WO2007041933A1 - Procédé de mise à jour de clés secrètes contrôlées et appareil idoine - Google Patents

Procédé de mise à jour de clés secrètes contrôlées et appareil idoine Download PDF

Info

Publication number
WO2007041933A1
WO2007041933A1 PCT/CN2006/002475 CN2006002475W WO2007041933A1 WO 2007041933 A1 WO2007041933 A1 WO 2007041933A1 CN 2006002475 W CN2006002475 W CN 2006002475W WO 2007041933 A1 WO2007041933 A1 WO 2007041933A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
network side
authentication
control parameter
resynchronization
Prior art date
Application number
PCT/CN2006/002475
Other languages
English (en)
Chinese (zh)
Inventor
Fei Liu
Zhengwei Wang
Original Assignee
Huawei Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co., Ltd. filed Critical Huawei Technologies Co., Ltd.
Priority to CN200680012300.5A priority Critical patent/CN101160780B/zh
Publication of WO2007041933A1 publication Critical patent/WO2007041933A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Definitions

  • the present invention relates to communication security technologies, and in particular, to a controlled authentication key update method and apparatus.
  • an International Mobile Subscriber Identification (IMSI), an authentication key KI and a serial number SQNMS, a home location register are stored in the mobile terminal.
  • IMSI International Mobile Subscriber Identification
  • HLR/AUC Home Location Register/Authentication Center
  • the IMSI, the KI, and the serial number SQNHE are saved for the mobile terminal for mutual authentication between the mobile terminal and the network.
  • the existing authentication procedures for 3G communication systems are mainly:
  • HLR/AUC generates random number RAND, generates expected response XRES, encryption key CK, integrity key IK according to RAND and KI; generates message authentication code according to RAND, SQNHE, authentication key KI and authentication management domain AMF MAC-A; According to MAC-A, SQNHE, the anonymous key AK and AMF get the authentication token AUTN (Authentication Token).
  • the terminal verifies the consistency of the AUTN according to the KI saved by itself; if the consistency verification fails, the authentication failure information is returned to the MSC/VLR; if the consistency verification is passed, it is determined whether the SQNHE is in an acceptable range: if it belongs, The terminal determines that the network authentication is passed, the terminal returns its own authentication response to the MSC/VLR, and updates the SQNMS according to the SQNHE in the AUTN; the MSC/VLR compares the authentication response returned by the terminal with the XRES in the corresponding quintuple. Consistently determine the legitimacy of the terminal.
  • the terminal If it is judged that SQNHE is not within the acceptable range, then The terminal generates a resynchronization flag AUTS (Resynchi-onisation Token) according to the SQNMS, and returns a resynchronization request or a synchronization failure (Synchronisation Failure) message to the MSC/VLR, and attaches the generated resynchronization flag AUTS, that is, the message includes AUTS;
  • the /VLR sends the AUTS and the RAND in the corresponding quintuple to the HLR/AUC; the HLR/AUC determines the legality of the AUTS according to the corresponding saved KI and the received RAND; if not, Then the HLR/AUC returns AUTS invalid information to the MSC/VLR; if it is determined that the AUTS is legal, the HLR/AUC updates the SQNHE according to the SQNMS in the AUTS, and generates a new authentication
  • the terminal determines whether the SQNHE is acceptable by comparing whether the SQNMS in the saved SQNMS and the AUTN meets a predetermined condition, and the predetermined condition may be that the difference between the SQNHE and the SQNMS is within a predetermined range, for example, whether (SQNHE - SQNMS) ) is greater than 0, or whether (SQNHE - SQNMS ) is greater than 0 and less than 256. If the difference between the SQNHE and the SQNMS is within the predetermined range, it is determined that the SQNHE is acceptable; otherwise, it is determined that the SQNHE is unacceptable.
  • the predetermined condition may be that the difference between the SQNHE and the SQNMS is within a predetermined range, for example, whether (SQNHE - SQNMS) ) is greater than 0, or whether (SQNHE - SQNMS ) is greater than 0 and less than 256. If the difference between the SQNHE
  • the save is saved.
  • Authentication key in HLR/AUC and authentication key in cloned user card After the synchronization update is made, the authentication key in the legal user card becomes an invalid authentication key because it is not updated, and the legitimate user card cannot be used.
  • the legitimate user finds that his user card cannot be used, he can realize that the user card is cloned, and can change the authentication key in the HLR/AUC to the business hall, and refresh the user card.
  • the weight key makes the authentication key in the HLR/AUC and the authentication key of the user card again consistent, so that the legitimate user card can continue to be used, and the illegally cloned user card can no longer be used.
  • this process can cause problems for the user and also increase the workload of the staff of the business hall.
  • the present invention provides a controlled key update method and apparatus, which can prevent an illegal user from updating the authentication key by cloning the user card, thereby causing the legitimate user card to continue to be used.
  • a controlled key update method is provided on a network side for controlling a control parameter for controlling an authentication key update; the method comprising:
  • the resynchronization flag is generated according to the authentication key of the terminal, the received random number, the control parameter saved by the terminal or the user input, and the terminal serial number is replaced by a specific value, and sent to the network side. Synchronizing the request command, attaching the resynchronization flag;
  • the determining, by the terminal, the network side consistency verification and the generating the resynchronization flag further includes: determining, by the terminal according to the terminal serial number, that the network side serial number is within an acceptable range.
  • the method further includes: the terminal determining, according to the terminal serial number, that the serial number of the network side is not within an acceptable range, according to the terminal serial number, the own authentication key, The received random number is used to generate a resynchronization flag, and a resynchronization request command is sent to the network side, and the resynchronization flag is attached.
  • the method further includes: when the terminal serial number is not a specific value, the network side performs the consistency verification on the resynchronization flag according to the random number and the network side authentication key, Synchronization is performed during verification.
  • the home location register/authentication center of the network side sends a synchronization processing result message to the mobile switching center/visit location register, where the message includes illegal synchronization. information.
  • performing the consistency verification on the network side refers to performing consistency verification on the authentication mark sent by the network side according to the authentication key saved by the terminal and the random number sent by the network side.
  • the method further includes: when the terminal fails to pass the consistency verification on the network side, sending the authentication failure information to the network side.
  • the terminal includes a user equipment and a user card.
  • control parameter preset by the terminal refers to a control parameter set in the user equipment or a control parameter set in the user card.
  • control parameter is a password, or an identity of the terminal, or any user-defined value.
  • the method further includes: after generating the new authentication key, the terminal and the network side respectively re-initialize the serial number saved by the terminal and the value of the serial number saved by the network side.
  • the specific value is a specified value, or is a highest byte or any specified byte or some specified bit is any value of the specified value.
  • an apparatus for implementing controlled key update includes: a control parameter storage unit for storing control parameters for controlling an authentication key update; a specific value storage unit for storing an alternate terminal The serial number to generate a specific value for the resynchronization tag;
