WO2007022731A1 - Encryption key negotiation method, system and equipment in the enhanced universal verify frame - Google Patents

Encryption key negotiation method, system and equipment in the enhanced universal verify frame Download PDF

Info

Publication number
WO2007022731A1
WO2007022731A1 PCT/CN2006/002181 CN2006002181W WO2007022731A1 WO 2007022731 A1 WO2007022731 A1 WO 2007022731A1 CN 2006002181 W CN2006002181 W CN 2006002181W WO 2007022731 A1 WO2007022731 A1 WO 2007022731A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
peripheral terminal
terminal device
naf
bsf
Prior art date
Application number
PCT/CN2006/002181
Other languages
French (fr)
Chinese (zh)
Inventor
Yanmei Yang
Original Assignee
Huawei Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co., Ltd. filed Critical Huawei Technologies Co., Ltd.
Publication of WO2007022731A1 publication Critical patent/WO2007022731A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these

Definitions

  • the present invention relates to the technical field of the 3GPP Generic Authentication Architecture (GAA), and in particular to a key agreement method, system and apparatus in an enhanced universal authentication framework.
  • GAA Generic Authentication Architecture
  • GAA is a general structure used by various application service entities to complete the verification of user identity. GAA can be used to check and verify the identity of users of application services.
  • the foregoing multiple application services may be multicast or broadcast services, user certificate services, information provision services, or proxy services.
  • FIG. 1 shows the structure of the GAA.
  • the GAA is usually composed of a UE, a BSF (Bootstrapping Server Function), a Home Subscriber System (HSS), and a Network Application Function (NAF).
  • BSF Bitstrapping Server Function
  • HSS Home Subscriber System
  • NAF Network Application Function
  • the BSF and the UE mutually authenticate the identity, and simultaneously generate the shared key Ks of the BSF and the UE;
  • the HSS stores a profile file for describing the user information, and the HSS also has the function of generating the authentication information.
  • the interface between the various entities can be seen in Figure 1.
  • the UE When the user needs to use a service, if the UE needs to go to the BSF to perform the mutual authentication process, the UE directly authenticates to the BSF. Otherwise, the UE first contacts the NAF corresponding to the service, if the NAF is used. The GAA, and finds that the UE has not yet reached the BSF for mutual authentication, and the NAF notifies the UE to the BSF for mutual authentication to verify the identity.
  • the mutual authentication between the UE and the BSF is the Bootstrapping rights under the General Bootstrapping Authentication Framework (GBA, Generic Bootstrapping Architecture).
  • the method includes: the UE sends an authentication request to the BSF; after receiving the authentication request, the BSF first obtains the authentication information of the user from the HSS; after obtaining the authentication information, the BSF uses the HTTP digest AKA protocol to perform mutual authentication and key agreement with the UE, and completes
  • the mutual authentication of the identity between the UE and the BSF and the generation of the shared key Ks, the BSF also defines an expiration date for the shared key Ks, so that the Ks performs regular updates.
  • the shared key Ks is used as a root key to derive a key for encrypted communication.
  • the BSF allocates a Bootstrapping Transaction Identifier (B-TID) to the UE, and the B-TID is associated with Ks, which can be used to identify the Ks, and also includes the expiration date of the Ks.
  • B-TID Bootstrapping Transaction Identifier
  • the UE After receiving the B-TID, the UE sends a connection request to the NAF again, and the B-TID is carried in the request message, and the UE side calculates the derived key NAF specific keys according to Ks (may be Ks-NAF, or Ks- Int—NAF and Ks—ext—NAF, as explained later).
  • Ks may be Ks-NAF, or Ks- Int—NAF and Ks—ext—NAF, as explained later).
  • the NAF After receiving the connection request, the NAF first queries the B-TID of the user. If the NAF cannot query the B-TID locally, the NAF queries the BSF. The query carries the NAF identifier and the B-TID. . If the BSF cannot query the B-TID locally, the NAF is notified that there is no information about the user. At this time, the NAF will notify the UE to re-authenticate the authentication to the BSF. After the BSF queries the B-TID, it calculates the derived key NAP specific keys of the Ks using the same algorithm as the UE side, and sends a successful response message to the NAF. The successful response includes the B-TID required by the NAF.
  • the derived key NAF specific keys corresponding to the B-TID, and the expiration date set by the BSF for the key After receiving the successful response message from the BSF, the NAF considers that the user is a legitimate user authenticated by the BSF, and the NAF and the UE share the key NAP specific keys derived from the Ks.
  • the NAF and the UE perform encrypted communication through NAF specific keys in the subsequent communication process.
  • the UE When the UE finds that Ks is about to expire, or the NAP requires the UE to re-authenticate to the BSF, The UE repeats the above steps to re-authenticate to the BSF to obtain a new shared key Ks and a derived key NAF specific keys.
  • the UE refers to a mobile device (ME, Mobile Equipment); if it is a GBA-U process, the above UE refers to a user identification module in a mobile device (UICC, Universal Integrated) Circuit Card ), the generated NAF specific keys described herein include two derived keys: Ks_int_NAF for the UICC and Ks_ext_NAF for the ME.
  • ME Mobile Equipment
  • UICC Universal Integrated Circuit Card
  • the above procedure is applicable to the case where the NAF client is in the UE, that is, the NAF client is on the ME of the UE, or on the UICC of the UE.
  • some new application scenarios have emerged.
  • One of the larger application scenarios is the separation of the NAF client from the terminal. This situation refers to: A mobile user has multiple terminal devices, that is, in addition to the mobile phone, other terminal devices such as a PC, a WLAN UE, The handheld computer and the like, and these terminals use the same UICC (such as SIM card) user information to access the network service, so that the NAF client and the UE are not on the same device.
  • UICC such as SIM card
  • the GAA architecture in this case is shown in Figure 2, which is referred to herein as the enhanced GAA framework.
  • the NAF client is not on the UE, but on one or several peripheral devices other than the UE. When these peripheral terminal devices do not have the GBA function, the NAF client will be on the peripheral terminal device and not on the same device as the client executing GBA.
  • the current GAA specification is mainly for the case where the NAF client and the GBA client are in the same terminal, and there is no authentication method for the GAA framework described in FIG.
  • a plurality of peripheral terminal devices may also adopt the same derivative.
  • a key communicates with a certain NAF, it poses a security risk: If one of them is compromised, the other one will not break.
  • the main object of the present invention is to provide a key agreement method, system and device in an enhanced universal authentication framework to solve a GBA client in a UE, and a NAF client in a NAF client with other peripheral terminal devices.
  • the end negotiates a key with the NAF to implement encrypted communication.
  • An enhanced key agreement method in a universal authentication framework includes the following steps:
  • the peripheral terminal device requests a derivative key from the UE; the request carries a peripheral terminal device flag;
  • the UE calculates the first derived key according to the shared key Ks and the peripheral terminal device flag of the entity BSF that performs the user identity initial check verification, and provides the first derived key to the NAF client on the peripheral terminal device. ;
  • the network side calculates a second derived key according to the shared key Ks of the UE and the BSF and the obtained peripheral terminal device identifier, and saves the second derived key by the NAF.
  • An enhanced key agreement method in a universal authentication framework includes the following steps:
  • the network side calculates a first derived key according to the shared key Ks of the entity BSF and the obtained peripheral terminal device identifier, which is performed by the UE and the user identity initial check verification, and saves the first derived key by the NAF;
  • the peripheral terminal device requests a derivative key from the UE, and the request carries a peripheral terminal device badge.
  • the UE calculates a second derived key according to its shared key Ks with the BSF and the peripheral terminal device flag, and provides the second derived key to the NAF client on the peripheral terminal device.
  • a key agreement system in an enhanced universal authentication framework includes: More than one peripheral terminal device having a network service application entity NAF client requests a derived key from a UE connected thereto, and the request carries a peripheral terminal device flag;
  • the UE calculates a first derived key according to the shared key Ks of the entity BSF and the peripheral terminal device flag that performs initial authentication verification of the user identity, and provides the first derived key to the NAF client on the peripheral terminal device.
  • the BSF calculates a second derived key according to its shared key Ks with the UE and the acquired peripheral terminal device flag, and provides the second derived key to the NAF.
  • a key agreement system in an enhanced universal authentication framework includes:
  • More than one peripheral terminal device having a network service application entity NAF client requests a derived key from a UE connected thereto, and the request carries a peripheral terminal device flag;
  • the UE calculates a first derived key according to the shared key Ks of the entity BSF and the peripheral terminal device flag that performs initial authentication verification of the user identity, and provides the first derived key to the NAF client on the peripheral terminal device.
  • the BSF calculates a temporary key according to the shared key Ks with the UE;
  • the NAF calculates a second derived key according to the temporary key and the obtained peripheral terminal device identifier, and saves the second derived key.
  • a user terminal UE connected to one or more peripheral terminal devices having a network service application entity NAF client, includes:
  • An execution user identity initial check verification entity BSF includes:
  • a network side key derivation functional entity for acquiring and acquiring a shared key Ks from the user terminal UE A flag of the peripheral terminal device connected to the UE, calculating a derived key, and providing the derived key to the network service application entity NAF.
  • a network side key derivation functional entity includes:
  • the first key derivation module is located in the execution user identity initial check verification entity BSF, and calculates the temporary key according to the shared key Ks of the BSF and the user terminal UE;
  • the second key derivation module is located at the network service application entity NAF, and calculates the derived key according to the temporary key calculated by the first key derivation module and the obtained device identifier of the peripheral terminal device connected to the UE.
  • the present invention implements key negotiation between the NAF client and the NAF when the GBA client is at the UE and the NAF client is at another terminal.
  • the present invention adopts the device identifier as one of the parameters for calculating the derived key, so different peripheral terminal devices use different derived keys to communicate with the same NAF, so that different peripheral terminal devices of the same UE can be prevented from adopting the same
  • the security problem that exists when the derived key communicates with the NAF is that a peripheral terminal device is attacked, and other peripheral terminal devices may also be attacked.
  • the derived key calculated for the different peripheral terminal device terminals is different, thereby improving the security.
  • the NAF client on the peripheral terminal device reports its own device flag to the NAF, which can not only calculate different derived keys for different terminal devices, but also make it possible to distinguish connection requests from different terminals of the same user. In this way, the access problem of multiple terminals of one user can be handled according to the local policy.
  • Figure 1 is a schematic diagram of the GAA frame.
  • 2 is a schematic diagram of an enhanced GAA framework in a state where the NAF client and the GBA client are separated.
  • FIG. 3 is a flowchart of key negotiation between a NAF client and NAF communication in an enhanced GAA framework according to an embodiment of the present invention.
  • FIG. 4 is a flowchart of key negotiation for NAF client and NAF communication in an enhanced GAA framework according to another embodiment of the present invention.
  • FIG. 5 is a schematic diagram of a key agreement system for NAF client and NAF communication in an enhanced GAA framework according to an embodiment of the present invention.
  • FIG. 6 is a schematic diagram of a key agreement system for communicating NAF clients with NAF in an enhanced GAA framework according to another embodiment of the present invention.
  • FIG. 7 is a schematic diagram of a UE participating in key negotiation of a NAF client and NAF communication according to an embodiment of the present invention.
  • FIG. 8 is a schematic diagram of a BSF for key negotiation of a NAF client and NAF communication according to an embodiment of the present invention.
  • FIG. 9 is a schematic diagram of a network-side key derivation functional entity participating in key negotiation of a NAF client and NAF communication according to an embodiment of the present invention. Mode for carrying out the invention
  • FIG. 3 shows a GAA authentication procedure according to an embodiment of the present invention.
  • the UE and the peripheral terminal device belong to the same user.
  • the following describes the secret key negotiation method of the NAF client and the NAF communication in the enhanced GAA framework, including the following steps:
  • Step 301 When the NAF client on the peripheral terminal device needs to use a certain service, send a connection request to the NAF corresponding to the service. If the NAF client knows that it needs to go to BSF To perform the mutual authentication process, you can skip this step and go directly to step 303.
  • Step 302 After receiving the request, the NAF searches whether the derived key corresponding to the user equipment is already stored, and if not, instructs the NAF client on the peripheral terminal device to communicate with the NAF client by using an encryption method, for example, indicating that the GAA key is used. In order to communicate securely, if there is already a valid derivative key shared by the NAF and the user equipment, the key communication is directly used, and the process ends.
  • an encryption method for example, indicating that the GAA key is used.
  • Step 303 After receiving the indication, the NAF client on the peripheral terminal device requests the UE to use the derived key NAF specific keys to be used in the encrypted communication with the NAF, and carries the NAF identifier and the peripheral terminal device in the request message. Equipment sign.
  • the device identifier refers to an identifier for distinguishing different peripheral terminal devices, and may be a device MAC address, an IP address, or a globally routable user agent universal resource identifier (GRUU, Globally Routable UA imi ), device identifier ( Similar to ME's IMEI) and so on.
  • the peripheral terminal device can connect to the UE as a local interface through an interface such as a data line, USB, Bluetooth, or infrared to exchange messages.
