户卡电子序列号 ESN, 也可以进一步考虑移动终端特征信息, 例如 IMEI信息、 移动终端电子序列号 ESN, 或者可以同时考虑用户卡特征 信息和移动终端特征信息。  In the above various methods, in the case that the network device and the mobile terminal calculate and generate the SKEY, the mobile terminal user card feature information, such as the MSI information, the user card electronic serial number ESN, or the mobile terminal feature may be further considered in the calculation. Information, such as IMEI information, mobile terminal electronic serial number ESN, or both user card feature information and mobile terminal feature information.
上述各种方法中, 移动终端计算 SKEY时, 可以完全由移动终端程 序计算, 这时, 移动终端程序应该具备相应的算法计算能力; 也可以完 全在用户卡中进行计算, 即, 移动终端将所述 RAND等信息传送给用户 卡,由用户卡根据自己的 CK、IK、KI等信息进行计算,并将得到的 SKEY 传送给移动终端程序; 当然, 也可以时用户卡和移动终端程序共同执行 相应计算来得到 SKEY。 可以理解为, 将网络设备生成 SKEY的步骤分 别由用户卡和移动终端程序来实现, 从而得到相应于网络设备产生的 SKEY的 SKEY。  In the above various methods, when the mobile terminal calculates the SKEY, it can be completely calculated by the mobile terminal program. At this time, the mobile terminal program should have the corresponding algorithm computing capability; or the calculation can be performed entirely in the user card, that is, the mobile terminal will The information such as RAND is transmitted to the user card, and the user card calculates according to the information of CK, IK, KI, etc., and transmits the obtained SKEY to the mobile terminal program; of course, the user card and the mobile terminal program can also perform correspondingly Calculate to get SKEY. It can be understood that the steps of generating the SKEY by the network device are respectively implemented by the user card and the mobile terminal program, thereby obtaining the SKEY corresponding to the SKEY generated by the network device.
对于上述所有实施例, 在移动终端和网络设备设置了 SKEY之后可 以进一步增加同步终端鉴权序列号 msSQN的步骤。 例如, 可以由网络 设备确定 msSQN, 并将 msSQN发送给移动终端, 然后移动终端保存从 网络设备接收的 msS.QN, 从而实现 msSQN的同步。 或者, 网络设备和 移动终端在设置完成 SKEY之后, 各自更新自己的 msSQN, 例如都将 当前值设置为协议约定的值, 比如 1 , 等等, 从而实现 msSQN的同步。 又或者, 移动终端事先确定 msSQN.值, 并在发送给网络设备的 SKEY 设置命令中添加 msSQN信息,网络设 ^呆存从移动终端接收的 msSQN, 从而实现 msSQN的同步。  For all of the above embodiments, the step of synchronizing the terminal authentication sequence number msSQN may be further added after the mobile terminal and the network device have set the SKEY. For example, the msSQN may be determined by the network device, and the msSQN is transmitted to the mobile terminal, and then the mobile terminal saves the msS.QN received from the network device, thereby implementing synchronization of the msSQN. Alternatively, after the SKEY is set, the network device and the mobile terminal respectively update their own msSQN, for example, the current value is set to a protocol agreed value, such as 1, and so on, thereby implementing synchronization of the msSQN. Alternatively, the mobile terminal determines the msSQN. value in advance, and adds the msSQN information to the SKEY setting command sent to the network device, and the network sets the msSQN received from the mobile terminal to implement synchronization of the msSQN.
对于所有的实施例, HLR/AUC 可以才艮据新设置的安全密钥生成鉴 权用的鉴权集, 并将该鉴权集发送给 MSC/VLR。 MSC/VLR在接收到该 鉴权集之后保存该鉴权集, 从而可以利用该鉴权集实现后续的鉴权。 由 于后续的鉴权处理不是本发明的讨论范围, 因此这里省略其详细描述。 For all embodiments, the HLR/AUC can generate a security key based on the newly set security key. The authentication set used for the right, and the authentication set is sent to the MSC/VLR. The MSC/VLR saves the authentication set after receiving the authentication set, so that the authentication set can be used to implement subsequent authentication. Since the subsequent authentication processing is not the scope of the present invention, a detailed description thereof is omitted here.
HLR/AUC 在更新 SKEY设置之后, 也可以从所述终端漫游的 MSC/VLR 中将该终端用户相关信息删除。 这样, 在移动终端鉴权时, MSC/VLR会主动请求 HLR/AUC发送鉴权集, 这时, HLR/AUC可以将 利用新设置的安全密钥生成的鉴权用鉴权集发送给 MSC/VLR, 从而, 间接地达到更新 MSC/VLR中该移动终端的鉴权集的目的。  After updating the SKEY setting, the HLR/AUC may also delete the end user related information from the MSC/VLR in which the terminal roams. In this way, when the mobile terminal authenticates, the MSC/VLR actively requests the HLR/AUC to send the authentication set. At this time, the HLR/AUC can send the authentication authentication set generated by using the newly set security key to the MSC/VLR. Thus, the purpose of updating the authentication set of the mobile terminal in the MSC/VLR is achieved indirectly.
关于 SKEY的生成, 可以借鉴 SIM卡或者 USM卡中保存的 KI信 息, 在用户初次启动终端安全功能时, 安全终端生成一个 RAND, 提交 给 SIM或者 USM卡, SM或者 USM卡利用 KI和 RAKD, 使用自身 保存的算法, 计算得到 SRES, 此 SRES可以作为 SKEY。 HLR/AUC相 应地利用 KI和 RAND,使用自身保存的算法,计算得到 SRES,此 SRES 可以作为网络侧保存的对应于该终端的 SKEY。  For the generation of SKEY, you can learn from the KI information stored in the SIM card or USM card. When the user first starts the terminal security function, the security terminal generates a RAND, submits it to the SIM or USM card, and the SM or USM card uses KI and RAKD. The algorithm saved by itself calculates SRES, which can be used as SKEY. HLR/AUC uses KI and RAND to calculate SRES using its own saved algorithm. This SRES can be used as the SKEY corresponding to the terminal stored on the network side.
移动终端可以提供界面给客户启动、 取消终端安全功能或者更新 SKEY。 在用户输入相应的启动密码后, 移动终端可以向网絡发消息启 动、 取消安全功能或者更新 SKEY, 更新 SKEY实际包含在启动终端安 全流程中, 无特别之处。  The mobile terminal can provide an interface to the client to activate, cancel the terminal security function or update the SKEY. After the user enters the corresponding startup password, the mobile terminal can initiate a message to the network, cancel the security function, or update the SKEY. The update SKEY is actually included in the startup terminal security process, and nothing special.