  • the resynchronization flag generating unit is configured to generate a resynchronization according to the terminal's authentication key, the received random number, the terminal saved or the user input control parameter, and replace the terminal serial number with a specific value.
  • the device is located in the terminal; the terminal includes a user equipment and a user card; the specific value storage unit and the resynchronization flag generating unit are located in the user card; and the control parameter storage unit is located in the user equipment or the user card.
  • the terminal includes a user equipment and a user card; the specific value storage unit and the resynchronization flag generating unit are located in the user card; and the control parameter storage unit is located in the user equipment or the user card.
  • an apparatus for implementing controlled key update includes: a control parameter saving unit, configured to save a control parameter for controlling the update of the authentication key; and a specific value discriminating unit, configured to determine, when the resynchronization request command is received, whether the terminal serial number is a specific value;
  • a resynchronization flag verification unit configured to verify, according to the control parameter saved by the control parameter saving unit, the consistency of the synchronization flag attached to the received resynchronization request command;
  • the authentication key update unit is configured to implement an update of the authentication key when the determination result of the specific value is YES, and the re-synchronization mark verification unit verifies the pass.
  • the device is located in a home location register/authentication center on the network side.
  • the control parameter when the terminal generates the resynchronization flag, the control parameter is added, and the network side may perform the consistency verification on the resynchronization flag according to the control parameter. Therefore, the illegal user cannot clone the user card even if the user card is cloned.
  • the user card updates the authentication key, thereby preventing the illegal user from updating the authentication key through the illegally cloned user card.
  • Figure 1 is a flow chart of an embodiment of the present invention.
  • FIG. 2 is a flow chart of a first embodiment of a specific embodiment of the present invention.
  • FIG. 3 is a flow chart of a second embodiment of a specific embodiment of the present invention.
  • the key update method controlled by the present invention sets a key update control parameter.
  • the terminal uploads the control parameter information to the network side HLR/AUC, and the HLR/AUC passes the judgment. Whether the synchronization tag contains the control parameter information to determine whether to perform a corresponding authentication key update operation.
  • control parameters for controlling the authentication of the authentication key may be set in the subscription data of the HLR/AUC terminal user.
  • the clone user card is not Knowing the control parameter information corresponding to the legal user card setting in the HLR/AUC, therefore, when the cloned user card negotiates with the HLR/AUC to update the authentication key, the resynchronization tag generated by the cloned user card cannot pass the HLR/AUC consistency. Sexual verification, the cloned user card also cannot effectively negotiate the update of the authentication key with the HLR/AUC.
  • the modification of the existing authentication process of the present invention can be limited to the user card and the HLR/AUC, that is, the intermediate devices involved in the synchronization process, including the base station (NodeB), the base station controller (RNC, Radio Network Controller), and the core network. No changes are required to the device (eg MSC).
  • the present invention is easier to implement with respect to methods that result in control authentication key updates that require one or more of the NodeB, RNC, and MSC to be changed.
  • the control parameter used to control the key update of the present invention may be a password, such as a user PIN code (SPIN, Subscriber Personal Identification Number); or an identity of a terminal, such as an international mobile station device identifier of the terminal. (IMEI, International Mobile Station Equipment Identity); Of course, it can also be an arbitrary value customized by the user, for example, the user's alias, the user's avatar information, or the summary information of the user's avatar data, and the like.
  • SPIN Subscriber Personal Identification Number
  • IMEI International Mobile Station Equipment Identity
  • a control parameter for controlling the authentication key update is set in the subscription data of the corresponding end user in the HLR/AUC.
  • the user can save the control parameters in his own subscription data in the HLR/AUC through the business hall or through the service telephone interface or service website provided by the business hall.
  • the terminal includes a user equipment (UE, User Equipment) and a user card.
  • the user card refers to a USIM (UMTS Subscriber Identity Module) for a Wideband Code Division Multiple Access (WCDMA) system.
  • step 101 the terminal initiates a location update request to the network side.
  • This step may also be to initiate a service request to the network side.
  • any message sent by the terminal that can cause the network side to authenticate the terminal may be used.
  • Step 102 The network side MSC/VLR sends the corresponding authentication parameter in the generated authentication tuple to the terminal after receiving the location update request.
  • the authentication tuple may include a random number RAND, a desired response XRES, an encryption key CK:, an integrity key IK, and an authentication token AUTN.
  • the corresponding authentication parameters include RAND and AUTN.
  • the HLR/AUC calculates the XRES, CK, and IK by using the RAND generated by the random number generator and the authentication key KI stored by itself; and also according to RAND, KI, serial number SQNHE, and the authentication management domain.
  • AMF generates AUTN.
  • the authentication token AUTN is 16 bytes long and includes the following contents:
  • SQNHE A AK that is, SQNHE is encrypted with an anonymous key AK, where SQNHE and AK are 6 bytes long, SQNHE refers to SQN stored on the network side to distinguish it from SQNMS stored in the terminal;
  • MAC-A is 8 bytes long; MAC-A is used to verify the data integrity of RAND, SQNHE, AMF, and is used for terminal authentication of HLR/AUC.
  • the HLR/AUC calculates the MAC-A in the AUTN based on RAND, SQNHE, KI, and AMF.
  • the quintuple is composed of RAND, AUTN, XRES, CK, IK, and the like.
  • the HLR/AUC After the HLR/AUC generates the authentication quintuple, it sends the corresponding International Mobile Subscriber Identity (IMSSI) and the authentication quintuple RAND, CK, IK, XRES and AUTN to the MSC/VLR.
  • IMSSI International Mobile Subscriber Identity
  • the MSC/VLR is a circuit domain device.
  • the corresponding device may be a Serving General Packet Radio Service Support Node (SGSN).
  • SGSN Serving General Packet Radio Service Support Node
  • the MSC/VLR on the network side will receive the self.
  • the RAND and AUTN in the authentication tuple of the HLR/AUC are transmitted to the terminal.
  • Step 103 The terminal receives the corresponding authentication parameters (ie, RAND and AUTN) sent by the MSC/VLR, and determines that the consistency verification of the AUTN is passed, and performs calculation according to RAND and KI to obtain a new authentication key NewKI; Controlling parameters, and according to the control parameters, replacing the SQNMS with the specified specific value to generate the resynchronization flag AUTS, initiating a resynchronization request command to the network, and attaching the resynchronization flag AUTS.
  • the initiating a resynchronization request command to the network and attaching the resynchronization flag AUTS that is, sending the synchronization failure to the network side Message, the message contains AUTS.
  • the terminal includes a user equipment UE and a user card.
  • the UE receives the authentication request, and sends the authentication parameters (RAND and AUTN) to the user card, and the user card performs the consistency verification on the received AUTN according to the KI saved by itself. .