  • the device flag sent may also be an index value for the various identifiers listed above.
  • the UE stores the correspondence between each index and the identifier. After receiving the device index value, the UE obtains the real identifier according to the corresponding relationship.
  • the device identifier is for distinguishing different peripheral terminal devices, that is, it may be a global device identifier, or may be a partial device identifier, such as a personal network element (PNE) defined in the personal network. , personal network element ) logo.
  • PNE personal network element
  • the network side may also store the peripheral terminal device information of a certain UE, including the correspondence between the user identifier and each device owned by the UE.
  • Step 304 After receiving the request, the UE locally searches for a valid Ks. If there is a valid Ks, go directly to step 308; if there is no valid Ks, send an authentication request to the BSF to perform the GB A process.
  • Step 305 According to the GBA process, the BSF that receives the authentication request obtains the use by the HSS. User's authentication information.
  • Step 306 After obtaining the authentication information, the BSF performs mutual authentication and key agreement with the UE, and completes mutual authentication of the identity between the UE and the BSF and generation of the shared key Ks.
  • Step 307 The BSF may also define an expiration date for the Ks, and assign a session transaction identifier (B-TID) that can be used to identify the Ks to the UE. And after the Ks expires, return to step 304 to update Ks.
  • B-TID session transaction identifier
  • Step 308 The UE calculates a derived key according to Ks, and the calculation parameter includes a device identifier of the peripheral terminal device in addition to Ks, "gba-me" II RAKD II IMPI
  • Derived key NAF specific keys can be divided into:
  • Ks_ext_NAF KF (Ks, "gba-me”
  • device flag); Ks— int— NAF KDF (Ks, "gba-u” II RAND
  • IMPI refers to the user's IP multimedia private identity
  • NAF-ID refers to the NAF identifier
  • gba-me and "gba-u” represent the string
  • KDF is the abbreviation of the key derivation function.
  • Ks-NAF KDF (Ks, "gba-me”
  • the second step of calculating the derived key can also be performed on the peripheral terminal device and the AF, and the UE and the BSF can respectively Ks_int/(ext)_ NAF_ temp is sent to the peripheral terminal device and NAF.
  • Step 309 The UE sends the calculated derivative key NAF specific keys and the B-TID of the identifier Ks to the NAF client on the peripheral terminal device through the local interface.
  • Step 310 The NAF client on the peripheral terminal device sends a connection request to the NAF again, and carries the B-TID and the device identifier in the request message.
  • NAF may obtain the communication peripheral terminal equipment mark by other means.
  • the carrier network may locally configure the information that the peripheral terminal has been configured, and the peripheral terminal device or the UE tells the operator network (such as BSF or NAF) to enable a certain characteristic information of a peripheral terminal device by using a short message.
  • the carrier network (such as BSF) finds the device flag locally and notifies NAF. It may also be a peripheral terminal device or a message that the UE directly tells the NAF peripheral terminal device through other messages.
  • the UE after receiving the request in step 304, the UE sends the peripheral terminal device identifier carried in the request to the network side. I won't go into details later.
  • Step 311 The NAF sends a key query message to the BSF for querying, and the query message carries the NAF identifier and the B-TID and the device identifier.
  • Step 312 After receiving the query message, the BSF searches for the corresponding key Ks according to the B-TID in the message, and calculates the derivative key according to the same algorithm as the UE side described in step 308 according to the B-TID, the device identifier, and the NAF identifier. key.
  • Step 313 The BSF returns the twin key NAF specific keys to the NAF along with the generated validity period of the key.
  • Step 314 After that, the NAF communicates with the peripheral terminal device using the derived key NAF specific keys. And after the derived key expires, return to step 308 to New derived key.
  • the NAF and the peripheral terminal can negotiate to select a derived key as the encrypted communication.
  • different peripheral terminal devices of a certain UE can be distinguished, and the feature can be used to control the number of peripheral terminal accesses of a certain UE to access a certain service according to the configuration policy. It can be configured and controlled by the BSF.
  • the configuration policy can be sent to the NAF and controlled by the NAF. For example, the corresponding flag can be set in the USS (User Security Setting). After the operator configures it, it is sent by the BSF. ⁇ NAF, access control by NAF.
  • peripheral terminal devices connected to the UE are distinguished according to the device identifier, and corresponding processing is performed according to the configured policy. For example, if only one peripheral terminal device connected to the UE is allowed to access the NAF at the same time (the entity implementing the NAF may be an application server AS), if it is found that there is a connection request sent by the other peripheral terminal device on the UE, or reject A new connection request either disconnects the old connection and accesses the new connection.
  • the entity implementing the NAF may be an application server AS
  • the BSF or NAF may also restrict whether the peripheral terminal device is allowed to access the network using the key calculated by the UE according to the peripheral terminal device flag.
  • the present invention implements key negotiation between the NAF client and the NAF client by implementing the key agreement between the NAF client and the NAF client when the GBA client is in the UE, and the NAF client is in the other terminal. Moreover, in order to ensure sufficient security, when different peripheral terminal devices access the same NAF, different Ks specific keys are generated for the different peripheral terminal devices for the force. Confidential communication.
  • FIG. 4 shows a GAA authentication process of another embodiment of the present invention.
  • the embodiment shown in FIG. 4 is different from the embodiment shown in FIG. 3 in that the NAF client on the peripheral terminal device sends a request message for querying Ks to the UE before instructing the UE to perform a GBA renegotiation process, and is in the query. After the absence of Ks or a valid Ks, the GBA negotiation process is carried out, A new negotiation Ks.
  • both the UE and the peripheral terminal devices belong to the same user.
  • the following describes the key negotiation method for NAF client and NAF communication under the enhanced GAA framework, including the following steps:
  • Step 401 When the NAF client on the peripheral terminal device needs to use a certain service, send a connection request to the NAF corresponding to the service. If the NAF client knows that it needs to go to the BSF to perform the mutual authentication process, it can skip this step and go directly to step 403.
  • Step 402 After receiving the request, the NAF searches whether the derived key corresponding to the user equipment is already stored. If not, the NAF client on the peripheral terminal device is instructed to communicate with the NAF client by using an encryption method, for example, indicating that the GAA key is used. In order to communicate securely, if there is already a valid derivative key shared by the NAF and the user equipment, the key communication is directly used, and the process ends.
  • Step 403 After receiving the indication, the NAF client on the peripheral terminal device sends a request for querying the Ks information to the UE. In order to know whether there is a valid Ks on the UE.
  • Step 404 After receiving the request, the UE locally searches for a valid Ks. If there is Ks, the B-TID of Ks is further sent to the peripheral terminal device together; if there is no Ks or the UE judges that Ks is invalid, then the B-TID is not returned (step 406 can be directly executed, In order to negotiate a Ks; it is also possible to send an indication to the peripheral terminal device that there is no valid key, and after receiving the GBA renegotiation indication of step 405, step 406 is performed.
  • Step 405 If the peripheral terminal device does not receive the B-TID corresponding to the Ks or judges that the received B-TID has expired according to the returned key validity period, the UE is instructed to perform a GBA renegotiation process. Otherwise, proceed to step 410.
  • steps 403, 404, 405 can also be performed in the following manner:
  • the peripheral device does not query whether the UE has a valid Ks, but sends a GBA indication directly to the UE.
  • the UE After receiving the GBA indication, the UE performs the same method according to the processing method after receiving the GBA indication of the NAF in the existing specification.
  • Step 4 06 If no valid Ks exists, the UE sends an authentication request to the BSF to negotiate a Ks.
  • Step 407 According to the GBA process, the BSF that receives the authentication request obtains the authentication information of the user from the HSS.
  • Step 408 After obtaining the authentication information, the BSF performs mutual authentication and key agreement with the UE, and performs mutual authentication of the identity between the user and the BSF and generation of the shared key Ks.
  • Step 409 The BSF may also define an expiration date for the Ks, and allocate a B-TID that can be used to identify the Ks to be sent to the UE. And after the expiration of Ks, return to step 406 to update Ks.
  • Step 410 The peripheral terminal device requests the UE to use the derived key NAF specific keys to be used for the encrypted communication with the NAF, and carries the NAF identifier and the device identifier of the peripheral terminal device in the request message.
  • Step 411 The UE calculates the derived key according to Ks.
  • the specific method of calculation is the same as step 308.
  • Step 412 The UE sends the calculated derivative key NAF specific keys and the B-TID of the identifier Ks to the NAF client on the peripheral terminal device through the local interface.
  • Step 413 The NAF client on the peripheral terminal device sends a connection request to the NAF again, and carries the B-TID and the device identifier in the request message.
  • Step 414 The NAF sends a key query message to the BSF for querying, and the query message carries the NAF identifier and the B-TID and the device identifier.
  • Step 415 After receiving the query message, the BSF searches for the corresponding key Ks according to the B-TID in the message, and calculates the derivative key according to the same algorithm as the UE side described in step 308 according to the B-TID, the device identifier, and the NAF identifier. key.
  • Step 416 The BSF will derive the key NAF specific keys along with the generated key The validity period is returned to NAF together.
  • Step 417 After that, the NAF communicates with the peripheral terminal device using the derived key NAF specific keys. And after the derived key expires, return to step 408 to update the derived key.
  • steps 410-412 can be performed after 416.
  • the steps 408 to 417 are the same as the steps 306 to 314.
  • the present invention also provides an enhanced key agreement system in a universal authentication framework. As shown in FIG. 5, in one embodiment, the system includes:
  • More than one peripheral terminal device having a network service application entity NAF client requests a derived key from a UE connected thereto, and the request carries a peripheral terminal device flag;
  • the UE calculates a first derived key according to the shared key Ks of the entity BSF and the peripheral terminal device flag that performs initial authentication verification of the user identity, and provides the first derivative key to the NAF client on the peripheral terminal device;
  • the BSF calculates a second derived key identical to the first derived key according to the shared key Ks with the UE and the acquired peripheral terminal device flag, and provides the second derived key to the NAF.
  • the second derivative key used by the NAF is separately calculated by the BSF on the network side.
  • the peripheral terminal device flag used by the BSF to calculate the second derived key may be reported by the UE or may be obtained from the NAF.
  • the system includes:
  • More than one peripheral terminal device having a network service application entity NAF client requests a derived key from a UE connected thereto, and the request carries a peripheral terminal device flag;
  • the UE calculates a first derived key according to the shared key Ks of the entity BSF and the peripheral terminal device flag that performs initial authentication verification of the user identity, and provides the first derived key to the peripheral terminal.
  • a backup NAF client
  • the BSF calculates a temporary key according to the shared key Ks with the UE;
  • NAF calculates a second derived key identical to the first derived key according to the temporary key and the acquired peripheral terminal device flag, and saves the second derived key.
  • the second derivative key used by the NAF is jointly calculated by the BSF and the NAF on the network side.
  • the peripheral terminal device identifier used by the NAF to calculate the second derived key may be obtained from a connection request sent by the NAF client, or may be reported by the UE.
  • the present invention also discloses a UE. As shown in FIG. 7, the UE is connected to one or more peripheral terminal devices having a NAF client, and includes a key derivation module for performing an entity BSF according to an initial check verification with a user identity.
  • the shared key Ks and the device flag of the peripheral terminal device connected thereto calculate the derived key, and provide the derived key to the NAF client on the peripheral terminal device.
  • the present invention also discloses a BSF for generating a derivative key by means of a BSF on the network side.
  • the BSF includes a key derivation module for calculating a derived key according to its shared key Ks with the user terminal UE and the acquired identifier of the peripheral terminal device connected to the UE. And provide the derived key to the network service application entity NAF.
  • the invention also discloses a network side key derivation function entity, which is used for jointly generating a derivative key by the BSF and the NAF on the network side.
  • the key derivation function entity includes a first key derivation module located on the BSF and a second key derivation module located on the NAF.
  • the first key derivation module is configured to calculate a temporary key according to the shared key Ks of the BSF and the user terminal UE; the second key derivation module is configured to use the temporary key and the calculated key according to the first key derivation module.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A method of Encryption key negotiation in the enhanced universal verify frame is applied in the communication derived key negotiation between the NAF and the subscriber thereof, which includes: the peripheral terminal device requests the derived key from UE, the request carries on the peripheral terminal device tag; UE computes the first derived key according to the shared key with BSF and the peripheral terminal device tag; the network side computes the second derived key according to the shared key which shared by UE and BSF and the peripheral terminal device tag obtained, and the second derived key is memorized by NAF. The encryption key negotiation system and equipment are also provided in the present invention. It can realize which the GBA subscriber side is in the UE, while NAF subscriber is in the other peripheral terminal device, NAF subscriber and NAF negotiate the key.