移动终端启动、 取消终端安全功能的消息流程如图 6所示, 其中的 消息可以通过 USSD承载, 这样对支持 USSD功能的 MSC将没有新需 求。  The message flow of the mobile terminal to start and cancel the terminal security function is shown in Figure 6. The message can be carried over the USSD, so there will be no new requirements for the MSC supporting the USSD function.
UE在 UE_Security— Request 消息中指示是启动还是取消安全功能 (更新 SKEY的功能可以包含在启动功能中), 如果是启动安全功能, 在消息中需要带上生成 SKEY的迹机数 ( RA D1 )。  The UE indicates whether to activate or deactivate the security function in the UE_Security_Request message (the function of updating the SKEY may be included in the startup function), and if the security function is started, the number of tracers generating the SKEY (RA D1 ) needs to be carried in the message.
MSC对这里相关的所有消息不做任何处理, 透传给 HLR。 HLR收到这个消息后,发起 UE— Security— Auth—Req消息, 消息中携 带随机数 RA D2。 The MSC does not process any messages related to this and transparently transmits it to the HLR. After receiving the message, the HLR initiates a UE-Security-Auth-Req message carrying the random number RA D2.
UE收到 UE—Security_Auth一 Req消息时,根据 RAND2和 SM USIM 中的 KI, 计算出 SRES2, 在 UE—Security_Autli_Rsp消息中将 SRES2发 送给 HLR。  When receiving the UE-Security_Auth-Req message, the UE calculates SRES2 according to the KI in RAND2 and SM USIM, and sends SRES2 to the HLR in the UE-Security_Autli_Rsp message.
HLR收到 UE_Security—Auth—Rsp消息时, 验证 SRES2是否合法, 如果合法,则根据 UE_Security— Request消息中指示做相应的处理,如果 UE一 Security— Request消息中是 "启动安全功能" 的请求, 则使用消息中 的 RAND1 生成 SKEY , 并保存在用户数据中 , 然后回送 UE— Security— Response 消息指示 "启动安全功能成功 "; 如果 UE— Security— Request 消息中是 "取消安全功能", 则删除对应用户数据 的 SKEY, 回送 UE— Security— Response消息指示 "取消安全功能成功"。 如果 HLR验证 SRES2不合法, 则在 UE一 Security— Response消息中指示 UE所请求的相应功能失败。  When the HLR receives the UE_Security_Auth-Rsp message, it verifies that the SRES2 is legal. If it is legal, the HLR performs corresponding processing according to the indication in the UE_Security_Request message. If the UE is in the Security-Request message, it is a request to start the security function. Use the RAND1 in the message to generate the SKEY, and save it in the user data, and then send back the UE_Security_ Response message indicating "Start security function succeeded"; If the UE-Security-Request message is "Cancel security function", delete the corresponding user SKEY of the data, loopback UE—Security—The Response message indicates “cancel the security function successfully”. If the HLR verifies that the SRES2 is invalid, it indicates in the UE-Security_Response message that the corresponding function requested by the UE fails.
另外, 为防止用户启动安全功能后, 忘记了密码而无法取消安全功 能的问题, 应可以从网络侧发起消息取消安全功能, 还是可以采用上面 的消息, 只是发送方向相反而已。 用户通过运营商的客户服务热线, 在 运营商客户服务人员确认了用户身份的合法性后 , 可以在操作台发起取 消用户终端安全功能的操作。  In addition, in order to prevent the user from forgetting the password and unable to cancel the security function after starting the security function, the message should be canceled from the network side, or the above message can be used, but the sending direction is reversed. After the operator's customer service hotline confirms the legality of the user's identity through the carrier's customer service hotline, the user can initiate the operation of canceling the security function of the user terminal at the console.
从网絡侧发起 "取消终端安全功能" 的流程如图 7所示。  The process of initiating the "cancel terminal security function" from the network side is shown in Figure 7.
安全终端在启动安全功能、 取消安全功能或者更新 SKey后, 都需 要吏新 MSC/SGS 中的鉴权向量, 更新鉴权向量的过程可以由 HLR和 安全终端配合完成。 更新鉴权向量可以借用 3GPP中已经定义的 Cancel Location和 Attach 程, 如图 8所示。  After the security terminal starts the security function, cancels the security function or updates the SKey, it needs the authentication vector in the new MSC/SGS. The process of updating the authentication vector can be completed by the HLR and the security terminal. Updating the authentication vector can borrow the Cancel Location and Attach procedures already defined in 3GPP, as shown in Figure 8.
HLR发现在成功启动、取消终端安全功能或者更新了 SKey后, HLR 向 MSC/SGSN发送 Cancel Location消息,并将消息中的 Cancellation Type 设置为 "Subscription Withdraw" , 此时 MSC/SGSN会立即删除相关用户 的上下文信息。 The HLR finds that after successfully starting, canceling the terminal security function or updating the SKey, the HLR Send a Cancel Location message to the MSC/SGSN, and set the Cancellation Type in the message to "Subscription Withdraw". At this time, the MSC/SGSN will immediately delete the context information of the relevant user.
安全终端在收到 MSC/VLR发送的 Detach Request 消息后, 回送 Detach Accept消息。如果安全终端发现此时进行了安全功能状态的变化 (比如从安全状态变成了非安全状态, 或者从非安全状态变成了安全状 态, 或者进行了 SKey的更新), 则自动发起附着流程; 否则按协议中的 规定进行处理。  After receiving the Detach Request message sent by the MSC/VLR, the security terminal sends a Detach Accept message. If the security terminal finds that the security function state has changed at this time (for example, from a security state to a non-secure state, or from a non-secure state to a security state, or an SKey update is performed), an attach procedure is automatically initiated; Otherwise, it will be processed as specified in the agreement.
MSC/SGS 在再次收到安全终端的附着请求后, 会到 HLR取签约 和鉴权数据, 从而完成鉴权数据的更新。  After receiving the attach request of the secure terminal again, the MSC/SGS will go to the HLR to obtain the subscription and authentication data, thereby completing the update of the authentication data.