  • the resynchronization flag AUTS includes the following:
  • SQNMS A AK which is an SQNMS encrypted with AK, where SQNMS and AK are respectively 6 bytes long, and SQNMS refers to SQN stored on the terminal side to distinguish it from SQNHE stored on the network side;
  • SQNMS needs to be encrypted
  • MAC-S Message authentication code
  • MAC-S is used to verify the data integrity of RAND and SQNMS, and is also used for HLR/AUC to authenticate the terminal, that is, for HLR/AUC authentication.
  • the legality of AUTS In the authentication process of the present invention, the terminal calculates the MAC-S by replacing the specific value of the SQNMS, the self-preserved or user-entered control parameter, the KI, the received RAND, and the AMF, and then according to the specific value. , AK and MAC-S generate resynchronization flag AUTS.
  • the terminal After receiving the RAND and AUTN sent by the network side MSC/VLR, the terminal calculates the MAC in the AUTN according to the received RAND and the KI saved by itself and the SQNHE and the AMF in the received AUTN and the HLR/AUC.
  • the A-based algorithm calculates a calculation result, and the terminal compares the calculation result calculated by itself with the MAC-A in the received AUTN (for example, whether it is the same). If it is inconsistent, it returns the authentication failure to the MSC/VLR.
  • the SQNMS is replaced by the specific value of the agreement to calculate the MAC-S according to its own KI, the self-preserved or user-entered control parameters, the received RAND, and the AMF in the AUTN, etc., according to the specific The value replaces the SQNMS to generate a resynchronization flag AUTS with the AK and the MAC-S, that is, the specific value is encrypted with AK, and the ciphertext and the MAC-S are combined to generate the AUTS.
  • the terminal After generating the AUTS, the terminal sends a resynchronization request command to the network side and attaches the resynchronization flag AUTS, or sends a synchronization failure message to the network side, and includes AUTS in the message.
  • the terminal When the terminal generates the MAC-S, it can first perform the digest calculation with the control parameter and the KI to obtain a calculation result Resultl, and then use the Resultl and the specific value for the digest calculation to obtain a calculation result Result2, and then use the Result2 and the RAND to perform The calculation is performed to obtain a calculation result R esu lt3 , and then the summary calculation is performed by Result3 and the AMF, and the obtained calculation result is taken as MAC-S.
  • the UE since the generation of the MAC-S can be completely implemented in the user card, if the control parameter is set in the user equipment UE, the UE needs to transmit the control parameter to the user when the user card needs to calculate the MAC-S according to the control parameter. card. For example, at the time of authentication, the UE transmits the control parameters to the user card while transmitting the RAND and AUTN to the user card. If the control parameter is set in the user card, when the user card needs to calculate the MAC-S according to the control parameter, the control parameter saved by itself can be directly obtained, and the UE does not need to transmit the control parameter to the user card.
  • the process of generating the MAC-S and the digest algorithm used may be determined according to the actual situation.
  • the algorithm for generating the AUTS and the algorithm used in the generation may also refer to the relevant 3GPP specifications, and details are not described herein.
  • the terminal acquiring the control parameter may be: the UE corresponding to the terminal saves the control parameter, and the terminal directly acquires the control parameter saved by the UE; or the user card saves the control parameter, and the terminal directly obtains the control parameter saved by the user card; The user is prompted to input a control parameter, and the terminal acquires the control parameter according to the user input.
  • the MAC-S When the MAC-S is generated by the user card, when it is performed according to the control parameters, and when it is not performed according to the control parameters, it can be determined by the UE. For example, when the control parameter is saved in the UE, when the UE transmits the control parameter and the RAND and the AUTN to the user card when authenticating, when the user card generates the MAC-S, it is performed according to the control parameter; when authenticating, the UE only When RAND and AUTN are transmitted to the user card, and the control parameters are not included, when the user card generates the MAC-S, it is no longer performed according to the control parameters.
  • the control parameter is saved in the user card
  • the user card when the UE transmits the RAND and AUTN and a special flag indicating whether to generate the MAC-S according to the control parameter to the user card, the user card generates the MAC-S.
  • the special flag it is determined according to the control parameters.
  • the UE may periodically decide to update the authentication key, that is, periodically. Determine the user card ⁇ : Generate MAC-S according to the control parameters.
  • the user card may decide when to update the authentication key, that is, when the MAC-S is generated according to the control parameter, for example, the control parameter is saved in the UE, and when the power is turned on, the terminal transmits the control parameter.
  • the user card saves the control parameter and generates a MAC-S based on the control parameter when an authentication key update is required.
  • the user card may decide to update the authentication key according to the special value set by the authentication management domain AMF in the authentication token.
  • the UE When neither the UE nor the user card saves the control parameter, when the MAC-S needs to be generated according to the control parameter, the UE prompts the user to input the control parameter, and the UE transmits the control parameter input by the user and the RAND to the user card in the AUTN. , or transfer the control parameters to the user card separately.
  • the advantage of storing the control parameters in the UE or the card of the terminal is that the user is not required to enter the control parameters each time the authentication key is updated, which results in a better user experience.
  • Step 104 After receiving the resynchronization request command, the MSC/VLR sends the RAND in the quintuple corresponding to the current authentication and the AUTS received from the terminal to the HLR/AUC.
  • Step 105 After receiving the resynchronization request command, the HLR/AUC first parses out from the AUTS.
  • step 106 is performed; otherwise, Go to step 107.
  • the HLR/AUC performs conformance verification on the AUTS according to the saved KI and the set control parameters.
  • the HLR/AUC adopts according to the KI, the control parameter, the AMF, the specific value and the RAND in the synchronization message.
  • the terminal performs calculation according to the KI, the control parameter, the AMF, the specific value, and the RAND-generated MAC-S algorithm, and obtains a calculation result, and compares the calculated result and the MAC-S in the AUTS in the synchronization message. Whether it is consistent, if it is consistent, it is judged that the consistency verification by AUTS; otherwise, it is judged that the consistency risk of AUTS cannot pass.
  • the SQNMS is parsed from the AUTS: when the SQNMS adopts the encryption mode, the HLR/AUC first calculates the AK according to the KI and the RAND, and decrypts the SQNMS plaintext from the AUTS by using the AK; when the SQNMS adopts the plaintext mode, that is, the AK value is set. In the case of 0, the HLR/AUC directly obtains the SQNMS plaintext from the AUTS.
  • Step 106 The HLR/AUC calculates the new authentication key NewKI according to the method that the KI and the RAND are consistent according to the terminal computing the new authentication key NewKI.
  • a new authentication tuple can also be generated, and a synchronization processing result message is sent to the MSC/VLR, and the new authentication tuple is included in the message.
  • Step 107 The HLR/AUC determines that the resynchronization message is illegal, and ends the processing. Before ending the processing, the method may further include sending a synchronization processing result message to the MSC/VLR, and including illegal synchronization information in the message.
