WO2009105981A1

WO2009105981A1 - A group traffic encryption key updating method and a system thereof

Info

Publication number: WO2009105981A1
Application number: PCT/CN2009/070468
Authority: WO
Inventors: 徐宏亮; 莫君贤
Original assignee: 华为技术有限公司
Priority date: 2008-02-26
Filing date: 2009-02-19
Publication date: 2009-09-03
Also published as: CN101521656A; CN101521656B

Abstract

The present invention provides a group traffic encryption key updating method, the network side entity transmits a MBS_MAP message which carries GTEK updating information; after receiving the MBS_MAP message, a MS obtains the GTEK updating information, and updates the GTEK of the corresponding MBS. The present invention also provides a group traffic encryption key updating system, and the system includes a network side entity and a mobile station. The group traffic encryption key updating method and system of the present invention can avoid that the GTEK updating information is transmitted for many times, and can notify all the MSs that share the same MBS at the same time; and the MBS_MAP can be transmitted in manner of SFN, which improves the reliability of the indication message.

Description

Method and system for updating group business encryption key This application claims priority to Chinese patent application filed on February 26, 2008, Chinese Patent Office, application number 200810008354.5, titled "Group Service Encryption Key Update Method and System" The entire contents of which are incorporated herein by reference. Technical field

The present invention relates to the field of mobile communication technologies, and in particular, to a group service encryption key update method and system. Background technique

WiMAX's full name is Worldwide Interoperability for Microwave Access, also known as 802.16 Wireless City i or Network, which is a "last mile" broadband wireless connectivity solution for businesses and home users. The communications area offers high coverage and can cover a range of 25 to 30 miles. The WiMAX IEEE (Institute of Electrical and Electronics Engineers) is based on the 802.16 family of broadband wireless standards as its air interface protocol. The IEEE 802.16 family of standards has so far included seven standards including 802.16, 802.16a, 802.16c, 802.16d, 802.16e, 802.16f, and 802.16g. Among them, 802.16, 16a, 16d belong to the fixed wireless access air interface standard, and 802.16e belongs to the mobile broadband wireless access air standard. WiMAX is based on 802.16e and proposes a new enhancement technology, 802.16m. 802.16m is compatible with 802.16e.

The following describes the idle mode and paging principle of the mobile station (Mobile Station, the following cylinder: MS). Since the idle mode and the paging principle of the system are similar, the idle mode and paging of IEEE 802.16e are used. As an example, the description is as follows:

When the MS is in the idle mode (Idle Mode), the MS can move in an area of 4 inches, and receive the downlink broadcast service message every certain period. The MS does not have to register with the base station (Base Station, BS) of the cell in the roaming cell during roaming in this area. In idle mode, when the MS roams to a different cell, it does not It is necessary to perform normal operation procedures such as switching, which is beneficial to save MS power and air interface resources. The mobile device in idle mode periodically sends a signal to the BS for location update; or when the paging area is changed, it also sends a signal to the BS for location update. The idle mode provides the BS with a simple, timely method to notify the MS whether there is a downlink broadcast service message transmission, and a paging mode.

Paging: When the network side entity, generally BS, detects that the MS in the idle mode has a message, it will initiate the process of paging the MS. In IEEE 802.16e, paging messages are broadcast by the BS to the MS. When the hash value of the MS MAC address in the message parsed by the MS matches the hash value of its own MAC address, the BS is considered to be paging itself; then the MS is based on the Action Code in the message. Perform the appropriate action.

In the existing 802.16e standard, when the MS enters the idle mode, it periodically wakes up at the paging listening interval and receives a paging message (MOB_PAG_ADV). At this time, if the MS also joins a multicast broadcast service (hereinafter referred to as MBS), that is, a point-to-multipoint data transmission service on the downlink, the MS will also be more than once. The broadcast service assignment message (hereinafter referred to as MBS_MAP Message) wakes up at the arrival time specified and receives data on the corresponding broadcast connection. The MBS_MAP message is a chained assignment message, that is, the arrival time of the next transmitted MBS_MAP message is indicated in the current MBS_MAP message. Therefore, the MS can solve the arrival time of the MBS_MAP message one by one. That is to say, when the MS enters the idle mode and has joined a certain MBS service, it wakes up at the paging listening interval and the arrival time of the MBS_MAP message.

