WO2008040242A1 - Procédé, réseau et dispositif de terminal permettant d'obtenir une clé de service de multidiffusion/diffusion - Google Patents

Procédé, réseau et dispositif de terminal permettant d'obtenir une clé de service de multidiffusion/diffusion Download PDF

Info

Publication number
WO2008040242A1
WO2008040242A1 PCT/CN2007/070739 CN2007070739W WO2008040242A1 WO 2008040242 A1 WO2008040242 A1 WO 2008040242A1 CN 2007070739 W CN2007070739 W CN 2007070739W WO 2008040242 A1 WO2008040242 A1 WO 2008040242A1
Authority
WO
WIPO (PCT)
Prior art keywords
mbs
key
mak
mgtek
terminal
Prior art date
Application number
PCT/CN2007/070739
Other languages
English (en)
Chinese (zh)
Inventor
Xianhui He
Jianjun Wu
Changhong Shan
Zhibin Lin
Chengyan Feng
Yong Xie
Original Assignee
Huawei Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from CN2006101390058A external-priority patent/CN101150396B/zh
Priority claimed from CNA2006101419747A external-priority patent/CN101155411A/zh
Application filed by Huawei Technologies Co., Ltd. filed Critical Huawei Technologies Co., Ltd.
Publication of WO2008040242A1 publication Critical patent/WO2008040242A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/02Details
    • H04L12/16Arrangements for providing special services to substations
    • H04L12/18Arrangements for providing special services to substations for broadcast or conference, e.g. multicast
    • H04L12/189Arrangements for providing special services to substations for broadcast or conference, e.g. multicast in combination with wireless systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • H04L9/0833Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/321Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0431Key distribution or pre-distribution; Key agreement
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0433Key management protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/06Selective distribution of broadcast services, e.g. multimedia broadcast multicast service [MBMS]; Services to user groups; One-way selective calling services