  • the terminal may further include the step of determining whether the SQNHE is within an acceptable range, and when the SQNHE is acceptable, determining that the network authentication is passed, and the terminal is updated according to the SQNHE update.
  • the SQNMS performs a subsequent operation of generating a new authentication key or the like; otherwise, that is, when the SQNHE is unacceptable, it determines that the synchronization fails, and performs a normal synchronization processing flow, that is, generates a resynchronization flag AUTS according to the SQNMS, that is,
  • the MAC-S is calculated according to the SQ MS, the KI, and the received RAND and AMF, and then the resynchronization flag AUTS is generated according to the SQNMS, A, and MAC-S, that is, the SQNMS is encrypted by the AK, and the ciphertext and the MAC-S are combined.
  • To produce AUTS After the terminal generates the AUTS, it returns a resynchronization request command or a synchronization failure message to the network side MSC, and attaches the generated resynchronization flag AUTS.
  • the terminal and the HLR/AUC pre-agreed After receiving the resynchronization request command of the terminal, the HLR/AUC performs an operation of generating a new authentication key NewKI if it is determined that the SQNMS is a specific value of the agreement.
  • the HLR/AUC also needs to verify the validity of the resynchronization request message.
  • the HLR/AUC determines that the SQNMS is not the specific value of the agreement, and processes according to the normal synchronization process, that is, when the AUTS is determined to be legal, the SQNHE is updated according to the SQNMS, and a new authentication tuple is generated.
  • the synchronization processing result message is returned to the MSC/VLR, and the message includes a new authentication tuple.
  • the synchronization processing result message is returned to the MSC/VLR, and the message includes illegal synchronization information.
  • the MSC/VLR After receiving the synchronization processing result message, the MSC/VLR still performs corresponding processing according to the normal synchronization processing flow.
  • FIG. 2 is a specific embodiment 1 of a specific embodiment of the present invention.
  • the embodiment is a process for performing the authentication key update control by using the controlled key update method of the present invention.
  • the terminal and the HLR/AUC negotiate a controlled update of the authentication key, and the control is passed.
  • the control parameter for controlling the update of the authentication key is set in the subscription data of the corresponding user in the HLR/AUC.
  • the control parameter is also saved in the UE of the terminal.
  • the terminal includes a user equipment UE and a user card.
  • step 201 the terminal initiates a location update request to the network
  • This step may also be to initiate a service request to the network side.
  • any message sent by the terminal that can cause the network side to authenticate the terminal may be used.
  • step 202 after receiving the request, the network side MSC/VLR authenticates the terminal, and sends an authentication request to the terminal, and the authentication parameters RAND and AUTN in the current authentication quintuple corresponding to the terminal are Send to the terminal.
  • the HLR/AUC generates RAND based on the random number generator, and calculates XRES and CK IK based on RAND and KI, respectively.
  • MAC-A is generated based on RAND, SQNHE, KI, and AMF calculations
  • AUTN is generated based on MAC-A, SQNHE, AK, and AMF.
  • the HLR/AUC then sends the quintuple of RAND, AUTN, XRES, CK, and IK and the corresponding IMSI to the MSC/VLR.
  • the HLR/AUC sends the generated authentication tuple to the MSC/VLR after receiving the request of the MSC/VLR request authentication quintuple.
  • the MSC/VLR initiates an authentication request to the terminal, and simultaneously transmits the authentication parameters RAND and AUTN in the quintuple to the terminal.
  • Step 203 When receiving the authentication request, the terminal first receives the KI according to the saved KI.
  • the AUTN performs the consistency verification, that is, first performs the consistency verification on the AUTN according to the KI and the RAND saved by itself. If the verification is passed, step 205 is performed; otherwise, step 204 is performed.
  • the terminal when the terminal receives the RAND and AUTN from the MSC/VLR, it calculates the MAC-A in the AUTN based on the KI stored by itself, the received RAND, and the SQNHE in the received AUTN and the AMF. The algorithm generates MAC-A, and then the terminal compares the MAC-A generated by itself with the MAC-A in the AUTN. If they are equal, it determines that the AUTN consistency verification is passed. Otherwise, it determines that the AUTN consistency verification is not by.
  • the terminal since the terminal includes the user equipment UE and the user card, in practice, the UE receives the authentication request, and sends the authentication parameters RAND and AUTN to the user card, and the user card is based on the KI saved by the user.
  • the received AUTN performs consistency verification.
  • the step may be further: when the UE receives the authentication request, the saved control parameter and the received RAND and AUTN are transmitted to the user card, and the user card first performs consistency on the received AUTN according to the KI saved by the user. Verification, that is, the AUTN is first verified according to the KI and the RAND saved by itself. If the verification is passed, step 205 is performed; otherwise, step 204 is performed. Specifically, when the user card receives the control parameters, RAND, and AUTN from the UE, the user calculates the MAC in the AUTN according to the KI stored by itself, the received RAND, and the SQNHE in the received AUTN, and the AMF adopts the HLR/AUC.
  • the -A algorithm generates MAC-A, and then compares the MAC-A generated by itself with the MAC-A in the AUTN. If they are equal, it determines that the AUTN consistency verification is passed. Otherwise, it determines that the AUTN is consistent. Sexual verification failed.
  • step 204 the terminal returns the information of "authentication failure” to the network, and then ends the process of updating the authentication key.
  • the user card may return "information failure” to the UE, and the UE returns "authentication failure” information to the network.
  • Step 205 The terminal determines whether the SQNHE is within an acceptable range. If yes, it determines that the network authentication is passed, and performs step 207; otherwise, determines that the synchronization fails, and performs step 206.
  • the user card may determine whether the SQNHE is within an acceptable range. If yes, if it is determined that the network authentication is passed, step 207 is performed; otherwise, the synchronization failure is determined. After step 206 is performed.
  • Step 206 The terminal directly generates a resynchronization flag AUTS according to the SQNMS, and initiates a resynchronization request command to the network, and attaches an AUTS.
  • step 208 is performed. Specifically, the terminal calculates the MAC-S according to its own KI, SQNMS, and received RAND and AMF, and then generates an AUTS according to the SQNMS, AK, and MAC-S, and then initiates a resynchronization request command to the network side, and attaches The AUTS. That is, a synchronization failure message is sent to the MSC/VLR, and the synchronization failure message includes AUTS.
  • this step may further be that the user card directly generates a resynchronization flag AUTS according to the SQNMS, and initiates a resynchronization request command to the network, and attaches the AUTS. Then step 208 is performed.
  • the UE forwards the synchronization request command of the user card to the network.
  • Step 207 The terminal updates the saved SQNMS according to the SQ HE, and generates a new authentication key NewKI according to the RAND and the KI.
  • the terminal generates the resynchronization flag AUTS according to the control parameter and replaces the SQNMS with the specified specific value 125, and initiates the network. Resynchronize the request command with the resynchronization flag AUTS attached.
