WO2010094206A1 - Method for link security authentication in wireless relay networks, device and system thereof - Google Patents

Method for link security authentication in wireless relay networks, device and system thereof Download PDF

Info

Publication number
WO2010094206A1
WO2010094206A1 PCT/CN2009/076217 CN2009076217W WO2010094206A1 WO 2010094206 A1 WO2010094206 A1 WO 2010094206A1 CN 2009076217 W CN2009076217 W CN 2009076217W WO 2010094206 A1 WO2010094206 A1 WO 2010094206A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
message
authentication code
count value
authentication
Prior art date
Application number
PCT/CN2009/076217
Other languages
French (fr)
Chinese (zh)
Inventor
李波杰
卢磊
梁文亮
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2010094206A1 publication Critical patent/WO2010094206A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general

Definitions

  • WiMAX Worldwide Interoperability for Microwave Access
  • IEEE 802.16d is a standard for fixed wireless access and can be applied to 2 to llGHz Non-Line of Sight (NLOS) transmission and 10 to 66 GHz (Light of Sight) transmission.
  • IEEE 802.16e adds new features to support mobility based on IEEE 802.16d.
  • a method for preventing management message playback is defined in the IEEE 802.16e protocol, that is, a CMAC (Cipher-based message authentication code, referred to herein as a message authentication code) packet number counter value at any time.
  • a CMAC Cipher-based message authentication code
  • the combination of the corresponding key that generates the CMAC message authentication code is unique.
  • these keys must be updated frequently, and the CMAC_KEY_COUNT (message authentication code key count) count value is used to ensure the freshness of the key; meanwhile, the message authentication code packet number count value is Each time a management message with a message authentication code is sent, it is also updated to further enhance the ability of the message authentication code to defend against attacks.
  • the CMAC_KEY_COUNT count value is updated before the RNG-REQ (Ranging Request) message is sent to the base station, and the message authentication code packet number is updated.
  • the count value is set to zero, and the terminal generates a new message authentication code key by using the updated count value, and then the terminal uses the message authentication code key and the zeroed message to recognize
  • the code group number count value is a RNG-REQ message to generate a CMAC message authentication code, and the network side also uses the updated count value to generate a corresponding key for verifying the RNG-REQ message, thereby preventing a replay attack.
  • an embodiment of the present invention provides a link security authentication method in a wireless relay network, including:
  • the first management message carries the first message authentication code and the first message authentication code key count value included in the first authentication key context saved by the mobile station itself, and the first message authentication a first packet authentication code according to the first authentication key, the first authentication key identifier, the first message authentication code key count value, and the first message authentication code group number in the first authentication key context.
  • Count value calculation is generated, and the first authentication key in the first authentication key context is calculated according to the mobile station identifier and the access relay station identifier according to the setting rule;
  • the verification result determines whether the access link between the mobile station and the access relay station is secure, and the second authentication key and the first authentication key are peer keys.
  • the embodiment of the invention further provides a link security authentication method in a wireless relay network, and a package Includes:
  • the second management message carries a third message authentication code, a third message authentication code key count value, a third message authentication code packet number count value, and a third message authentication code according to the third
  • the third message authentication code key count value, the third message authentication code group number count value, and the third authentication key in the third authentication key context are calculated and generated, and the third authentication key is generated according to the access.
  • the relay station identifier and the multi-hop relay base station identifier are obtained according to a setting rule, where the third authentication key context is an authentication key context related to the access relay station saved by the access relay station;
  • the verification result determines whether the relay link between the access relay station and the multi-hop relay base station is secure, and the fourth authentication key and the third authentication key are peer keys.
  • the embodiment of the invention further provides a link security authentication device, including:
  • a first receiving module configured to receive a first management message sent by the mobile station, where the first management message carries the first message authentication code and the first message authentication code key included in the context of the first authentication key saved by the mobile station itself a count value, a first message authentication code packet number count value, the first message authentication code is based on the first authentication key, the first authentication key identifier, and the first message authentication code key count value in the first authentication key context, The first message authentication code group number count value calculation calculation is generated, and the first authentication key is calculated according to the mobile station identifier and the access relay station identifier according to the setting rule; the first processing module is configured to include according to the second authentication key context The second authentication key, the second authentication key identifier, and the first message authentication code key count value, the first message authentication code packet number count value verify the first message authentication code, and determine the mobile station and the access relay station according to the verification result. Whether the access link is secure, and the second authentication key and the first authentication key are peer keys.