Description

增强通用鉴权框架中的密钥协商方法、 系统和装置  Key agreement method, system and device in enhanced universal authentication framework
技术领域 Technical field
本发明涉及 3GPP 通用鉴权框架 (GAA, Generic Authentication Architecture )技术领域, 特别是指一种增强通用鉴权框架中的密钥协商 方法、 系统和装置。 发明背景  The present invention relates to the technical field of the 3GPP Generic Authentication Architecture (GAA), and in particular to a key agreement method, system and apparatus in an enhanced universal authentication framework. Background of the invention
在第三代无线通信标准中, GAA是多种应用业务实体使用的一个用 于完成对用户身份进行验证的通用结构 , 应用 GAA可实现对应用业务 的用户进行检查和验证身份。 上述多种应用业务可以是多播或广播业 务、 用户证书业务、 信息即时提供业务等, 也可以是代理业务。  In the third generation wireless communication standard, GAA is a general structure used by various application service entities to complete the verification of user identity. GAA can be used to check and verify the identity of users of application services. The foregoing multiple application services may be multicast or broadcast services, user certificate services, information provision services, or proxy services.
图 1示出了所述 GAA的结构。 GAA通常由 UE、 执行用户身份初 始检查验证的实体(BSF, Bootstrapping Server Function ). 用户归属网 络系统(HSS, Home Subscriber System )和网络业务应用实体(NAF, Network Application Function )组成。 BSF与 UE互相验证身份, 同时生 成 BSF与 UE 的共享密钥 Ks; HSS 中存储用于描述用户信息的描述 ( Profile )文件, 同时 HSS还兼有产生鉴权信息的功能。 各个实体之间 的接口可参见图 1。  Figure 1 shows the structure of the GAA. The GAA is usually composed of a UE, a BSF (Bootstrapping Server Function), a Home Subscriber System (HSS), and a Network Application Function (NAF). The BSF and the UE mutually authenticate the identity, and simultaneously generate the shared key Ks of the BSF and the UE; the HSS stores a profile file for describing the user information, and the HSS also has the function of generating the authentication information. The interface between the various entities can be seen in Figure 1.
当用户需要使用某种业务时,如果其知道该业务需要到 BSF进行互 鉴权过程, 则 UE直接到 BSF进行互鉴权, 否则, UE会首先和该业务 对应的 NAF联系, 如果该 NAF使用 GAA, 并且发现 UE还未到 BSF 进行互认证过程, NAF则通知 UE到 BSF进行互鉴权以验证身份。  When the user needs to use a service, if the UE needs to go to the BSF to perform the mutual authentication process, the UE directly authenticates to the BSF. Otherwise, the UE first contacts the NAF corresponding to the service, if the NAF is used. The GAA, and finds that the UE has not yet reached the BSF for mutual authentication, and the NAF notifies the UE to the BSF for mutual authentication to verify the identity.
UE与 BSF之间的互鉴权为通用 Bootstrapping鉴权框架(GBA, Generic Bootstrapping Architecture ) 下的 Bootstrapping婆权, 具体步骤 包括: UE向 BSF发出鉴权请求; BSF接到鉴权请求后, 首先到 HSS 获取用户的鉴权信息; BSF获得鉴权信息后采用 HTTP digest AKA协 议与 UE进行双向认证以及密钥协商,完成 UE和 BSF之间身份的互相 认证及共享密钥 Ks的生成, BSF还为共享密钥 Ks定义了一个有效期 限, 以便 Ks进行定期更新。 共享密钥 Ks作为根密钥, 用于衍生出加 密通信的密钥。 The mutual authentication between the UE and the BSF is the Bootstrapping rights under the General Bootstrapping Authentication Framework (GBA, Generic Bootstrapping Architecture). The method includes: the UE sends an authentication request to the BSF; after receiving the authentication request, the BSF first obtains the authentication information of the user from the HSS; after obtaining the authentication information, the BSF uses the HTTP digest AKA protocol to perform mutual authentication and key agreement with the UE, and completes The mutual authentication of the identity between the UE and the BSF and the generation of the shared key Ks, the BSF also defines an expiration date for the shared key Ks, so that the Ks performs regular updates. The shared key Ks is used as a root key to derive a key for encrypted communication.
之后, BSF分配一个会话事务标识( B-TID, Bootstrapping Transaction Identifier )发送给 UE, 该 B-TID与 Ks相关联, 可以用于标识 Ks, 还包 含了 Ks的有效期限。  Then, the BSF allocates a Bootstrapping Transaction Identifier (B-TID) to the UE, and the B-TID is associated with Ks, which can be used to identify the Ks, and also includes the expiration date of the Ks.
UE收到 B-TID后, 重新向 NAF发出连接请求, 且请求消息中携带 了该 B-TID, 同时 UE侧根据 Ks计算出衍生密钥 NAF specific keys (可 为 Ks— NAF、 或为 Ks— int— NAF与 Ks—ext—NAF, 在后文进行了说明)。  After receiving the B-TID, the UE sends a connection request to the NAF again, and the B-TID is carried in the request message, and the UE side calculates the derived key NAF specific keys according to Ks (may be Ks-NAF, or Ks- Int—NAF and Ks—ext—NAF, as explained later).
NAF收到连接请求后, 先在本地查询是否存在用户携带的 B-TID, 如果 NAF不能在本地查询到该 B-TID, 则向 BSF进行查询, 该查询消 息中携带了 NAF标识和 B-TID。 如果 BSF不能在本地查询到该 B-TID, 则通知 NAF没有该用户的信息, 此时, NAF将通知 UE到 BSF重新进 行认证鉴权。 BSF查询到该 B-TID后, 使用与 UE侧相同的算法计算出 Ks的衍生密钥 NAP specific keys, 并向 NAF发送成功的响应消息 , 该 成功的响应中包括 NAF所需的 B-TID、与该 B-TID对应的衍生密钥 NAF specific keys, 以及 BSF为该密钥设置的有效期限。 NAF收到 BSF的成 功响应消息后, 就认为用户是经过 BSF认证的合法用户, 同时 NAF和 UE也就共享了由 Ks衍生的密钥 NAP specific keys。  After receiving the connection request, the NAF first queries the B-TID of the user. If the NAF cannot query the B-TID locally, the NAF queries the BSF. The query carries the NAF identifier and the B-TID. . If the BSF cannot query the B-TID locally, the NAF is notified that there is no information about the user. At this time, the NAF will notify the UE to re-authenticate the authentication to the BSF. After the BSF queries the B-TID, it calculates the derived key NAP specific keys of the Ks using the same algorithm as the UE side, and sends a successful response message to the NAF. The successful response includes the B-TID required by the NAF. The derived key NAF specific keys corresponding to the B-TID, and the expiration date set by the BSF for the key. After receiving the successful response message from the BSF, the NAF considers that the user is a legitimate user authenticated by the BSF, and the NAF and the UE share the key NAP specific keys derived from the Ks.
之后, NAF和 UE在后续的通信过程中通过 NAF specific keys来进 行加密通信。  After that, the NAF and the UE perform encrypted communication through NAF specific keys in the subsequent communication process.
当 UE发现 Ks即将过期,或 NAP要求 UE重新到 BSF进行鉴权时, UE就会重复上述的步骤重新到 BSF进行互鉴权, 以得到新的共享密钥 Ks及衍生密钥 NAF specific keys。 When the UE finds that Ks is about to expire, or the NAP requires the UE to re-authenticate to the BSF, The UE repeats the above steps to re-authenticate to the BSF to obtain a new shared key Ks and a derived key NAF specific keys.
这里需要说明的是,对于 GBA— ME过程,上述 UE指的是移动设备 ( ME, Mobile Equipment ); 如果是 GBA— U过程, 上述 UE指的是移动 设备中的用户识别模块(UICC, Universal Integrated Circuit Card ), 此时 所述的生成的 NAF specific keys 包括两个衍生密钥: 给 UICC 的 Ks_int_NAF和给 ME的 Ks— ext— NAF。  It should be noted that for the GBA-ME process, the UE refers to a mobile device (ME, Mobile Equipment); if it is a GBA-U process, the above UE refers to a user identification module in a mobile device (UICC, Universal Integrated) Circuit Card ), the generated NAF specific keys described herein include two derived keys: Ks_int_NAF for the UICC and Ks_ext_NAF for the ME.
以上的过程适用于 NAF客户端在 UE的情况,即 NAF客户端在 UE 的 ME上, 或者在 UE的 UICC上。 但是随着通用鉴权框架应用范围越 来越广泛, 出现一些新的应用场景。 其中一个比较大的应用场景就是 NAF客户端与终端分离的情况, 这种情况是指: 某个移动用户具备多个 终端设备,即除了手机以外,还具备其它终端设备如 PC机, WLAN UE, 掌上电脑等, 而这些终端采用同一个 UICC (如 SIM卡)用户信息访问 网络业务,导致 NAF客户端和 UE不在同一个设备上。如图 2示出了这 种情况下的 GAA架构, 本文中称为增强 GAA框架, 这种情况下 NAF 客户端不在 UE上, 而是在 UE以外的某一个或者某几个外围终端设备 上。 当这些外围终端设备不具备 GBA功能时, 就会出现 NAF客户端在 外围终端设备上, 与执行 GBA的客户端不在同一个设备上的情况。 现 在的 GAA规范主要针对 NAF客户端与 GBA客户端在同一个终端的情 况, 尚没有针对图 2所述 GAA构架方式的鉴权方法。  The above procedure is applicable to the case where the NAF client is in the UE, that is, the NAF client is on the ME of the UE, or on the UICC of the UE. However, with the increasing scope of application of the universal authentication framework, some new application scenarios have emerged. One of the larger application scenarios is the separation of the NAF client from the terminal. This situation refers to: A mobile user has multiple terminal devices, that is, in addition to the mobile phone, other terminal devices such as a PC, a WLAN UE, The handheld computer and the like, and these terminals use the same UICC (such as SIM card) user information to access the network service, so that the NAF client and the UE are not on the same device. The GAA architecture in this case is shown in Figure 2, which is referred to herein as the enhanced GAA framework. In this case, the NAF client is not on the UE, but on one or several peripheral devices other than the UE. When these peripheral terminal devices do not have the GBA function, the NAF client will be on the peripheral terminal device and not on the same device as the client executing GBA. The current GAA specification is mainly for the case where the NAF client and the GBA client are in the same terminal, and there is no authentication method for the GAA framework described in FIG.
并且,对于多个外围终端设备共享一个 UE上的 GBA客户端时'如 果这些外围终端设备中的某两个或者某几个访问同一个 NAF 时, 还会 出现多个外围终端设备采用同一个衍生密钥与某一个 NAF通信的情况, 造成安全隐患: 如果其中一个被攻破, 另外一个也会不攻自破。 发明内容 Moreover, when a plurality of peripheral terminal devices share a GBA client on one UE, 'if two or some of the peripheral terminal devices access the same NAF, a plurality of peripheral terminal devices may also adopt the same derivative. When a key communicates with a certain NAF, it poses a security risk: If one of them is compromised, the other one will not break. Summary of the invention
有鉴于此, 本发明的主要目的在于提供了增强通用鉴权框架中的密 钥协商方法、 系统和装置, 以解决 GBA客户端在 UE, 而 NAF客户端 在与其他外围终端设备时, NAF客户端与 NAF的协商密钥, 以实现加 密通信。 一种增强通用鉴权框架中的密钥协商方法包括以下步骤:  In view of this, the main object of the present invention is to provide a key agreement method, system and device in an enhanced universal authentication framework to solve a GBA client in a UE, and a NAF client in a NAF client with other peripheral terminal devices. The end negotiates a key with the NAF to implement encrypted communication. An enhanced key agreement method in a universal authentication framework includes the following steps:
外围终端设备向 UE请求衍生密钥; 该请求中携带外围终端设备标 志;  The peripheral terminal device requests a derivative key from the UE; the request carries a peripheral terminal device flag;
UE根据其与执行用户身份初始检查验证的实体 BSF的共享密钥 Ks 和所述外围终端设备标志计算出第一衍生密钥, 并将第一衍生密钥提供 给外围终端设备上的 NAF客户端;  The UE calculates the first derived key according to the shared key Ks and the peripheral terminal device flag of the entity BSF that performs the user identity initial check verification, and provides the first derived key to the NAF client on the peripheral terminal device. ;
网络侧根据所述 UE与 BSF的共享密钥 Ks和获取的所述外围终端 设备标志, 计算出第二衍生密钥, 并将所述第二衍生密钥由 NAF保存。 一种增强通用鉴权框架中的密钥协商方法包括以下步骤:  The network side calculates a second derived key according to the shared key Ks of the UE and the BSF and the obtained peripheral terminal device identifier, and saves the second derived key by the NAF. An enhanced key agreement method in a universal authentication framework includes the following steps:
网络侧根据 UE与执行用户身份初始检查验证的实体 BSF的共享密 钥 Ks和所获取的外围终端设备标志, 计算出第一衍生密钥, 并将所述 第一衍生密钥由 NAF保存;  The network side calculates a first derived key according to the shared key Ks of the entity BSF and the obtained peripheral terminal device identifier, which is performed by the UE and the user identity initial check verification, and saves the first derived key by the NAF;
外围终端设备向 UE请求衍生密钥, 该请求中携带外围终端设备标 士 .  The peripheral terminal device requests a derivative key from the UE, and the request carries a peripheral terminal device badge.
