WO2007022731A1 - Procede, systeme et equipement de negociation de cle de cryptage dans une trame de verification universelle amelioree - Google Patents

Procede, systeme et equipement de negociation de cle de cryptage dans une trame de verification universelle amelioree Download PDF

Info

Publication number
WO2007022731A1
WO2007022731A1 PCT/CN2006/002181 CN2006002181W WO2007022731A1 WO 2007022731 A1 WO2007022731 A1 WO 2007022731A1 CN 2006002181 W CN2006002181 W CN 2006002181W WO 2007022731 A1 WO2007022731 A1 WO 2007022731A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
peripheral terminal
terminal device
naf
bsf
Prior art date
Application number
PCT/CN2006/002181
Other languages
English (en)
Chinese (zh)
Inventor
Yanmei Yang
Original Assignee
Huawei Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co., Ltd. filed Critical Huawei Technologies Co., Ltd.
Publication of WO2007022731A1 publication Critical patent/WO2007022731A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these

Definitions

  • the present invention relates to the technical field of the 3GPP Generic Authentication Architecture (GAA), and in particular to a key agreement method, system and apparatus in an enhanced universal authentication framework.
  • GAA Generic Authentication Architecture
  • GAA is a general structure used by various application service entities to complete the verification of user identity. GAA can be used to check and verify the identity of users of application services.
  • the foregoing multiple application services may be multicast or broadcast services, user certificate services, information provision services, or proxy services.
  • FIG. 1 shows the structure of the GAA.
  • the GAA is usually composed of a UE, a BSF (Bootstrapping Server Function), a Home Subscriber System (HSS), and a Network Application Function (NAF).
  • BSF Bitstrapping Server Function
  • HSS Home Subscriber System
  • NAF Network Application Function
  • the BSF and the UE mutually authenticate the identity, and simultaneously generate the shared key Ks of the BSF and the UE;
  • the HSS stores a profile file for describing the user information, and the HSS also has the function of generating the authentication information.
  • the interface between the various entities can be seen in Figure 1.
  • the UE When the user needs to use a service, if the UE needs to go to the BSF to perform the mutual authentication process, the UE directly authenticates to the BSF. Otherwise, the UE first contacts the NAF corresponding to the service, if the NAF is used. The GAA, and finds that the UE has not yet reached the BSF for mutual authentication, and the NAF notifies the UE to the BSF for mutual authentication to verify the identity.
  • the mutual authentication between the UE and the BSF is the Bootstrapping rights under the General Bootstrapping Authentication Framework (GBA, Generic Bootstrapping Architecture).
  • the method includes: the UE sends an authentication request to the BSF; after receiving the authentication request, the BSF first obtains the authentication information of the user from the HSS; after obtaining the authentication information, the BSF uses the HTTP digest AKA protocol to perform mutual authentication and key agreement with the UE, and completes
  • the mutual authentication of the identity between the UE and the BSF and the generation of the shared key Ks, the BSF also defines an expiration date for the shared key Ks, so that the Ks performs regular updates.
  • the shared key Ks is used as a root key to derive a key for encrypted communication.
  • the BSF allocates a Bootstrapping Transaction Identifier (B-TID) to the UE, and the B-TID is associated with Ks, which can be used to identify the Ks, and also includes the expiration date of the Ks.
  • B-TID Bootstrapping Transaction Identifier
  • the UE After receiving the B-TID, the UE sends a connection request to the NAF again, and the B-TID is carried in the request message, and the UE side calculates the derived key NAF specific keys according to Ks (may be Ks-NAF, or Ks- Int—NAF and Ks—ext—NAF, as explained later).
  • Ks may be Ks-NAF, or Ks- Int—NAF and Ks—ext—NAF, as explained later).
  • the NAF After receiving the connection request, the NAF first queries the B-TID of the user. If the NAF cannot query the B-TID locally, the NAF queries the BSF. The query carries the NAF identifier and the B-TID. . If the BSF cannot query the B-TID locally, the NAF is notified that there is no information about the user. At this time, the NAF will notify the UE to re-authenticate the authentication to the BSF. After the BSF queries the B-TID, it calculates the derived key NAP specific keys of the Ks using the same algorithm as the UE side, and sends a successful response message to the NAF. The successful response includes the B-TID required by the NAF.
  • the derived key NAF specific keys corresponding to the B-TID, and the expiration date set by the BSF for the key After receiving the successful response message from the BSF, the NAF considers that the user is a legitimate user authenticated by the BSF, and the NAF and the UE share the key NAP specific keys derived from the Ks.
  • the NAF and the UE perform encrypted communication through NAF specific keys in the subsequent communication process.
  • the UE When the UE finds that Ks is about to expire, or the NAP requires the UE to re-authenticate to the BSF, The UE repeats the above steps to re-authenticate to the BSF to obtain a new shared key Ks and a derived key NAF specific keys.