  • step 208 is performed. Specifically, the terminal replaces the SQNMS with a specific value of 125 to calculate the MAC-S according to the KI, the control parameters, and the received RAND and AMF, and then encrypts the specific value 125 with the AK, and the ciphertext and the MAC- S combines to produce AUTS.
  • the terminal sends a resynchronization request command to the network side and attaches the AUTS. That is, a synchronization failure message is sent to the MSC/VLR, and the synchronization failure message includes AUTS.
  • the step may further be that the user card generates the resynchronization flag AUTS according to the control parameter saved by the UE, and replaces the SQNMS with the specified specific value 125, and initiates a resynchronization request command to the network, and attaches a resynchronization flag AUTS.
  • step 208 is performed.
  • the UE forwards the synchronization request command of the user card to the network.
  • the UE transmits the control parameters to the user card together when transmitting the RAND and the AUTN to the user card.
  • the UE transmits the control parameters to the user card in response to a corresponding request from the user card.
  • Step 208 When receiving the synchronization failure message sent by the terminal, the MSC/VLR on the network side sends the AUTS in the message and the RAND in the corresponding quintuple to the HLR/AUC. Then step 209 is performed.
  • a new authentication tuple is requested from the HLR/AUC, and the request message includes the AUTS received from the terminal and the RAND in the corresponding authentication quintuple.
  • Step 209 The HLR/AUC determines whether the SQNMS in the AUTS is the agreed specific value 125. If it is a specific value 125, step 212 is performed; if it is not a specific value 125, step 210 is performed.
  • the HLR/AUC may generate an AK according to the RAND and the KI to decrypt the SQNMS ciphertext and obtain the SQNMS plaintext.
  • Step 210 When receiving the AUTS and RAND sent by the MSC/VLR, the HLR/AUC performs consistency verification on the AUTS according to the KI, that is, according to the AMF, the saved KI, the received RAND, and the SQNMS in the AUTS, etc.
  • KI, SQNMS, RAND, and AMF generate a MAC-S-based algorithm to calculate a calculation result, and then compare whether the calculated calculation result is consistent with the MAC-S in the received AUTS. If they are consistent, the judgment is passed. For the consistency verification of the AUTS, then step 211; otherwise, it is determined that the consistency verification of the AUTS is not passed, and then step 214 is performed;
  • Step 211 The HLR/AUC updates the SQNHE according to the value of the SQNMS, generates a new authentication tuple, and sends a synchronization processing result message to the MSC/VLR, where the message includes a new authentication tuple.
  • Step 212 When receiving the AUTS and RAND sent by the MSC/VLR, the HLR/AUC performs consistency verification on the AUTS according to the KI and the control parameter, that is, according to the AMF, the saved KI, the control parameter, the received RAND, and the AUTS.
  • the SQNMS and the like calculate a calculation result based on the algorithm that the terminal generates a MAC-S according to the KI, the control parameter, the RAND, the specific value, and the AMF, and then compares the calculated result with the MAC of the received AUTS.
  • -S is consistent, if it is consistent, it is determined by the consistency verification of the AUTS, and then step 213; otherwise, it is determined that the consistency verification of the AUTS is not passed, and then step 214 is performed;
  • Step 213 The HLR/AUC executes the agreed content corresponding to the specific value 125, that is, performs an authentication key update action, that is, performs an algorithm according to an algorithm that is consistent with the terminal generating a new authentication key according to RAND and KI, and generates a new authentication.
  • the key NewKI then uses NewKI to generate a new authentication tuple, and sends a synchronization processing result message to the MSC/VLR, which includes the new authentication tuple.
  • Step 214 Send a synchronization processing result message to the MSC/VLR, where the message includes an illegal Step information.
  • the values of the SQNMS and the SQNHE may be re-initialized separately.
  • the terminal does not update the saved SQNMS according to SQNHE in step 207, but initializes the value of the SQNMS to 0; correspondingly, the HLR/AUC initializes the value of SQNHE to a random value less than 65536 in step 213. In this way, the conversion part of SQNHE can be kept short to achieve normal authentication. Because the terminal and the HLR/AUC can perform the authentication key update when the SQNHE has not traversed all the changes, the terminal can ensure the rationality of the network authentication.
  • the length of the actually required SQNMS and SQNHE can be shorter than the length specified by the prior art.
  • the length of the original SQN (referred to as SQNMS > SQNHE) is 6 bytes and 48 bits (bits).
  • the SQN can only require 5 bytes and 40 bits, so that the algorithm does not need to ensure authentication and key negotiation.
  • the extended byte is at the upper level of the SQN, thus, the extended SQNHE for calculating the MAC-A; the extended SQNMS is used when calculating the MAC-S;
  • the non-extended 5-byte SQNMS is still used to compare with the unexpanded 5-byte SQNHE to determine the SQNHE. Whether it is updated, that is, whether SQNHE is within acceptable limits.
  • the extra extended bytes have no other meaning except for participating in the calculation of MAC-A and MAC-S in order to be compatible with the original algorithm operation.
  • the present invention can further use this extended byte to express other information.
  • the method further includes: when the re-synchronization flag AUTS is generated by using the specific value instead of the terminal sequence number SQNMS, the specific value is a 6-byte number, and the highest byte is a specific value, and the other status is 5
  • the bytes are arbitrary values.
  • the terminal generates the resynchronization flag AUTS according to the control parameter and replaces the SQNMS with the specified specific value 125, and may use such a 6-byte special value instead of the SQNMS to generate the AUTS.
  • one byte of the highest bit of this special value is set to 125 or some other specific value such as 255, and the lower 5 bits of the special value can be set to an arbitrary value, for example, a 6-byte random number can be generated. Set one byte of the most significant bit of the random number to 125. Then, the random value of the high byte value is changed as the substitute SQNMS to calculate the special value of the AUTS.
  • the HLR/AUC determines whether the SQNMS in the AUTS is the specified specific value 125, it is actually determining whether the high byte value of the SQ MS is 125, and no longer determining whether the value of the entire SQNMS is specific. The value is 125. Obviously, the special values produced in this way are more random and therefore have higher security.
  • FIG. 3 is a specific embodiment 2 of a specific embodiment of the present invention.
  • the embodiment is a process for performing the authentication key update control by using the controlled key update method of the present invention.
  • the terminal and the HLR/AUC negotiate a controlled update of the authentication key, and the control is passed.
  • the control parameter for controlling the update of the authentication key is set in the subscription data of the corresponding user in the HLR/AUC.
  • the control parameter is also saved in the UE of the terminal.
  • the embodiment stipulates that the specific value is represented by any number with the highest byte of 125, and uses the specific value to indicate that the authentication key needs to be updated, and the specific content corresponds to the agreed content, that is, the network side recognizes the SQNMS.
  • the content of the highest byte being the 125 is "generate a new authentication key to authenticate against the new authentication key".
  • the terminal includes a user equipment UE and a user card.
  • step 301 the terminal initiates a location update request to the network.
  • This step may also be to initiate a service request to the network side.
  • any message sent by the terminal that can cause the network side to authenticate the terminal may be used.
  • step 302 after receiving the request, the network side MSC/VLR authenticates the terminal, and sends an authentication request to the terminal, and the authentication parameters RAND and AUTN in the current authentication quintuple of the terminal are corresponding. Send to the terminal.