  • the embodiment of the invention further provides a multi-hop relay base station, including:
  • a second receiving module configured to receive a second management message sent by the access relay station, where the second management message carries a third message authentication code and a third message authentication code key count value, and the third message acknowledges a code group number count value, the third message authentication code is based on the third message authentication code key count value, the third message authentication code packet number count value, and the third authentication key and the third authentication in the third authentication key context Key identification calculation is generated, and the third authentication key is calculated according to the access relay identifier and the multi-hop relay base station identifier according to a set rule;
  • a second processing module configured to verify, according to the fourth authentication key, the fourth authentication key identifier, and the third message authentication code key count value and the third message authentication code group number count value included in the fourth authentication key context
  • the third message authentication code determines whether the relay link between the access relay station and the multi-hop relay base station is secure according to the verification result, and the fourth authentication key and the third authentication key are peer keys.
  • the embodiment of the invention further provides a wireless relay network system, including:
  • An access relay station configured to receive a first management message sent by the mobile station, according to the second authentication key, the second authentication key identifier, and the first message authentication code key count value included in the second authentication key context, a message authentication code packet number count value verifies the first message authentication code, determines, according to the verification result, whether the access link between the mobile station and the access relay station is secure, and converts the first management message into a second management message and sends,
  • the first management message carries the first message authentication code and the first message authentication code key count value included in the first authentication key context saved by the mobile station itself, the first message authentication code packet number count value, and the first message.
  • the authentication code is generated according to the first authentication key, the first authentication key identifier, the first message authentication code key count value, and the first message authentication code group number count value in the first authentication key context, and the first authentication key is generated.
  • the key is obtained according to the setting rule according to the mobile station identifier and the access relay station identifier, and the second authentication key and the first authentication key are equal. ;
  • a multi-hop relay base station configured to receive a second management message sent by the access relay station, and according to the fourth authentication key, the fourth authentication key identifier, and the third message authentication code key included in the fourth authentication key context And the third message authentication code is verified by the count value and the third message authentication code packet number, and the relay link between the access relay station and the multi-hop relay base station is determined according to the verification result, wherein the second management message carries the first The third message authentication code and the third message authentication code key count value, the third message authentication code group number count value, and the third message authentication code according to the third message authentication code key The count value, the third message authentication code packet number count value, and the third authentication key and the third authentication key identifier in the third authentication key context are calculated and generated, and the third authentication key is according to the access relay station identifier and the multi-hop. After the base station identifier is calculated according to the setting rule, the fourth authentication key and the third authentication key are peer keys.
  • the embodiment of the invention provides a specific technical solution for detecting the security of the access link and the relay link in the wireless relay network, and can effectively prevent the replay attack in the wireless relay network.
  • FIG. 1 is a flowchart of detecting security of an access link in a wireless relay network according to an embodiment of the present invention
  • FIG. 2 is a flowchart of detecting security of a relay link in a wireless relay network according to an embodiment of the present invention
  • FIG. 4 is a schematic flowchart of a link security authentication method in a wireless relay network according to an embodiment of the present invention
  • FIG. 5 is a schematic flowchart of a link security authentication method in a wireless relay network according to an embodiment of the present invention
  • FIG. 6 is a schematic flowchart of a link security authentication method in a wireless relay network according to an embodiment of the present invention
  • FIG. 7 is a schematic flowchart of a link security authentication method in a wireless relay network according to an embodiment of the present invention.
  • FIG. 8 is a block diagram of a link security authentication apparatus according to an embodiment of the present invention
  • FIG. 9 is a block diagram of a multi-hop relay base station according to an embodiment of the present invention.
  • FIG. 10 is a block diagram of a wireless relay network system according to an embodiment of the present invention. DETAILED DESCRIPTION OF THE INVENTION
  • a method for detecting security of an access link in a wireless relay network is as shown in FIG. 1 , and includes the following steps:
  • Step 101 The multi-hop relay base station or the access relay station receives the first management message sent by the mobile station.
  • the first management message carries the first message authentication code and the first message authentication code key count value and the first message authentication code group number count value included in the first authentication key context saved by the mobile station itself.
  • the authentication key context includes an authentication key, an authentication key identifier, a message authentication code key, a message authentication code key count value, a message authentication code packet number count value, and an authentication key and a message authentication code key count value are used together.
  • the message authentication code key, the message authentication code key and the authentication key identifier, and the message authentication code group number count value are jointly used to calculate or verify the message authentication code of the management message.
  • the first message authentication code is generated according to the first authentication key, the first authentication key identifier, the first message authentication code key count value, and the first message authentication code group number count value in the first authentication key context. .
  • the first authentication key in the first authentication key context is calculated according to the mobile station identity and the access relay station identity according to a set rule.