Definitions

  • the present invention relates to the field of communications, and in particular to a multicast broadcast technology in a WiMAX system.
  • WiMAX Worldwide Interoperability for Microwave Access
  • Operationality accelerates the deployment of broadband wireless networks based on the aforementioned IEEE 802.16 series of standards. Therefore, in general, a system that implements wireless broadband access as specified in the 802.16 series of standards is called a WiMAX system.
  • WiMAX mainly includes a mobile station (Mobile Station, referred to as "MS”) / Subscriber Station (“SMS”), an Access Service Network (ASN), and a connection service network ( Connectivity Service Network, referred to as "CSN”) ⁇ ,
  • MS Mobile Station
  • SMS Subscriber Station
  • ASN Access Service Network
  • CSN connection service network
  • the ASN is defined as a network function set that provides wireless access services for WiMAX user terminals.
  • the ASN includes a base station (Base Station, referred to as "BS") and an ASN Gate (ASN GateWay abbreviation "ASN-GW”) network element, and an ASN may be Multiple CSNs are shared.
  • BS Base Station
  • ASN-GW ASN GateWay abbreviation "ASN-GW”
  • the main functions of the ASN include the functions of the base station and the functions of the ASN-GW.
  • the functions of the base station are: providing L2 connection of the base station and the user station SS/MS, radio resource management, measurement and power control, and compression and encryption of air interface data.
  • the functions of ASN-GW include: proxy function for SS/MS authentication, authorization and accounting functions; network discovery and selection for NSP; relay function for providing L3 information for SS, such as IP address allocation .
  • CSN is defined to provide IP connection services for WiMAX user terminals.
  • the CSN mainly provides the following functions: IP address allocation of SS/MS, Internet access, Authentication, Authorization, Account ("AAA") Proxy or service (server, user-based authorization) Control, ASN to CSN tunneling, WiMAX subscriber billing and inter-operator billing, tunneling between CSNs in roaming, ASN switching, and various WiMAX services (eg location-based services, multimedia) Broadcast and broadcast services, IP multimedia subsystem services).
  • AAA Authentication, Authorization, Account
  • AAA Authorization, Account
  • WiMAX WiMAX subscriber billing and inter-operator billing
  • WiMAX services eg location-based services, multimedia Broadcast and broadcast services, IP multimedia subsystem services.
  • the MS/SS is a (mobile) user equipment that the user uses to access the WiMAX network.
  • the usual communication is communication between one node and another node, but with the rapid development of the Internet, people's demand for mobile communication is no longer satisfied with peer-to-peer communication, so a large number of multimedia services emerge, some of which are applied. Multiple users are required to receive the same data at the same time, such as video on demand, TV broadcast, video, online education, interactive games, and so on. Compared with general data, these mobile multimedia services have the characteristics of large data volume, long duration, and delay sensitivity.
  • the current IP multicast technology is only applicable to wired IP networks, not to mobile networks, because mobile networks have specific network structures, functional entities, and wireless interfaces, which are different from wired IP networks.
  • WiMAX introduced multicast broadcast services (Multicast)
  • MBS Broadcast Service
  • WiMAX WiMAX
  • MBS based on WiMAX network supports two access modes: single base station access and multiple base station access.
  • multi-base station access mode all base stations in an MBS domain (identified by MBS-zone ID) use the same multicast connection identifier (Multicast Connection ID, "MCID") and MBS multicast group.
  • MBS GSA MBS Group Security Association
  • the terminal that has registered the MBS service can receive the MBS content through multiple base stations in the MBS domain.
  • the terminal in the idle (Idle) mode moves across the base station in the MBS zone, there is no need to re-establish the connection, and the MBS can be seamlessly switched without receiving the MBS.
  • Some globally defined service flows can carry broadcast or multicast information to multiple terminals. These services The flow has a Quality of Service (QoS) parameter and may also need to be encrypted with a globally defined data encryption key.
  • QoS Quality of Service
  • a Service Flow Identifier (“SFID") is used to identify a one-way service flow, and a Connection ID (CID) is used to identify a connection. All traffic flows are transmitted over the air interface through the MAC (Media Access Control) layer connection, ie the SFID is mapped to a CID.
  • the MCID is a connection identifier dedicated to the multicast connection.
  • 802.16e specifies the use of MBS Content Identification (ID) to identify a multicast service.
  • a Protocol Data Unit (“PDU”) transmitted on one MCID contains one or more MBSs.
  • GSA Group Security Association
  • GTEK Group Traffic Encryption Key
  • GSA Group Traffic Encryption Key
  • GKEK Group Key Encryption Key
  • GKEK is randomly generated by the BS and encrypted by KEK and sent to the terminal.
  • Each GSA has only one GKEK, which is used to encrypt each GTEK of a message in the same multicast group.
  • PLMv2 Key-Request/Reply is also encrypted by the GKEK.
  • the following keys can be included in an MBS GSA:
  • MAK MBS Authentication Key
  • GSA MBS GSA
  • MBS Server an external entity, such as MBS Server.
  • the MAK can be in one MBS. Shared within all members of the broadcast group.
  • MBS Group Traffic Encryption Key which is 128 bits long, is used to indirectly protect MBS data and is updated more frequently than MAK.
  • MGTEK is a random provided by the access network, such as the base station as the access network authentication key. Number, it is only used to generate the MBS data MAK common encryption key (MBS Traffic Key, referred to as "MTK”) 0
  • MBS data encryption key MTK MTK is used to encrypt MBS transmission data. It is a 128-bit key generated by MAK and MGTEK through a function. The terminal decrypts the received data according to the MTK generated by MAK and MGTEK.
  • the MBS multicast group key hierarchy is shown in Figure 2.
  • DSA-REQ dynamic service flow creation request message
  • DSA-RSP dynamic service flow creation response message
  • the GKEK update is initiated.
  • the mode of the key update message is GKEK update mode.
  • the GKEK update is performed on the primary management connection, and the key encryption key (Key Encryption Key) is used. "KEK”) encryption.
  • the base station After the GTEK update time comes, the base station initiates an update of GTEK. At this time, the mode of the key update message is GTEK update mode, and the update of GTEK is performed on the broadcast connection and encrypted by GKEK.
  • the main purpose of the embodiments of the present invention is to provide a key acquisition method, a network, and a terminal device for a multicast broadcast service, so that the WiMAX terminal and the network side can obtain a correct MBS key.