  • the UE refers to a mobile device (ME, Mobile Equipment); if it is a GBA-U process, the above UE refers to a user identification module in a mobile device (UICC, Universal Integrated) Circuit Card ), the generated NAF specific keys described herein include two derived keys: Ks_int_NAF for the UICC and Ks_ext_NAF for the ME.
  • ME Mobile Equipment
  • UICC Universal Integrated Circuit Card
  • the above procedure is applicable to the case where the NAF client is in the UE, that is, the NAF client is on the ME of the UE, or on the UICC of the UE.
  • some new application scenarios have emerged.
  • One of the larger application scenarios is the separation of the NAF client from the terminal. This situation refers to: A mobile user has multiple terminal devices, that is, in addition to the mobile phone, other terminal devices such as a PC, a WLAN UE, The handheld computer and the like, and these terminals use the same UICC (such as SIM card) user information to access the network service, so that the NAF client and the UE are not on the same device.
  • UICC such as SIM card
  • the GAA architecture in this case is shown in Figure 2, which is referred to herein as the enhanced GAA framework.
  • the NAF client is not on the UE, but on one or several peripheral devices other than the UE. When these peripheral terminal devices do not have the GBA function, the NAF client will be on the peripheral terminal device and not on the same device as the client executing GBA.
  • the current GAA specification is mainly for the case where the NAF client and the GBA client are in the same terminal, and there is no authentication method for the GAA framework described in FIG.
  • a plurality of peripheral terminal devices may also adopt the same derivative.
  • a key communicates with a certain NAF, it poses a security risk: If one of them is compromised, the other one will not break.
  • the main object of the present invention is to provide a key agreement method, system and device in an enhanced universal authentication framework to solve a GBA client in a UE, and a NAF client in a NAF client with other peripheral terminal devices.
  • the end negotiates a key with the NAF to implement encrypted communication.
  • An enhanced key agreement method in a universal authentication framework includes the following steps:
  • the peripheral terminal device requests a derivative key from the UE; the request carries a peripheral terminal device flag;
  • the UE calculates the first derived key according to the shared key Ks and the peripheral terminal device flag of the entity BSF that performs the user identity initial check verification, and provides the first derived key to the NAF client on the peripheral terminal device. ;
  • the network side calculates a second derived key according to the shared key Ks of the UE and the BSF and the obtained peripheral terminal device identifier, and saves the second derived key by the NAF.
  • An enhanced key agreement method in a universal authentication framework includes the following steps:
  • the network side calculates a first derived key according to the shared key Ks of the entity BSF and the obtained peripheral terminal device identifier, which is performed by the UE and the user identity initial check verification, and saves the first derived key by the NAF;
  • the peripheral terminal device requests a derivative key from the UE, and the request carries a peripheral terminal device badge.
  • the UE calculates a second derived key according to its shared key Ks with the BSF and the peripheral terminal device flag, and provides the second derived key to the NAF client on the peripheral terminal device.
  • a key agreement system in an enhanced universal authentication framework includes: More than one peripheral terminal device having a network service application entity NAF client requests a derived key from a UE connected thereto, and the request carries a peripheral terminal device flag;
  • the UE calculates a first derived key according to the shared key Ks of the entity BSF and the peripheral terminal device flag that performs initial authentication verification of the user identity, and provides the first derived key to the NAF client on the peripheral terminal device.
  • the BSF calculates a second derived key according to its shared key Ks with the UE and the acquired peripheral terminal device flag, and provides the second derived key to the NAF.
  • a key agreement system in an enhanced universal authentication framework includes:
  • More than one peripheral terminal device having a network service application entity NAF client requests a derived key from a UE connected thereto, and the request carries a peripheral terminal device flag;
  • the UE calculates a first derived key according to the shared key Ks of the entity BSF and the peripheral terminal device flag that performs initial authentication verification of the user identity, and provides the first derived key to the NAF client on the peripheral terminal device.
  • the BSF calculates a temporary key according to the shared key Ks with the UE;
  • the NAF calculates a second derived key according to the temporary key and the obtained peripheral terminal device identifier, and saves the second derived key.
  • a user terminal UE connected to one or more peripheral terminal devices having a network service application entity NAF client, includes:
  • An execution user identity initial check verification entity BSF includes:
  • a network side key derivation functional entity for acquiring and acquiring a shared key Ks from the user terminal UE A flag of the peripheral terminal device connected to the UE, calculating a derived key, and providing the derived key to the network service application entity NAF.
  • a network side key derivation functional entity includes:
  • the first key derivation module is located in the execution user identity initial check verification entity BSF, and calculates the temporary key according to the shared key Ks of the BSF and the user terminal UE;
  • the second key derivation module is located at the network service application entity NAF, and calculates the derived key according to the temporary key calculated by the first key derivation module and the obtained device identifier of the peripheral terminal device connected to the UE.
  • the present invention implements key negotiation between the NAF client and the NAF when the GBA client is at the UE and the NAF client is at another terminal.
  • the present invention adopts the device identifier as one of the parameters for calculating the derived key, so different peripheral terminal devices use different derived keys to communicate with the same NAF, so that different peripheral terminal devices of the same UE can be prevented from adopting the same
  • the security problem that exists when the derived key communicates with the NAF is that a peripheral terminal device is attacked, and other peripheral terminal devices may also be attacked.
  • the derived key calculated for the different peripheral terminal device terminals is different, thereby improving the security.
  • the NAF client on the peripheral terminal device reports its own device flag to the NAF, which can not only calculate different derived keys for different terminal devices, but also make it possible to distinguish connection requests from different terminals of the same user. In this way, the access problem of multiple terminals of one user can be handled according to the local policy.
  • Figure 1 is a schematic diagram of the GAA frame.
  • 2 is a schematic diagram of an enhanced GAA framework in a state where the NAF client and the GBA client are separated.
  • FIG. 3 is a flowchart of key negotiation between a NAF client and NAF communication in an enhanced GAA framework according to an embodiment of the present invention.
  • FIG. 4 is a flowchart of key negotiation for NAF client and NAF communication in an enhanced GAA framework according to another embodiment of the present invention.
  • FIG. 5 is a schematic diagram of a key agreement system for NAF client and NAF communication in an enhanced GAA framework according to an embodiment of the present invention.
  • FIG. 6 is a schematic diagram of a key agreement system for communicating NAF clients with NAF in an enhanced GAA framework according to another embodiment of the present invention.
  • FIG. 7 is a schematic diagram of a UE participating in key negotiation of a NAF client and NAF communication according to an embodiment of the present invention.
  • FIG. 8 is a schematic diagram of a BSF for key negotiation of a NAF client and NAF communication according to an embodiment of the present invention.
  • FIG. 9 is a schematic diagram of a network-side key derivation functional entity participating in key negotiation of a NAF client and NAF communication according to an embodiment of the present invention. Mode for carrying out the invention
  • FIG. 3 shows a GAA authentication procedure according to an embodiment of the present invention.
  • the UE and the peripheral terminal device belong to the same user.
  • the following describes the secret key negotiation method of the NAF client and the NAF communication in the enhanced GAA framework, including the following steps:
  • Step 301 When the NAF client on the peripheral terminal device needs to use a certain service, send a connection request to the NAF corresponding to the service. If the NAF client knows that it needs to go to BSF To perform the mutual authentication process, you can skip this step and go directly to step 303.
  • Step 302 After receiving the request, the NAF searches whether the derived key corresponding to the user equipment is already stored, and if not, instructs the NAF client on the peripheral terminal device to communicate with the NAF client by using an encryption method, for example, indicating that the GAA key is used. In order to communicate securely, if there is already a valid derivative key shared by the NAF and the user equipment, the key communication is directly used, and the process ends.
  • an encryption method for example, indicating that the GAA key is used.
  • Step 303 After receiving the indication, the NAF client on the peripheral terminal device requests the UE to use the derived key NAF specific keys to be used in the encrypted communication with the NAF, and carries the NAF identifier and the peripheral terminal device in the request message. Equipment sign.
  • the device identifier refers to an identifier for distinguishing different peripheral terminal devices, and may be a device MAC address, an IP address, or a globally routable user agent universal resource identifier (GRUU, Globally Routable UA imi ), device identifier ( Similar to ME's IMEI) and so on.
  • the peripheral terminal device can connect to the UE as a local interface through an interface such as a data line, USB, Bluetooth, or infrared to exchange messages.
  • the device flag sent may also be an index value for the various identifiers listed above.