  • Step 102 Verify the first message authentication according to the second authentication key, the second authentication key identifier, and the first message authentication code key count value and the first message authentication code group number count value included in the second authentication key context.
  • the code determines whether the access link between the mobile station and the access relay station is secure according to the verification result.
  • the second authentication key and the first authentication key are peer keys.
  • the executor of the above solution may be an A-RS (Acces s Relay Station) or an MS-BS (Mul ti- hop Relay Base) Stat ion, multi-hop relay base station).
  • the second authentication key context may be stored locally at the A-RS or the MS-BS, or may be obtained from an authenticator to which the MS belongs.
  • a method for detecting security of a relay link in a wireless relay network is as shown in FIG. 2, and includes the following steps:
  • Step 201 Receive a second management message sent by the access relay station.
  • the second management message carries a third message authentication code and a third message authentication code key count value, a third message authentication code packet number count value, and the third message authentication code is based on the third message authentication code key count value, and the third The message authentication code packet number count value and the third authentication key and the third authentication key identifier in the third authentication key context are generated, and the third authentication key is set according to the access relay station identifier and the multi-hop relay base station identifier. Rule calculation is obtained;
  • Step 202 Verify third message authentication according to the fourth authentication key, the fourth authentication key identifier, and the third message authentication code key count value and the third message authentication code group number count value included in the fourth authentication key context.
  • the code determines whether the relay link between the access relay station and the multi-hop relay base station is secure according to the verification result.
  • the fourth authentication key and the third authentication key are peer keys.
  • the executor of the foregoing solution may be an MS-BS, and the fourth authentication key context may be stored locally in the MS-BS.
  • IEEE 802.16j is an air interface protocol developed by the IEEE organization to implement relay capability based on 16e.
  • the network architecture defined by it is shown in Figure 3, which includes:
  • MR-BS A device that provides connection, management, and control for relay stations and user terminals
  • RS Relay Station
  • RS Relay Station
  • Some RSs can also provide management and control for subordinate RSs or user terminals.
  • the air interface between the RS and the MS is the same as the air interface between the MR-BS and the MS.
  • the RS is a station that relays data between the base station and the terminal, so that the wireless signal can reach the destination through multiple transmissions (multi-hop).
  • MS Mobile Station
  • the user uses this device to access the WiMAX network.
  • the security of the access link is verified first, and then the security of the relay link is verified.
  • the security verification of the access link is based on the MS related AK (Authentication). Key, authentication key) context, security verification of the relay link is based on the A-RS related AK context; in an alternative to this embodiment, the security verification of the access link is based on the MS-related AK context, the security of the relay link The verification is also based on the MS related AK context.
  • the AK key in the MS-related AK context is generated by the MS or the MS-affiliated authenticator according to the MS identifier and the A-RS identifier
  • the AK key in the A-RS related AK context is The A-RS or A-RS belonging authenticator is calculated and generated according to a certain rule according to the A-RS identifier and the MR-BS identifier.
  • MS-related AK MS maintains a context that contains CMAC- KEY- COUNT value X M
  • A-RS MS maintains a correlation AK context, which context includes CMAC- KEY- COUNT value Y M
  • the authenticator maintains an MS-related AK context, which contains the CMAC_KEY_COUNT value Z M
  • the A-RS also maintains an A-RS related AK context, which includes CMAC_KEY_COUNT value X R
  • MR -BS a-RS maintains a correlation AK context
  • context includes CMAC- KEY- COUNT value Y R.
  • the link security authentication method in the wireless relay network includes the following steps:
  • Step 301 The MS generates a first management message, that is, an RNG-REQ message.
  • the first message authentication code key count value included in the authentication key context (referred to as the first authentication key context in this embodiment) maintained by the MS before sending the first management message to the A-RS, that is, CMAC— KEY_ COUNT value X M is self-powered B 1, and sets the first message authentication code packet number count value in the MS-related AK context (ie, the first AK context) saved locally by the MS to zero, using the MS-related AK context locally saved by the MS.
  • Generating a first message authentication code for the RNG-REQ message; the specific process is that the MS uses the AK key in the AK context, the MS identifier (specifically, the MS media access control layer address), the RS identifier, and the X M to be calculated in a specific manner.
  • the authentication code key is used to calculate and generate the first message authentication code by using the message authentication code key and the AK identifier in the AK context and the first message authentication code packet number count value as the RNG-REQ message.
  • the specific calculation method refer to 802.16e. Protocol, the difference is that the BS identifier in the 802.16e calculation method needs to be changed to the RS identifier.
  • the various AK contexts mentioned herein include the AK key, the AK identifier, the message authentication code key, the message authentication code key count value CMAC_KEY_COUNT, and the message authentication code group number count. value.