如果将已经启动终端安全功能的 SIM/USIM卡换到一个非安全终端 上使用, 由于 HLR中保存的用户的状态是 "已启动安全功能", 而非安 全终端将继续使用用户卡对网络进行鉴权, 此时, 用户卡和网络之间的 鉴权将无法通过, 此时, MSC会将鉴权失败报告传送给 HLR, . HLR将 关闭针对原来安全终端设置的安全功能, 重新启动通过用户卡鉴权的流 程, 并更新 MSC/VLR里的鉴权集, 这时, 非安全终端便能够通过正常 的鉴权。  If the SIM/USIM card that has activated the terminal security function is switched to a non-secure terminal, since the status of the user saved in the HLR is "enabled security function", the non-secure terminal will continue to use the user card to check the network. Right, at this time, the authentication between the user card and the network will not pass. At this time, the MSC will transmit the authentication failure report to the HLR. The HLR will close the security function set for the original security terminal and restart the user card. The authentication process, and update the authentication set in the MSC/VLR, at this time, the non-secure terminal can pass the normal authentication.
如果将已经启动终端安全功能的 SM/USIM卡换到另一个安全终端 上使用, 由于第一次鉴权无法通过, 这样, HLR会关闭针对原来安全终 端设置的安全功能,重新启动通过用户卡鉴权的流程,并更新 MSC/VLR 里的鉴权集, 这样, 只要用户在新的移动终端中取消安全功能设置即可 正常登录网络, 而后, 用户可以重新启动安全功能, 此时对于 HLR而 言, 相当于是刷新 SKEY。  If you change the SM/USIM card that has started the terminal security function to another security terminal, the first authentication fails. Therefore, the HLR will close the security function set for the original security terminal and restart the user card. The process of rights, and update the authentication set in the MSC/VLR, so that as long as the user cancels the security function settings in the new mobile terminal, the user can log in to the network normally, and then the user can restart the security function, at this time for the HLR , is equivalent to refreshing SKEY.
上述鉴权集, 也可以称为鉴权元组, 并且也可以称为鉴权向量。 需要说明的是, 对于移动终端产生的 SRES和 XRES, 都表示移动 终端为响应网络对移动终端或用户卡的鉴权而产生的响应值, 在 3G和 2G 中, 产生这个响应值的算法可以不同, 但其作为响应值的实 意义 是用于网络对终端或用户卡鉴权的目的是不变的。 因此,在某些情 下, 可以将 SRES写成 XRES, 也可以将 XRES写成 SRES。 The above authentication set may also be referred to as an authentication tuple, and may also be referred to as an authentication vector. It should be noted that the SRES and XRES generated by the mobile terminal indicate that the mobile The response value generated by the terminal in response to the network authentication of the mobile terminal or the user card may be different in 3G and 2G, but the actual meaning of the response value is used for the network to the terminal or the user. The purpose of card authentication is unchanged. Therefore, in some cases, SRES can be written as XRES, or XRES can be written as SRES.
上述 MSC/VLR 为电路 i或设备, 对于分组域的网络, ^"应的 MSC/VLR设备可以为 SGSN。  The above MSC/VLR is circuit i or device. For the packet domain network, ^"the MSC/VLR device should be the SGSN.
在设置了 SKEY后, 移动终端即可通过执行对网络的鉴权来实现保 障自己的安全性, 从而间接达到防盗目的。 具体包括如下实施例。  After the SKEY is set, the mobile terminal can secure its own security by performing authentication on the network, thereby indirectly achieving the anti-theft purpose. Specifically, the following embodiments are included.
在如图 9所示的第一实施例中, 在步骤 901 , 移动终端首先保存一 个 SKEY, 这里的 SKEY和网络设备侧保存的对应于自己的 SKE ^是相 同的。  In the first embodiment shown in FIG. 9, in step 901, the mobile terminal first saves an SKEY, where the SKEY is the same as the SKE^ stored on the network device side corresponding to itself.
在步骤 902, 移动终端在接收到来自网络设备侧的鉴权信息之后, 根据该鉴权信息和自己保存的 SKEY判断对网絡的鉴权是否通过, 如果 通过, 在步驟 903可以正常接入网络, 如果未通过, 则认定自己 法, 在步骤 904停止自己的正常使用。  In step 902, after receiving the authentication information from the network device side, the mobile terminal determines whether the authentication of the network is passed according to the authentication information and the SKEY saved by itself. If yes, the mobile terminal can access the network normally in step 903. If it does not pass, it determines its own method and stops its normal use in step 904.
这里停止自己的正常使用可以是不允许自己接入网络, 或者直接断 电或关机等, 并且还可以配合例如发送短消息通知亲友或安全机关等操 作。  Stopping your normal use here may not allow you to access the network, or directly power off or shut down, etc., and you can also send a short message to inform relatives or friends or security agencies.
图 10示出了鉴权处理的笫二实施例。 在步骤 1001 , 移动终端首先 保存一个 SKEY,这里的 SKEY和网络设备侧^ 的对应于自己的 SKEY 是一致的。 一般来说, 终端和网络侧分别保存的是一对对称密钥, 通常 情况下这对对称密钥相同。  Fig. 10 shows a second embodiment of the authentication process. In step 1001, the mobile terminal first saves a SKEY, where the SKEY is consistent with the SKEY of the network device side corresponding to its own SKEY. Generally, the terminal and the network side respectively store a pair of symmetric keys, which are usually the same for symmetric keys.
在步驟 1002,移动终端在接收到来自 MSC/VLR的 RAND和 ^UTN 之后,根据自己的 SKEY和接收的 RAND、 SQ 计算得到一个 MAC值, 并比较自己计算得到的 MAC值和 AUTN中的 MAC值是否一致, 如果 不一致, 则在步驟 1003判定对网络的鉴权失败; 否则在步骤 1004判断 AUTN是否可以接受, 如果可以接受, 则在步 1005判断对网络的鉴 权成功, 否则在步骤 1006向网络发起 SQN同步命令。 In step 1002, after receiving the RAND and ^UTN from the MSC/VLR, the mobile terminal calculates a MAC value according to its SKEY and the received RAND, SQ, and compares the calculated MAC value with the MAC value in the AUTN. Is it consistent, if Inconsistent, it is determined in step 1003 that the authentication of the network fails; otherwise, it is determined in step 1004 whether the AUTN is acceptable. If yes, it is determined in step 1005 that the authentication of the network is successful, otherwise in step 1006, the SQN synchronization command is initiated to the network. .
在步骤 1004, 判断 AUTN是否可以接受是通过判断其中的 SQN来 完成的。 移动终端和网络侧会预先保存一个同步的 SQN, 这样, 终端在 接收到网络侧的鉴权信息时, 会通过比较自己保存的 SQN和 AUTN中 的 SQN是否满足预定的奈件来判断 AUTN是否可以接受, 该预定条件 可以是 AUTN中的 SQN和移动终端自己保存的 SQN的差值在一个预定 范围内。如果移动终端判断 AUTN中的 SQN和自己保存的 SQN的差值 在所述预定范围内, 则判定 AUTN是可接受的, 否则判定 AUTN是不 可接受的。  In step 1004, it is determined whether the AUTN is acceptable or not by determining the SQN therein. The mobile terminal and the network side pre-store a synchronized SQN. In this way, when receiving the authentication information of the network side, the terminal determines whether the AUTN can be determined by comparing whether the SQN in the saved SQN and the AUTN meets the predetermined condition. Accepted, the predetermined condition may be that the difference between the SQN in the AUTN and the SQN saved by the mobile terminal itself is within a predetermined range. If the mobile terminal judges that the difference between the SQN in the AUTN and the self-saved SQN is within the predetermined range, it is determined that the AUTN is acceptable, otherwise it is determined that the AUTN is unacceptable.