  • an embodiment of the present invention provides a key acquisition method for a multicast broadcast service, including:
  • the terminal obtains the MBS authentication key MAK
  • the terminal initiates a request to join the MBS multicast group to the network side, and authenticates the terminal through the network side. And after the terminal is authorized to join the MBS multicast group, the terminal obtains the security association identifier of the MBS multicast group from the network side;
  • the terminal acquires an MBS multicast group data encryption key MGTEK from the network side according to the obtained security association identifier;
  • the terminal generates an MBS data encryption key MTK according to the MAK and MGTEK.
  • the embodiment of the invention further provides a network, including:
  • a device for generating an MBS data encryption key MTK based on the MAK and MGTEK further provides a network for implementing key acquisition of a multicast broadcast service, where the network includes: a base station, an MBS server, an authentication device, and an authorization device, where:
  • the authentication device is configured to: authenticate the terminal that initiates the multicast broadcast service key request, and notify the authorized device and the MBS server of the authentication result;
  • the authorizing device is configured to: when the terminal authentication passes, authorize the terminal to join the MBS multicast group;
  • the MBS server is used to:
  • the base station is configured to: transmit, according to the request of the terminal, the SAS identifier of the MBS multicast group obtained by the SAS information of the MBS multicast group to the terminal, and according to the bearer sent by the terminal.
  • the key request of the security association identifier of the MBS multicast group is used to transmit the MBS multicast group data encryption key MGTEK included in the security association information of the corresponding MBS multicast group to the terminal.
  • the embodiment of the invention further provides a terminal device, including:
  • a module for acquiring an MBS authentication key MAK A module for requesting to join an MBS multicast group to a network side, and acquiring an SA identity of the MBS multicast group when authorized to join;
  • the terminal obtains the MAK when registering the MBS, and after obtaining the MAK, requests the network side to join the MBS multicast group, and the network side authenticates the request of the terminal, and After the authentication is passed, the security association identifier of the MBS multicast group is returned to the terminal.
  • the terminal obtains the MGTEK from the network side according to the obtained SA identity, and obtains the MTK according to the obtained MAK and the MGTEK.
  • the embodiment of the invention solves the problem of how the terminal obtains the MBS key in the WiMAX network, and ensures that the terminal and the network side can obtain the correct MBS key.
  • the network sends MGTEK to the terminal to ensure that only the authenticated terminal can obtain the MBS key and the network side can encrypt the MBS service data with the correct key.
  • FIG. 1 is a schematic diagram of a WiMAX network architecture according to the prior art
  • FIG. 2 is a schematic diagram of a hierarchical structure of a MBS group key according to the prior art
  • FIG. 3 is a flow chart of updating a GKEK and a GTEK by a base station according to the prior art
  • FIG. 4 is a flowchart of an MBS key acquisition method according to a first embodiment of the present invention.
  • FIG. 5 is a flowchart of a method 1 for registering an MBS by a terminal in an MBS key acquisition method according to a first embodiment of the present invention
  • FIG. 6 is a flowchart of a second method for registering an MBS by a terminal in an MBS key acquisition method according to a first embodiment of the present invention
  • FIG. 7 is a flowchart of an MBS key acquisition method according to a second embodiment of the present invention.
  • FIG. 8 is a schematic diagram of a process of pushing an MBS server in an MBS key acquisition method according to a third embodiment of the present invention.
  • FIG. 9 is a schematic diagram of an MBS server updating a MAK by a push process in an MBS key acquisition method according to a third embodiment of the present invention
  • 10 is a schematic diagram of an MBS server updating a MAK through a pull process in an MBS key acquisition method according to a third embodiment of the present invention
  • FIG. 11 is a schematic diagram of a gateway update MGTEK and GKEK in an MBS key acquisition method according to a third embodiment of the present invention.
  • the MBS agent updates the schematics of MGTEK and GKEK.
  • the MBS key (including the MAK:, the terminal and the network side) is provided.
  • the first embodiment of the present invention is described in detail below.
  • the first embodiment of the present invention relates to a key acquisition method for an MBS. The specific process is shown in FIG.
  • step 401 the terminal performs the network access and authentication process of the network.
  • the 802.16e DraftB protocol refers to the 802.16e DraftB protocol, which is not described here.
  • the terminal establishes a connection link, that is, a transmission connection with the base station. Then, proceeding to step 403, the terminal subscribes to the MBS and authenticates the terminal on the network side to obtain the MBS authentication key MAK. In the process of subscribing to the MBS, the terminal needs to pass the Authentication, Authorization, and Accounting ("AAA") server authentication (such as step 403' and step ( ⁇ ). The specific details of this step will be described later. With a detailed explanation.
  • AAA Authentication, Authorization, and Accounting
  • the terminal requests to join the MBS multicast group by initiating a DSA procedure to the base station, that is, establishing an MBS link. If the base station has established a bearer connection with the gateway for the MBS multicast group, the process directly proceeds to step 409; if the base station receives the request for establishing the MBS link of the terminal, the base station has not established the bearer of the MBS multicast group with the gateway. If the connection is established, the process proceeds to step 405. If the base station and the gateway establish a bearer connection of the MBS multicast group, but the gateway has not established a bearer connection with the MBS server (MBS server), the process proceeds to step 406.
  • MBS server MBS server
  • an R6 tunnel is established, that is, the base station requests the gateway to establish the MBS multicast group. Hosting connection. If the base station does not acquire the security association information of the MBS in advance when the first terminal requests to establish the MBS connection, the base station requests to acquire the MBS multicast group from the gateway connected to the base station when the first terminal requests to establish the MBS connection.
  • Security association information which includes the MBS Multicast Group Security Association Identity (MBS GSAID).