  • the AK key (also referred to as the first authentication key in this embodiment) in the first AK context saved by the MS is the MS according to the MS ID (specifically, the media access control layer address of the MS) and the RS. The ID is calculated according to the set rules.
  • the MS initiates this step if the A-RS performs network re-entry or performs a secure location update or handover to a target access relay station.
  • Step 302 The MS sends an RNG-REQ message to the A-RS, where the message carries the current X M , the first message authentication code packet number count value, and the first message authentication code.
  • Step 303 the A-RS determines whether the MS related AK context (ie, the second AK context) is saved locally, and if so, proceeds to step 310; otherwise, proceeds to step 304;
  • MS related AK context ie, the second AK context
  • the second AK context is an AK context including a second authentication key, and the second authentication key and the first authentication key are peer keys.
  • Step 304 The A-RS sends an MS_Context-REQ (Mobile Station Context Request) message to the MR-BS, where the message carries the MS ID (MS identifier);
  • MS_Context-REQ Mobile Station Context Request
  • the MS ID may be carried by the MS in the RNG-REQ message and sent to the A-RS, or may be
  • A-RS is known by other prior art means.
  • the message between the A-RS and the MR-BS and the MR-BS and the authenticator may be directly or indirectly sent, so that the indirect transmission to the A-RS passes through other RSs.
  • the message is sent to the MR-BS, and the MR-BS can send the message to the authenticator via other network elements (such as a gateway).
  • Step 305 the MR-BS sends a Context_Req to the Authenticator (up and down) Message request) message, the message carries the MS ID and the A-RS ID;
  • the authenticators mentioned in this document are all authenticators to which the MS belongs.
  • Step 306 The authenticator calculates an MS-related AK key according to the same setting rule as the MS according to the MS ID and the RS ID, and generates an MS-related AK context (ie, a second AK context).
  • Step 307 the authenticator to the MR-BS Sending a Context_Rpt (Context Report) message, the message carries a second AK Context, and the second AK Context includes an MS-related CMAC-KEY-COUNT value ZM locally saved by the authenticator ;
  • Step 308 The MR-BS returns an MS_Context-RSP (Mobile Station Context Response) message to the A-RS, where the message carries the second AK context provided by the authenticator, and the second AK context includes the locally saved by the authenticator.
  • MS_Context-RSP Mobile Station Context Response
  • Step 309 A-RS makes Y M equal to Z M , and Y M is the MS-related CMAC-KEY_COUNT value maintained by the A-RS;
  • Step 310 it is determined whether X M is greater than or equal to Y M , and if so, proceed to step 311, otherwise, proceed to step 325;
  • This step is an auxiliary means for verifying whether the access link is secure. If it is determined that X M is less than Y M , it is understood that an access link replay attack occurs. It is not necessary to perform the message authentication code verification of the RNG-REQ message. It can be seen that with this step, it is possible to know whether the access link is secure by using a simple judgment means.
  • Step 311 A-RS using X M RNG-REQ message includes the message authentication code value and the packet count number associated MS AK context (i.e., a second context AK) in key AK, AK verify identification in the RNG-REQ message
  • the specific authentication mode refer to the 802.16e protocol.
  • the difference is that the BS identifier in the 802.16e calculation method needs to be changed to the RS identifier. If the verification is successful, proceed to step 312, otherwise proceed to step 325;
  • the access link between the MS and the A-RS can be determined to be secure, otherwise the access link is determined. Not safe.
  • Step 312 A-RS makes Y M equal to X M ;
  • Step 313, the A-RS generates a second management message, that is, a new RNG-REQ message.
  • the method for generating the second management message by the A-RS in this step is: A-RS related AK context maintained by itself (ie, the third AK) Third CMAC - KEY - COUNT value in context) The first CMAC- KEY- COUNT value X M and a first message authentication code value of said third count number of packets message authentication code value of the packet count number replacing step 302 RNG-REQ message, and using A-RS Related AK context (i.e. The third message authentication code key and the third message authentication code packet number in the three AK contexts are the replaced RNG-REQ message (excluding the original message authentication code part).
  • the message authentication code is recalculated, that is, the third message.
  • the authentication code replaces the third message authentication code with the original first message authentication code to obtain a new RNG-REQ message, that is, the second management message.
  • Step 314 the A-RS sends the second management obtained in step 313 to the MR-BS.
  • Message ie new RNG-REQ message, which includes X R;
  • Step 315 the MR-BS determines whether the X R included in the received RNG-REQ message is greater than or equal to the locally saved Y R , and if yes, proceeds to step 316, otherwise proceeds to step 324;
  • this step it is determined whether the third message authentication code key count value is not less than the fourth message authentication code key count value included in the fourth authentication key context saved by the MR-BS, and if it is determined that X R is less than Y M , It is understood that a relay link replay attack has occurred.