  • the UE stores the correspondence between each index and the identifier. After receiving the device index value, the UE obtains the real identifier according to the corresponding relationship.
  • the device identifier is for distinguishing different peripheral terminal devices, that is, it may be a global device identifier, or may be a partial device identifier, such as a personal network element (PNE) defined in the personal network. , personal network element ) logo.
  • PNE personal network element
  • the network side may also store the peripheral terminal device information of a certain UE, including the correspondence between the user identifier and each device owned by the UE.
  • Step 304 After receiving the request, the UE locally searches for a valid Ks. If there is a valid Ks, go directly to step 308; if there is no valid Ks, send an authentication request to the BSF to perform the GB A process.
  • Step 305 According to the GBA process, the BSF that receives the authentication request obtains the use by the HSS. User's authentication information.
  • Step 306 After obtaining the authentication information, the BSF performs mutual authentication and key agreement with the UE, and completes mutual authentication of the identity between the UE and the BSF and generation of the shared key Ks.
  • Step 307 The BSF may also define an expiration date for the Ks, and assign a session transaction identifier (B-TID) that can be used to identify the Ks to the UE. And after the Ks expires, return to step 304 to update Ks.
  • B-TID session transaction identifier
  • Step 308 The UE calculates a derived key according to Ks, and the calculation parameter includes a device identifier of the peripheral terminal device in addition to Ks, "gba-me" II RAKD II IMPI
  • Derived key NAF specific keys can be divided into:
  • Ks_ext_NAF KF (Ks, "gba-me”
  • device flag); Ks— int— NAF KDF (Ks, "gba-u” II RAND
  • IMPI refers to the user's IP multimedia private identity
  • NAF-ID refers to the NAF identifier
  • gba-me and "gba-u” represent the string
  • KDF is the abbreviation of the key derivation function.
  • Ks-NAF KDF (Ks, "gba-me”
  • the second step of calculating the derived key can also be performed on the peripheral terminal device and the AF, and the UE and the BSF can respectively Ks_int/(ext)_ NAF_ temp is sent to the peripheral terminal device and NAF.
  • Step 309 The UE sends the calculated derivative key NAF specific keys and the B-TID of the identifier Ks to the NAF client on the peripheral terminal device through the local interface.
  • Step 310 The NAF client on the peripheral terminal device sends a connection request to the NAF again, and carries the B-TID and the device identifier in the request message.
  • NAF may obtain the communication peripheral terminal equipment mark by other means.
  • the carrier network may locally configure the information that the peripheral terminal has been configured, and the peripheral terminal device or the UE tells the operator network (such as BSF or NAF) to enable a certain characteristic information of a peripheral terminal device by using a short message.
  • the carrier network (such as BSF) finds the device flag locally and notifies NAF. It may also be a peripheral terminal device or a message that the UE directly tells the NAF peripheral terminal device through other messages.
  • the UE after receiving the request in step 304, the UE sends the peripheral terminal device identifier carried in the request to the network side. I won't go into details later.
  • Step 311 The NAF sends a key query message to the BSF for querying, and the query message carries the NAF identifier and the B-TID and the device identifier.
  • Step 312 After receiving the query message, the BSF searches for the corresponding key Ks according to the B-TID in the message, and calculates the derivative key according to the same algorithm as the UE side described in step 308 according to the B-TID, the device identifier, and the NAF identifier. key.
  • Step 313 The BSF returns the twin key NAF specific keys to the NAF along with the generated validity period of the key.
  • Step 314 After that, the NAF communicates with the peripheral terminal device using the derived key NAF specific keys. And after the derived key expires, return to step 308 to New derived key.
  • the NAF and the peripheral terminal can negotiate to select a derived key as the encrypted communication.
  • different peripheral terminal devices of a certain UE can be distinguished, and the feature can be used to control the number of peripheral terminal accesses of a certain UE to access a certain service according to the configuration policy. It can be configured and controlled by the BSF.
  • the configuration policy can be sent to the NAF and controlled by the NAF. For example, the corresponding flag can be set in the USS (User Security Setting). After the operator configures it, it is sent by the BSF. ⁇ NAF, access control by NAF.
  • peripheral terminal devices connected to the UE are distinguished according to the device identifier, and corresponding processing is performed according to the configured policy. For example, if only one peripheral terminal device connected to the UE is allowed to access the NAF at the same time (the entity implementing the NAF may be an application server AS), if it is found that there is a connection request sent by the other peripheral terminal device on the UE, or reject A new connection request either disconnects the old connection and accesses the new connection.
  • the entity implementing the NAF may be an application server AS