The MBS service can be transmitted in a Single Frequency Network (SFN) mode, that is, multiple BSs can use the same time-frequency resource to transmit the same data, so that the MS can receive signals from multiple base stations to achieve more. Good reception.

The multicast data of the MBS received by the MS is used for key management, and the group traffic encryption key (hereinafter referred to as GTEK) is used to generate an encryption key of the multicast data; the group key encryption key (Group Key Encryption Key, to The lower cylinder is called: GKEK) is used to encrypt GTEK. A GKEK is responsible for the update of multiple GTEKs, through the MS's main management connection, BS unicast GKEK to the MS; multiple GTEKs are encrypted with GKEK and then broadcast to the MS. If the MS in idle mode needs to update the GTEK, the BS needs to broadcast the GTEK to a different MS in the paging listening interval of the MS in idle mode. If different MSs enjoying the same MBS service have different paging listening intervals, the BS broadcasts a notification message that the GTEK is updated multiple times.

In summary, in the key update process of the existing multicast service, the following technical defects exist: The paging listening interval of the MS enjoying the MBS service may be different, so the GTEK is to be broadcast multiple times. The update notification message, that is, the PKMv2 Group-Key-Update-Command (GTEKx+1) message, causes waste of air interface resources, and causes all the updates of the GKEK of all MSs using this MBS service to be completed. This is a very long process and cannot be completed. Synchronous update; since GTEK is broadcasted, all unrelated MSs must resolve the GTEK update notification message; since the GTEK update notification message is broadcast, the SFN mode cannot be used. Summary of the invention

Embodiments of the present invention provide a method and system for updating a group service encryption key, which

The GTEK update information is placed in the MBS_MAP message to send the mobile station to perform group service encryption key update to update the GTEK synchronously and obtain a better SFN gain effect.

An embodiment of the present invention provides a method for updating a group service encryption key, including: a network side entity sending a multicast broadcast service assignment message carrying group service encryption key update information;

After receiving the multicast broadcast service assignment message, the mobile station obtains the group service encryption key update information, and updates the group service encryption key of the corresponding multicast broadcast service.

The embodiment of the present invention further provides a group service encryption key update system, including: a network side entity, configured to send a multicast broadcast service assignment message carrying group service encryption key update information;

a mobile station, configured to receive the multicast broadcast service assignment message, obtain the group The service encrypts the key update information and updates the group service encryption key of the corresponding multicast broadcast service.

It can be seen from the above technical solutions that the method and system for updating a group service encryption key in the embodiment of the present invention can overcome the above technical defects and bring the following technical effects:

1) avoiding the difference in paging listening interval of multiple MSs enjoying the MBS service, sending the GTEK update notification message multiple times according to the paging listening interval of each MS, and avoiding waste of air interface resources;

2) In the MBS_MAP message, the BS can notify all MSs that have the same MBS service by carrying the GTEK update information at a time, that is, the transmission of the corresponding GTEK update information is synchronized for all MSs;

3) The MBS_MAP message belongs to the multicast transmission mode and can be sent in the SFN mode. Therefore, carrying the GTEK update information will bring the SFN gain and improve the reliability of the indication message. DRAWINGS

1 is a schematic flowchart of Embodiment 1 of a method for updating a group service encryption key according to the present invention; FIG. 2 is a schematic flowchart of Embodiment 2 of a method for updating a service encryption key of a group according to the present invention; FIG. 4 is a schematic flowchart of Embodiment 4 of a method for updating a service encryption key of a group according to the present invention; FIG. 5 is a schematic flowchart of Embodiment 5 of a method for updating a service encryption key of a group according to the present invention; Schematic diagram of an embodiment of a group service encryption key update system. detailed description

The solution of the embodiment of the present invention is to send the mobile station to perform group service encryption key update by placing the GTEK update information in the MBS_MAP message to obtain a better SFN gain effect. The network side entity in the embodiment of the present invention includes but is not limited to a BS.

FIG. 1 is a schematic flowchart of Embodiment 1 of a method for updating a service encryption key of a group according to the present invention, and the specific steps are as follows: Step 101: The network side entity sends a multicast broadcast service assignment message that carries the group service encryption key update information.