移动终端判定对网络的鉴权通过后, 使用接收的 AUTN中的 SQN 更新自己保存的 SQN。  After the mobile terminal determines that the authentication of the network is passed, it updates the saved SQN by using the SQN in the received AUTN.
在 AUTN包括 AMF的情况下, 在步骤 1002中进一步考虑 AMF, 比如利用自己的 SKEY、 接收的 RAND、 SQN和 AMF生成 MAC值, 其中 SQN和 AMF是 AUTN中携带的。  In the case where the AUTN includes the AMF, the AMF is further considered in step 1002, for example, using its own SKEY, received RAND, SQN, and AMF to generate a MAC value, where SQN and AMF are carried in the AUTN.
这里, 在步骤 1002 之前可以进一步包括一个判断是否执行根据 SKEY对网络进行鉴权的步骤, 如果是, 执行步驟 1002; 否则按照不执 行根据 SKEY对网絡进行鉴权的步驟, 即, 按照现有流程将 RAND和 AUTN发送给用户卡, 由用户卡对网络进行鉴权。  Here, before step 1002, a step of determining whether to perform authentication on the network according to SKEY may be further included. If yes, step 1002 is performed; otherwise, the step of authenticating the network according to SKEY is not performed, that is, according to the existing process. The RAND and the AUTN are sent to the user card, and the user card authenticates the network.
同样, 这里的 SQN可以使用和现有技术相同的 SQN, 即用于用户 卡鉴权的 SQN,也即网络和用户卡对应保存的 SQN,具体可以参考 3GEP 33.102/29.002的相关协议规定。 但是较佳地, 本发明另外单独设置一个 专门用于移动终端鉴权的 SQN, 并且移动终端和 HLR/AUC 也会对该 SQN进行同步处理。 当然可以理解, 单独设置的 SQN和用户卡中保存 的 SQN可以取相同的值。 Similarly, the SQN here can use the same SQN as the prior art, that is, the SQN for user card authentication, that is, the SQN corresponding to the network and the user card. For details, refer to the relevant agreement of 3GEP 33.102/29.002. Preferably, however, the present invention additionally provides a separate SQN dedicated to mobile terminal authentication, and the mobile terminal and the HLR/AUC also perform synchronization processing on the SQN. Of course, you can understand that the SQN and user cards are saved separately. The SQN can take the same value.
图 11 示出了鉴权处理的第三实施例。 在步驟 1101 , 首先在网 ^"设 备和移动终端中同时保存一个对应移动终端鉴权的 SKEY。 当然, 里 网络侧设备保存的 SKEY 可以是对应移动终端特征信息来保存的 SKEY, 也可以是对应于用户卡的 IMSI来保存的 SKEY。 网络侧设 也 可以根据用户的移动终端号码 MSISDN来保存 SKEY。  Fig. 11 shows a third embodiment of the authentication process. In step 1101, first, a SKEY corresponding to the authentication of the mobile terminal is saved in the device and the mobile terminal. Of course, the SKEY saved by the network side device may be the SKEY corresponding to the mobile terminal feature information, or may be corresponding. The SKEY is saved by the IMSI of the user card. The network side device can also save the SKEY according to the user's mobile terminal number MSISDN.
在步骤 1102, 网络设备在针对某一个移动终端生成鉴权信息时, 首 先产生一个 RAND。  In step 1102, the network device first generates an RAND when generating authentication information for a mobile terminal.
在步骤 1103, 网络设备利用对应该移动终端的 SKEY 和产 的 RAND生成鉴权信息。  In step 1103, the network device generates authentication information using the SKEY and the generated RAND corresponding to the mobile terminal.
在步驟 1104, 网络设备将鉴权信息发送到对应的移动终端。  At step 1104, the network device transmits the authentication information to the corresponding mobile terminal.
在步骤 1105, 移动终端在接收到来自网络设备侧的鉴权信息之后, 根据该鉴权信息和自己保存的 SKEY判断对网络的鉴权是否通过, 口果 通过, 在步驟 1106可以正常接入网络, 如果未通过, 在步骤 1107不允 许正常接入网络。  In step 1105, after receiving the authentication information from the network device side, the mobile terminal determines whether the authentication of the network is passed according to the authentication information and the SKEY saved by itself, and the result is passed. In step 1106, the network can be normally accessed. If not, the normal access to the network is not allowed in step 1107.
移动终端判定对网络的鉴权通过后, 使用接收的 AUTN中的 更新自己保存的 SQN。  After the mobile terminal determines that the authentication of the network is passed, the SQN saved by itself is updated using the received AUTN.
图 12示出了鉴权处理的第四实施例。在步驟 1201 ,首先在 HLR/ATJC 和移动终端中同时保存对应移动终端鉴权的 SKEY。  Fig. 12 shows a fourth embodiment of the authentication process. In step 1201, the SKEY corresponding to the authentication of the mobile terminal is first saved in the HLR/ATJC and the mobile terminal.
在步骤 1202, HLR7AUC利用自己的随机数发生器产生一个 RAMD。 在步骤 1203 , HLR/AUC利用自己保存的鉴权密钥 (KI )和自己产 生的 RAND计算得到 XRES、 CK和 IK。  At step 1202, the HLR 7AUC generates a RAMD using its own random number generator. In step 1203, the HLR/AUC calculates XRES, CK, and IK using its own stored authentication key (KI) and its own generated RAND.
在步骤 1204, HLR/AUC利用预先保存的对应移动终端的 SKEY"以 及 RAND和 SQN生成 MAC。 这里的 SQN是当前已知的, 比如, 预先 设置好的。 在步骤 1205 , HLR/AUC将 MAC以及已知的 SQN组合成 AUTN。 在 AUTN包括 AMF的情况下, 在步骤 1204中进一步考虑 AMF, 比如利用 SKEY、 RAND、 SQN和 AMF生成 MAC, 其中 AMF也是预 先设置的。在步骤 1205中同样进一步考虑 AMF,也就是将 MAC、 SQN 和 AMF共同组合成 AUTN。 In step 1204, the HLR/AUC generates a MAC using the SKEY "and RAND and SQN of the corresponding mobile terminal stored in advance. The SQN here is currently known, for example, pre-set. At step 1205, the HLR/AUC combines the MAC and the known SQN into an AUTN. In the case where the AUTN includes the AMF, the AMF is further considered in step 1204, such as generating a MAC using SKEY, RAND, SQN, and AMF, where the AMF is also preset. AMF is further considered in step 1205, that is, the MAC, SQN, and AMF are collectively combined into an AUTN.