  • the BSF or NAF may also restrict whether the peripheral terminal device is allowed to access the network using the key calculated by the UE according to the peripheral terminal device flag.
  • the present invention implements key negotiation between the NAF client and the NAF client by implementing the key agreement between the NAF client and the NAF client when the GBA client is in the UE, and the NAF client is in the other terminal. Moreover, in order to ensure sufficient security, when different peripheral terminal devices access the same NAF, different Ks specific keys are generated for the different peripheral terminal devices for the force. Confidential communication.
  • FIG. 4 shows a GAA authentication process of another embodiment of the present invention.
  • the embodiment shown in FIG. 4 is different from the embodiment shown in FIG. 3 in that the NAF client on the peripheral terminal device sends a request message for querying Ks to the UE before instructing the UE to perform a GBA renegotiation process, and is in the query. After the absence of Ks or a valid Ks, the GBA negotiation process is carried out, A new negotiation Ks.
  • both the UE and the peripheral terminal devices belong to the same user.
  • the following describes the key negotiation method for NAF client and NAF communication under the enhanced GAA framework, including the following steps:
  • Step 401 When the NAF client on the peripheral terminal device needs to use a certain service, send a connection request to the NAF corresponding to the service. If the NAF client knows that it needs to go to the BSF to perform the mutual authentication process, it can skip this step and go directly to step 403.
  • Step 402 After receiving the request, the NAF searches whether the derived key corresponding to the user equipment is already stored. If not, the NAF client on the peripheral terminal device is instructed to communicate with the NAF client by using an encryption method, for example, indicating that the GAA key is used. In order to communicate securely, if there is already a valid derivative key shared by the NAF and the user equipment, the key communication is directly used, and the process ends.
  • Step 403 After receiving the indication, the NAF client on the peripheral terminal device sends a request for querying the Ks information to the UE. In order to know whether there is a valid Ks on the UE.
  • Step 404 After receiving the request, the UE locally searches for a valid Ks. If there is Ks, the B-TID of Ks is further sent to the peripheral terminal device together; if there is no Ks or the UE judges that Ks is invalid, then the B-TID is not returned (step 406 can be directly executed, In order to negotiate a Ks; it is also possible to send an indication to the peripheral terminal device that there is no valid key, and after receiving the GBA renegotiation indication of step 405, step 406 is performed.
  • Step 405 If the peripheral terminal device does not receive the B-TID corresponding to the Ks or judges that the received B-TID has expired according to the returned key validity period, the UE is instructed to perform a GBA renegotiation process. Otherwise, proceed to step 410.
  • steps 403, 404, 405 can also be performed in the following manner:
  • the peripheral device does not query whether the UE has a valid Ks, but sends a GBA indication directly to the UE.
  • the UE After receiving the GBA indication, the UE performs the same method according to the processing method after receiving the GBA indication of the NAF in the existing specification.
  • Step 4 06 If no valid Ks exists, the UE sends an authentication request to the BSF to negotiate a Ks.
  • Step 407 According to the GBA process, the BSF that receives the authentication request obtains the authentication information of the user from the HSS.
  • Step 408 After obtaining the authentication information, the BSF performs mutual authentication and key agreement with the UE, and performs mutual authentication of the identity between the user and the BSF and generation of the shared key Ks.
  • Step 409 The BSF may also define an expiration date for the Ks, and allocate a B-TID that can be used to identify the Ks to be sent to the UE. And after the expiration of Ks, return to step 406 to update Ks.
  • Step 410 The peripheral terminal device requests the UE to use the derived key NAF specific keys to be used for the encrypted communication with the NAF, and carries the NAF identifier and the device identifier of the peripheral terminal device in the request message.
  • Step 411 The UE calculates the derived key according to Ks.
  • the specific method of calculation is the same as step 308.
  • Step 412 The UE sends the calculated derivative key NAF specific keys and the B-TID of the identifier Ks to the NAF client on the peripheral terminal device through the local interface.
  • Step 413 The NAF client on the peripheral terminal device sends a connection request to the NAF again, and carries the B-TID and the device identifier in the request message.
  • Step 414 The NAF sends a key query message to the BSF for querying, and the query message carries the NAF identifier and the B-TID and the device identifier.
  • Step 415 After receiving the query message, the BSF searches for the corresponding key Ks according to the B-TID in the message, and calculates the derivative key according to the same algorithm as the UE side described in step 308 according to the B-TID, the device identifier, and the NAF identifier. key.