In the prior art, when the MS is in an idle state, the GTEK update notification message is sent at the paging effective interval of the MS, and the message is changed to: By carrying the GTEK update information in the MBS_MAP message, all the MSs under the same MBS service can be implemented. Receive GTEK update information at the same time;

Step 102: After receiving the multicast broadcast service assignment message, the mobile station obtains the group service encryption key update information, and updates the group service encryption key of the corresponding multicast broadcast service.

After receiving the MBS_MAP message, the MS can decrypt the GTEK and update the GTEK of its corresponding multicast broadcast service.

The group service encryption key update method provided in this embodiment is sent to the MS by placing the GTEK update information in the MBS_MAP message, so that the MS can perform the waste of the GTEK and the long process of the update process, and can simultaneously implement all the MBS services. The corresponding MS performs GTEK update, and obtains a better SFN gain effect.

FIG. 2 is a schematic flowchart of Embodiment 2 of a method for updating a service encryption key of a group according to the present invention, and the specific steps are as follows:

Step 201: The network side entity carries the group service encryption key update information in the scalable coding element in the multicast broadcast service assignment message, and sends the group service encryption key update information;

Wherein, an extensible coding element, that is, a type, a length, and a value encoding element (TLV encoding element);

Step 202: After receiving the multicast broadcast service assignment message, the mobile station obtains the group service encryption key update information carried in the scalable code element, and updates the group service encryption key of the corresponding multicast broadcast service.

After receiving the MBS_MAP message, the MS can decrypt the GTEK from the extended TLV encoding element and update the GTEK of its corresponding multicast broadcast service. The extended TLV encoding element content can be as shown in the following Table 1: Table 1

Type is the existing standard can use the GTEK update information according to the content (see table for any value that does not conflict). The Value value in Table 1 is the information content of the GTEK update as shown in Table 2 below:

In the implementation of this embodiment, if the existing standard protocol already has a corresponding TLV, the TLV can be used for 7 loading. For example, in the 802.16e standard, a similar TLV exists: SA-TEK-Update, and the TLV includes The content of the TLV is added above, but the standard TLV cannot be carried in the MBS_MAP message, so the definition of the TLV needs to be modified so that it can be carried in the MBS_MAP message. This method makes it very easy to implement GTEK update information in MBS_MAP messages in some standards. This embodiment specifically describes that the GTEK update information is sent to the MS in the scalable coding element in the MBS_MAP message, which avoids the shortcoming of the air interface resource waste and the update process caused by the GTEK update in the prior art, and can be simultaneously implemented. The MS corresponding to all MBS services performs GTEK update and obtains better SFN gain effects.

As shown in FIG. 3, it is a schematic flowchart of Embodiment 3 of a method for updating a service encryption key of a group according to the present invention, and the specific steps are as follows:

Step 301: The network side entity carries the group service encryption key update information in the information element in the multicast broadcast service assignment message, and sends the information;

The information element includes: one of three types of IEs: a multicast broadcast service data information element (MBS_DATA_IE), a multicast broadcast service data time division information element (MBS_DATA_Time_Diversity_IE), and an extended multicast broadcast service data information element (Extended MBS_DATA_IE). Or two or three; GTEK update information can be carried in one or more of the three IEs included in the MBS_MAP message;

Step 302: After receiving the multicast broadcast service assignment message, the mobile station obtains the group service encryption key update information carried in the information element, and updates the group service encryption key of the corresponding multicast broadcast service.

After receiving the MBS_MAP message, the MS can decrypt the GTEK from the information element and update the GTEK of its corresponding multicast broadcast service. The information content of the GTEK update is shown in Table 2 above.

This embodiment specifically describes that the GTEK update information is sent to the MS in the information element in the MBS_MAP message, which avoids the shortcoming of the air interface resource waste and the update process caused by the GTEK update in the prior art, and can be implemented for all MBS at the same time. The MS corresponding to the service performs GTEK update, and obtains a better SFN gain effect.

As shown in FIG. 4, it is a schematic flowchart of Embodiment 4 of a method for updating a service encryption key of a group according to the present invention, and the specific steps are as follows:

Step 401: The network side entity carries the group service encryption key update information in the multicast broadcast service data packet, and sends the information;

That is, there are two methods for carrying GTEK update information in the MAC header of the MBS packet: Carrying GTEK update information through a MAC subheader; adding a MAC extension subheader to carry GTEK update information;

Step 402: After receiving the multicast broadcast service data packet, the mobile station obtains the group service encryption key update information carried in the data packet, and updates the group service encryption key of the corresponding multicast broadcast service.