UE根据其与 BSF的共享密钥 Ks和所述外围终端设备标志,计算出 第二衍生密钥, 并将第二衍生密钥提供给外围终端设备上的 NAF客户 端。 一种增强通用鉴权框架中的密钥协商系统包括: 一个以上具有网絡业务应用实体 NAF客户端的外围终端设备,向与 其连接的 UE请求衍生密钥, 该请求中携带外围终端设备标志; The UE calculates a second derived key according to its shared key Ks with the BSF and the peripheral terminal device flag, and provides the second derived key to the NAF client on the peripheral terminal device. A key agreement system in an enhanced universal authentication framework includes: More than one peripheral terminal device having a network service application entity NAF client requests a derived key from a UE connected thereto, and the request carries a peripheral terminal device flag;
UE, 根据其与执行用户身份初始检查验证的实体 BSF 的共享密钥 Ks和所述外围终端设备标志计算出第一衍生密钥,并将第一衍生密钥提 供给外围终端设备上的 NAF客户端;  The UE calculates a first derived key according to the shared key Ks of the entity BSF and the peripheral terminal device flag that performs initial authentication verification of the user identity, and provides the first derived key to the NAF client on the peripheral terminal device. End
BSF,根据其与 UE的共享密钥 Ks和获取的所述外围终端设备标志, 计算出第二衍生密钥, 并将所述第二衍生密钥提供给 NAF。 一种增强通用鉴权框架中的密钥协商系统包括:  The BSF calculates a second derived key according to its shared key Ks with the UE and the acquired peripheral terminal device flag, and provides the second derived key to the NAF. A key agreement system in an enhanced universal authentication framework includes:
一个以上具有网络业务应用实体 NAF客户端的外围终端设备,向与 其连接的 UE请求衍生密钥, 该请求中携带外围终端设备标志;  More than one peripheral terminal device having a network service application entity NAF client requests a derived key from a UE connected thereto, and the request carries a peripheral terminal device flag;
UE, 根据其与执行用户身份初始检查验证的实体 BSF 的共享密钥 Ks和所述外围终端设备标志计算出第一衍生密钥 ,并将第一衍生密钥提 供给外围终端设备上的 NAF客户端;  The UE calculates a first derived key according to the shared key Ks of the entity BSF and the peripheral terminal device flag that performs initial authentication verification of the user identity, and provides the first derived key to the NAF client on the peripheral terminal device. End
BSF, 根据其与 UE的共享密钥 Ks计算出临时密钥;  The BSF calculates a temporary key according to the shared key Ks with the UE;
NAF, 根据所述临时密钥和获取的外围终端设备标志, 计算出第二 衍生密钥, 并保存该第二衍生密钥。 一种用户终端 UE, 与一个以上具有网络业务应用实体 NAF客户端 的外围终端设备连接, 包括:  The NAF calculates a second derived key according to the temporary key and the obtained peripheral terminal device identifier, and saves the second derived key. A user terminal UE, connected to one or more peripheral terminal devices having a network service application entity NAF client, includes:
密钥衍生模块, 用于根据其与执行用户身份初始检查验证的实体 BSF的共享密钥 Ks和与其连接的外围终端设备的设备标志计算衍生密 钥, 并将衍生密钥提供给所述外围终端设备上的 NAF客户端。 一种执行用户身份初始检查验证实体 BSF包括:  a key derivation module, configured to calculate a derived key according to a shared key Ks of the entity BSF with which the user identity initial verification is performed and a device identifier of the peripheral terminal device connected thereto, and provide the derived key to the peripheral terminal NAF client on the device. An execution user identity initial check verification entity BSF includes:
密钥衍生模块,用于根据其与用户终端 UE的共享密钥 Ks和获取的 与所述 UE相连的外围终端设备的标志, 计算衍生密钥, 并将衍生密钥 提供给网絡业务应用实体 NAF。 一种网络侧密钥衍生功能实体包括: a key derivation module for acquiring and acquiring a shared key Ks from the user terminal UE A flag of the peripheral terminal device connected to the UE, calculating a derived key, and providing the derived key to the network service application entity NAF. A network side key derivation functional entity includes:
第一密钥衍生模块, 位于执行用户身份初始检查验证实体 BSF, 根 据 BSF与用户终端 UE的共享密钥 Ks计算临时密钥;  The first key derivation module is located in the execution user identity initial check verification entity BSF, and calculates the temporary key according to the shared key Ks of the BSF and the user terminal UE;
第二密钥衍生模块, 位于网络业务应用实体 NAF, 根据第一密钥衍 生模块计算出的临时密钥和获取的与所述 UE相连的外围终端设备的设 备标志计算衍生密钥。 由上述技术方案可以看出,本发明实现了在 GBA客户端在 UE, 而 NAF客户端在其他终端时, NAF客户端与 NAF的密钥协商。  The second key derivation module is located at the network service application entity NAF, and calculates the derived key according to the temporary key calculated by the first key derivation module and the obtained device identifier of the peripheral terminal device connected to the UE. As can be seen from the foregoing technical solution, the present invention implements key negotiation between the NAF client and the NAF when the GBA client is at the UE and the NAF client is at another terminal.
并且, 本发明采用设备标志作为计算衍生密钥的参数之一, 因此不 同的外围终端设备采用不同的衍生密钥与同一个 NAF通信, 这样, 可 以避免同一个 UE的不同外围终端设备采用相同的衍生密钥与 NAF通信 时存在的安全问题, 即一个外围终端设备被攻击, 其他外围终端设备也 有可能被攻击。 在本发明中, 计算衍生密钥的参数里加上标识不同终端 外围终端设备的设备标志后, 针对不同的外围终端设备终端计算出来的 衍生密钥就会不一样, 从而提高了安全性。  Moreover, the present invention adopts the device identifier as one of the parameters for calculating the derived key, so different peripheral terminal devices use different derived keys to communicate with the same NAF, so that different peripheral terminal devices of the same UE can be prevented from adopting the same The security problem that exists when the derived key communicates with the NAF is that a peripheral terminal device is attacked, and other peripheral terminal devices may also be attacked. In the present invention, after the parameter for calculating the derived key is added to the device identifier identifying the peripheral terminal device of the different terminal, the derived key calculated for the different peripheral terminal device terminals is different, thereby improving the security.
另一方面, 外围终端设备上 NAF客户端向 NAF报告自己的设备标 志, 不但可以对不同的终端设备计算出不同的衍生密钥, 而且还可以使 区分来自同一个用户不同的终端的连接请求, 这样便可以根据本地策 略, 处理一个用户的多个终端的接入问题。 附图简要说明  On the other hand, the NAF client on the peripheral terminal device reports its own device flag to the NAF, which can not only calculate different derived keys for different terminal devices, but also make it possible to distinguish connection requests from different terminals of the same user. In this way, the access problem of multiple terminals of one user can be handled according to the local policy. BRIEF DESCRIPTION OF THE DRAWINGS
图 1为 GAA框架示意图。 图 2为 NAF客户端和 GBA客户端分离状态下的增强 GAA框架示 意图。 Figure 1 is a schematic diagram of the GAA frame. 2 is a schematic diagram of an enhanced GAA framework in a state where the NAF client and the GBA client are separated.
图 3为本发明一实施例的增强 GAA框架中 NAF客户端与 NAF通 信的密钥协商流程图。  FIG. 3 is a flowchart of key negotiation between a NAF client and NAF communication in an enhanced GAA framework according to an embodiment of the present invention.
图 4为本发明另一实施例的增强 GAA框架中 NAF客户端与 NAF 通信的密钥协商流程图。  FIG. 4 is a flowchart of key negotiation for NAF client and NAF communication in an enhanced GAA framework according to another embodiment of the present invention.
图 5为本发明一实施例的增强 GAA框架中 NAF客户端与 NAF通 信的密钥协商系统示意图。  FIG. 5 is a schematic diagram of a key agreement system for NAF client and NAF communication in an enhanced GAA framework according to an embodiment of the present invention.
图 6为本发明另一实施例的增强 GAA框架中 NAF客户端与 NAF 通信的密钥协商系统示意图。  FIG. 6 is a schematic diagram of a key agreement system for communicating NAF clients with NAF in an enhanced GAA framework according to another embodiment of the present invention.
图 7为本发明一实施例的参与 NAF客户端与 NAF通信的密钥协商 的 UE示意图。  FIG. 7 is a schematic diagram of a UE participating in key negotiation of a NAF client and NAF communication according to an embodiment of the present invention.
图 8为本发明一实施例的参与 NAF客户端与 NAF通信的密钥协商 的 BSF示意图。  FIG. 8 is a schematic diagram of a BSF for key negotiation of a NAF client and NAF communication according to an embodiment of the present invention.
图 9为本发明一实施例的参与 NAF客户端与 NAF通信的密钥协商 的网络侧密钥衍生功能实体的示意图。 实施本发明的方式  FIG. 9 is a schematic diagram of a network-side key derivation functional entity participating in key negotiation of a NAF client and NAF communication according to an embodiment of the present invention. Mode for carrying out the invention
以下结合附图及实施例,对本发明进行进一步详细说明。应当理解, 此处所描述的具体实施例仅仅用于解释本发明, 并不用于限定本发明。  The present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It is understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
图 3示出了本发明一实施例的 GAA鉴权流程。 在本实施例中, UE 和外围终端设备均属于同一个用户, 下面对增强 GAA框架下的 NAF客 户端与 NAF通信的密'钥协商方法进行说明, 包括以下步骤:  FIG. 3 shows a GAA authentication procedure according to an embodiment of the present invention. In this embodiment, the UE and the peripheral terminal device belong to the same user. The following describes the secret key negotiation method of the NAF client and the NAF communication in the enhanced GAA framework, including the following steps:
步骤 301: 外围终端设备上的 NAF客户端需要使用某种业务时, 向 该业务对应的 NAF发送连接请求。 如果该 NAF客户端知道需要到 BSF 进行互鉴权过程, 则可以跳过这一步骤, 直接进入步骤 303。 Step 301: When the NAF client on the peripheral terminal device needs to use a certain service, send a connection request to the NAF corresponding to the service. If the NAF client knows that it needs to go to BSF To perform the mutual authentication process, you can skip this step and go directly to step 303.
步骤 302: 收到请求后, NAF查找是否已经存储了该对应于用户设 备有效的衍生密钥, 如果没有, 指示外围终端设备上的 NAF客户端采 用加密方式与其通信, 例如可指示采用 GAA密钥与其进行安全通信, 如果已经存在有效的 NAF 与该用户设备的共享的衍生密钥, 则直接使 用该密钥通信, 并结束本流程。  Step 302: After receiving the request, the NAF searches whether the derived key corresponding to the user equipment is already stored, and if not, instructs the NAF client on the peripheral terminal device to communicate with the NAF client by using an encryption method, for example, indicating that the GAA key is used. In order to communicate securely, if there is already a valid derivative key shared by the NAF and the user equipment, the key communication is directly used, and the process ends.
步骤 303: 收到指示后, 外围终端设备上 NAF客户端向 UE请求本 次要与 NAF加密通信所使用的衍生密钥 NAF specific keys,并在请求消 息里携带所述 NAF标识、 外围终端设备的设备标志。  Step 303: After receiving the indication, the NAF client on the peripheral terminal device requests the UE to use the derived key NAF specific keys to be used in the encrypted communication with the NAF, and carries the NAF identifier and the peripheral terminal device in the request message. Equipment sign.
这里, 设备标志是指用于区分不同外围终端设备的标识符, 可以是 设备 MAC地址, IP地址, 或者是全局可路由的用户代理通用资源标识 符( GRUU, Globally Routable UA imi ) ,设备标识(类似于 ME的 IMEI ) 等。 外围终端设备可以通过数据线、 USB、 蓝牙、 或红外线等接口作为 本地接口与 UE相连以交互消息。 发送的设备标志还有可能是以上所列 各种标识的一个索引值。 对应地, UE里面保存各个索引与标识的对应 关系。 UE收到设备索引值后, 根据对应关系得到真正的标识。  Here, the device identifier refers to an identifier for distinguishing different peripheral terminal devices, and may be a device MAC address, an IP address, or a globally routable user agent universal resource identifier (GRUU, Globally Routable UA imi ), device identifier ( Similar to ME's IMEI) and so on. The peripheral terminal device can connect to the UE as a local interface through an interface such as a data line, USB, Bluetooth, or infrared to exchange messages. The device flag sent may also be an index value for the various identifiers listed above. Correspondingly, the UE stores the correspondence between each index and the identifier. After receiving the device index value, the UE obtains the real identifier according to the corresponding relationship.
值得指出的是, 所述设备标志是为了区分不同的外围终端设备, 即 可以是一个全局的设备标识, 也可以是一个局部的设备标识, 如在个人 网洛里面定义的个人网给元素 ( PNE, personal network element )标识。 网络侧也可能会保存某个 UE的外围终端设备信息, 包括用户标识与其 拥有的各个设备之间的对应关系等。  It is worth noting that the device identifier is for distinguishing different peripheral terminal devices, that is, it may be a global device identifier, or may be a partial device identifier, such as a personal network element (PNE) defined in the personal network. , personal network element ) logo. The network side may also store the peripheral terminal device information of a certain UE, including the correspondence between the user identifier and each device owned by the UE.