  • the HLR/AUC generates RAND based on the random number generator, and calculates XRES, CK, and IK based on RAND and KI, respectively.
  • MAC-A is generated based on RAND, SQNHE, KI, and AMF calculations
  • AUTN is generated based on MAC-A, SQNHE, AK, and AMF.
  • HLR/AUC combines pent, AUTN. XRES, CK and IK into a quintuple and The corresponding IMSI is sent to the MSC/VLR.
  • the HLR/AUC sends the generated authentication tuple to the MSC/VLR after receiving the request of the MSC/VLR for requesting the authentication quintuple.
  • the MSC/VLR initiates an authentication request to the terminal, and simultaneously transmits the authentication parameters RAND and AUTN in the quintuple to the terminal.
  • Step 303 When receiving the authentication request, the terminal first receives the KI according to the saved KI.
  • the AUTN performs the consistency verification, that is, the AUTN is first verified according to the saved KI and the RAND. If the verification is successful, step 305 is performed; otherwise, step 304 is performed.
  • the terminal when the terminal receives the RAND and AUTN from the MSC/VLR, it calculates the MAC-A in the AUTN according to the KI stored by itself, the received RAND, and the SQNHE in the received AUTN and the AMF. The algorithm generates MAC-A, and then the terminal compares the MAC-A generated by itself with the MAC-A in the AUTN. If they are equal, it determines that the AUTN consistency verification is passed. Otherwise, it determines that the AUTN consistency verification is not by.
  • the terminal MS since the terminal MS includes the user equipment UE and the user card, in actuality, the UE receives the authentication request, and sends the authentication parameters RAND and AUTN to the user card, and the user card performs the KI according to the KI saved by itself.
  • the received AUTN performs consistency verification.
  • the step may be further: when the UE receives the authentication request, the saved control parameter and the received RAND and AUTN are transmitted to the user card, and the user card first performs consistency on the received AUTN according to the KI saved by the user. Verification, that is, the AUTN is first verified according to the KI and the RAND saved by itself. If the verification is passed, step 305 is performed, and step 1 is performed. Specifically, when receiving the control parameters, RAND, and AUTN from the UE, the user card calculates the MAC in the AUTN according to the KI stored by itself, the received RAND, and the SQNHE in the received AUTN, and the AMF adopts the HLR/AUC.
  • - A-based algorithm generates MAC-A, and then compares the MAC-A generated by itself with the MAC-A in AUTN. If they are equal, it determines that the consistency verification of AUTN is passed. Otherwise, it determines that the AUTN is consistent. Sexual verification failed.
  • step 304 the terminal returns the information of the authentication failure to the network, and then ends the process of updating the negotiation authentication key.
  • the user card may return the information of the authentication failure to the UE, the UE. Return the information of "authentication failure" to the network.
  • Step 305 The terminal determines whether the SQNHE is within an acceptable range. If yes, it determines that the network authentication is passed, and performs step 307; otherwise, determines that the synchronization fails, and performs step 306.
  • the user card may determine whether the SQNHE is within an acceptable range. If yes, it is determined that the network authentication is passed, and then step 307 is performed; otherwise, the synchronization is determined to be failed, and then step 306 is performed.
  • Step 306 The terminal directly generates a resynchronization flag AUTS according to the SQNMS, and initiates a resynchronization request command to the network, and attaches an AUTS.
  • step 308 is performed. Specifically, the terminal calculates the MAC-S according to its own KI, SQNMS, and received RAND and AMF, and then generates an AUTS according to the SQNMS, AK, and MAC-S, and then initiates a resynchronization request command to the network side, and attaches The AUTS. That is, a synchronization failure message is sent to the MSC/VLR, and the synchronization failure message includes AUTS.
  • this step may further be that the user card directly generates a resynchronization flag AUTS according to the SQNMS, and initiates a resynchronization request command to the network, and attaches the AUTS. Then step 308 is performed.
  • the UE forwards the synchronization request command of the user card to the network.
  • Step 307 the terminal initializes the value of the SQNMS, for example, set to 0, and generates a new authentication key NewKI according to RAND and KI; the terminal generates an arbitrary number, for example, generates a random number, and sets the highest byte of the arbitrary digit. Is 125, and sets the most significant byte to any number of 125 as a specific value; then, the terminal generates a resynchronization flag AUTS according to the control parameter and replaces the SQNMS with a specific value of the highest byte of 125 generated. , initiate a resynchronization request command to the network, and attach a resynchronization flag AUTS. Then step 308 is performed.
  • the terminal replaces the SQNMS with a specific value generated by the terminal to calculate the MAC-S according to the KI, the control parameters, and the received RAND and AMF, and then encrypts the specific value with the AK, and the ciphertext and the MAC- S combines to produce AUTS.
  • the terminal sends a resynchronization request command to the network side and attaches the AUTS. That is, a synchronization failure message is sent to the MSC/VLR, and the synchronization failure message includes AUTS.
  • the step may further be that the user card generates the resynchronization flag AUTS according to the control parameter saved by the UE, and replaces the SQNMS with the generated specific value, and initiates a resynchronization request command to the network, and attaches a resynchronization flag AUTS.
  • step 308 is performed.
  • the UE forwards the synchronization request command of the user card to the network. Since the MAC-S is generated by the user card, in step 303, the UE transmits the control parameters to the user card together when transmitting the RAND and the AUTN to the user card.
  • Step 308 When receiving the synchronization failure message sent by the terminal, the MSC/VLR on the network side sends the AUTS in the message and the RAND in the corresponding quintuple to the HLR/AUC. Then step 309 is performed.
  • the MSC/VLR on the network side requests a new authentication tuple from the HLR/AUC, and the request message includes the AUTS received from the terminal and the RAND in the corresponding authentication quintuple.
  • Step 309 the HLR/AUC determines whether one byte of the highest bit of the SQNMS in the AUTS is 125. If it is 125, step 312 is performed; if it is not 125, step 310 is performed.
  • the HLR/AUC may generate an AK according to the RAND and the KI to decrypt the SQNMS ciphertext and obtain the SQNMS plaintext.
  • Step 310 When receiving the AUTS and RAND sent by the MSC/VLR, the HLR/AUC performs consistency verification on the AUTS according to the KI, that is, the terminal and the terminal according to the AMF, the saved KI, the received RAND, and the SQNMS in the AUTS.
  • KI the terminal and the terminal according to the AMF
  • the saved KI the received RAND
  • SQNMS the SQNMS in the AUTS.
  • a MAC-S-generated algorithm is used to calculate a calculation result, and then the self-calculated calculation result is compared with the MAC-S in the received AUTS. If they are consistent, it is determined.
  • step 311 is performed; otherwise, it is determined that the consistency verification of the AUTS is not passed, and then step 314 is performed;
  • Step 311 The HLR/AUC updates the SQNHE according to the value of the SQNMS, generates a new authentication tuple, and sends a synchronization processing result message to the MSC/VLR, where the message includes a new authentication tuple. Then perform step 314.
  • Step 312 When receiving the AUTS and RAND sent by the MSC/VLR, the HLR/AUC performs consistency verification on the AUTS according to the KI and the control parameter, that is, according to the AMF, the saved KI, the control parameter, the received RAND, and the AUTS.