After receiving the MBS_MAP message, the MS can decrypt the GTEK from the data packet and update the GTEK of its corresponding multicast broadcast service. The information content of the GTEK update is shown in Table 2 above.

This embodiment specifically describes that the GTEK update information is sent to the MS in the data packet assigned by the MBS_MAP message, which avoids the waste of the air interface resource caused by the GTEK update in the prior art and the long process of the update process. The MS corresponding to the MBS service performs GTEK update, and obtains a better SFN gain effect.

As shown in FIG. 5, it is a schematic flowchart of Embodiment 5 of a method for updating a service encryption key of a group according to the present invention, and the specific steps are as follows:

Step 501: The network side entity unicast group key encrypts the key update information to the mobile station by using a primary management connection of the mobile station;

The network side entity, generally a BS, unicast (that is, the BS separately sends different GSKK update information corresponding to different MBS services) to the MS that has joined the MBS service, and the GKEK is a plurality of multicasts that are encrypted later. Used for n GTEK transmissions of GTEK1 to GTEKn corresponding to broadcast service data;

Step 502: When the group service encryption key update period arrives, send a multicast broadcast service assignment message that carries the group service encryption key update information.

When the GTEK corresponding to a multicast broadcast service, for example, the update period of the GTEK1 arrives, the BS may carry the GTEK1 update notification information in the corresponding MBS_MAP message;

Step 503: The mobile station encrypts the group key encryption key in the key update information according to the group key, and decrypts the group service encryption key in the group service encryption key update information.

The GKEK unicasting to the MS is unicast by using step 501 to decrypt the corresponding GTEK1 update information, and obtain GTEK1 therein; Step 504: The mobile station updates the group service encryption key of the corresponding multicast broadcast service according to the obtained group service encryption key.

The MS updates the GTEK corresponding to the original multicast broadcast service according to the obtained GTEK1, and completes the GTEK update corresponding to a certain multicast broadcast service.

It is mentioned in step 501 that GKEK is used for n GTEK transmissions of GTEK1 to GTEKn corresponding to a plurality of multicast broadcast service data encrypted later, and then GTEK2 to GTEKn corresponding to other multicast broadcast services are also used. Steps: Carrying GTEK update information in different corresponding MBS_MAP messages, and sending the information to the MS, may update the GTEK of the corresponding multicast broadcast service. The information of the GTEK update is shown in Table 2 above.

In the above step 502, specifically, the GTEK update information may be carried in the extensible coding element of the MBS_MAP message, that is, the type, length, and value encoding element (TLV encoding element). The format of the MBS_MAP message in the standard is shown in Table 3 below.

Syntax Statement Size (bit) Byte Notes Notes

MBS—MAP Message format () { one

Management Message Type = 62 8 62

MBS_DIUC_Change_Count 8 one

#MBS_DATA_IE 4 MBS DATA included in the message

The number of IEs for (i=0; i<n; i++){ one n = #MBS DATA IEs

MBS—DATA—IE variable one

} one

#Extended_MBS_DATA_IE 4 Messages include Extended

The number of MBS DATA IEs for(i=0; i<k; i++) { a k = #Extended MBS

DATA IEs

Extended_MBS_DATA_IE() variable one }

#MBS_DATA_Time_Diversity 4 MBS DATA included in the message

- the number of IE Time Diversity IEs for(i=0; i<m; i++){ one m = #MBS DATA Time

Diversity IEs

MBS_DATA_Time_Diversity_I variable one

E()

} one

If(!byte boundary)!

Padding Nibble 4

}

TLV encoding element

} It can be seen that in the MBS_MAP message, there is an extended TLV encoding element. This TLV encoding element can be used to carry GTEK update information. The newly added TLV content is shown in Table 1 and Table 2 above.

In the specific implementation of the embodiment, if the existing standard protocol already has a corresponding TLV, the TLV can be used for bearer. For example, in the 802.16e standard, a similar TLV: SA-TEK-Update exists. The TLV includes the content of the above new TLV, but this TLV cannot be carried in the MBS_MAP message in the standard, so the definition of this TLV needs to be modified so that it can be carried in the MBS_MAP message. This method makes it easy to carry GTEK update information in MBS_MAP messages in some standards.