  • the base station If the MGTEK and the group key encryption key GKEK for encrypting the MBS multicast group data are generated by the base station itself, the base station also needs to request the MAK and MAK context of the MBS multicast group from the gateway; if the MGTEK Not generated by the base station itself, the base station also needs to request the MAK, MAK context, GKEK and its context and MGTEK and its context of the MBS multicast group from the gateway.
  • the context information includes a key identification number, a key life cycle, a key update time, an MBS multicast group security association identifier, and a key sequence number.
  • step 406 If the gateway has not established the bearer connection of the MBS multicast group with the MBS server MBS Server, proceed to step 406 to establish an R3 tunnel, that is, a channel for carrying the MBS data, and request the MBS multicast group including the MBS from the gateway.
  • Security association information identified by the multicast group security association Since the base station requests to establish an MBS connection with the gateway, it also requests to acquire the MAK and MAK context of the MBS multicast group, or MAK, MAK context, GKEK and its context, and MGTEK and its context.
  • the gateway when requesting to establish an MBS connection with the MBS server, the gateway also needs to request the MAK and MAK context of the MBS multicast group from the MBS server or the MBS proxy (MBS Proxy), and generate the MGTEK after obtaining the MAK. And GKEK; or, directly request the MAK, MAK context, and MGTEK and its context, GKEK and its context of the MBS multicast group to the MBS server or MBS proxy, as in step 407.
  • the context information includes a key identification number, a key life cycle, and a key update time, an MBS multicast group security association identifier, and a key sequence number.
  • step 408 when the MGTEK and the group key encryption key GKEK of the MBS multicast group data encryption are generated by the base station itself, the gateway sends the MAK and MAK context of the MBS multicast group requested by the base station to Base station; When MGTEK is not generated by the base station itself, the gateway transmits the MAK, MAK context, GKEK and MGTEK of the MBS multicast group and their context to the base station.
  • steps 405 to 408 are performed only when the first terminal of the base station requests to establish the connection of the MBS, and once the base station and the gateway, the gateway and the MBS server have established the connection with the MBS. When it is connected, step 405 to step 408 need not be performed.
  • the base station authenticates the request for establishing the MBS link of the terminal, and after verifying the request of the terminal, authorizes the request of the terminal and replies to the DSA-RSP message, and carries the MBS domain identification number (MBS Zone ID) in the message. And the MBS content identifier, and the MBS multicast group security association identifier, to inform the terminal of the MBS content identifier played in the MBS domain to indicate that the terminal receives the MBS data, and the authorized MBS multicast group security association identifier of the terminal.
  • MBS domain identification number MBS domain identification number
  • step 410 the terminal sends a key request message (Key Request) to the base station, and requests the MGTEK of the MBS multicast group to the network side by using the MBS multicast group security association identifier carried in the request message.
  • Key Request a key request message
  • the base station sends the MGTEK corresponding to the MBS multicast group security association identifier requested by the terminal to the terminal that establishes the MBS link.
  • the MBS server sends the MBS data, and the base station encrypts the MBS data according to the currently used MAK and the MTK generated by the MGTEK.
  • the generation of MTK adopts the generation method of MTK described in the prior art 802.16e.
  • the base station sends the encrypted data to the air interface, and after receiving the MBS data packet, the terminal uses the key label indicated in the data packet to find the corresponding MAK and MGTEK to generate the MTK.
  • the MTK is generated by using the existing MTK. The method of generating the MTK described in 802.16e in the technology) and decrypting the data packet according to the MTK, to obtain desired data.
  • the MBS server is responsible for authenticating the terminal registration and de-registering the multicast service.
  • the authentication method can be used by Challenge/Response [RFC1994] or with extended authentication.
  • the registration and deregistration process can be used with Hypertext Transfer (Hyper Text Transfer). Protocol, referred to as "HTTP" protocol or IP protocol bearer.
  • HTTP Hyper Text Transfer
  • IP protocol bearer After the authentication is successful, the MBS server is responsible for generating the MAK and distributing it to the terminal.
  • the terminal is responsible for establishing a shared key with the MBS server, registering and deregistering the MBS service with the MBS server, requesting and receiving the MAK delivered from the MBS server and the MGTEK delivered by the base station and using them to generate the data decryption key MTK.
  • the base station is responsible for requesting the MBS key from the gateway or receiving the MBS key delivered by the gateway.
  • the gateway is responsible for requesting the MBS key from the MBS server or receiving the MBS key delivered by the MBS server.
  • the base station and the gateway on the network side establish an MBS bearer channel and acquire MBS when the first terminal arrives. Key.
  • the base station obtains the parameters such as the MBS key, the group security association identifier, and the key context when the first terminal establishes the MBS connection (by requesting the gateway or actively sending the gateway to the base station).
  • the gateway obtains the MBS key from the MBS server (either by requesting to the MBS server or by the MBS server) when the MBS service bearer is first established.
  • MBS services accessed by multiple base stations MGTEK is randomly generated by the gateway or access network MBS proxy or MBS server.
  • MGTEK and GKEK are randomly generated by a base station or a gateway or an access network MBS proxy or an MBS server.
  • the problem of how to obtain the MBS key on the terminal and the network side in the WiMAX network is solved, and the correct MBS key can be obtained by the terminal and the network side.
  • the network side After the terminal has joined the MBS multicast group, the network side sends the MGTEK to the authorized terminal to obtain the MBS key and decrypt the data with the correct key to obtain the desired data.
  • the terminal can only be admitted to the multicast group that receives the MBS service data after obtaining the MAK, ensuring that the terminal can correctly and reliably receive the MBS service data and the MBS service can only be received by the authorized terminal.
  • the process of subscribing to the MBS (ie, MBS registration) process that is, the MAK request process, is described below, and the process can be carried by the HTTP protocol or the IP protocol.