在步驟 1206, HLR/AUC将 RAND、 AUTN、 XRES CK和 IK组成 一个鉴权集。  At step 1206, the HLR/AUC groups RAND, AUTN, XRES CK, and IK into an authentication set.
在步驟 1207, HLR/AUC将该鉴权集发送给 MSC/VLR。  At step 1207, the HLR/AUC sends the authentication set to the MSC/VLR.
在步驟 1208, 鉴权时, MSC/VLR在该移动终端的相应的鉴权集中 提取出 RAND和 AUTN, 作为本发明的鉴权信息发送给移动终端。  In step 1208, during authentication, the MSC/VLR extracts RAND and AUTN in the corresponding authentication set of the mobile terminal, and sends the authentication information to the mobile terminal as the authentication information of the present invention.
本步驟可以是移动终端向网络侧发送一个触发信息开始的。 实际当 中, 在移动终端发起位置更新请求, 或业务请求时, MSC/VLR会对终 端发起答权请求, 比如在移动终端开机登陆网络时 MSC/VLR会向终端 发起鉴权请求。  This step may be started by the mobile terminal sending a trigger message to the network side. In actuality, when the mobile terminal initiates a location update request, or a service request, the MSC/VLR initiates an answer request to the terminal, for example, when the mobile terminal starts to log in to the network, the MSC/VLR initiates an authentication request to the terminal.
本步骤可以是网络侧主动发起, 比如, 网络侧在移动终端很久没有 发起相关请求时, 出动发起一个鉴权流程。  This step may be initiated by the network side. For example, when the mobile terminal does not initiate a related request for a long time, the network side initiates an authentication process.
在步驟 1209,移动终端在接收到来自 MSC/VLR的 RAND和 AUTN 之后,根据自己的 S EY和接收的 RAND、 SQN计算得到一个 MAC值, 并比较自己计算得到的 MAC值和 AUTN中的 MAC值是否一致, 如果 不一致, 则在步骤 1210判定对网络的鉴权失败; 否则在步 1211判断 AUTN是否可以接受, 如果可接受, 则在步骤 1212判断对网络的鉴权 成功, 否则, 如果不可接受, 则在步驟 1213 移动终端向网络发起一个 SQ 同步命令。  In step 1209, after receiving the RAND and AUTN from the MSC/VLR, the mobile terminal calculates a MAC value according to its own S EY and the received RAND and SQN, and compares the calculated MAC value with the MAC value in the AUTN. If they are inconsistent, if they are inconsistent, it is determined in step 1210 that the authentication of the network fails; otherwise, in step 1211, it is determined whether the AUTN is acceptable. If yes, it is determined in step 1212 that the authentication of the network is successful; otherwise, if not acceptable, Then in step 1213, the mobile terminal initiates an SQ synchronization command to the network.
在步骤 1211 , 判断 AUTN是否可以接受可以是通过判断 AUTN中 的 SQN和自己保存的 SQN是否满足预定条件来实现, 如果是, 判定 AUTN是可接受的, 否则判定 AUTN是不可接受的。 比如, 预定条件可 以是 AUTN中的 SQN和自己保存的 SQN的差值在一个预定范围内。 In step 1211, determining whether the AUTN is acceptable may be implemented by determining whether the SQN in the AUTN and the SQN saved by itself satisfy a predetermined condition, and if so, determining AUTN is acceptable, otherwise it is determined that AUTN is unacceptable. For example, the predetermined condition may be that the difference between the SQN in the AUTN and the SQN saved by itself is within a predetermined range.
在步驟 1213 , 移动终端向网络侧发送一个同步 SQN的同步命令, 通过同步流程, 使终端和网络对应保存的 SQN同步。 关于 SQN同步流 程,可以参考现有技术中关于 SQN同步的描述,参见 3GPP 33.102/29.002 相关协议, 在此不再赘述。  In step 1213, the mobile terminal sends a synchronization command of the synchronous SQN to the network side, and synchronizes the terminal and the SQN corresponding to the network through the synchronization process. For the description of the SQN synchronization process, refer to the description of the SQN synchronization in the prior art, and refer to the related protocol of the 3GPP 33.102/29.002, and details are not described herein again.
移动终端判定对网络的鉴权通过后,使用接收的的 AUTN中的 SQN 更新自己保存的 SQN。  After the mobile terminal determines that the authentication of the network is passed, the SQN saved by the received AUTN is used to update the saved SQN.
在 AUTN包括 AMF的情况下, 在步骤 1209中进一步考虑 AMF, 比如利用自己的 SKEY、 接收的 RAND、 SQN和 AMF生成 MAC值, 其中 SQN和 AMF是 AUTN中携带的。  In the case where the AUTN includes the AMF, the AMF is further considered in step 1209, for example, using its own SKEY, the received RAND, the SQN, and the AMF to generate a MAC value, where the SQN and the AMF are carried in the AUTN.
上述说明了本发明的移动终端对网络进行鉴权的处理, 本发明还可 以进一步包括由网络对移动终端进行鉴权的处理, 也就是在步骤 1212 之后, 继续执行网络对终端进行鉴权的后续步驟。  The foregoing describes the processing of authenticating the network by the mobile terminal of the present invention. The present invention may further include the process of authenticating the mobile terminal by the network, that is, after step 1212, continuing to perform subsequent authentication of the terminal by the network. step.
在第五实施例中, 如图 13所示, 步骤 1301-1313和步驟 1201-1213 完全相同, 不再重复说明。  In the fifth embodiment, as shown in Fig. 13, steps 1301-1313 and steps 1201-1213 are identical, and the description will not be repeated.
在步骤 1314, 移动终端将 RAND发送给用户卡。  At step 1314, the mobile terminal transmits RAND to the user card.
在步驟 1315, 用户卡使用自己的 KI和接收的 RAND生成 XRES、 CK和 IK。  At step 1315, the user card generates XRES, CK, and IK using its own KI and the received RAND.
在步骤 1316, 用户卡将生成的 XRES发送给移动终端。  At step 1316, the user card transmits the generated XRES to the mobile terminal.
在步驟 1317,移动终端将接收自用户卡的 XRES发送给 MSC/VLR。 在步骤 1318, MSC/VLR 比较接收自移动终端的 XRES 和接收自 HLR/AUC的该移动终端的相应的鉴权集中 XRES是否一致。如果一致, 在步驟 1319判定网络对移动终端鉴权通过; 否则在步骤 1320判定网络 对移动终端鉴权失败。 这里在步驟 1314, 为了和现有处理兼容, 移动终端在发送 RAND 的同时可以发送 AUTN, 这样用户卡可以进一步根据 AUTN和自己的 KI对网络进行鉴权。 在这种情况下, 移动终端可以将发送给用户卡的 AUTN设置成一个表示由移动终端对网络进行鉴权的特殊值, 用户卡在 判断出 AUTN是该特殊值之后 ,仅仅使用 KI和 RAND产生 XRES、 CK 和 IK, 而不再根据 AUTN和 KI对网络进行鉴权。 At step 1317, the mobile terminal transmits the XRES received from the subscriber card to the MSC/VLR. At step 1318, the MSC/VLR compares whether the XRES received from the mobile terminal and the corresponding authentication set XRES of the mobile terminal received from the HLR/AUC are consistent. If they are consistent, it is determined in step 1319 that the network authenticates the mobile terminal; otherwise, in step 1320, it is determined that the network failed to authenticate the mobile terminal. Here, in step 1314, in order to be compatible with the existing processing, the mobile terminal can transmit the AUTN while transmitting the RAND, so that the user card can further authenticate the network according to the AUTN and its own KI. In this case, the mobile terminal can set the AUTN sent to the user card to a special value indicating that the mobile terminal authenticates the network, and the user card only uses KI and RAND after determining that the AUTN is the special value. XRES, CK, and IK, and no longer authenticate the network based on AUTN and KI.