In the above step 502, the GTEK update information may also be carried in the information element (hereinafter referred to as IE) of the MBS_MAP message. The MBS_MAP message includes a multicast broadcast service data information element (MBS_DATA_IE), a multicast broadcast service data time division information element (MBS_DATA_Time_Diversity_IE), and an extension. One of the three types of IEs, or two or three, of the Multicast Broadcast Service Data Information Element (Extended MBS_DATA _IE), as shown in Table 2. The GTEK update information may be carried in one or more of the three IEs included in the MBS_MAP message.

An example of carrying GTEK update information in MBS_DATA_IE is shown in Table 4 below: Table 4

Obll: The repetition coding factor is 6

Next MBS Frame Offset 8 Frame offset of the next multicast broadcast service

Next MBS OFDMA 8 Orthogonal Frequency of Next Multicast Broadcast Service Symbol Offset Division Multiple Access Symbol Shift

If (Next MBS MAP change if the next multicast broadcast assignment is indicated = 1) { Change the logo

Next MBS No. OFDMA 2 Next Multicast Broadcast Service Assignment Message Number of Orthogonal Frequency Division Multiple Access Symbols occupied by Symbols

Next MBS No. OFDMA 6 The number of subchannels occupied by the next multicast broadcast service assignment message Subchannels.

}

GTEK update information Variable updated GTEK information (see Table 2)

Padding variable

} The multicast broadcast service assignment type, where the value is 0 in the original standard, in this embodiment, after adding the GTEK update information in the MBS_DATA_IE, a new value may be adopted to distinguish it from the original MBS_DATA_IE. Of course, you can still use the original value.

An example of carrying GTEK update information in Extended MBS_DATA_IE is shown in Table 5 below:

Table 5

shift

Next MBS MAP change indication 1 Next time the multicast broadcast assignment changes the identity

No. of Multicast CID 3 Number of Multicast Connection Identifiers

For(i = 0; i < No. of Multicast CID;

i++){

Multicast CID 12 lower 12 bits of the multicast connection identifier

No. of Logical Channel ID 4 Number of logical link identifiers

For(j = 0; j < No. of Logical Channel

ID; j++){

Logical Channel ID 8 Logical Link Identifier

}

MBS DIUC Multicast Broadcast Service Downlink Interval Usage Code

OFDMA Symbol Offset 8 Orthogonal Frequency Division Multiple Access Symbol Offset

Subchannel Offset 6 Subchannel Offset

Boosting 3 with boosting in Table 1

No. OFDMA Symbols 7 Number of orthogonal frequency division multiple access symbols occupied by multicast broadcast service assignment messages

No. Subchannels 6 Number of subchannels occupied by multicast broadcast service assignment messages

Repetition Coding Indication 2 0b00: No repetition coding

ObOl: The repetition coding factor is 2 OblO: The repetition coding factor is 4 Obll: The repetition coding factor is 6 Next MBS Frame Offset 8 Frame offset of the next multicast broadcast service

Next MBS OFDMA Symbol Offset 8 Orthogonal Frequency Division Multiple Access (OFDM) Symbol Offset for Next Multicast Broadcast Service

If (Next MBS MAP change indication if the next multicast broadcast refers to

= 1){ Matching whether to change the logo

Next MBS No. OFDMA Symbols 2 The number of orthogonal frequency division multiple access symbols occupied by the next multicast broadcast service assignment message

Next MBS No. OFDMA Subchannels 6 The number of subchannels occupied by the next multicast broadcast service assignment message

U.

}

GTEK update information Variable updated GTEK information (see Table 2)

Padding Variable fill

As described above, the multicast broadcast service assignment type is here. In the original standard, the value here is 2. In this embodiment, after the GTEK update information is added in the Extended MBS_DATA_IE, the new value can be adopted. The distinction is made by the Extended MBS_DATA_IE. Of course, you can still use the original value.