  • Step 416 The BSF will derive the key NAF specific keys along with the generated key The validity period is returned to NAF together.
  • Step 417 After that, the NAF communicates with the peripheral terminal device using the derived key NAF specific keys. And after the derived key expires, return to step 408 to update the derived key.
  • steps 410-412 can be performed after 416.
  • the steps 408 to 417 are the same as the steps 306 to 314.
  • the present invention also provides an enhanced key agreement system in a universal authentication framework. As shown in FIG. 5, in one embodiment, the system includes:
  • More than one peripheral terminal device having a network service application entity NAF client requests a derived key from a UE connected thereto, and the request carries a peripheral terminal device flag;
  • the UE calculates a first derived key according to the shared key Ks of the entity BSF and the peripheral terminal device flag that performs initial authentication verification of the user identity, and provides the first derivative key to the NAF client on the peripheral terminal device;
  • the BSF calculates a second derived key identical to the first derived key according to the shared key Ks with the UE and the acquired peripheral terminal device flag, and provides the second derived key to the NAF.
  • the second derivative key used by the NAF is separately calculated by the BSF on the network side.
  • the peripheral terminal device flag used by the BSF to calculate the second derived key may be reported by the UE or may be obtained from the NAF.
  • the system includes:
  • More than one peripheral terminal device having a network service application entity NAF client requests a derived key from a UE connected thereto, and the request carries a peripheral terminal device flag;
  • the UE calculates a first derived key according to the shared key Ks of the entity BSF and the peripheral terminal device flag that performs initial authentication verification of the user identity, and provides the first derived key to the peripheral terminal.
  • a backup NAF client
  • the BSF calculates a temporary key according to the shared key Ks with the UE;
  • NAF calculates a second derived key identical to the first derived key according to the temporary key and the acquired peripheral terminal device flag, and saves the second derived key.
  • the second derivative key used by the NAF is jointly calculated by the BSF and the NAF on the network side.
  • the peripheral terminal device identifier used by the NAF to calculate the second derived key may be obtained from a connection request sent by the NAF client, or may be reported by the UE.
  • the present invention also discloses a UE. As shown in FIG. 7, the UE is connected to one or more peripheral terminal devices having a NAF client, and includes a key derivation module for performing an entity BSF according to an initial check verification with a user identity.
  • the shared key Ks and the device flag of the peripheral terminal device connected thereto calculate the derived key, and provide the derived key to the NAF client on the peripheral terminal device.
  • the present invention also discloses a BSF for generating a derivative key by means of a BSF on the network side.
  • the BSF includes a key derivation module for calculating a derived key according to its shared key Ks with the user terminal UE and the acquired identifier of the peripheral terminal device connected to the UE. And provide the derived key to the network service application entity NAF.
  • the invention also discloses a network side key derivation function entity, which is used for jointly generating a derivative key by the BSF and the NAF on the network side.
  • the key derivation function entity includes a first key derivation module located on the BSF and a second key derivation module located on the NAF.
  • the first key derivation module is configured to calculate a temporary key according to the shared key Ks of the BSF and the user terminal UE; the second key derivation module is configured to use the temporary key and the calculated key according to the first key derivation module.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un procédé permettant de négocier une clé de cryptage dans une trame de vérification universelle améliorée appliquée dans une communication dérivée d'une négociation de clé entre un NAF et un abonné. Dans ce procédé: un dispositif terminal périphérique demande une clé dérivée d'un équipement utilisateur (UE), cette demande s'effectue sur une étiquette de dispositif terminal périphérique; l'UE calcule la première clé dérivée en fonction de la clé partagée avec BSF et l'étiquette du dispositif terminal périphérique; le côté réseau calcul une seconde clé dérivée en fonction de la clé partagée par l'UE, le BSF et l'étiquette de dispositif terminal périphérique obtenue, cette seconde clé étant mémorisée par NAF. L'invention concerne également un système et un équipement de négociation de clé de cryptage. Ce système permet de réaliser ce que le côté abonné GBA demande pendant qu'un abonné NAF se trouve dans un autre dispositif terminal périphérique, l'abonné NAF et NAF pouvant négocier la clé.
PCT/CN2006/002181 2005-08-26 2006-08-25 Procede, systeme et equipement de negociation de cle de cryptage dans une trame de verification universelle amelioree WO2007022731A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200510093568.3 2005-08-26
CN200510093568.3A CN1921682B (zh) 2005-08-26 2005-08-26 增强通用鉴权框架中的密钥协商方法