  • Step 316 the MR-BS receives the X R according to the RNG-REQ message received in step 314, the message authentication code packet number count value, and the AK key in the locally saved A-RS related AK context (fourth AK context).
  • the AK identifies the message authentication code in the RNG-REQ message received by the verification step 314; the specific process is that the MR-BS utilizes the AK key in the A-RS related AK context (fourth AK context), and the A-RS media access control layer address, MR-BS and identify] calculated message authentication code key in a specific way, reuse of the identification AK message authentication code key a-RS and the AK context related, RNG-REQ message received in step 314
  • the message authentication code packet number count value in the verification of the message authentication code of the RNG-REQ message, the specific verification method is similar
  • the 802.16e protocol method differs in that the terminal identifier in the 802.16e authentication method needs to be changed to the RS identifier. If the
  • the success of the verification can determine the security of the relay link between the A-RS and the MR-BS, otherwise it is determined that the trunk link is not secure.
  • Step 317 the MR-BS makes Y R equal to X R , and sends an RNG-RSP (Ranging Response) message with a success indication to the A-RS;
  • RNG-RSP Rastering Response
  • Step 318 The A-RS returns an RNG-RSP message with a success indication to the MS.
  • Step 319 the A-RS sends an MS_Context-REQ message to the MR-BS, where the message carries the MS ID ⁇ n X M ⁇ t;
  • steps 318 and 319 do not have a certain order.
  • Step 320 The MR-BS sends a Context_RPt message to the authenticator, where the message carries XM ; the message may also be a CMAC_Key_Count_Update message authentication step, and the corresponding step
  • the response message in 322 is CMAC_Key_Count_Update_ Ack (Message Authentication Code Key Count Update Confirmation) message.
  • the X M should be notified to the authenticator after confirming the security of the access link, and the authenticator updates the MS-related CMAC locally saved by the authenticator— Key—Count value.
  • Step 322 The authenticator sends a Context_Ack (Context Acknowledgement) message to the MR-BS.
  • Step 323 After receiving the Context_Ack message, the MR-BS sends an MS_Context-RSP message to the A-RS to respond to the MS-Context. -REQ message, end;
  • Step 324 The MR-BS sends an RNG-RSP carrying the rejection information to the A-RS.
  • the specific processing method of this step may be: setting the Ranging Status in the RNG-RSP message to Abort, or setting the Location Update Response (bit) Set update response) to failure.
  • Step 325 The A-RS sends an RNG-RSP carrying the rejection information to the MS.
  • the specific processing method of this step may be: setting the Ranging Status in the RNG-RSP message to Abort, or setting the Location Update Response to failure.
  • the RNG-REQ message may carry the CMAC_Key_Count value X M of the MS and the CMAC_Key_Count value X R of the RS. Then, the MR-BS can know X M at this time, and if the result of the determination in step 315 is YES, steps 320 to 322 are performed, and X M is notified to the authenticator. Thus, steps 319 and 323 can be omitted.
  • the MR-BS also needs to maintain an MS-related AK context (second AK context), and the second AK context includes an MS-related CMAC-Key- Count value Y M , at this time: Steps 305 ⁇ 307, 313, 319, 323 can be omitted.
  • the reason for retaining steps 320-322 is that there may be other MR-BSs that can communicate with the authenticator that need to obtain the relevant AK context of the MS from the authenticator. If all MR-BSs that can communicate with the authenticator save the MS-related AK context, steps 320-322 may be omitted.
  • step 313-317 may be omitted.
  • step 318 is directly performed.
  • step 303 may be omitted. 312, 319-323
  • the situation of the following embodiments is similar to that of the embodiment, and those skilled in the art can determine whether to detect only according to whether the steps are related to the security detection of the access link or the security detection of the relay link. The case when the access link is secure or the case where only the relay link is safe is not described in the following embodiments.
  • the access link is first verified to be secure, and the relay link is verified.
  • the security verification of the access link is based on the MS correlation.
  • the AK context, the security verification of the relay link is based on the A-RS related AK context and the CMAC_KEY_COUNT value used by the access link RNG-REQ.
  • MS maintains a relevant MS AK context, which context includes CMAC- KEY- COUNT value X M
  • A-RS MS maintains a correlation AK context, which context includes CMAC- KEY- COUNT value Y M
  • authenticator maintains a MS Related AK context, which context includes CMAC- KEY- COUNT value Z M
  • a-RS still maintains a relevant a-RS AK context
  • MR-BS maintains a relevant a-RS AK context, while maintaining a MS associated CMAC- KEY—COUNT value YMR.