步骤 304: UE接到请求后, 在本地查找是否存在有效的 Ks。 如果 存在有效的 Ks, 直接转入步骤 308; 如果不存在有效的 Ks, 则向 BSF 发送鉴权请求, 以执行 GB A过程。  Step 304: After receiving the request, the UE locally searches for a valid Ks. If there is a valid Ks, go directly to step 308; if there is no valid Ks, send an authentication request to the BSF to perform the GB A process.
步驟 305: 根据 GBA过程, 收到鉴权请求的 BSF到 HSS获取该用 户的鉴权信息。 Step 305: According to the GBA process, the BSF that receives the authentication request obtains the use by the HSS. User's authentication information.
步骤 306: BSF获得鉴权信息后与 UE进行双向认证以及密钥协商, 完成 UE和 BSF之间身份的互相鉴权及共享密钥 Ks的生成。  Step 306: After obtaining the authentication information, the BSF performs mutual authentication and key agreement with the UE, and completes mutual authentication of the identity between the UE and the BSF and generation of the shared key Ks.
步骤 307: BSF还可为 Ks定义一个有效期, 并分配一个可用于标识 Ks的会话事务标识(B-TID )发送给 UE。 并在 Ks到期后, 返回步骤 304以更新 Ks。  Step 307: The BSF may also define an expiration date for the Ks, and assign a session transaction identifier (B-TID) that can be used to identify the Ks to the UE. And after the Ks expires, return to step 304 to update Ks.
步驟 308: UE根据 Ks计算衍生密钥, 计算参数除了 Ks、 "gba-me" II RAKD II IMPI || NAFJD以外, 还包括外围终端设备的设备标志, 从而 实现为不同的外围终端设备生成不同的衍生密钥 NAF specific keys。 具 体来说, 可分为:  Step 308: The UE calculates a derived key according to Ks, and the calculation parameter includes a device identifier of the peripheral terminal device in addition to Ks, "gba-me" II RAKD II IMPI || NAFJD, thereby implementing different generation for different peripheral terminal devices. Derived key NAF specific keys. Specifically, it can be divided into:
当 UICC具备 GBA功能时(属于 GBA— U过程 ) , 由 UICC计算衍 生密钥 Ks— ext— NAF 和 Ks— int— NAF。 如: Ks— ext— NAF = K F (Ks, "gba-me" || RAND || IMPI || NAF—Id||设备标志) ; Ks— int— NAF = KDF (Ks, "gba-u" II RAND || IMPI || NAF— Id||设备标志)。其中 RAND是一个随机数, IMPI是指用户的 IP 多媒体私有身份标识, NAF—ID指 NAF 标识, "gba-me"和" gba-u"代表字符串; KDF是密钥导出函数的缩写。  When the UICC has the GBA function (belonging to the GBA-U process), the derived keys Ks_ext_NAF and Ks_int-NAF are calculated by the UICC. For example: Ks— ext— NAF = KF (Ks, "gba-me" || RAND || IMPI || NAF—Id||device flag); Ks— int— NAF = KDF (Ks, "gba-u" II RAND || IMPI || NAF—Id||Device Mark). Where RAND is a random number, IMPI refers to the user's IP multimedia private identity, NAF-ID refers to the NAF identifier, "gba-me" and "gba-u" represent the string; KDF is the abbreviation of the key derivation function.
当 Ks存放在 ME上(属于 GBA—ME过程), 则由 ME计算衍生密 钥 Ks— NAF,如: Ks— NAF: KDF (Ks, "gba-me" || RAND || IMPI || NAP_Id|| 设备标志)。  When Ks is stored on the ME (belonging to the GBA-ME process), the derived key Ks-NAF is calculated by the ME, such as: Ks-NAF: KDF (Ks, "gba-me" || RAND || IMPI || NAP_Id| | Equipment logo).
另外值得说明的是, 在对外围终端设备的 NAF specific keys的计算 也可以分为两个步骤进行: 第一步, 按照原来的计算衍生密钥方式计算 出 Ks临时衍生密钥(以 Ks— ( ext )—NAF— temp和 Ks— int— NAF—temp表 示): Ks— ( ext )_NAFjemp=KDF(Ks5 "gba-me" ||RAND|| IMPI || NAF— Id) ; Ks—int— NAF— temp: KDF(Ks, "gba-u" || RAND || IMPI || NAF— Id); 第二 步,再由临时衍生密钥计算外围终端设备的衍生密钥: Ks— int/(ext)_NAF =KDF(Ks_int/(ext)_NAF— temp,设备标志)。 It is also worth noting that the calculation of the NAF specific keys of the peripheral terminal device can also be carried out in two steps: In the first step, the Ks temporary derivative key is calculated according to the original calculated derivative key method (Ks-( Ext )—NAF—temp and Ks—int—NAF—temp represents): Ks—( ext )_NAFjemp=KDF(Ks 5 "gba-me" ||RAND|| IMPI || NAF— Id) ; Ks—int— NAF— temp: KDF(Ks, "gba-u" || RAND || IMPI || NAF— Id); The second step is to calculate the derived key of the peripheral terminal device by the temporary derivative key: Ks—int/( Ext)_NAF =KDF(Ks_int/(ext)_NAF— temp, device flag).
这样,如果外围终端设备和 NAF有计算密钥的功能,该计算衍生密 钥的第二步还可以放在外围终端设备和 AF上进行, UE和 BSF可以分 别将 Ks— int/(ext)_ NAF_ temp发给外围终端设备和 NAF。  Thus, if the peripheral terminal device and the NAF have the function of calculating a key, the second step of calculating the derived key can also be performed on the peripheral terminal device and the AF, and the UE and the BSF can respectively Ks_int/(ext)_ NAF_ temp is sent to the peripheral terminal device and NAF.
步骤 309: UE通过本地接口将计算出的衍生密钥 NAF specific keys 和标识 Ks的 B-TID—起发送给外围终端设备上的 NAF客户端。  Step 309: The UE sends the calculated derivative key NAF specific keys and the B-TID of the identifier Ks to the NAF client on the peripheral terminal device through the local interface.
步骤 310: 外围终端设备上的 NAF客户端再次向 NAF发送连接请 求, 并在请求消息中携带所述 B-TID以及设备标志。  Step 310: The NAF client on the peripheral terminal device sends a connection request to the NAF again, and carries the B-TID and the device identifier in the request message.
值得指出的是, NAF可能通过其他方式获得此次通信外围终端设备 标志。 例如, 可以是运营商网絡在本地配置已经配置了该外围终端的信 息, 外围终端设备或者 UE通过短消息的方式告诉运营商网络(如 BSF 或 NAF )要启用某个外围终端设备某项特征信息,运营商网络(如 BSF ) 在本地查找到设备标志并通知 NAF。 也可以是外围终端设备或者 UE通 过其他消息直接告诉 NAF外围终端设备的某项信息。 或者, UE在步骤 304接收到请求之后,将请求中携带的外围终端设备标志发送给网络侧。 之后不再赘述。  It is worth pointing out that NAF may obtain the communication peripheral terminal equipment mark by other means. For example, the carrier network may locally configure the information that the peripheral terminal has been configured, and the peripheral terminal device or the UE tells the operator network (such as BSF or NAF) to enable a certain characteristic information of a peripheral terminal device by using a short message. The carrier network (such as BSF) finds the device flag locally and notifies NAF. It may also be a peripheral terminal device or a message that the UE directly tells the NAF peripheral terminal device through other messages. Alternatively, after receiving the request in step 304, the UE sends the peripheral terminal device identifier carried in the request to the network side. I won't go into details later.
步骤 311 : NAF向 BSF发送密钥查询消息进行查询, 该查询消息中 携带了 NAF标识和 B-TID以及设备标志。  Step 311: The NAF sends a key query message to the BSF for querying, and the query message carries the NAF identifier and the B-TID and the device identifier.
步骤 312: BSF接收到查询消息后, 根据消息中的 B-TID查找到对 应的密钥 Ks, 并根据 B-TID、设备标志以及 NAF标识, 采用与步骤 308 所述 UE侧相同算法计算衍生密钥。  Step 312: After receiving the query message, the BSF searches for the corresponding key Ks according to the B-TID in the message, and calculates the derivative key according to the same algorithm as the UE side described in step 308 according to the B-TID, the device identifier, and the NAF identifier. key.
步骤 313: BSF将 †生密钥 NAF specific keys连同生成的该密钥的 有效期一起返回给 NAF。  Step 313: The BSF returns the twin key NAF specific keys to the NAF along with the generated validity period of the key.
步骤 314: 之后, NAF便和外围终端设备采用所述衍生密钥 NAF specific keys加密之间的通信。并在衍生密钥到期后,返回步骤 308以更 新衍生密钥。这里说明一下,当上述过程计算衍生密钥 NAF specific keys 为 Ks— ext_NAF和 Ks— int— NAF时, NAF和外围终端可协商选择一个作 为加密通信的衍生密钥。 Step 314: After that, the NAF communicates with the peripheral terminal device using the derived key NAF specific keys. And after the derived key expires, return to step 308 to New derived key. Here, when the above process calculates the derived key NAF specific keys as Ks_ext_NAF and Ks_int-NAF, the NAF and the peripheral terminal can negotiate to select a derived key as the encrypted communication.
另外, 根据设备标志可区分某一个 UE的不同外围终端设备, 可利 用该特点实现根据配置策略控制某一 UE访问某一个业务的外围终端接 入数。 可由 BSF进行配置和接入控制, 也可以将配置策略发给 NAF由 NAF进行控制, 例如可以在用户安全设置(USS, User Security Setting ) 设置相应的标志, 运营商进行配置好后, 由 BSF发 ^ NAF, 由 NAF进 行接入控制。  In addition, according to the device identifier, different peripheral terminal devices of a certain UE can be distinguished, and the feature can be used to control the number of peripheral terminal accesses of a certain UE to access a certain service according to the configuration policy. It can be configured and controlled by the BSF. The configuration policy can be sent to the NAF and controlled by the NAF. For example, the corresponding flag can be set in the USS (User Security Setting). After the operator configures it, it is sent by the BSF. ^ NAF, access control by NAF.
在进行接入控制时, 根据设备标志来区分与 UE连接的不同外围终 端设备, 并根据配置的策略进行相应处理。 例如, 如果同一时刻只允许 一个与 UE连接的外围终端设备访问 NAF (实现 NAF的实体可以是某 个应用服务器 AS ) ,那么如果发现该 UE上有其他外围终端设备发来的 连接请求,要么拒绝新的连接请求,要么断开旧的连接并接入新的连接。  When the access control is performed, different peripheral terminal devices connected to the UE are distinguished according to the device identifier, and corresponding processing is performed according to the configured policy. For example, if only one peripheral terminal device connected to the UE is allowed to access the NAF at the same time (the entity implementing the NAF may be an application server AS), if it is found that there is a connection request sent by the other peripheral terminal device on the UE, or reject A new connection request either disconnects the old connection and accesses the new connection.
在进行接入控制时, BSF或者 NAF还可以根据外围终端设备标志来 限制是否允许该外围终端设备使用 UE计算出的密钥访问网络。  When performing access control, the BSF or NAF may also restrict whether the peripheral terminal device is allowed to access the network using the key calculated by the UE according to the peripheral terminal device flag.
从上可以看出, 本发明实现了 GBA客户端在 UE, 而 NAF客户端 在其他终端时 NAF与其 NAF客户端之间的密钥协商,从而实现了 NAF 客户端与 NAF 的加密通信。 并且, 为了保证足够的安全性, 不同的外 围终端设备访问同一个 NAF时, 针对不同的外围终端设备生成不同 Ks specific key用于所述力。密通信。  As can be seen from the above, the present invention implements key negotiation between the NAF client and the NAF client by implementing the key agreement between the NAF client and the NAF client when the GBA client is in the UE, and the NAF client is in the other terminal. Moreover, in order to ensure sufficient security, when different peripheral terminal devices access the same NAF, different Ks specific keys are generated for the different peripheral terminal devices for the force. Confidential communication.
图 4示出了的本发明另一实施例的 GAA鉴权流程。 图 4所示实施 例与图 3所示实施例的不同之处在于外围终端设备上的 NAF客户端在 指示 UE执行一个 GBA重协商过程之前, 先向 UE发送查询 Ks的请求 消息, 并在查询到没有 Ks或有效的 Ks之后, 进行 GBA协商过程, 重 新一个协商 Ks。 FIG. 4 shows a GAA authentication process of another embodiment of the present invention. The embodiment shown in FIG. 4 is different from the embodiment shown in FIG. 3 in that the NAF client on the peripheral terminal device sends a request message for querying Ks to the UE before instructing the UE to perform a GBA renegotiation process, and is in the query. After the absence of Ks or a valid Ks, the GBA negotiation process is carried out, A new negotiation Ks.
在本实施例中, UE 和外围终端设备均属于同一个用户。 下面对增 强 GAA框架下的 NAF客户端与 NAF通信的密钥协商方法进行说明, 包括以下步骤:  In this embodiment, both the UE and the peripheral terminal devices belong to the same user. The following describes the key negotiation method for NAF client and NAF communication under the enhanced GAA framework, including the following steps:
步骤 401 : 外围终端设备上的 NAF客户端需要使用某种业务时, 向 该业务对应的 NAF发送连接请求。 如果该 NAF客户端知道需要到 BSF 进行互鉴'权过程, 则可以跳过这一步骤, 直接进入步骤 403。  Step 401: When the NAF client on the peripheral terminal device needs to use a certain service, send a connection request to the NAF corresponding to the service. If the NAF client knows that it needs to go to the BSF to perform the mutual authentication process, it can skip this step and go directly to step 403.