  • the SQNMS calculates a calculation result based on the algorithm that the terminal generates a MAC-S based on the KI, the control parameter, the RAND, the specific value, and the AMF, and then compares the calculated result with the MAC in the received AUTS.
  • -S is consistent, if it is consistent, it is judged to pass the consistency verification of AUTS, and then step 313 is performed; otherwise, it is judged that the consistency verification of AUTS is passed, and then Step 314;
  • Step 313 The HLR/AUC performs the corresponding agreement content when the highest byte of the SQNMS is 125, that is, performs an authentication key update action, that is, an algorithm that is consistent with the terminal to generate a new authentication key according to the RAND and the KI. Perform calculation, generate a new authentication key NewKI, and then initialize the value of SQNHE, for example, set to an arbitrary value less than 65536, and use NewKI to generate a new authentication tuple, and send a synchronization processing result message to the MSC/VLR, message Includes new authentication tuples.
  • an authentication key update action that is, an algorithm that is consistent with the terminal to generate a new authentication key according to the RAND and the KI.
  • Perform calculation generate a new authentication key NewKI, and then initialize the value of SQNHE, for example, set to an arbitrary value less than 65536, and use NewKI to generate a new authentication tuple, and send a synchronization processing result message to the M
  • Step 314 Send a synchronization processing result message to the MSC/VLR, where the message includes illegal synchronization information.
  • the specific value in the present invention may be a specified value, such as a value of 125 bytes in length or 48 bits, or an arbitrary value of 48 bits in length of 125, or a certain value. Any specified number of bytes or some specified bit is a specified value with a length of 48 bits.
  • the above MSC/VLR is a circuit domain device.
  • the corresponding MSC/VLR device is an SGSN, so the present invention can be equally applied to a packet domain.
  • the terminal and the HLR/AUC generate a new authentication key, which may be a mature digest algorithm.
  • a digest algorithm refer to the book Applied Cryptography or related algorithm papers or reports;
  • a new key may also be performed using an algorithm for generating an encryption key CK or an integrity key IK by the random number RAND and the authentication key KI mentioned in the 3GPP protocol.
  • the terminal determines whether the SQNHE is in an acceptable range for the AUTN-conformity verification, the HLR/AUC verifies the validity of the AUTS, and the HLR/AUC generates the authentication tuple.
  • the update of the SQNHE; the algorithm for generating the authentication tuple, and the algorithm for generating the AUTS in the synchronous processing flow under normal conditions, etc. can be referred to the 3GPP related protocol, and is not described here because it is a well-known technology.
  • the terminal when the AUTS is generated in the present invention, when the AUTS is generated, the terminal additionally generates the MAC-S according to the control parameter, and the terminal may first perform the digest calculation with the control parameter and the KI to obtain a calculation result. Resultl, and then use Resultl and the specific value for the digest calculation to obtain a calculation result Result2, and then use Result2 and the RAND to perform The calculation is performed to obtain a calculation result Result3, and then the summary calculation is performed by Result3 and the AMF, and the obtained calculation result is taken as MAC-S.
  • the HLR/AUC calculates the calculation process and the used algorithm and terminal according to the AMF, the saved KI, the set control parameters, the received RAND, and the SQNMS in the AUTS.
  • the process of generating MAC-S is consistent with the algorithm used.
  • the process of generating the MAC-S and the digest algorithm used may be determined according to the actual situation.
  • the 3GPP related specifications may also be referred to, and details are not described herein.
  • the control parameter used to control the key update of the present invention may be a password, for example, a password similar to the user card PIN code, for example, may be a user PIN code SPIN set by the network side for the user to change the service;
  • the identifier of a terminal for example, the IMEI of the terminal; of course, an arbitrary value customized by the user, for example, the alias of the user, the avatar information of the user, or the summary information of the avatar data of the user, and the like.
  • the apparatus for implementing controlled key update includes:
  • control parameter storage unit configured to store a control parameter for controlling the update of the authentication key
  • a specific value storage unit configured to store the substitute terminal serial number to generate a specific value of the resynchronization flag
  • a resynchronization flag generating unit configured to generate a resynchronization flag according to the terminal's authentication key, the received random number, the control parameter storage unit or the user input control parameter, and the specific value saved by the specific value storage unit, replacing the terminal serial number .
  • the device is located in the terminal; the terminal includes a user equipment and a user card; the specific value storage unit and the resynchronization flag generating unit are located in the user card; and the control parameter storage unit is located in the user equipment or the user card.
  • the apparatus for implementing controlled key update includes: a control parameter holding unit, configured to save a control parameter for controlling an authentication key update; and a specific value discriminating unit, configured to receive resynchronization When requesting a command, determine whether the terminal serial number is a specific value;
  • a resynchronization flag verification unit configured to verify consistency of the resynchronization flag attached to the received resynchronization request command according to the control parameter saved by the control parameter saving unit;
  • the authentication key update unit is configured to implement the update of the authentication key when the determination result of the specific value is YES, and the resynchronization mark verification unit verifies the pass.
  • the device is located in the home location register/authentication center on the network side.
  • each unit may be a separate entity, and may be combined according to actual conditions and requirements, and details are not described herein.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La présente invention concerne un procédé de mise à jour de clés secrètes contrôlées appliqué au réseau de communication 3G comprenant les phases suivantes : au niveau du réseau, les paramètres de commande permettant de contrôler la mise à jour de la clé secrète d’authentification sont réglés ; une fois que le terminal a confirmé l’authentification de conformité du côté réseau, il génère le jeton de resynchronisation selon sa propre clé secrète d’authentification, les numéros aléatoires reçus, les paramètres de commande qu’il a lui-même euregistrés ou bien saisis par l’utilisateur, et en remplaçant le numéro de séquence du terminal par des valeurs particulières, envoie la commande de demande de la resynchronisation au côté réseau et joint le jeton de resynchronisation ; lorsque le côté réseau reçoit la commande de demande de la resynchronisation et détermine que le numéro de séquence du terminal est la valeur particulière, il exécute l’authentification de conformité pour le jeton de resynchronisation selon les paramètres de commande définis, les nombres aléatoires, et la clé secrète d’authentification du côté réseau, puis, si l’authentification est confirmée, la clé secrète est mise à jour, sinon les processus associés sont exécutés. Selon l’invention, les paramètres de commande sont ajoutés lors de la génération du jeton de resynchronisation, pour ainsi empêcher des utilisateurs illégaux de mettre à jour la clé secrète d’authentification par clonage illégal de cartes utilisateurs.
PCT/CN2006/002475 2005-10-10 2006-09-21 Procédé de mise à jour de clés secrètes contrôlées et appareil idoine WO2007041933A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN200680012300.5A CN101160780B (zh) 2005-10-10 2006-09-21 一种受控的密钥更新方法及装置