在用户卡根据 KI和 RAND生成 XRES、 CK和 IK时, 也可以只产 生 XRES和 CK, 然后将产生的 XRES和 CK发送给移动终端, 由移动 终端根据 CK导出 IK。  When the user card generates XRES, CK, and IK according to KI and RAND, it is also possible to generate only XRES and CK, and then send the generated XRES and CK to the mobile terminal, and the mobile terminal derives IK according to CK.
上述步骤 1317,移动终端将接收自用户卡的 XRES发送给 MSC/VLR 之前, 可以判断网络是否为第二代移动通信网絡, 如果是, 移动终端可 以根据 XRES、 CK、 IK等导出用于第二代网络鉴权的 SRES2g ( Signed Response符号响应)和 KC2g ( Cipher Key 密码密钥), 使用生成的 SRES2g替代 XRES传送给 MSC/VLR,使用 KC2g和网络侧进行相关通 信的加解密。 相关推导方法在现有 3GPP中相关协议有建议, 在此不再 赘述。  In the above step 1317, before the mobile terminal sends the XRES received from the user card to the MSC/VLR, it can determine whether the network is a second generation mobile communication network. If yes, the mobile terminal can derive the second according to XRES, CK, IK, etc. SRES2g (Signed Response Symbol Response) and KC2g (Cipher Key) are used to authenticate the network, and the generated SRES2g is used instead of XRES to transmit to the MSC/VLR, and KC2g and the network side are used for encryption and decryption of related communication. The relevant derivation method has suggestions in the relevant protocols in the existing 3GPP, and will not be described here.
另外, XRES、 CK、 IK也可以由 SKEY和 RAND产生, 在此情况 下, 提出了如图 14所示的第六实施例。  Further, XRES, CK, IK can also be generated by SKEY and RAND, and in this case, the sixth embodiment as shown in Fig. 14 is proposed.
在步骤 1401 , 首先在 HLR/AUC和移动终端中同时保存对应移动终 端鉴权的 SKEY。  In step 1401, the SKEY corresponding to the mobile terminal authentication is first saved in the HLR/AUC and the mobile terminal.
在步骤 1402, HL /AUC利用自己的随机数发生器产生一个 RAND。 在步骤 1403 , HLR/AUC利用预先保存的对应移动终端的 SKEY和 自己产生的 RAND计算得到 XRES、 CK和 IK。  In step 1402, HL /AUC uses its own random number generator to generate a RAND. In step 1403, the HLR/AUC calculates XRES, CK, and IK using the pre-stored SKEY of the corresponding mobile terminal and the RAND generated by itself.
在步骤 1404, HLR/AUC利用预先保存的对应移动终端的 SKEY以 及 RAND和 SQN生成 MAC。 这里的 SQN是当前已知的, 比如预先设 置好的。 At step 1404, the HLR/AUC generates a MAC using the SKEY and RAND and SQN of the corresponding mobile terminal stored in advance. The SQN here is currently known, such as pre-set Set it up.
. 在步骤 1405, HL /AUC将 MAC以及已知的 SQN组合成 AUTO。  At step 1405, HL /AUC combines the MAC and the known SQN into AUTO.
在 AUTN包括 AMF的情况下, 在步驟 1404中进一步考虑 AMF, 比如利用 SKEY、 RA D SQN和 AMF生成 MAC, 其中 AMF也是预 先设置的。 在步骤 1405中同样进一步考虑 AMF, 也就是将 MAC、 SQN 和 AMF共同组合成 AUTN。  In the case where the AUTN includes the AMF, the AMF is further considered in step 1404, such as using SKEY, RA D SQN, and AMF to generate the MAC, where the AMF is also pre-set. AMF is further considered in step 1405, that is, the MAC, SQN, and AMF are combined into an AUTN.
在步驟 1406, HLR/AUC将 RAND、 AUTN、 XRES、 CK和 IK组成 一个鉴权集。  At step 1406, the HLR/AUC groups RAND, AUTN, XRES, CK, and IK into an authentication set.
在步骤 1407, HLR/AUC将该鉴权集发送给 MSC/VLR。  At step 1407, the HLR/AUC sends the authentication set to the MSC/VLR.
在步驟 1408, 鉴权时, MSC/VLR在该移动终端的相应鉴权集中提 取出 RAND和 AUTN, 作为本发明的鉴权信息发送给移动终端。  In step 1408, during authentication, the MSC/VLR extracts the RAND and the AUTN in the corresponding authentication set of the mobile terminal, and sends the authentication information to the mobile terminal as the authentication information of the present invention.
在步驟 1409,移动终端在接收到来自 MSC/VLR的 RAND和 AUTO 之后,根据自己的 SKEY和接收的 RAND、 SQN计算得到一个 MAC值, 并比较自己计算得到的 MAC值和 AUTN中的 MAC值是否一致, 如果 不一致, 则在步骤 1410判定对网络的鉴权失败; 否则在步骤 1411判断 AUTN是否可以接受, 如果可以接受, 则在步驟 1412判定对网络的鉴 权成功; 否则在步骤 1413移动终端向网络发起一个 SQN同步命令。  In step 1409, after receiving the RAND and AUTO from the MSC/VLR, the mobile terminal calculates a MAC value according to its SKEY and the received RAND and SQN, and compares the calculated MAC value and the MAC value in the AUTN. Consistently, if not, it is determined in step 1410 that the authentication of the network fails; otherwise, in step 1411, it is determined whether the AUTN is acceptable. If yes, it is determined in step 1412 that the authentication of the network is successful; otherwise, in step 1413, the mobile terminal proceeds to The network initiates an SQN synchronization command.
在步驟 1411 , 判断 AUTN是否可以接受可以是通过判断 AUTN中 的 SQN和自己保存的 SQN是否满足预定条件来实现, 如果是满足预定 条件, 则判定 AUTN是可接受的, 否则判定 AUT 是不可接'受的。 比 如,预定条件可以是 AUTN中的 SQN和自己保存的 SQN的差值在一个 预定范围内。 ·  In step 1411, determining whether the AUTN is acceptable may be implemented by determining whether the SQN in the AUTN and the SQN saved by itself satisfy a predetermined condition. If the predetermined condition is met, determining that the AUTN is acceptable, otherwise determining that the AUT is unreachable' Accepted. For example, the predetermined condition may be that the difference between the SQN in the AUTN and the self-saved SQN is within a predetermined range. ·