步驟 402: 收到请求后, NAF查找是否已经存储了该对应于用户设 备有效的衍生密钥, 如果没有, 指示外围终端设备上的 NAF客户端采 用加密方式与其通信, 例如可指示采用 GAA密钥与其进行安全通信, 如果已经存在有效的 NAF 与该用户设备的共享的衍生密钥, 则直接使 用该密钥通信, 并结束本流程。  Step 402: After receiving the request, the NAF searches whether the derived key corresponding to the user equipment is already stored. If not, the NAF client on the peripheral terminal device is instructed to communicate with the NAF client by using an encryption method, for example, indicating that the GAA key is used. In order to communicate securely, if there is already a valid derivative key shared by the NAF and the user equipment, the key communication is directly used, and the process ends.
步骤 403: 收到指示后, 外围终端设备上 NAF客户端向 UE发送查 询 Ks信息的请求。 以便获知 UE上是否存在一个有效的 Ks。  Step 403: After receiving the indication, the NAF client on the peripheral terminal device sends a request for querying the Ks information to the UE. In order to know whether there is a valid Ks on the UE.
步驟 404: UE接到请求后, 在本地查找是否具备有效的 Ks。 如果 具备 Ks, 则将 Ks的 B-TID, 进一步包括密钥有效期一起发给外围终端 设备;如果没有 Ks存在或者 UE判断已有 Ks无效,那么就不返回 B-TID (可以直接执行步骤 406, 以便协商一个 Ks; 也可以是向外围终端设备 发送无有效密钥的指示, 等到收到步骤 405的 GBA重协商指示以后, 再执行步骤 406。  Step 404: After receiving the request, the UE locally searches for a valid Ks. If there is Ks, the B-TID of Ks is further sent to the peripheral terminal device together; if there is no Ks or the UE judges that Ks is invalid, then the B-TID is not returned (step 406 can be directly executed, In order to negotiate a Ks; it is also possible to send an indication to the peripheral terminal device that there is no valid key, and after receiving the GBA renegotiation indication of step 405, step 406 is performed.
步骤 405:如果外围终端设备没有收到 Ks对应的 B-TID或者根据返 回的密钥有效期判断收到的 B-TID已经过期, 那么将指示 UE执行一个 GBA重协商过程。 否则, 进入步骤 410。  Step 405: If the peripheral terminal device does not receive the B-TID corresponding to the Ks or judges that the received B-TID has expired according to the returned key validity period, the UE is instructed to perform a GBA renegotiation process. Otherwise, proceed to step 410.
值得指出的是步骤 403, 404, 405还可按照以下方式执行: 外围设 备并不查询 UE是否存在一个有效的 Ks,而是直接向 UE发送 GBA指示。 UE收到 GBA指示后,按照现有规范中收到 NAF的 GBA指示后的处理 方法相同的方法进行处理。 It is worth noting that steps 403, 404, 405 can also be performed in the following manner: The peripheral device does not query whether the UE has a valid Ks, but sends a GBA indication directly to the UE. After receiving the GBA indication, the UE performs the same method according to the processing method after receiving the GBA indication of the NAF in the existing specification.
步驟 406: 如果无有效的 Ks存在, UE向 BSF发送鉴权请求, 以便 协商一个 Ks。 Step 4 06: If no valid Ks exists, the UE sends an authentication request to the BSF to negotiate a Ks.
步驟 407: 根据 GBA过程, 收到鉴权请求的 BSF到 HSS获取该用 户的鉴权信息。  Step 407: According to the GBA process, the BSF that receives the authentication request obtains the authentication information of the user from the HSS.
步驟 408: BSF获得鉴权信息后与 UE进行双向认证以及密钥协商, 完成用户和 BSF之间身份的互相鉴权及共享密钥 Ks的生成。  Step 408: After obtaining the authentication information, the BSF performs mutual authentication and key agreement with the UE, and performs mutual authentication of the identity between the user and the BSF and generation of the shared key Ks.
步骤 409: BSF还可为 Ks定义一个有效期, 并分配一个可用于标识 Ks的 B-TID发送给 UE。 并在 Ks到期后, 返回步骤 406以更新 Ks。  Step 409: The BSF may also define an expiration date for the Ks, and allocate a B-TID that can be used to identify the Ks to be sent to the UE. And after the expiration of Ks, return to step 406 to update Ks.
步骤 410: 外围终端设备向 UE请求本次要与 NAF加密通信所使用 的衍生密钥 NAF specific keys, 并在请求消息里携带所述 NAF标识、 夕卜 围终端设备的设备标志。  Step 410: The peripheral terminal device requests the UE to use the derived key NAF specific keys to be used for the encrypted communication with the NAF, and carries the NAF identifier and the device identifier of the peripheral terminal device in the request message.
步骤 411 : UE根据 Ks计算衍生密钥。 计算的具体方法与步骤 308 相同。  Step 411: The UE calculates the derived key according to Ks. The specific method of calculation is the same as step 308.
步骤 412: UE通过本地接口将计算出的衍生密钥 NAF specific keys 和标识 Ks的 B-TID—起发送给外围终端设备上的 NAF客户端。  Step 412: The UE sends the calculated derivative key NAF specific keys and the B-TID of the identifier Ks to the NAF client on the peripheral terminal device through the local interface.
步驟 413: 外围终端设备上的 NAF客户端再次向 NAF发送连接请 求, 并在请求消息中携带所述 B-TID以及进一步包括设备标志。  Step 413: The NAF client on the peripheral terminal device sends a connection request to the NAF again, and carries the B-TID and the device identifier in the request message.
步骤 414: NAF向 BSF发送密钥查询消息进行查询, 该查询消息中 携带了 NAF标识和 B-TID以及设备标志。  Step 414: The NAF sends a key query message to the BSF for querying, and the query message carries the NAF identifier and the B-TID and the device identifier.
步骤 415: BSF接收到查询消息后, 根据消息中的 B-TID查找到对 应的密钥 Ks, 并根据 B-TID、设备标志以及 NAF标识, 采用与步骤 308 所述 UE侧相同算法计算衍生密钥。  Step 415: After receiving the query message, the BSF searches for the corresponding key Ks according to the B-TID in the message, and calculates the derivative key according to the same algorithm as the UE side described in step 308 according to the B-TID, the device identifier, and the NAF identifier. key.
步骤 416: BSF将衍生密钥 NAF specific keys连同生成的该密钥的 有效期一起返回给 NAF。 Step 416: The BSF will derive the key NAF specific keys along with the generated key The validity period is returned to NAF together.
步驟 417: 之后, NAF便和外围终端设备采用所述衍生密钥 NAF specific keys加密之间的通信。并在衍生密钥到期后,返回步骤 408以更 新衍生密钥。  Step 417: After that, the NAF communicates with the peripheral terminal device using the derived key NAF specific keys. And after the derived key expires, return to step 408 to update the derived key.
值得指出的是, 步骤 410~412可放到 416之后执行。  It is worth noting that steps 410-412 can be performed after 416.
所述步驟 408至步骤 417与步骤 306至步骤 314相同。 本发明还提供了增强通用鉴权框架中的密钥协商系统。如图 5所示, 在一个实施例中, 该系统包括:  The steps 408 to 417 are the same as the steps 306 to 314. The present invention also provides an enhanced key agreement system in a universal authentication framework. As shown in FIG. 5, in one embodiment, the system includes:
一个以上具有网络业务应用实体 NAF客户端的外围终端设备,向与 其连接的 UE请求衍生密钥, 该请求中携带外围终端设备标志;  More than one peripheral terminal device having a network service application entity NAF client requests a derived key from a UE connected thereto, and the request carries a peripheral terminal device flag;
UE, 根据其与执行用户身份初始检查验证的实体 BSF 的共享密钥 Ks和所述外围终端设备标志计算出第一衍生密钥,并提供给外围终端设 备上的 NAF客户端;  The UE calculates a first derived key according to the shared key Ks of the entity BSF and the peripheral terminal device flag that performs initial authentication verification of the user identity, and provides the first derivative key to the NAF client on the peripheral terminal device;
BSF,根据其与 UE的共享密钥 Ks和获取的所述外围终端设备标志, 计算出与第一衍生密钥相同的第二衍生密钥, 并将所述第二衍生密钥提 供给 NAF。  The BSF calculates a second derived key identical to the first derived key according to the shared key Ks with the UE and the acquired peripheral terminal device flag, and provides the second derived key to the NAF.
由此可见, 本实施例中, 由网络侧的 BSF单独计算 NAF使用的第 二衍生密钥。 BSF 计算第二衍生密钥所使用的外围终端设备标志可以 是 UE上报的, 也可以是从 NAF处获取的。 如图 6所示, 4t另一实施例, 该系统包括:  Therefore, in this embodiment, the second derivative key used by the NAF is separately calculated by the BSF on the network side. The peripheral terminal device flag used by the BSF to calculate the second derived key may be reported by the UE or may be obtained from the NAF. As shown in FIG. 6, in another embodiment of 4t, the system includes:
一个以上具有网络业务应用实体 NAF客户端的外围终端设备,向与 其连接的 UE请求衍生密钥, 该请求中携带外围终端设备标志;  More than one peripheral terminal device having a network service application entity NAF client requests a derived key from a UE connected thereto, and the request carries a peripheral terminal device flag;
UE, 根据其与执行用户身份初始检查验证的实体 BSF 的共享密钥 Ks和所述外围终端设备标志计算出第一衍生密钥,并提供给外围终端设 备上的 NAF客户端; The UE calculates a first derived key according to the shared key Ks of the entity BSF and the peripheral terminal device flag that performs initial authentication verification of the user identity, and provides the first derived key to the peripheral terminal. a backup NAF client;
BSF, 根据其与 UE的共享密钥 Ks计算出临时密钥;  The BSF calculates a temporary key according to the shared key Ks with the UE;
NAF , 根据所述临时密钥和获取的外围终端设备标志计算出与第一 衍生密钥相同的第二衍生密钥, 并保存该第二衍生密钥。  NAF calculates a second derived key identical to the first derived key according to the temporary key and the acquired peripheral terminal device flag, and saves the second derived key.
由此可见, 本实施例中, 由网络侧的 BSF和 NAF联合计算出 NAF 使用的第二衍生密钥。 NAF计算第二衍生密钥所使用的外围终端设备标 志可以是从 NAF客户端发来的连接请求中获取的,也可以是 UE上报的。 本发明还公开了一种 UE,如图 7所示,该 UE与一个以上具有 NAF 客户端的外围终端设备连接, 包括一个密钥衍生模块, 用于根据其与执 行用户身份初始检查验证的实体 BSF的共享密钥 Ks和与其连接的外围 终端设备的设备标志计算衍生密钥, 并将衍生密钥提供给所述外围终端 设备上的 NAF客户端。 本发明还公开了一种 BSF,用于依靠网络侧的 BSF生成衍生密钥的 情况。 如图 8所示, 在此情况下, BSF包括一个密钥衍生模块, 用于根 据其与用户终端 UE的共享密钥 Ks和获取的与所述 UE相连的外围终端 设备的标志计算衍生密钥, 并将衍生密钥提供给网络业务应用实体 NAF。 本发明还公开了一种网络侧密钥衍生功能实体, 用于依靠网络侧的 BSF和 NAF共同生成衍生密钥的情况。 如图 9所示, 在此情况下, 该 密钥衍生功能实体包括位于 BSF上的第一密钥衍生模块和位于 NAF上 的第二密钥衍生模块。所述第一密钥衍生模块用于根据 BSF与用户终端 UE的共享密钥 Ks计算临时密钥; 所述第二密钥衍生模块用于根据第一 密钥衍生模块计算出的临时密钥和获取的与所述 UE相连的外围终端设 备的设备标志计算衍生密钥。 Therefore, in this embodiment, the second derivative key used by the NAF is jointly calculated by the BSF and the NAF on the network side. The peripheral terminal device identifier used by the NAF to calculate the second derived key may be obtained from a connection request sent by the NAF client, or may be reported by the UE. The present invention also discloses a UE. As shown in FIG. 7, the UE is connected to one or more peripheral terminal devices having a NAF client, and includes a key derivation module for performing an entity BSF according to an initial check verification with a user identity. The shared key Ks and the device flag of the peripheral terminal device connected thereto calculate the derived key, and provide the derived key to the NAF client on the peripheral terminal device. The present invention also discloses a BSF for generating a derivative key by means of a BSF on the network side. As shown in FIG. 8, in this case, the BSF includes a key derivation module for calculating a derived key according to its shared key Ks with the user terminal UE and the acquired identifier of the peripheral terminal device connected to the UE. And provide the derived key to the network service application entity NAF. The invention also discloses a network side key derivation function entity, which is used for jointly generating a derivative key by the BSF and the NAF on the network side. As shown in FIG. 9, in this case, the key derivation function entity includes a first key derivation module located on the BSF and a second key derivation module located on the NAF. The first key derivation module is configured to calculate a temporary key according to the shared key Ks of the BSF and the user terminal UE; the second key derivation module is configured to use the temporary key and the calculated key according to the first key derivation module. Obtained peripheral terminal device connected to the UE The prepared device flag calculates the derived key.
以上所述仅为本发明的较佳实施例而已, 并不用以限制本发明, 凡 在本发明的精神和原则之内所作的任何修改、 等同替换和改进等, 均应 包含在本发明的保护范围之内。  The above is only the preferred embodiment of the present invention, and is not intended to limit the present invention. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present invention should be included in the protection of the present invention. Within the scope.