  • the terminal can obtain the MAK when registering the MBS, or can not obtain it when registering, and obtain the MAK from the network side through the request message at the appropriate time after registration.
  • the terminal initiates a key request for a multicast service, and the request carries an extended authentication code generated by the MBS-RK (MBS root key), MSID (terminal identification), NAI (net) ⁇ Intrusion ID), MBS Zone ID, MBS Contents ID.
  • MBS-RK MBS root key
  • MSID terminal identification
  • NAI network
  • MBS Zone ID MBS Contents ID.
  • the MBS server cannot authenticate the terminal because the MBS server does not have the MBS-RK, so the MBS server sends the AAA to the AAA server (home AAA or visited AAA in the roaming situation).
  • the request" message requests the MBS-RK or MBS server to forward the terminal's extended authentication code to the AAA server for authentication.
  • the AAA server receives the request of the MBS server, and the AAA server authenticates whether the terminal subscribes to the MBS. If yes, AAA uses MSK (Terminal Key) or EMSK (Encrypted Terminal Key) to generate MBS-RK for extended authentication code verification, AAA returns request response authentication success message or delivers MBS-RK and MBS-RK context Give the MBS server. If AAA If the authentication terminal fails to subscribe to the MBS or the extended header authentication fails, the AAA returns an authentication failure message to the MBS server.
  • MSK Transaction Key
  • EMSK Encrypted Terminal Key
  • the MBS server directly returns the MBS key reply message "MBS Key Reply" to the terminal, and delivers the MAK and MAK context to the MS; if the MBS server receives After the MBS-RK is sent by the H-AAA (Home AAA), the MBS server returns a successful registration indication after the MBS registration request message is successfully verified, and delivers the MAK and the context to the terminal.
  • the context includes the MBS group security association identifier, and the key life. The key lifetime, the MAK ID, the MAK SN, the Life Time, the Grace Time, and the key indication now in use.
  • the MAK is encrypted and sent by the MBS-RK. If the MBS server receives the authentication failure message or fails to verify the MBS key request message "MBS Key Request" with the MBS-RK, the MBS server returns a request failure message to the terminal.
  • the terminal can also subscribe or register the MBS through the process shown in FIG. 6.
  • the terminal initiates a key request for a multicast service, the request carrying a terminal user name, a hash value of a key or key derived by MBS-RK or MBS-RK, MSID (terminal identification), NAI (Web ID), MBS Zone ID, MBS Contents ID, and message verification code.
  • step 602 after the MBS server receives the request message of the terminal, since the MBS server does not have the MBS-RK to authenticate the terminal, the MBS server sends the AAA server (home AAA or visited AAA in the case of roaming).
  • the "AAA request" message requests the MBS-RK or MBS server to send the terminal's username and key to the AAA server for authentication.
  • the AAA server receives the request of the MBS server, and the AAA server verifies that the key of the terminal is correct according to the MBS-RK of the indexing terminal or its derived key according to the network of the terminal, and the AAA returns a success indication.
  • the message or other key and key context derived from MBS-RK or MBS-RK is delivered to the MBS server.
  • the MBS server receives the AAA user authentication success indication message, and the MBS Server directly returns the MBS key reply message "MBS Key Reply" to the terminal, and delivers the MAK and MAK context to the terminal; or the MBS server receives After the MBS-RK or other keys derived from the AAA, the MBS server returns a successful registration indication and sends the command to the terminal.
  • the context includes MBS group security association identifier (MBS GSAID), key lifetime (key lifetime), MAK identifier (MAK ID), MAK sequence number (MAK SN ), life time (Life time), update time (Grace Time), and the key indication used now.
  • the MAK is encrypted and sent by the MBS-RK or its derived key. If the MBS server receives the user authentication failure message or fails to verify the terminal with the MBS-RK or its derived key, the MBS server returns a request failure message to the terminal.
  • the second embodiment of the present invention relates to a method for acquiring a key of an MBS.
  • the present embodiment is substantially the same as the first embodiment except that, in the first embodiment, the terminal requests to join the MBS multicast by initiating a DSA procedure to the base station.
  • the terminal requests to join the MBS multicast group by adding the IP multicast mode, and the specific process is shown in FIG. 7.
  • Steps 701 to 703 are completely the same as steps 401 to 403, respectively, and are not mentioned here.
  • the terminal requests to join the MBS multicast group in IP multicast mode, requesting to establish an MBS connection, that is, initiating an "IGMP Join” message to request the gateway to join the MBS multicast group. If the first terminal requests to establish an MBS connection, then go to step 705, otherwise, go directly to step 709.
  • Steps 705 to 708 are completely the same as steps 405 to 408, respectively, and are not mentioned here.
  • the base station establishes a connection with the gateway through the RR-REQ and the RR-RSP (steps 709 and 712).
  • the gateway requests the MBS proxy to the MBS proxy when the first terminal requests to establish the MBS connection, and the MBS proxy sends the MBS key.
  • the key is given to the gateway for its subsequent use.
  • the base station informs the terminal of the MBS content identifier in the MBS and the authorized MBS group security association identifier in the MBS by sending a DSA process setup and an air interface bearer of the terminal.
  • Steps 713 to 716 are completely the same as steps 410 to 413, respectively, and are not mentioned here. It can be seen that the present embodiment also solves how to obtain the terminal and the network side in the WiMAX network.
  • the problem with the MBS key ensures that the terminal and the network side can obtain the correct MBS key.
  • a third embodiment of the present invention relates to a key acquisition method for MBS.
  • This embodiment adds an update flow of MAK, MGTEK, and GKEK to the first embodiment.
  • the update of the MAK is determined by the MBS server on the network side.
  • the MBS server can update the MAK by initiating a push or pull process of the MAK.
  • the MAK push process refers to when the MAK life cycle expires or the MBS multicast group member changes, the MBS server sends the MAK to the terminal in push mode, as shown in FIG. 8.
  • the MBS server will MAK and its context (MBS-RK ID, MAK ID,
  • the gateways that are delivered to the multicast domain by the MAK SN, Life Time, Grace Time, and other key indications are sent to the base stations that establish the MBS service transmission, as shown in Figure 9.