  • the link security authentication method in the wireless relay network provided in this embodiment is as shown in FIG. 5, and includes the following steps:
  • Step 401 The MS generates a first management message, that is, an RNG-REQ message.
  • the first management message carries the first message authentication code and the first message authentication code key count value X M and the first message authentication code group number count value included in the first authentication key context saved by the mobile station itself.
  • Step 402 The MS sends the RNG-REQ message to the A-RS, where the message carries the current X M , the first message authentication code packet number count value, and the first message authentication code.
  • Step 403 the A-RS determines whether the MS-related AK context (ie, the second AK context) is saved locally, and if yes, proceeds to step 410; otherwise, proceeds to step 404;
  • Step 404 The A-RS sends an MS_Context-REQ message to the MR-BS, where the message carries the MS ID.
  • Step 405 The MR-BS sends a Context_Req message to the authenticator, where the message carries the MS ID and the A-RS ID.
  • the authenticators mentioned in this document are all authenticators to which the MS belongs.
  • Step 406 The authenticator calculates an MS-related AK key according to the same setting rule as the MS according to the MS ID and the RS ID, and generates an MS-related AK context (ie, a second AK context).
  • Step 407 the authenticator to the MR-BS Send a Context_Rpt message, the message carries a second AK context, and the second AK context contains a second locally saved by the authenticator CMAC—KEY—COUNT value Z M;
  • Step 408 the MR-BS maintains the MS related CMAC-KEY- COUNT value Y MR is equal to Z M;
  • Step 409 The MR-BS returns an MS_Context-RSP message to the A-RS, where the message carries the second AK context provided by the authenticator;
  • Step 410 A-RS makes Y M equal to Z M ;
  • Step 411 it is determined whether X M is greater than or equal to Y M , and if so, proceed to step 412, otherwise, proceed to step 424;
  • Step 412 A-RS using X M RNG-REQ message includes the message authentication code packet number counter value and MS-related AK context of the AK, AK identification verification RNG-REQ message is a message authentication code, the specific authentication manner Referring to the 802.16e protocol, the difference is that the BS identifier in the 802.16e calculation method needs to be changed to the RS identifier. If the verification is successful, proceed to step 413, otherwise proceed to step 424;
  • the access link between the MS and the A-RS can be determined. Otherwise, the access link is determined to be insecure.
  • Step 413 A-RS makes Y M equal to X M;
  • Step 414 the A-RS generates a second management message, that is, a new RNG-REQ message.
  • the A-RS uses the AK key, AK in the A-RS related AK context (ie, the third AK context) maintained by itself.
  • the authentication code replaces the original message authentication code to obtain a new RNG-REQ message;
  • Step 415 The A-RS sends a new RNG-REQ message to the MR-BS.
  • Step 416 The MR-BS determines whether the X M included in the received RNG-REQ message is greater than or Is equal to the locally saved Y MR , if yes, proceed to step 417, otherwise proceed to step 423;
  • Step 417 the MR-BS according to the X M , the message authentication code packet number count value included in the received RNG-REQ message, and the AK key, AK in the locally saved A-RS related AK context (fourth AK context) Identifying the message authentication code in the RNG-REQ message; the specific procedure is that the MR-BS utilizes the AK key in the A-RS related AK context (fourth AK context), the A-RS media access control layer address, and the MR-BS identifier.
  • And X M calculates the message authentication code key in a specific manner, and then utilizes the message authentication code key and the AK identifier in the A-RS related AK context (fourth AK context), and the message authentication code in the RNG-REQ message.
  • the packet number count value verifies the message authentication code of the RNG-REQ message, and the specific verification method is similar to the 802.16e protocol method. The difference is that the terminal identifier in the 802.16e authentication method needs to be changed to the RS identifier, and the parameters required for the verification are from different contexts. . If the verification is successful, go to step 418, otherwise go to step 423; verify the success to determine the security of the relay link between the A-RS and the MR-BS, otherwise determine that the relay link is not secure.
  • Step 418 MR-BS causes YMR to be equal to X M , and sends a success indication to the A-RS.
  • Step 419 The A-RS returns an RNG-RSP message with a success indication to the MS.
  • Step 420 The MR-BS sends a Context_RPt message to the authenticator, where the message carries XM .
  • steps 419 and 420 do not have a certain sequence.
  • Step 421 After the authenticator receives the Context_RPt message, the update identifier is locally saved.