An example of carrying GTEK update information in MBS_DATA_Time_Diversity_IE is shown in Table 6 below:

{ yuan

MBS_MAP Type = 1 2 Multicast broadcast service assignment type is 1

MBS Burst Frame Offset 2 Multicast Broadcast Service Data Burst Frame Offset

Multicast CID 12 lower 12 bits of the multicast connection identifier

OFDMA symbol offset 8 Orthogonal Frequency Division Multiple Access (OFDM) symbol offset

N-EP code 4 Code of encoder packet bits

N-SCH code 4 Assigned subchannels (Code of allocated subchannels)

AI-SN 1 automatic retransmission request identification serial number

(ARQ Identifier Sequence Number)

SPID 2 subpacket identifier

ACID automatic retransmission request channel identification (ARQ

Channel Identifier)

Next MBS MAP change indication 1 Is the next multicast broadcast assignment changed?

Next MBS frame offset 8 Frame offset of the next multicast broadcast service

Next MBS OFDMA Symbol offset 8 Orthogonal Frequency Division Multiple Access Symbol Shift for Next Multicast Broadcast Service

If (Next MBS MAP change if the next multicast broadcast assignment is indication = 1) { Change the logo

Next MBS No. OFDMA symbols The number of orthogonal frequency division multiple access symbols occupied by the next multicast broadcast service assignment message

Next MBS No. OFDMA The number of subchannels occupied by the next multicast broadcast service assignment message subchannels.

} GTEK update information Variable updated GTEK information (see Table 2)

Padding Variable fill

As described above, the multicast broadcast service assignment type is here. In the original standard, the value here is 1. In this embodiment, after adding the GTEK update information in the MBS_DATA_Time_Diversity_IE, the new value may be adopted to follow the original value. The distinction is made by MBS_DATA_Time_Diversity_IE. Of course, you can still use the original value.

In the above step 502, specifically, the GTEK update information may be carried in the data packet assigned by the MBS_MAP message.

The GKEK is sent by the network side entity to update the GKEK of a certain multicast service of the MS through the primary management connection of the MS; when the update period of a GTEK arrives, the BS may carry the GTEK update information in the corresponding MBS data packet; After receiving the updated GTEK, the MS updates the corresponding GTEK; when the next GTEK update period arrives, the BS may carry the GTEK update information in the corresponding another MBS data packet; after receiving the GTEK update information, the MS updates the corresponding GTEK.

The method of carrying GTEK information in an MBS packet is given below. There are two ways to carry GTEK update information in the MAC header of the MBS packet: Carry the GTEK update information through the MAC subheader; add a MAC extension subheader to carry the GTEK update information. The information format and content described in this embodiment are all based on IEEE 802.16e, and the MAC subheader cannot be extended. So here is just a way to carry GTEK through the MAC extension subheader. However, it is not limited to use the MAC subheader to carry GTEK if the IEEE 802.16m or other standard MAC subheaders can be extended.

A new MAC extension subheader is added to carry the GTEK update information. The specific form of the extended subheader carrying the above information is shown below, as shown in Table 7.

Table 7

Syntax Size(bits) Notes Key Update Extended - Group Key Encryption Key Update Extension Subheader Subheader(){

Extended Subheader Type=5 7 The extended subheader has a type value of 5

GTEK update information Variable updated GTEK information (see Table 2)

} where the type value of the extended subheader is not necessarily 5, as long as it does not conflict with the existing standard. As shown in the above table, when the MS resolves to the GTEK of the MAC extension subheader, it knows that the GTEK corresponding to its corresponding MBS service needs to be updated.

The information format and content described in this embodiment are based on IEEE 802.16e, but are not limited to IEEE 802.16e, and may be used in IEEE 802.16e compatible IEEE 802.16m in the future.

The group service encryption key update method provided by this embodiment updates the information to the MS by unicast GKEK, and sends an MBS_MAP message carrying the GTEK update information when the GTEK update period arrives; the MS decrypts the GTEK and updates the corresponding multicast broadcast. The GTEK of the service can implement GTEK update for all MSs corresponding to all MBS services at the same time, save air interface resources, and obtain better SFN gain effects.

As shown in FIG. 6 , it is a structural schematic diagram of an embodiment of a group service encryption key update system according to the present invention. The group service encryption key update system includes:

The network side entity 1 is configured to send a multicast broadcast service assignment message carrying the group service encryption key update information.

The mobile station 2, after receiving the multicast broadcast service assignment message, obtains the group service encryption key update information, and updates the group service encryption key of the corresponding multicast broadcast service.

The network side entity 1 further includes a unicast module 11 for unicasting the group key encryption key update notification message to the mobile station 2 through the primary management connection of the mobile station 2.