  • the MAK update message carrying the MAK and its context is transmitted to the terminal through a User Datagram Protocol ("UDP"), which is sent to the terminal by unicast using a high-level protocol HTTP or IP protocol.
  • UDP User Datagram Protocol
  • the MAK update message can be sent with an encryption key derived from MBS-RK or MBS-RK.
  • the MBS-RK ID in the message extension indicates the key used to verify message integrity and UPD data encryption so that the terminal can verify message integrity and data decryption with the same key.
  • the pull process of the MAK refers to that when the MAK of the terminal expires quickly and the MBS server wants to re-authenticate the terminal and then update the MAK, the MBS server sends a key update indication message to instruct the terminal to request a new MAK, and the terminal receives the key. After the indication message is updated, a new MAK is obtained by initiating a MAK request process.
  • the MBS server sends a key update message to the terminal, and fills in the MAK ID field in the message extension to indicate that the terminal requests the new MAK.
  • the key update message needs to be integrity protected.
  • a message authentication code [RFC2104] is required for the terminal to receive the message and then verified.
  • the message verification code can be generated by MBS-RK or a key derived from MBS-RK.
  • Updates to MGTEK and GKEK can be determined by the gateway, MBS server or MBS proxy, or base station.
  • the gateway determines the update process of MGTEK and GKEK as shown in Figure 11, and the gateway randomly generates
  • the MGTEK sends the MGTEK and its context to the base station that establishes the MBS transmission connection, and the context includes the MBS group security association identifier (MGSAID), the MAK identifier (MAK ID), the MAK sequence number (MAK SN ), the GKEK, the MGTEK identifier ( MGTEK ID), MGTEK lifetime (MGTEK lifetime).
  • MBSAID MBS group security association identifier
  • MAK ID MAK sequence number
  • GKEK the MGTEK identifier
  • MGTEK ID MGTEK lifetime
  • the base station uses the key update command message "Key Update" in 802.16e/D12 Command "GKEK and MGTEK update for the terminal of the multicast group.
  • GKEK Before the arrival of the MGTEK update time (Grace Time), if GKEK needs to be updated, the GKEK update is first performed on the primary management connection (GKEK may not be updated, one GKEK) Multiple MGTEKs can be encrypted. When MGTEK's Grace Time arrives, MGTEK is updated on the multicast connection, and MGTEK is encrypted with GKEK.
  • the MBS server or MBS proxy determines the update process of MGTEK and GKEK as shown in Figure 12.
  • the MBS server or MBS proxy randomly generates MGTEK and delivers MGTEK and its context (MGSAID, MAK ID, MAK SN, GKEK, MGTEK ID, MGTEK lifetime).
  • MBSAID MAK ID, MAK SN, GKEK, MGTEK ID, MGTEK lifetime
  • the gateway delivers MGTEK and its context (MGSAID, MAK ID, MAK SN, GKEK ID, MGTEK ID, MGTEK lifetime) to the base station that establishes the MBS service transmission connection.
  • the base station uses the key update command message "Key Update Command" in 802.16e/D12 to perform GKEK and MGTEK updates on the terminals of the multicast group.
  • Key Update Command the key update command message "Key Update Command" in 802.16e/D12 to perform GKEK and MGTEK updates on the terminals of the multicast group.
  • GKEK can also be updated, one GKEK can encrypt multiple MGTEK.
  • MGTEK's Grace Time arrives, MGTEK is updated on the broadcast connection, and MGTEK is encrypted with GKEK.
  • the base station determines the update of MGTEK and GKEK.
  • the base station performs GKEK and MGTEK update on the terminal of the multicast group by using the key update command message "Key Update Command" in 802.16e/D12.
  • the base station Before the arrival of the MGTEK update time (Grace Time), if the GKEK needs to be updated, the base station first GKEK updates are made on the primary management connection (GKEK may not be updated, one GKEK may encrypt multiple MGTEKs).
  • GKEK may not be updated, one GKEK may encrypt multiple MGTEKs.
  • MGTEK's Grace Time arrives, MGTEK is updated on the broadcast connection, and MGTEK is encrypted with GKEK.
  • the base station randomly generates MGTEK and delivers MGTEK and its context (MGSAID, MAK ID, MAK SN, GKEK, MGTEK ID, MGTEK lifetime to the terminal.
  • MCSAID MAK ID, MAK SN, GKEK, MGTEK ID, MGTEK lifetime to the terminal.
  • the process of updating the GKEK and MGTEK by the base station is the same as the update process of the above case.
  • the update process of the various MBS keys provided in this embodiment further ensures that the network side can encrypt the MBS service data with the correct key, and the terminal can decrypt the data with the correct key to obtain the desired data. .
  • a fourth embodiment of the present invention relates to a network, including: used to register an MBS when a terminal registers a device for issuing and transmitting an MBS authentication key MAK; a device for authenticating a request of the terminal to join the MBS multicast group; for authorizing the terminal to join the MBS multicast group and then to the terminal after the authentication is passed a device that returns the security association identifier of the MBS multicast group; a device that is used to deliver the MGTEK according to the MBS multicast group security association identifier; and a device that generates the MTK according to the MAK and the MGTEK.
  • the network also includes base stations, gateways, MBS servers, and MBS agents.
  • the base station is configured to, after receiving the request of the terminal to join the MBS multicast group but has not established the bearer connection of the MBS multicast group with the gateway, request the gateway to establish a bearer connection of the MBS multicast group, and at the first
  • the security association information of the MBS multicast group is obtained from the gateway connected to the base station when the first terminal comes to request to establish the MBS connection.
  • the base station acquires the MAK and MAK context of the MBS multicast group from the gateway when the first terminal comes to request to establish the MBS connection, and generates the MGTEK itself after obtaining the MAK; otherwise, the base station is in the first When a terminal comes to request to establish an MBS connection, the MAK:, MAK context, and MGTEK and its context of the MBS multicast group are obtained from the gateway.
  • the gateway is configured to, when receiving the request for establishing an MBS multicast group bearer connection of the base station but has not established the MBS connection with the MBS server, request the MBS server to establish the MBS connection, and when the first base station requests to establish an MBS connection, The MBS server obtains the security association information of the MBS multicast group.
  • the gateway can generate the MGTEK by itself, when the MBS connection is established, the MAK and MAK context of the MBS multicast group are obtained from the MBS server or the MBS proxy, and the MGTEK is generated by itself after obtaining the MAK; otherwise, the gateway establishes the When the MBS is connected, the MAK and MAK context and MGTEK and its context of the MBS multicast group are obtained from the MBS server or the MBS proxy.