Claims

权利要求书 Claim
1、 一种增强通用鉴权框架中的密钥协商方法, 用于网絡业务应用 实体 NAF 与其位于外围终端设备上的客户端之间的加密通信, 其特征 在于, 包括: 1. An enhanced key agreement method in a universal authentication framework for an encrypted communication between a network service application entity NAF and a client located on a peripheral terminal device, the method comprising:
外围终端设备向 UE请求衍生密钥, 该请求中携带外围终端设备标 志;  The peripheral terminal device requests a derivative key from the UE, where the request carries a peripheral terminal device identifier;
UE根据其与执行用户身份初始检查验证的实体 BSF的共享密钥 Ks 和所述外围终端设备标志计算出第一衍生密钥, 并将第一衍生密钥提供 给外围终端设备上的 NAF客户端;  The UE calculates the first derived key according to the shared key Ks and the peripheral terminal device flag of the entity BSF that performs the user identity initial check verification, and provides the first derived key to the NAF client on the peripheral terminal device. ;
网络侧根据所述 UE与 BSF的共享密钥 Ks和获取的所述外围终端 设备标志, 计算出第二衍生密钥, 并将所述第二衍生密钥由 NAF保存。  The network side calculates a second derived key according to the shared key Ks of the UE and the BSF and the obtained peripheral terminal device identifier, and saves the second derived key by the NAF.
2、 根据权利要求 1 所述的方法, 其特征在于, 在外围终端设备向 UE请求衍生密钥之前, 进一步包括:  The method according to claim 1, wherein before the peripheral terminal device requests the derived key from the UE, the method further includes:
NAF客户端通过外围终端设备向所述 NAF发送连接请求;  The NAF client sends a connection request to the NAF through the peripheral terminal device;
NAF收到所述连接请求后, 查找未存储有用于所述加密通信的衍生 密钥时, 指示外围终端设备执行所述加密通信的密钥协商。  After receiving the connection request, the NAF instructs the peripheral terminal device to perform key agreement for performing the encrypted communication when it finds that the derived key for the encrypted communication is not stored.
3、 根据权利要求 1所述的方法, 其特征在于, 进一步包括: 所述第一或第二衍生密钥超过有效期限时, 或共享密钥 Ks更新后, 重新执行生成第一和第二衍生密钥的过程。  The method according to claim 1, further comprising: when the first or second derived key exceeds an expiration date, or after the shared key Ks is updated, re-executing generating the first and second derived secrets The process of the key.
4、根据权利要求 1或 3所述的方法, 其特征在于, 所述 UE与 BSF 的共享密钥 Ks是 UE与 BSF执行互鉴权 GBA过程生成的共享密钥。  The method according to claim 1 or 3, wherein the shared key Ks of the UE and the BSF is a shared key generated by the UE and the BSF performing a mutual authentication GBA process.
5、 根据权利要求 1所述的方法, 其特征在于, 进一步包括: 5. The method according to claim 1, further comprising:
UE提供给外围终端设备一个可用于标识所述共享密钥 Ks 的会话 事务标识 B-TID, 并通过外围终端设备发送给网络侧; 所述网絡侧根据所述会话事务标识 B-TID确定共享密钥 Ks。 The UE provides the peripheral terminal device with a session transaction identifier B-TID that can be used to identify the shared key Ks, and sends the session transaction identifier to the network side through the peripheral terminal device; The network side determines the shared key Ks according to the session transaction identifier B-TID.
6、根据权利要求 1所述的方法, 其特征在于, 所述网络侧计算第二 衍生密钥为: 由网絡侧的 BSF计算第二衍生密钥。  The method according to claim 1, wherein the network side calculates the second derived key as: calculating, by the BSF on the network side, the second derived key.
7、根据权利要求 1所述的方法, 其特征在于, 所述网络侧计算第二 衍生密钥包括:由 BSF根据所述共享密钥 Ks计算出临时密钥,再由 NAF 根据所述临时密钥和所述外围终端设备标志计算出所述第二衍生密钥。  The method according to claim 1, wherein the calculating, by the network side, the second derived key comprises: calculating, by the BSF, the temporary key according to the shared key Ks, and then using the NAF according to the temporary secret The key and the peripheral terminal device flag calculate the second derived key.
8、 根据权利要求 6或 7所述的方法, 其特征在于, 所述计算 Ks的 过程中, 还使用以下参数进行计算: 随机数 RAND、 用户的 IP多媒体 私有身份标识 IMPI、 所述 NAF标识, 特定的字符串。  The method according to claim 6 or 7, wherein, in the process of calculating Ks, the following parameters are also used for calculation: a random number RAND, a user's IP multimedia private identity identifier IMPI, the NAF identifier, A specific string.
9、根据权利要求 1所述的方法, 其特征在于, 所述外围终端设备标 志为以下之一:  The method according to claim 1, wherein the peripheral terminal device flag is one of the following:
外围终端设备的 MAC地址、 IP地址、 全局可路由的用户代理通用 资源标识符 GRUU、 设备标识以及上述各标识的索引值。  The MAC address of the peripheral terminal device, the IP address, the globally routable user agent common resource identifier GRUU, the device identifier, and the index values of the above-mentioned respective identifiers.
10、 根据权利要求 1所述的方法, 其特征在于, 所述外围终端设备 标志的获取步骤包括:  10. The method according to claim 1, wherein the step of acquiring the peripheral terminal device flag comprises:
外围终端设备向网络侧的 NAF发送连接请求时,该连接请求携带外 围终端设备标志;  When the peripheral terminal device sends a connection request to the NAF on the network side, the connection request carries the peripheral terminal device identifier;
网络侧从所述连接请求中获取所述外围终端设备标志。  The network side acquires the peripheral terminal device flag from the connection request.
11、 根据权利要求 1所述的方法, 其特征在于, 所述外围终端设备 标志的获取步骤包括: 所述 UE将接收到的请求中携带的外围终端设备 标志发送给网络侧。  The method according to claim 1, wherein the acquiring the peripheral terminal device flag comprises: sending, by the UE, the peripheral terminal device identifier carried in the received request to the network side.
12、 根据权利要求 1所述的方法, 其特征在于, 进一步包括: 所述 BSF或 NAF根据外围终端设备标志识别来自某个用户的不同 外围终端设备的连接请求, 并据此控制所述用户执行同一个业务的不同 外围终端设备接入的数量。 13、 根据权利要求 1所述的方法, 其特征在于, 在外围终端设备向 UE请求衍生密钥之前, 进一步包括: 12. The method according to claim 1, further comprising: the BSF or the NAF identifying a connection request from a different peripheral terminal device of a certain user according to the peripheral terminal device flag, and controlling the user to perform according to the connection The number of different peripheral terminal devices connected to the same service. The method according to claim 1, wherein before the peripheral terminal device requests the derived key from the UE, the method further includes:
外围终端设备向 UE发送 B-TID请求,查询 UE是否存在有效的 Ks; 外围终端设备接收 UE返回的查询结果, 如果查询结果为 UE不存 在有效的 Ks, 则指示 UE发起 GBA过程, 协商一个新的 Ks。  The peripheral terminal device sends a B-TID request to the UE to query whether the UE has a valid Ks. The peripheral terminal device receives the query result returned by the UE. If the query result is that the UE does not have a valid Ks, the UE is instructed to initiate the GBA process and negotiate a new one. Ks.
14根据权利要求 1所述的方法, 其特征在于, UE计算第一衍生密 钥之前, 进一步包括,  The method according to claim 1, wherein before the UE calculates the first derived key, further comprising,
XJE查询本地是否存在有效 Ks, 如果查询结果为本地不存在有效的 Ks, 则发起一个新的 GBA过程, 协商一个新的 Ks。  XJE queries whether there is a valid Ks in the local. If the query result is that there is no valid Ks locally, a new GBA process is initiated to negotiate a new Ks.
15、 一种增强通用鉴权框架中的密钥协商方法, 用于网络业务应用 实体 NAF 与其位于外围终端设备上的客户端之间的加密通信, 其特征 在于, 包括: 15. An enhanced key agreement method in a universal authentication framework for use in an encrypted communication between a network service application entity NAF and a client located on a peripheral terminal device, the method comprising:
网络侧根据 UE与执行用户身份初始检查验证的实体 BSF的共享密 钥 Ks和所获取的外围终端设备标志, 计算出第一衍生密钥, 并将所述 第一衍生密钥由 NAF保存;  The network side calculates a first derived key according to the shared key Ks of the entity BSF and the obtained peripheral terminal device identifier, which is performed by the UE and the user identity initial check verification, and saves the first derived key by the NAF;
外围终端设备向 UE请求衍生密钥, 该请求中携带外围终端设备标 士 .  The peripheral terminal device requests a derivative key from the UE, and the request carries a peripheral terminal device badge.
UE根据 UE与 BSF的共享密钥 Ks和所述外围终端设备标志计算出 第二衍生密钥, 并将第二衍生密钥提供给外围终端设备上的 NAF客户 端。 The UE calculates a second derived key according to the shared key Ks of the UE and the BSF and the peripheral terminal device flag, and provides the second derived key to the NAF client on the peripheral terminal device.
16、根据权利要求 15所述的方法, 其特征在于, 在网络侧计算第一 衍生密钥之前, 进一步包括:  The method according to claim 15, wherein before the calculating, by the network side, the first derivative key, the method further comprises:
UE提供给外围终端设备一个可用于标识所述共享密钥 Ks 的会话 事务标识 B-TID, 并通过外围终端设备发送给网络侧; 所述网絡侧根据所述会话事务标识 B-TID确定共享密钥 Ks。 The UE provides the peripheral terminal device with a session transaction identifier B-TID that can be used to identify the shared key Ks, and sends the session transaction identifier to the network side through the peripheral terminal device; The network side determines the shared key Ks according to the session transaction identifier B-TID.
17、根据权利要求 15所述的方法, 其特征在于, 所述网络侧计算第 一衍生密钥包括: 由 BSF计算第一衍生密钥。  The method according to claim 15, wherein the calculating, by the network side, the first derived key comprises: calculating, by the BSF, the first derived key.
18、根据权利要求 15所述的方法, 其特征在于, 所述网络侧计算第 一衍生密钥包括: 由 BSF根据所述共享密钥 Ks计算出临时密钥, 再由 NAF根据所述临时密钥和所述外围终端设备标志计算出所述第一衍生 密钥。  The method according to claim 15, wherein the calculating, by the network side, the first derivative key comprises: calculating, by the BSF, the temporary key according to the shared key Ks, and then using the NAF according to the temporary secret The key and the peripheral terminal device flag calculate the first derived key.
19、一种增强通用鉴权框架中的密钥协商系统,其特征在于, 包括: 一个以上具有网络业务应用实体 NAF客户端的外围终端设备,向与 其连接的 UE请求衍生密钥, 该请求中携带外围终端设备标志; 19. A key agreement system in an enhanced universal authentication framework, comprising: one or more peripheral terminal devices having a network service application entity NAF client, requesting a derived key from a UE connected thereto, the request carrying Peripheral terminal equipment mark;
UE, 根据其与执行用户身份初始检查验证的实体 BSF 的共享密钥 UE, according to its shared key with the entity BSF that performs the initial check verification of the user identity
Ks和所述外围终端设备标志计算出第一衍生密钥,并将第一衍生密钥提 供给外围终端设备上的 NAF客户端; Ks and the peripheral terminal device flag calculate a first derived key, and provide the first derived key to the NAF client on the peripheral terminal device;
BSF,根据其与 UE的共享密钥 Ks和获取的所述外围终端设备标志, 计算出第二衍生密钥, 并将所述第二衍生密钥提供给 NAF;  The BSF calculates a second derived key according to the shared key Ks with the UE and the obtained peripheral terminal device identifier, and provides the second derived key to the NAF;
NAF, 保存所述第二衍生密钥。  NAF, saving the second derivative key.
20、一种增强通用鉴权框架中的密钥协商系统, 其特征在于, 包括: 一个以上具有网络业务应用实体 NAF客户端的外围终端设备,向与 其连接的 UE请求衍生密钥, 该请求中携带外围终端设备标志; 20. A key agreement system in an enhanced universal authentication framework, comprising: more than one peripheral terminal device having a network service application entity NAF client, requesting a derived key from a UE connected thereto, the request carrying Peripheral terminal equipment mark;
UE, 根据其与执行用户身份初始检查验证的实体 BSF 的共享密钥 UE, according to its shared key with the entity BSF that performs the initial check verification of the user identity
Ks和所述外围终端设备标志计算出第一衍生密钥,并将第一衍生密钥提 供给外围终端设备上的 NAF客户端; Ks and the peripheral terminal device flag calculate a first derived key, and provide the first derived key to the NAF client on the peripheral terminal device;
BSF, 根据其与 UE的共享密钥 Ks计算出临时密钥;  The BSF calculates a temporary key according to the shared key Ks with the UE;
NAF , 根据所述临时密钥和获取的外围终端设备标志计算出第二衍 生密钥, 并保存该第二衍生密钥。 NAF, calculating the second derivative according to the temporary key and the acquired peripheral terminal device flag Generate a key and save the second derived key.
21、 一种用户终端 UE, 与一个以上具有网络业务应用实体 NAF客 户端的外围终端设备连接, 其特征在于, 包括: A user terminal UE, which is connected to one or more peripheral terminal devices having a network service application entity NAF client, and includes:
密钥衍生模块, 用于根据其与执行用户身份初始检查验证的实体 BSF的共享密钥 Ks和与其连接的外围终端设备的设备标志计算衍生密 钥 , 并将衍生密钥提供给所述外围终端设备上的 NAF客户端。  a key derivation module, configured to calculate a derived key according to a shared key Ks of the entity BSF with which the user identity initial verification is performed and a device identifier of the peripheral terminal device connected thereto, and provide the derived key to the peripheral terminal NAF client on the device.
22、一种执行用户身份初始检查验证实体 BSF, 其特征在于, 包括: 密钥衍生模块,用于根据其与用户终端 UE的共享密钥 Ks和获取的 与所述 UE相连的外围终端设备的标志计算衍生密钥, 并将衍生密钥提 供给网络业务应用实体 NAF。 An entity user initial check verification entity BSF, comprising: a key derivation module, configured to use the shared key Ks with the user terminal UE and the obtained peripheral terminal device connected to the UE The flag calculates the derived key and provides the derived key to the network service application entity NAF.
23、 一种网络侧密钥衍生功能实体, 其特征在于, 包括: A network-side key-derived functional entity, comprising:
第一密钥衍生模块, 位于执行用户身份初始检查验证实体 BSF, 根 据 BSF与用户终端 UE的共享密钥 Ks计算临时密钥;  The first key derivation module is located in the execution user identity initial check verification entity BSF, and calculates the temporary key according to the shared key Ks of the BSF and the user terminal UE;
第二密钥衍生模块, 位于网络业务应用实体 NAJF, 根据第一密钥衍 生模块计算出的临时密钥和获取的与所述 UE相连的外围终端设备的设 备标志计算衍生密钥。  The second key derivation module is located at the network service application entity NAJF, and calculates the derived key according to the temporary key calculated by the first key derivation module and the obtained device identifier of the peripheral terminal device connected to the UE.
PCT/CN2006/002181 2005-08-26 2006-08-25 Encryption key negotiation method, system and equipment in the enhanced universal verify frame WO2007022731A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200510093568.3 2005-08-26
CN200510093568.3A CN1921682B (en) 2005-08-26 2005-08-26 Method for enhancing key negotiation in universal identifying framework