移动终端在判断 SQN 不可接受的情况下, 通过向网络侧发送一个 SQN不可接受命令, 比如, 发起一个同步 SQN的同步命令, 通过同步 流程, 使终端和网络保存的相应的 SQN同步。 移动终端判定对网络的鉴权通过后,使用接收的的 AUTN中的 SQN 更新自己保存的 SQN。 When the mobile terminal determines that the SQN is unacceptable, the mobile terminal sends an SQN unacceptable command to the network side, for example, initiates a synchronous SQN synchronization command, and synchronizes the terminal with the corresponding SQN saved by the network through the synchronization process. After the mobile terminal determines that the authentication of the network is passed, the SQN saved by the received AUTN is used to update the saved SQN.
在 AUTN包括 AMF的情况下, 在步骤 1409中进一步考虑 AMF, 比如利用自己的 SKEY、 接收的 RAND、 SQN和 AMF生成 MAC值, 其中 SQN和 AMF是 AUTO中携带的。  In the case where the AUTN includes the AMF, the AMF is further considered in step 1409, for example, using its own SKEY, received RAND, SQN, and AMF to generate a MAC value, where SQN and AMF are carried in the AUTO.
在步驟 1414, 移动终端使用自己的 SKEY和接收的 RAND 生成 XRES、 CK和 IK。 并将自己生成的 XRES发送给 MSC/VLR。  At step 1414, the mobile terminal generates XRES, CK, and IK using its own SKEY and the received RAND. Send the XRES generated by yourself to the MSC/VLR.
在步骤 1415, MSC/VLR 比较接收自移动终端的 XRES 和接收自 HLR/AUC的该移动终端的相应的鉴权集中 XRES是否一致。如果一致, 在步骤 1416判定网络对移动终端鉴权通过; 否则在步驟 1417判定网络 对移动终端鉴权失败。  In step 1415, the MSC/VLR compares whether the XRES received from the mobile terminal and the corresponding authentication set XRES of the mobile terminal received from the HLR/AUC are consistent. If they are consistent, it is determined in step 1416 that the network authenticates the mobile terminal; otherwise, in step 1417, it is determined that the network failed to authenticate the mobile terminal.
上述各种方法中, 网络设备比如 MSC/VLR在向终端发送鉴权信息 时, 可以一次发送, 也可以分多次发送。 比如, 第一次传送一个 RANDRAND, 第二次传送鉴权标记 AUTN。 实际当中, 将根据网络的 协议能力来决定分几次发送。 比如, 在 UMTS网络中, MSC/VLR可以 一次将 RAND、 AUTN等鉴权信息通过鉴权命令发送给移动终端, 而在 第二代移动通信网络中, MSC/VLR可能需要通过两次或多次将 RAND、 AUTN等鉴权信息通过第二代网络的鉴权命令发送给移动终端。  In the above various methods, when the network device, such as the MSC/VLR, sends the authentication information to the terminal, it may send it once or multiple times. For example, the first transmission of a RANDRAND, the second transmission of the authentication token AUTN. In practice, it will be decided to send several times according to the protocol capabilities of the network. For example, in a UMTS network, the MSC/VLR may send authentication information such as RAND and AUTN to the mobile terminal through an authentication command at a time, and in the second generation mobile communication network, the MSC/VLR may need to pass two or more times. The authentication information such as RAND and AUTN is sent to the mobile terminal through the authentication command of the second generation network.
上述,终端鉴权失败后 ,可以进一步将鉴权失败报告通知 MSC/VLR, MSC/VLR将鉴权失败报告通知 HLR/AUC。  In the above, after the terminal authentication fails, the authentication failure report may be further notified to the MSC/VLR, and the MSC/VLR notifies the HLR/AUC of the authentication failure report.
HLR/AUC在接收到 MSC/VLR上报的终端鉴权失败报告后,将该终 端设置为非安全状态, 即关闭该终端的安全功能, 也即, 按照正常的非 安全设置的方式产生鉴权集, 也即, 重新使用 KI完全代替 SKEY生成 鉴权集, 并更新 MSC/VLR中的鉴权集。  After receiving the terminal authentication failure report reported by the MSC/VLR, the HLR/AUC sets the terminal to an insecure state, that is, turns off the security function of the terminal, that is, generates an authentication set according to a normal non-security setting manner. That is, reusing KI completely replaces SKEY to generate an authentication set, and updates the authentication set in the MSC/VLR.
一般情况下, 当一个安全终端中使用的用户卡插入到非安全终端中 时, 非安全终端在使用用户卡对网络的第一次鉴权不通过后 , 此时, 非 安全终端将鉴权失败艮告经由 MSC/VLR通知 HLR/AUC, HLR/AUC关 闭相应终端的安全功能后, 重新产生鉴权集, 并更新 MSC/VLR中的鉴 权集, 这样, 非安全终端在下一次鉴权时, 即可通过网络的鉴权。 In general, when a user card used in a secure terminal is inserted into a non-secure terminal When the non-secure terminal fails to pass the first authentication of the network by using the user card, the non-secure terminal notifies the HLR/AUC via the MSC/VLR, and the HLR/AUC closes the security of the corresponding terminal. After the function, the authentication set is regenerated, and the authentication set in the MSC/VLR is updated, so that the non-secure terminal can pass the network authentication at the next authentication.
上述鉴权集, 也可以称为鉴权元组或鉴权向量。  The above authentication set may also be referred to as an authentication tuple or an authentication vector.
需要说明的是, 对于移动终端产生的 SRES和 XRES, 都表示移动 终端为响应网络对移动终端或用户卡的鉴权而产生的响应值, 在 3G和 2G 中, 产生这个响应值的算法可以不同, 但其作为响应值的实际意义 是用于网络对终端或用户卡鉴权的目的是不变的。因此,在某些情况下, 可以将 SRES写成 XRES, 也可以将 XRES写成 SRES。  It should be noted that the SRES and XRES generated by the mobile terminal indicate the response value generated by the mobile terminal in response to the network authentication of the mobile terminal or the user card. In 3G and 2G, the algorithm for generating the response value may be different. However, its practical significance as a response value is that the purpose for the network to authenticate the terminal or user card is unchanged. Therefore, in some cases, you can write SRES as XRES or XRES as SRES.
上述 MSC/VLR 为电路域设备, 对于分组域的网络, 对应的 MSC/VLR设备可以为 SGSN。  The above MSC/VLR device is a circuit domain device, and for a packet domain network, the corresponding MSC/VLR device may be an SGSN.
可以理解, 以上所述仅为本发明的较佳实施例而已 , 并不用以限制 本发明, 凡在本发明的精神和原则之内, 所作的任何修改、 等同替换、 改进等, 均应包含在本发明的保护范围之内。  It is to be understood that the above description is only a preferred embodiment of the present invention, and is not intended to limit the invention, and any modifications, equivalents, improvements, etc., which are within the spirit and scope of the present invention, should be included in Within the scope of protection of the present invention.