  • the CMAC-Key-Count value in the context of the MS is specifically the larger of Z M and X M plus
  • Step 422 the authenticator sends a Context_Ack message 4 to the MR-BS, and ends; Step 423, the MR-BS sends the RNG-RSP carrying the rejection information to the A-RS;
  • Step 424 The A-RS sends an RNG-RSP carrying the rejection information to the MS.
  • the security of the relay link is verified first, and then the security of the access link is verified.
  • the security verification of the access link is based on the MS-related AK context, and the security verification of the relay link is based on the A-RS related AK context.
  • MS-related AK MS maintains a context that contains CMAC- KEY- COUNT value X M
  • A-RS MS maintains a correlation AK context, which context includes CMAC- KEY- COUNT value Y M
  • the authenticator maintains an MS-related AK context, which contains CMAC_KEY_COUNT value Z M
  • the A-RS maintains an A-RS related AK context, which includes CMAC_KEY_COUNT value X R
  • MR- a-RS BS maintains a correlation AK context, which context includes CMAC- KEY- COUNT value Y R.
  • this embodiment first verifies the security of the relay link and then verifies the security of the access link.
  • the link security authentication method in the wireless relay network provided in this embodiment is as shown in FIG. 6, and includes the following steps:
  • Step 501 The MS generates a first management message, that is, an RNG-REQ message.
  • Step 502 The MS sends an RNG-REQ message to the A-RS, where the message carries the current X M , the first message authentication code packet number count value, and the first message authentication code.
  • Step 503 The A-RS generates a second management message, that is, a new RNG-REQ message.
  • the A-RS will maintain the A-RS related AK context (ie, the third AK context) CMAC_KEY. — COUNT value ] ⁇ and the message authentication code packet number count value replaces the CMAC_KEY_COUNT value X M and the message authentication code packet number count value in the received RNG-REQ message, and utilizes the A-RS related AK context
  • the message authentication code key and the message authentication code packet number count value are the replaced RNG-REQ message (excluding the original message authentication code part).
  • the message authentication code is recalculated, and the recalculated message authentication code is replaced with the original message authentication code. Obtain a new RNG-REQ message;
  • Step 504 The A-RS sends a new RNG-REQ message to the MR-BS.
  • Step 505 The MR-BS determines whether the X R included in the received RNG-REQ message is greater than or Is equal to the locally saved Y R , if yes, proceed to step 506, otherwise proceed to step 522;
  • Step 506 The MR-BS according to the X R included in the received RNG-REQ message, the message authentication code packet number count value, and the AK key in the locally saved A-RS related AK context (ie, the fourth AK context),
  • the AK identifier verifies the message authentication code in the received RNG-REQ message; the specific process is that the MR-BS utilizes the AK key in the A-RS related AK context, the A-RS media access control layer address, the MR-BS identifier, and the pass
  • the message authentication code key is calculated in a specific manner, and the RNG- is verified by using the message authentication code key and the AK identifier in the A-RS related AK context, and the message authentication code packet number count value in the received RNG-REQ message.
  • the message authentication code of the REQ message is similar to the 802.16e protocol method. The difference is that the terminal identifier in the 802.16e authentication method needs to be changed to the RS identifier. If the verification is successful, proceed to step 507, otherwise proceed to step 522;
  • the success of the verification can determine the security of the relay link between the A-RS and the MR-BS, otherwise it is determined that the trunk link is not secure.
  • Step 507 the MR-BS makes Y R equal to X R , and sends an RNG-RSP message with a success indication to the A-RS.
  • Step 508 The MR-BS sends a Context_Req message to the authenticator, where the message carries the MS ID and the A-RS ID.
  • Step 509 The authenticator calculates an MS-related AK key according to the same setting rule as the MS according to the MS ID and the RS ID, and generates an MS-related AK context (ie, a second AK context).
  • Step 510 the authenticator to the MR-BS Context- Rpt send message, and the message carries a second AK context, the second context includes AK locally stored authentication MS-related CMAC- KEY- COUNT value Z M;
  • Step 511 The MR-BS returns an MS_Context-RSP message to the A-RS, where the message carries the second AK context provided by the authenticator;
  • Step 512 A-RS makes Y M equal to Z M ;
  • Step 513 it is determined whether X M is greater than or equal to Y M , and if so, proceed to step 514, otherwise, proceed to step 523;
  • Step 514 X M RNG-REQ message received from A-RS 502 utilizing the step comprising, MS AK context 511 associated message authentication code received packet count value and the number of steps AK, AK identification verification RNG-REQ message
  • the message authentication code in the medium can be referred to the 802.16e protocol.