  • the MAK update is determined by the MBS server; the MGTEK and GKEK updates are determined by the MBS server/agent, gateway, or base station. Therefore, the problem of how to obtain and update the MBS key on the network side in the WiMAX network is solved, and the network side can ensure that the MBS service data is encrypted with the correct key.
  • a fifth embodiment of the present invention relates to a terminal device, including: a module for acquiring a MAK when registering an MBS to a network side; for requesting to join an MBS multicast group to a network side, and acquiring the MBS when authorized to join a module of the security association identifier of the multicast group; a module for acquiring the MGTEK from the network side according to the security association identifier; and for generating the MTK according to the acquired MAK and MGTEK Module. It solves the problem of how the terminal acquires and updates the MBS key in the WiMAX network, and ensures that the terminal can decrypt the data with the correct key and obtain the desired data.
  • a sixth embodiment of the present invention relates to a network for implementing key acquisition of a multicast broadcast service, the network comprising: a base station, an MBS server, an authentication device, and an authorization device, where:
  • the authentication device is configured to: authenticate the terminal that initiates the multicast broadcast service key request, and notify the authorized device and the MBS server of the authentication result;
  • the authorizing device is configured to: when the terminal authentication passes, authorize the terminal to join the MBS multicast group;
  • the MBS server is used to:
  • the base station is configured to: transmit, according to the request of the terminal, the SAS identifier of the MBS multicast group obtained by the SAS information of the MBS multicast group to the terminal, and according to the bearer sent by the terminal.
  • the key request of the security association identifier of the MBS multicast group is used to transmit the MBS multicast group data encryption key MGTEK included in the security association information of the corresponding MBS multicast group to the terminal.
  • the base station includes:
  • a storage unit configured to store a security association identifier of the MBS multicast group and an MBS multicast group data encryption key MGTEK;
  • a transmission unit configured to implement the transmission with the terminal.
  • the base station further includes:
  • a key information acquiring unit configured to use an MBS multicast group provided by the MBS server when the base station does not currently store the SAS identifier of the MBS multicast group and the MBS multicast group data encryption key MGTEK
  • the security association information obtains the security association identifier of the MBS multicast group and the MBS multicast group data encryption key MGTEK.
  • the key information acquiring unit includes:
  • a first key information requesting unit configured to request to obtain a MAK and a MAK context of the MBS multicast group
  • a first key information receiving unit configured to receive the MBS multicast provided by the MBS server Group MAK and MAK context
  • the MGTEK generating unit is configured to generate the MGTEK according to the MAK of the MBS multicast group
  • the security association identifier obtaining unit is configured to obtain the security association identifier of the MBS multicast group from the message carrying the MAK context.
  • the key information acquiring unit includes:
  • a second key information requesting unit configured to request to obtain a MAK, a MAK context, the MGTEK, and the MGTEK context of the MBS multicast group;
  • a second key information receiving unit configured to receive a MAK, a MAK context, the MGTEK, and the MGTEK context of the MBS multicast group provided by the MBS server;
  • the security association identifier obtaining unit is configured to obtain the security association identifier of the MBS multicast group according to the message carrying the MAK and the MGTEK.
  • the network may further include a gateway, the key information requesting unit initiating the request to the gateway, and the key information receiving unit performs the receiving from the gateway.
  • the network may further include a gateway, the key information requesting unit initiating the request to the MBS server by using the gateway, the key information receiving unit via the gateway The receiving is performed from the MBS server.
  • the authentication device is located on an AAA server, an access network gateway, or an MBS server;
  • the authorized device is located on an AAA server, an access network gateway, or an MBS server.
  • the network side decides to update the MBS key (including MAK, MGTEK, GKEK) before the key lifetime expires or when the multicast group changes; if the terminal fails in re-authentication or the subscription validity period expires After that, the network side deletes the terminal from the MBS multicast group, and does not update the key (including MAK, GKEK, MGTEK).
  • the MBS server for MBS key management and service management may be located at the AAA server, with the third party authentication server, or separately. All MBS signaling messages in the embodiment of the present invention may be forwarded by one or more message forwarding entities located on the authentication path, such as an MBS proxy entity that forwards MBS signaling messages, and the entity may be located at the gateway or The MBS server can also exist separately.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un procédé, un réseau et un dispositif de terminal permettant d'obtenir et d'établir une clé de service de multidiffusion/diffusion dans le domaine de la communication, lesquels permettent au terminal et au réseau WiMAX d'obtenir la clé MBS correcte. Le terminal obtient une MAK lors de l'enregistrement de la MBS, et envoie une demande pour se joindre au groupe de MBS au réseau après obtention de la MAK. Le réseau authentifie la demande du terminal, et renvoie un identificateur d'association de sécurité du groupe de MBS au terminal lorsque l'authentification est réussie. Le terminal obtient une MGTEK à partir du réseau en fonction de l'identificateur d'association de sécurité obtenu et génère la MTK sur la base de la MAK et de la MGTEK obtenues. Le réseau met à jour la clé pour ses membres avant que la durée de vie des clés n'arrive à échéance ou lorsque le groupe est modifié. Lorsque la réauthentification du terminal échoue ou que la période de validité d'abonnement est dépassée, le réseau efface le terminal du groupe de MBS sans mise à jour de la clé.
PCT/CN2007/070739 2006-09-20 2007-09-20 Procédé, réseau et dispositif de terminal permettant d'obtenir une clé de service de multidiffusion/diffusion WO2008040242A1 (fr)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
CN2006101390058A CN101150396B (zh) 2006-09-20 2006-09-20 组播广播业务的密钥获取方法、网络及终端设备
CN200610139005.8 2006-09-20
CNA2006101419747A CN101155411A (zh) 2006-09-27 2006-09-27 组播广播业务的使用控制方法及其系统
CN200610141974.7 2006-09-27