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200510100290.8A CN100479569C (zh) 2005-10-10 2005-10-10 一种受控的密钥更新方法
CN200510100290.8 2005-10-10

Publications (1)

Publication Number Publication Date
WO2007041933A1 true WO2007041933A1 (fr) 2007-04-19

Family

ID=37298584

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2006/002475 WO2007041933A1 (fr) 2005-10-10 2006-09-21 Procédé de mise à jour de clés secrètes contrôlées et appareil idoine

Country Status (2)

Country Link
CN (2) CN100479569C (fr)
WO (1) WO2007041933A1 (fr)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100461938C (zh) * 2005-08-08 2009-02-11 华为技术有限公司 一种受控的密钥更新方法
CN100479569C (zh) * 2005-10-10 2009-04-15 华为技术有限公司 一种受控的密钥更新方法
CN107222306A (zh) * 2017-01-22 2017-09-29 天地融科技股份有限公司 一种密钥更新方法、装置及系统
CN109802827B (zh) * 2018-12-19 2022-02-01 中国长城科技集团股份有限公司 密钥更新方法及密钥更新系统
CN111292089A (zh) * 2020-02-12 2020-06-16 北京智慧云测科技有限公司 一种psam卡防护管理方法和psam卡
US20220103354A1 (en) * 2020-09-25 2022-03-31 Renesas Electronics Corporation Secure encryption key generation and management in open and secure processor environments
CN112235799B (zh) * 2020-10-14 2021-11-16 中国电力科学研究院有限公司 终端设备入网鉴权方法及系统

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001078306A1 (fr) * 2000-04-06 2001-10-18 Nokia Corporation Procede et systeme permettant de produire un numero de sequence devant etre utilise a des fins d'authentification
CN1835623A (zh) * 2005-08-08 2006-09-20 华为技术有限公司 一种受控的密钥更新方法
CN1859734A (zh) * 2005-10-10 2006-11-08 华为技术有限公司 一种受控的密钥更新方法

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1457173A (zh) * 2002-05-08 2003-11-19 英华达股份有限公司 更新网络加密钥匙码的方法
CN100525182C (zh) * 2004-03-11 2009-08-05 西安西电捷通无线网络通信有限公司 用于无线网络的鉴别与保密方法

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001078306A1 (fr) * 2000-04-06 2001-10-18 Nokia Corporation Procede et systeme permettant de produire un numero de sequence devant etre utilise a des fins d'authentification
CN1835623A (zh) * 2005-08-08 2006-09-20 华为技术有限公司 一种受控的密钥更新方法
CN1859734A (zh) * 2005-10-10 2006-11-08 华为技术有限公司 一种受控的密钥更新方法

Also Published As

Publication number Publication date
CN101160780B (zh) 2010-05-19
CN1859734A (zh) 2006-11-08
CN100479569C (zh) 2009-04-15
CN101160780A (zh) 2008-04-09

Similar Documents

Publication Publication Date Title
EP3493502B1 (fr) Pourvoir un appareil iot d'une clef d'authentification
JP6732095B2 (ja) 異種ネットワークのための統一認証
CN108141355B (zh) 使用Diffie-Hellman过程生成会话密钥的方法和系统
EP2033479B1 (fr) Procédé et appareil pour la protection de sécurité de l'identité d'un utilisateur d'origine dans un message de signalisation initial
JP6727294B2 (ja) ユーザ機器ueのアクセス方法、アクセスデバイス、およびアクセスシステム
WO2006131061A1 (fr) Procede d'authentification et procede de transmission d'informations correspondant
US20110004754A1 (en) Method And Apparatuses For Authentication And Reauthentication Of A User With First And Second Authentication Procedures
WO2010012203A1 (fr) Procédé d'authentification, procédé de recertification et dispositif de communication
US20050271209A1 (en) AKA sequence number for replay protection in EAP-AKA authentication
KR20120052396A (ko) 유선 근거리 통신망을 위한 보안 액세스 제어 방법 및 시스템
WO2003077467A1 (fr) Procede de distribution de cles chiffrees dans un reseau lan sans fil
WO2004043006A1 (fr) Procede d'acces d'un terminal mobile au reseau local sans fil et de communication de donnees en toute securite via une liaison sans fil
JP2008533802A (ja) 無線携帯インターネットシステムの認証方法及び関連キー生成方法
WO2012028010A1 (fr) Procédé, appareil et système d'authentification
WO2010091563A1 (fr) Procédé, dispositif et système de gestion destinés à un certificat de terminal wapi
WO2007022731A1 (fr) Procede, systeme et equipement de negociation de cle de cryptage dans une trame de verification universelle amelioree
WO2007028328A1 (fr) Procede, systeme et dispositif de negociation a propos d'une cle de chiffrement partagee par equipement utilisateur et equipement externe
WO2006137625A1 (fr) Dispositif pour realiser une fonction de securite dans un mac de systeme internet portable et methode d'authentification faisant appel a ce dispositif
WO2009097789A1 (fr) Procédé et système de communication pour établir une association de sécurité
WO2007121669A1 (fr) Procédé, dispositif et système pour établir une connexion hertzienne
WO2007041933A1 (fr) Procédé de mise à jour de clés secrètes contrôlées et appareil idoine
WO2012028043A1 (fr) Procédé, dispositif et système d'authentification
WO2009074050A1 (fr) Procede, systeme et appareil d'authentification de dispositif de point d'acces
WO2011088770A1 (fr) Procédé et système permettant de produire des clés de chiffrement d'une interface radio
WO2007104248A1 (fr) Procédé, système, appareil et entité à fonction de service d'amorçage aux fins de prévention d'attaques

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 200680012300.5

Country of ref document: CN

WWE Wipo information: entry into national phase

Ref document number: 1430/KOLNP/2008

Country of ref document: IN

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06791066

Country of ref document: EP

Kind code of ref document: A1