Claims

权利要求书 Claim
1. 一种移动通信网络中的安全密钥设置方法, 至少包括: a. 生成一个随机数;  A security key setting method in a mobile communication network, comprising at least: a. generating a random number;
b. 网絡设备和移动终端根据该随机数按照相互匹配的方式设置安 全密钥。  b. The network device and the mobile terminal set the security key according to the random number in a mutually matching manner.
2. 根据权利要求 1所述的方法, 其特征是, 步骤 a中所述生成随机 数是由网络设备生成随机数, 步骤 b包括:  2. The method according to claim 1, wherein the generating a random number in step a is generating a random number by the network device, and step b comprises:
网络设备根据自己生成的随机数生成安全密钥;  The network device generates a security key according to the random number generated by itself;
网络设备将该随机数发送给移动终端;  The network device sends the random number to the mobile terminal;
移动终端根据接收自网络设备的随机数生^安全密钥。  The mobile terminal generates a security key according to a random number received from the network device.
3. 根据权利要求 2所述的方法, 其特征是, 所述网络设备将随机数 发送给移动终端是将随机数包含在一个安全密钥设置成功命令中进行 发送。  3. The method according to claim 2, wherein the transmitting, by the network device, the random number to the mobile terminal comprises transmitting the random number in a security key setting success command.
4. 根据权利要求 2所述的方法, 其特征是, 在网络设备生成安全密 钥后进一步包括检查该安全密钥是否是弱密钥的步驟, 如果是, 重新执 行步驟 a; 否则执行所述将随机数发送给移动终端的步驟。  4. The method according to claim 2, wherein after the network device generates the security key, further comprising the step of checking whether the security key is a weak key, and if yes, performing step a; The step of transmitting a random number to the mobile terminal.
5.根据权利要求 2所述的方法,其特征是,步驟 a之前进一步包括: 移动终端向网络设备发送设置安全密钥命令。  The method according to claim 2, wherein before step a, the method further comprises: the mobile terminal sending a set security key command to the network device.
6. 根据权利要求 1所述的方法, 其特征是, 步骤 a中所述生成随机 数是由移动终端生成随机数, 步骤 b包括:  The method according to claim 1, wherein the generating a random number in step a is generating a random number by the mobile terminal, and step b comprises:
移动终端才艮据自己生成的随机数生成安全密钥;  The mobile terminal generates a security key according to the random number generated by the mobile terminal;
移动终端将该随机数发送给网络设备;  The mobile terminal sends the random number to the network device;
网络设备根据接收自移动终端的随机数生成安全密钥。  The network device generates a security key based on the random number received from the mobile terminal.
7. 根据权利要求 1所述的方法, 其特征是, 步錄 a.中所述生成随机 数是由移动终端生成随机数, 步骤 b包括: 7. The method according to claim 1, wherein the generating a random in the step a. The number is generated by the mobile terminal, and step b includes:
移动终端将该随机数发送给网络设备;  The mobile terminal sends the random number to the network device;
网络设备根据接收自移动终端的随机数生成安全密钥, 并向移动终 端发送安全密钥设置成功命令;  The network device generates a security key according to the random number received from the mobile terminal, and sends a security key setting success command to the mobile terminal;
移动终端接收到网络设备返回的安全密钥设置成功命令后, 根据自 己生成的 P遣机数生成安全密钥。  After receiving the security key setting success command returned by the network device, the mobile terminal generates a security key according to the number of P-transmissions generated by the mobile device.
8. 根据权利要求 6所述的方法, 其特征是, 在移动终端生成安全密 钥后进一步包括检查该安全密钥是否是弱密钥的步骤, '如果是, 重新执 行步骤 a; 否则执行所述将随机数发送给网络设备的步骤。  8. The method according to claim 6, wherein after the mobile terminal generates the security key, further comprising the step of checking whether the security key is a weak key, 'if yes, performing step a again; otherwise executing the The step of transmitting a random number to a network device.
9. 根据权利要求 2、 6、 7中任意一项所述的方法, 其特征是, 所述 根据随机数生成安全密钥是根据 CK、 IK和 KI中的一项或任意项的组 合以及所述随机数计算得到安全密钥。  The method according to any one of claims 2, 6, or 7, wherein the generating a security key according to a random number is based on a combination of one or any of CK, IK, and KI and The random number is calculated to obtain a security key.
10. 根据权利要求 9所述的方法, 其特征是, 所述计算进一步包括 根据移动终端用户卡特征信息和 /或移动终端特征信息来进行。  10. The method of claim 9, wherein the calculating further comprises performing based on mobile terminal user card feature information and/or mobile terminal feature information.
11. 根据权利要求 1所述的方法, 其特征是, 该方法进一步包括在 网络设备和移动终端中预先设置多种安全密钥生成方.式并分别建立设 置方式标志, 所述网络设备和移动终端根据该随机数按照相互匹配的方 式设置安全密钥是根据该设置方式标志对应的设置方式生成安全密钥。  11. The method according to claim 1, wherein the method further comprises pre-setting a plurality of security key generation formulas in the network device and the mobile terminal, and separately establishing a setting mode flag, the network device and the mobile The setting of the security key by the terminal according to the random number in a mutually matching manner generates a security key according to the setting manner corresponding to the setting mode flag.
12. 根据权利要求 11所述的方法, 其特征是, 该方法进一步包括: 移动终端从多种设置方式中选择一种设置方式, 并将所选择的设置方式 对应的设置方式标志通过设置安全密钥命令发送给网络设备。  The method according to claim 11, wherein the method further comprises: the mobile terminal selecting one of the plurality of setting modes, and setting the setting mode corresponding to the selected setting mode by setting the security key The key command is sent to the network device.
13. 根据权利要求 11所述的方法, 其特征是, 该方法进一步包括: 网络设备从多种设置方式中选择一种设置方式, 并将所选择的设置方式 对应的设置方式标志通过安全密钥设置成功命令发送给移动终端。  The method according to claim 11, wherein the method further comprises: the network device selecting a setting mode from the plurality of setting modes, and marking the setting mode corresponding to the selected setting mode by the security key The set success command is sent to the mobile terminal.
14. 根据权利要求 1所述的方法, 其特征是, 在步驟 b之后进一步 包括网络设备和移动终端同步各自保存的终端鉴权序列号的步歡。 14. The method of claim 1 further comprising step b The step of the network device and the mobile terminal synchronizing the respective saved terminal authentication serial numbers is included.
15. 根据权利要求 1所述的方法, 其特征是, 所述网络设"^是归属 位置寄存器 /验证中心 HLR/AUC, 该方法进一步包括 HLR/AUC 根据设 置的安全密钥生成鉴权集并将该鉴权集发送到移动交换中心 / 访位置 寄存器 MSC/VLR的步骤, 所述 MSC/VLR在接收到该鉴权集后保存该 鉴权集。  15. The method according to claim 1, wherein the network is configured to be a home location register/verification center HLR/AUC, the method further comprising the HLR/AUC generating an authentication set according to the set security key and The authentication set is sent to the mobile switching center/visit location register MSC/VLR, and the MSC/VLR saves the authentication set after receiving the authentication set.
16. 根据权利要求 1 所述的方法, 其特征是, 所述网 设备是 HLR/AUC, 该方法进一步包括 HLR/AUC更新 MSC/VLR中该 ^端的鉴 权集的步糠, 或者从所述终端漫游的 MSC 中将该终端用户相 信息删 除的步骤。  16. The method according to claim 1, wherein the network device is an HLR/AUC, the method further comprising: HLR/AUC updating a step of the authentication set of the MSC/VLR, or from the The step of deleting the end user phase information in the MSC roaming by the terminal.
PCT/CN2005/001872 2004-11-09 2005-11-08 Method of setting security key WO2006050663A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200410092775.2 2004-11-09
CN200410092775A CN100579274C (en) 2004-11-09 2004-11-09 Safety key setting-up method

Publications (1)

Publication Number Publication Date
WO2006050663A1 true WO2006050663A1 (en) 2006-05-18

Family

ID=36336209

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2005/001872 WO2006050663A1 (en) 2004-11-09 2005-11-08 Method of setting security key

Country Status (2)

Country Link
CN (1) CN100579274C (en)
WO (1) WO2006050663A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102571702B (en) * 2010-12-22 2014-11-05 中兴通讯股份有限公司 Key generation method, system and equipment in Internet of things
CN102833722B (en) * 2012-08-31 2019-05-07 中兴通讯股份有限公司 The treating method and apparatus of delete position message

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1291390A (en) * 1998-01-27 2001-04-11 Dsc电信有限合伙公司 Method for dynamically updating cellular-phone-unique-encryption key
CN1426185A (en) * 2001-12-13 2003-06-25 华为技术有限公司 Method for realizing secrete communication by autonomously selecting enciphered algorithm

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1291390A (en) * 1998-01-27 2001-04-11 Dsc电信有限合伙公司 Method for dynamically updating cellular-phone-unique-encryption key
CN1426185A (en) * 2001-12-13 2003-06-25 华为技术有限公司 Method for realizing secrete communication by autonomously selecting enciphered algorithm

Also Published As

Publication number Publication date
CN1774125A (en) 2006-05-17
CN100579274C (en) 2010-01-06

Similar Documents

Publication Publication Date Title
EP1758417B1 (en) Authentication method
JP4688808B2 (en) Enhanced security configuration for encryption in mobile communication systems
JP6033291B2 (en) Service access authentication method and system
JP5784776B2 (en) Secure negotiation of authentication capabilities
EP2932676B1 (en) Authenticating public land mobile networks to mobile stations
EP2296392A1 (en) Authentication method, re-certification method and communication device
CN109922474B (en) Method for triggering network authentication and related equipment
WO2006128364A1 (en) Method and system for updating a secret key
WO2008117006A1 (en) An authentication method
JP2013545367A (en) Authentication of access terminal identification information in roaming networks
JP2016533694A (en) User identity authentication method, terminal and server
TW200952424A (en) Authenticating a wireless device in a visited network
CN113228721B (en) Communication method and related product
WO2008006312A1 (en) A realizing method for push service of gaa and a device
JP2016111660A (en) Authentication server, terminal and authentication method
WO2011124051A1 (en) Method and system for terminal authentication
WO2006047938A1 (en) Method for network equipment generating subscriber card authentication random number and method of authentication
JP6581221B2 (en) Method for replacing at least one authentication parameter for authenticating a security element and corresponding security element
EP3550765B1 (en) Service provisioning
CN101160784B (en) Cipher key updating negotiation method and apparatus
CN108271154B (en) Authentication method and device
WO2006050663A1 (en) Method of setting security key
EP4057659A1 (en) A method of replacing a current key in a security element and corresponding security element

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KM KN KP KR KZ LC LK LR LS LT LU LV LY MA MD MG MK MN MW MX MZ NA NG NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU LV MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 4764/CHENP/2006

Country of ref document: IN

122 Ep: pct application non-entry in european phase

Ref document number: 05806964

Country of ref document: EP

Kind code of ref document: A1