The mobile station 2 specifically includes a decryption module 21, configured to encrypt a group key encryption key in the key update information according to the group key, and decrypt the group service encryption key update information. a group service encryption key; an update module 22, configured to update a group service encryption key of the corresponding multicast broadcast service according to the obtained group service encryption key.

Through the description of the above embodiments, those skilled in the art can clearly understand that the present invention can be implemented by hardware, or can be implemented by means of software plus necessary general hardware platform, and the technical solution of the present invention. It can be embodied in the form of a software product that can be stored in a non-volatile storage medium (which can be a CD-ROM, a USB flash drive, a mobile hard disk, etc.), including a number of instructions for making a computer device (may It is a personal computer, a server, or a network device, etc.) that performs the methods described in various embodiments of the present invention.

In conclusion, the above description is only a preferred embodiment of the present invention and is not intended to limit the scope of the present invention. Any modifications, equivalent substitutions, improvements, etc. made within the spirit and scope of the present invention are intended to be included within the scope of the present invention.

Claims

Rights request

A method for updating a group service encryption key, comprising: a network side entity transmitting a multicast broadcast service assignment message carrying a group service encryption key update information;

2. The group service encryption key update method according to claim 1, wherein before the transmitting the multicast broadcast service assignment message carrying the group service encryption key update information, the method comprises: The primary management connection of the station, the network side entity unicast group key encryption key update information to the mobile station.

The group service encryption key update method according to claim 2, wherein the mobile station obtains the group service encryption key update information after receiving the multicast broadcast service assignment message, and The group service encryption key for updating the corresponding multicast broadcast service is specifically:

The mobile station decrypts the group service encryption key in the group service encryption key update information according to the group key encryption key in the group key encryption key update information; the mobile station according to the obtained group The service encryption key updates the group service encryption key of the corresponding multicast broadcast service.

The group service encryption key update method according to any one of claims 1 to 3, wherein the multicast broadcast service assignment message carrying the group service encryption key update information is specifically:

And transmitting the group service encryption key update information in the scalable coding element in the multicast broadcast service assignment message.

The group service encryption key update method according to any one of claims 1 to 3, wherein the multicast broadcast service assignment message carrying the group service encryption key update information is specifically: And carrying the group service encryption key update information in the information element in the multicast broadcast service assignment message, and sending the information.

6. The group service encryption key update method according to claim 5, characterized in that And the carrying the group service encryption key update information in the information element in the multicast broadcast service assignment message, and the sending specifically includes:

Transmitting and sending the group service encryption key update information in the multicast broadcast service data information element in the multicast broadcast service assignment message; or

And transmitting the group service encryption key update information in the multicast broadcast service data time division information element in the multicast broadcast service assignment message, and sending; or

And transmitting the group service encryption key update information in the extended multicast broadcast service data information element in the multicast broadcast service assignment message.

The group service encryption key update method according to any one of claims 1 to 3, wherein the multicast broadcast service assignment message carrying the group service encryption key update information is specifically: The group service encryption key update information is carried in the multicast broadcast service data packet, and is sent.

The group service encryption key update method according to claim 7, wherein the group service encryption key is carried in the multicast broadcast service data packet in the multicast broadcast service assignment message. Update the information, and send the specifics including:

Transmitting and transmitting the corresponding group service encryption key update information in a media access control sub-head of the multicast broadcast service data packet in the multicast broadcast service assignment message; or

The media access control extension subheader added to the multicast broadcast service data packet in the multicast broadcast service assignment message carries the corresponding group service encryption key update information, and is sent.

A group service encryption key update system, comprising: a network side entity, configured to send a multicast broadcast service assignment message carrying a group service encryption key update information;

The mobile station, after receiving the multicast broadcast service assignment message, obtains the group service encryption key update information, and updates the group service encryption key of the corresponding multicast broadcast service.

The group service encryption key update system according to claim 9, wherein the mobile station comprises: a decryption module, configured to decrypt a group service encryption key in the group service encryption key update information according to the group key encryption key in the group key encryption key update information; and an update module, configured to obtain The group service encryption key updates the group service encryption key corresponding to the multicast broadcast service.

The group service encryption key update system according to claim 9, wherein the network side entity further comprises: a unicast module, configured to connect, by the mobile station, a primary management connection, the unicast module The unicast group key encrypts the key update notification message to the mobile station.