Publications (1)

Publication Number Publication Date
WO2007022731A1 true WO2007022731A1 (fr) 2007-03-01

Family

ID=37771241

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2006/002181 WO2007022731A1 (fr) 2005-08-26 2006-08-25 Procede, systeme et equipement de negociation de cle de cryptage dans une trame de verification universelle amelioree

Country Status (2)

Country Link
CN (1) CN1921682B (fr)
WO (1) WO2007022731A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009038522A1 (fr) * 2007-09-17 2009-03-26 Telefonaktiebolaget L M Ericsson (Publ) Procédé et arrangement dans un système de télécommunication
CN106534050A (zh) * 2015-09-11 2017-03-22 中移(杭州)信息技术有限公司 一种实现虚拟专用网络密钥协商的方法和装置
CN115118471A (zh) * 2022-06-16 2022-09-27 深圳市欢太科技有限公司 远程连接方法、装置、电子设备及存储介质

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101312395B (zh) * 2007-05-22 2012-03-28 中兴通讯股份有限公司 一种应用业务的安全鉴权和换卡处理方法及系统
CN101459506B (zh) * 2007-12-14 2011-09-14 华为技术有限公司 密钥协商方法、用于密钥协商的系统、客户端及服务器
CN101772024B (zh) * 2008-12-29 2012-10-31 中国移动通信集团公司 一种用户身份确定方法及装置和系统
CN101888626B (zh) * 2009-05-15 2013-09-04 中国移动通信集团公司 一种实现gba密钥的方法及其终端设备
CN102768744B (zh) * 2012-05-11 2016-03-16 福建联迪商用设备有限公司 一种远程安全支付方法和系统
EP3348031B1 (fr) * 2015-09-11 2019-11-06 Telefonaktiebolaget LM Ericsson (PUBL) Passerelle, dispositif client et procédés destinés à faciliter la communication entre un dispositif client et un serveur d'application en utilisant une redirection
CN115362656A (zh) * 2020-04-03 2022-11-18 苹果公司 应用功能密钥派生和刷新
CN114143016A (zh) * 2020-08-14 2022-03-04 中兴通讯股份有限公司 基于通用引导架构gba的鉴权方法、及对应装置

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6154543A (en) * 1998-11-25 2000-11-28 Hush Communications Anguilla, Inc. Public key cryptosystem with roaming user capability
CN1351789A (zh) * 1999-05-21 2002-05-29 国际商业机器公司 初始化无线设备间安全通信和对其专用配对的方法和装置
JP2005117254A (ja) * 2003-10-06 2005-04-28 Nippon Telegr & Teleph Corp <Ntt> 無線局間における相手認証方法、および無線局端末装置、ならびにプログラム
CN1614903A (zh) * 2003-11-07 2005-05-11 华为技术有限公司 一种验证用户合法性的方法
CN1625100A (zh) * 2003-12-03 2005-06-08 佳能株式会社 无线通信装置的设定方法和计算机外围设备、信息处理装置

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100456671C (zh) * 2003-11-07 2009-01-28 华为技术有限公司 一种分配会话事务标识的方法
CN1274181C (zh) * 2004-06-25 2006-09-06 华为技术有限公司 管理本地终端设备接入网络的方法

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6154543A (en) * 1998-11-25 2000-11-28 Hush Communications Anguilla, Inc. Public key cryptosystem with roaming user capability
CN1351789A (zh) * 1999-05-21 2002-05-29 国际商业机器公司 初始化无线设备间安全通信和对其专用配对的方法和装置
JP2005117254A (ja) * 2003-10-06 2005-04-28 Nippon Telegr & Teleph Corp <Ntt> 無線局間における相手認証方法、および無線局端末装置、ならびにプログラム
CN1614903A (zh) * 2003-11-07 2005-05-11 华为技术有限公司 一种验证用户合法性的方法
CN1625100A (zh) * 2003-12-03 2005-06-08 佳能株式会社 无线通信装置的设定方法和计算机外围设备、信息处理装置