Publications (1)

Publication Number Publication Date
WO2008040242A1 true WO2008040242A1 (fr) 2008-04-10

Family

ID=39268107

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2007/070739 WO2008040242A1 (fr) 2006-09-20 2007-09-20 Procédé, réseau et dispositif de terminal permettant d'obtenir une clé de service de multidiffusion/diffusion

Country Status (1)

Country Link
WO (1) WO2008040242A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2071804A1 (fr) * 2007-12-13 2009-06-17 Alcatel Lucent Procédé de manipulation sécurisée dans un système d'accès sans fil supportant des services multidiffusion à large bande

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1780413A (zh) * 2004-11-25 2006-05-31 华为技术有限公司 一种组播广播业务密钥控制方法
EP1679820A1 (fr) * 2005-01-11 2006-07-12 Samsung Electronics Co.,Ltd. Appareil et procédé pour le chiffrement/déchiffrement d'un signal dans un système de communication
CN1801705A (zh) * 2005-01-07 2006-07-12 华为技术有限公司 一种预认证方法
WO2006084522A1 (fr) * 2005-02-14 2006-08-17 Telefonaktiebolaget Lm Ericsson (Publ) Procede et appareil de distribution de cle pour systeme de communication
CN1863047A (zh) * 2005-05-11 2006-11-15 中兴通讯股份有限公司 组播业务的组通讯加密密钥管理方法

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1780413A (zh) * 2004-11-25 2006-05-31 华为技术有限公司 一种组播广播业务密钥控制方法
CN1801705A (zh) * 2005-01-07 2006-07-12 华为技术有限公司 一种预认证方法
EP1679820A1 (fr) * 2005-01-11 2006-07-12 Samsung Electronics Co.,Ltd. Appareil et procédé pour le chiffrement/déchiffrement d'un signal dans un système de communication
WO2006084522A1 (fr) * 2005-02-14 2006-08-17 Telefonaktiebolaget Lm Ericsson (Publ) Procede et appareil de distribution de cle pour systeme de communication
CN1863047A (zh) * 2005-05-11 2006-11-15 中兴通讯股份有限公司 组播业务的组通讯加密密钥管理方法

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
LAN/MAN STANDARDS COMMITTEE OF THE IEEE COMPUTER SOCIETY AND THE IEEE MICROWAVE THEORY AND TECHNIQUES SOCIETY: "IEEE Standard for Local and metropolitan area networks Part 16: Air Interface for Fixed and Mobile Broadband Wireless Access Systems, Amendment 2: Physical and Medium Access Control Layers for Combined Fixed and Mobile Operation in Licensed Bands and.....", IEEE STD 802.16 E-2005 AND IEEE STD 802.16-2004/COR1-2005, 28 February 2006 (2006-02-28) *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2071804A1 (fr) * 2007-12-13 2009-06-17 Alcatel Lucent Procédé de manipulation sécurisée dans un système d'accès sans fil supportant des services multidiffusion à large bande
WO2009074437A1 (fr) * 2007-12-13 2009-06-18 Alcatel Lucent Procédé de traitement de sécurité dans un système d'accès sans fil acceptant des services de diffusion/multidiffusion

Similar Documents

Publication Publication Date Title
US8184569B2 (en) Method for terminal to join multicast broadcast service in wireless network and system using thereof
JP5580401B2 (ja) Imsベースのマルチメディアブロードキャスト及びマルチキャストサービス(mbms)におけるセキュリティキー管理
US8561200B2 (en) Method and system for controlling access to communication networks, related network and computer program therefor
US7627755B2 (en) Secure broadcast/multicast service
KR101049021B1 (ko) 애드 혹 무선 네트워크의 노드들 간의 보안 연계 확립 방법 및 장치
JP5288210B2 (ja) ネットワークでのユニキャスト鍵の管理方法およびマルチキャスト鍵の管理方法
KR100836028B1 (ko) 멀티캐스트 브로드캐스트 서비스 제공 방법
US8423772B2 (en) Multi-hop wireless network system and authentication method thereof
US8745396B2 (en) Method for implementing the real time data service and real time data service system
WO2008009238A1 (fr) Procédé et système destinés à générer et à distribuer une clé ip mobile
WO2009094942A1 (fr) Procédé et système de réseau de communication pour établir une conjonction de sécurité
WO2008043292A1 (fr) Procédé d'authentification, dispositif et système destinés à un service de multidiffusion et de radiodiffusion
WO2010127539A1 (fr) Procédé et système pour l'authentification de l'accès à un service multimédia à diffusion en flux
WO2011120249A1 (fr) Procédé de négociation de clé de multidiffusion adapté pour un système d'appel de groupe et système associé
WO2007022727A1 (fr) Procede et systeme pour communiquer des informations contextuelles de cle d'autorisation
CN101150396B (zh) 组播广播业务的密钥获取方法、网络及终端设备
WO2007134547A1 (fr) Procédé et système pour créer et distribuer une clé de sécurité ip mobile après réauthentification
US20240015008A1 (en) Method and device for distributing a multicast encryption key
US20090196424A1 (en) Method for security handling in a wireless access system supporting multicast broadcast services
US20240129746A1 (en) A method for operating a cellular network
WO2008049368A1 (fr) Procédé et système de gestion du service de diffusion générale et de multidiffusion
WO2009052675A1 (fr) Procédé et système permettant au terminal d'obtenir l'adresse p-cscf
WO2008040242A1 (fr) Procédé, réseau et dispositif de terminal permettant d'obtenir une clé de service de multidiffusion/diffusion
WO2018222133A2 (fr) Procédé, appareil, et système de protection de données
CN101150467A (zh) 通信系统及终端加入组播广播业务的方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07816930

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 07816930

Country of ref document: EP

Kind code of ref document: A1