Publications (1)

Publication Number Publication Date
WO2007022731A1 true WO2007022731A1 (en) 2007-03-01

Family

ID=37771241

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2006/002181 WO2007022731A1 (en) 2005-08-26 2006-08-25 Encryption key negotiation method, system and equipment in the enhanced universal verify frame

Country Status (2)

Country Link
CN (1) CN1921682B (en)
WO (1) WO2007022731A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009038522A1 (en) * 2007-09-17 2009-03-26 Telefonaktiebolaget L M Ericsson (Publ) Method and arrangement in a telecommunication system
CN106534050A (en) * 2015-09-11 2017-03-22 中移(杭州)信息技术有限公司 Method and device for realizing key agreement of virtual private network (VPN)
CN115118471A (en) * 2022-06-16 2022-09-27 深圳市欢太科技有限公司 Remote connection method, device, electronic equipment and storage medium

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101312395B (en) * 2007-05-22 2012-03-28 中兴通讯股份有限公司 Method and system for security authentication and card exchanging process for application service
CN101459506B (en) * 2007-12-14 2011-09-14 华为技术有限公司 Cipher key negotiation method, system, customer terminal and server for cipher key negotiation
CN101772024B (en) * 2008-12-29 2012-10-31 中国移动通信集团公司 User identification method, device and system
CN101888626B (en) * 2009-05-15 2013-09-04 中国移动通信集团公司 Method and terminal equipment for realizing GBA key
CN102768744B (en) * 2012-05-11 2016-03-16 福建联迪商用设备有限公司 A kind of remote safe payment method and system
EP3348031B1 (en) * 2015-09-11 2019-11-06 Telefonaktiebolaget LM Ericsson (PUBL) Gateway, client device and methods for facilitating secure communication between a client device and an application server using redirect
CN115362656A (en) * 2020-04-03 2022-11-18 苹果公司 Application function key derivation and refresh
CN114143016A (en) * 2020-08-14 2022-03-04 中兴通讯股份有限公司 Authentication method based on general guide architecture GBA and corresponding device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6154543A (en) * 1998-11-25 2000-11-28 Hush Communications Anguilla, Inc. Public key cryptosystem with roaming user capability
CN1351789A (en) * 1999-05-21 2002-05-29 国际商业机器公司 Method and apparatus for initializing secure communications among and for exclusively pairing wireless devices
JP2005117254A (en) * 2003-10-06 2005-04-28 Nippon Telegr & Teleph Corp <Ntt> Method for authenticating counterpart between wireless stations, wireless station terminal, and program
CN1614903A (en) * 2003-11-07 2005-05-11 华为技术有限公司 Method for authenticating users
CN1625100A (en) * 2003-12-03 2005-06-08 佳能株式会社 Setting method for wireless communication device, computer peripheral equipment, and information processor

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100456671C (en) * 2003-11-07 2009-01-28 华为技术有限公司 Method for distributing session affairs identifier
CN1274181C (en) * 2004-06-25 2006-09-06 华为技术有限公司 Method for managing local terminal equipment accessing network

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6154543A (en) * 1998-11-25 2000-11-28 Hush Communications Anguilla, Inc. Public key cryptosystem with roaming user capability
CN1351789A (en) * 1999-05-21 2002-05-29 国际商业机器公司 Method and apparatus for initializing secure communications among and for exclusively pairing wireless devices
JP2005117254A (en) * 2003-10-06 2005-04-28 Nippon Telegr & Teleph Corp <Ntt> Method for authenticating counterpart between wireless stations, wireless station terminal, and program
CN1614903A (en) * 2003-11-07 2005-05-11 华为技术有限公司 Method for authenticating users
CN1625100A (en) * 2003-12-03 2005-06-08 佳能株式会社 Setting method for wireless communication device, computer peripheral equipment, and information processor

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10455417B2 (en) 2007-09-17 2019-10-22 Telefonaktiebolaget Lm Ericsson (Publ) Method and arrangement in a telecommunication system
US10057055B2 (en) 2007-09-17 2018-08-21 Telefonaktiebolaget Lm Ericsson (Publ) Method and arrangement in a telecommunication system
AU2008301284B2 (en) * 2007-09-17 2013-05-09 Telefonaktiebolaget L M Ericsson (Publ) Method and arrangement in a telecommunication system
US8660270B2 (en) 2007-09-17 2014-02-25 Telefonaktiebolaget L M Ericsson (Publ) Method and arrangement in a telecommunication system
US8938076B2 (en) 2007-09-17 2015-01-20 Telefonaktiebolaget L M Ericsson (Publ) Method and arrangement in a telecommunication system
CN102916808B (en) * 2007-09-17 2015-11-18 爱立信电话股份有限公司 Method and apparatus in telecommunication system
CN102916808A (en) * 2007-09-17 2013-02-06 爱立信电话股份有限公司 Method and arrangement in a telecommunication system
US11917055B2 (en) 2007-09-17 2024-02-27 Telefonaktiebolaget Lm Ericsson (Publ) Method and arrangement in a telecommunication system
US11075749B2 (en) 2007-09-17 2021-07-27 Telefonaktiebolaget Lm Ericsson (Publ) Method and arrangement in a telecommunication system
WO2009038522A1 (en) * 2007-09-17 2009-03-26 Telefonaktiebolaget L M Ericsson (Publ) Method and arrangement in a telecommunication system
US9615249B2 (en) 2007-09-17 2017-04-04 Telefonaktiebolaget Lm Ericsson (Publ) Method and arrangement in a telecommunication system
CN106534050A (en) * 2015-09-11 2017-03-22 中移(杭州)信息技术有限公司 Method and device for realizing key agreement of virtual private network (VPN)
CN115118471A (en) * 2022-06-16 2022-09-27 深圳市欢太科技有限公司 Remote connection method, device, electronic equipment and storage medium
CN115118471B (en) * 2022-06-16 2024-06-04 深圳市欢太科技有限公司 Remote connection method, device, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN1921682A (en) 2007-02-28
CN1921682B (en) 2010-04-21

Similar Documents

Publication Publication Date Title
CN110035433B (en) Verification method and device adopting shared secret key, public key and private key
US11825303B2 (en) Method for performing verification by using shared key, method for performing verification by using public key and private key, and apparatus
WO2007022731A1 (en) Encryption key negotiation method, system and equipment in the enhanced universal verify frame
US8559633B2 (en) Method and device for generating local interface key
US8787572B1 (en) Enhanced association for access points
JP4804983B2 (en) Wireless terminal, authentication device, and program
EP1933498B1 (en) Method, system and device for negotiating about cipher key shared by ue and external equipment
US9485232B2 (en) User equipment credential system
RU2414086C2 (en) Application authentication
US7860485B2 (en) Device and process for wireless local area network association and corresponding products
US8689283B2 (en) Security access control method and system for wired local area network
US8312278B2 (en) Access authentication method applying to IBSS network
WO2006097041A1 (en) A general authentication former and a method for implementing the authentication
CA2407482A1 (en) Security link management in dynamic networks
WO2007085175A1 (en) Authentication method, system and authentication center based on end to end communication in the mobile network
WO2019137030A1 (en) Safety certification method, related device and system
WO2008006312A1 (en) A realizing method for push service of gaa and a device
WO2004043006A1 (en) A method for the access of the mobile terminal to the wlan and for the data communication via the wireless link securely
JP2008537398A (en) Using Generic Authentication Architecture for Mobile Internet Protocol Key Distribution
JP2009533932A (en) Channel coupling mechanism based on parameter coupling in key derivation
WO2010091563A1 (en) Management method, device and system for wapi terminal certificates
JP2008547304A (en) Method of assigning authentication key identifier for wireless portable internet system
EP2993933B1 (en) Wireless terminal configuration method, apparatus and wireless terminal
WO2009074050A1 (en) A method, system and apparatus for authenticating an access point device
WO2007104248A1 (en) Method, system, apparatus and bsf entity for preventing bsf entity from attack

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06775499

Country of ref document: EP

Kind code of ref document: A1