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10455417B2 (en) 2007-09-17 2019-10-22 Telefonaktiebolaget Lm Ericsson (Publ) Method and arrangement in a telecommunication system
US10057055B2 (en) 2007-09-17 2018-08-21 Telefonaktiebolaget Lm Ericsson (Publ) Method and arrangement in a telecommunication system
AU2008301284B2 (en) * 2007-09-17 2013-05-09 Telefonaktiebolaget L M Ericsson (Publ) Method and arrangement in a telecommunication system
US8660270B2 (en) 2007-09-17 2014-02-25 Telefonaktiebolaget L M Ericsson (Publ) Method and arrangement in a telecommunication system
US8938076B2 (en) 2007-09-17 2015-01-20 Telefonaktiebolaget L M Ericsson (Publ) Method and arrangement in a telecommunication system
CN102916808B (zh) * 2007-09-17 2015-11-18 爱立信电话股份有限公司 电信系统中的方法和设备
CN102916808A (zh) * 2007-09-17 2013-02-06 爱立信电话股份有限公司 电信系统中的方法和设备
US11917055B2 (en) 2007-09-17 2024-02-27 Telefonaktiebolaget Lm Ericsson (Publ) Method and arrangement in a telecommunication system
US11075749B2 (en) 2007-09-17 2021-07-27 Telefonaktiebolaget Lm Ericsson (Publ) Method and arrangement in a telecommunication system
WO2009038522A1 (fr) * 2007-09-17 2009-03-26 Telefonaktiebolaget L M Ericsson (Publ) Procédé et arrangement dans un système de télécommunication
US9615249B2 (en) 2007-09-17 2017-04-04 Telefonaktiebolaget Lm Ericsson (Publ) Method and arrangement in a telecommunication system
CN106534050A (zh) * 2015-09-11 2017-03-22 中移(杭州)信息技术有限公司 一种实现虚拟专用网络密钥协商的方法和装置
CN115118471A (zh) * 2022-06-16 2022-09-27 深圳市欢太科技有限公司 远程连接方法、装置、电子设备及存储介质
CN115118471B (zh) * 2022-06-16 2024-06-04 深圳市欢太科技有限公司 远程连接方法、装置、电子设备及存储介质

Also Published As

Publication number Publication date
CN1921682A (zh) 2007-02-28
CN1921682B (zh) 2010-04-21

Similar Documents

Publication Publication Date Title
CN110035433B (zh) 采用共享密钥、公钥和私钥的验证方法及装置
US11825303B2 (en) Method for performing verification by using shared key, method for performing verification by using public key and private key, and apparatus
WO2007022731A1 (fr) Procede, systeme et equipement de negociation de cle de cryptage dans une trame de verification universelle amelioree
US8559633B2 (en) Method and device for generating local interface key
US8787572B1 (en) Enhanced association for access points
JP4804983B2 (ja) 無線端末、認証装置、及び、プログラム
EP1933498B1 (fr) Procede, systeme et dispositif de negociation a propos d&#39;une cle de chiffrement partagee par equipement utilisateur et equipement externe
US9485232B2 (en) User equipment credential system
RU2414086C2 (ru) Аутентификация приложения
US7860485B2 (en) Device and process for wireless local area network association and corresponding products
US8689283B2 (en) Security access control method and system for wired local area network
US8312278B2 (en) Access authentication method applying to IBSS network
WO2006097041A1 (fr) Forme d&#39;authentification generale et procede pour mettre en place l&#39;authentification
CA2407482A1 (fr) Gestion de connexions protegees dans des reseaux dynamiques
WO2007085175A1 (fr) Procédé, système d&#39;authentification et centre d&#39;authentification reposant sur des communications de bout en bout dans le réseau mobile
WO2019137030A1 (fr) Procédé de certification de sécurité, dispositif associé, et système
WO2008006312A1 (fr) Procédé de fourniture de service push de gaa et dispositif associé
WO2004043006A1 (fr) Procede d&#39;acces d&#39;un terminal mobile au reseau local sans fil et de communication de donnees en toute securite via une liaison sans fil
JP2008537398A (ja) モバイルインターネットプロトコル鍵配布のためのジェネリック認証アーキテクチャの利用
JP2009533932A (ja) キー導出におけるパラメータ結合に基づくチャネル結合機構
WO2010091563A1 (fr) Procédé, dispositif et système de gestion destinés à un certificat de terminal wapi
JP2008547304A (ja) 無線携帯インターネットシステム用の認証キー識別子の割り当て方法
EP2993933B1 (fr) Méthode de configuration de terminal sans fil, appareil et terminal sans fil
WO2009074050A1 (fr) Procede, systeme et appareil d&#39;authentification de dispositif de point d&#39;acces
WO2007104248A1 (fr) Procédé, système, appareil et entité à fonction de service d&#39;amorçage aux fins de prévention d&#39;attaques

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06775499

Country of ref document: EP

Kind code of ref document: A1