  • the difference is that the BS identifier in the 802.16e calculation method needs to be changed to the RS identifier. If the verification is successful, proceed to step 515, otherwise proceed to step 523;
  • the access link between the MS and the A-RS can be determined. Otherwise, the access link is determined to be insecure.
  • Step 515 A-RS makes Y M equal to X M;
  • Step 516 The A-RS returns an RNG-RSP message with a success indication to the MS.
  • Step 517 the A-RS sends an MS_Context-REQ message to the MR-BS, where the message carries the MS ID ⁇ n X M ⁇ t;
  • steps 516 and 517 do not have a certain order.
  • Step 518 The MR-BS sends a Context_RPt message to the authenticator, where the message carries XM .
  • the updater locally saves the identifier.
  • Step 520 The authenticator sends a Context_Ack message to the MR-BS.
  • Step 521 After receiving the Context_Ack message, the MR-BS sends the message to the A-RS.
  • the MS_Context-RSP message responds to the above MS_Context-REQ message, and ends;
  • Step 522 The MR-BS sends an RNG-RSP carrying the rejection information to the A-RS.
  • Step 523 The A-RS sends the RNG-RSP carrying the rejection information to the MS.
  • the MR-BS can determine whether the A-RS holds the MS-related AK context, and if so, steps 508-511 can be omitted.
  • the security verification of the access link and the security verification of the relay link are performed on the MR-BS.
  • the security verification of the access link is based on the MS-related AK context
  • the security verification of the relay link is based on the A-RS related AK context.
  • MS-related AK MS maintains a context that contains CMAC- KEY- COUNT value X M
  • MS-related authenticator maintains a AK context, which context includes CMAC- KEY- COUNT value Z M
  • a-RS a-RS maintains a correlation AK context, which context includes CMAC- KEY- COUNT value X R
  • MR-BS maintains a relevant a-RS AK context, which context includes CMAC- KEY- COUNT values Y R
  • the MR-BS may also maintain an MS related AK context. Compared with the first one, the access link security and the relay link security in this embodiment are all performed in the MR-BS.
  • the link security authentication method in the wireless relay network provided in this embodiment is as shown in FIG. 7, and includes the following steps:
  • Step 601 The MS generates a first management message, that is, an RNG-REQ message.
  • Step 602 The MS sends an RNG-REQ message to the A-RS, where the message carries the current X M , the first message authentication code packet number count value, and the first message authentication code.
  • Step 603 the A-RS generates a second management message, that is, a new RNG-REQ message.
  • the A-RS will maintain the third message in the A-RS related AK context (ie, the third AK context) maintained by itself.
  • the authentication code key count value and the third message authentication code packet number count value are added to the end of the RNG-REQ message, and the A-RS related third message authentication is calculated by using the A-RS related AK context for adding the new field after the RNG-REQ message.
  • the code adds a new message authentication code to the RNG-REQ message after adding the new field, and generates a new RNG-REQ message.
  • the specific calculation method of the A-RS related message authentication code can refer to the 802.16e protocol, and the difference is 802.16e.
  • the terminal identifier in the calculation method needs to be changed to the RS identifier;
  • the new RNG-REQ message includes a first message authentication code, a first message authentication code key count value, a first message authentication code packet number count value, and a third message authentication code key count value X R , The third message authentication code packet number count value and the third message authentication code.
  • the A-RS sends a new RNG-REQ message to the MR-BS.
  • Step 606 The authenticator calculates an MS-related AK key according to the same setting rule as the MS according to the MS ID and the RS ID, and generates an MS-related AK context (ie, a second AK context).
  • Step 607 the authenticator to the MR-BS Sending a Context_RPpt message, where the message carries a second AK context, where the second AK context includes an MS-related CMAC-KEY_COUNT value ZM locally saved by the authenticator ;
  • Step 608 MR-BS judges whether] ⁇ RNG-REQ message includes greater than or equal locally stored and ⁇ 0- ⁇ X M 0 contained in the message is greater than or equal to Z M, if yes, proceeds to step 609, otherwise proceeds Step 615;
  • Step 609 The MR-BS according to the X R and A-RS related message authentication code group number count value included in the received RNG-REQ message and the locally saved A-RS related AK context (ie, the fourth AK context)
  • the AK key and the AK identifier verify the A-RS related message authentication code in the received RNG-REQ message; the specific process is that the MR-BS utilizes the AK key in the A-RS related AK context, and the A-RS media access control
  • the layer address, the MR-BS identifier, and the X R calculate the message authentication code key in a specific manner, and then use the message authentication code key and the AK identifier in the A-RS related AK context, and the received RNG-REQ message.
  • the message authentication code packet number count value verifies the A-RS related message authentication code of the RNG-REQ message, and the specific verification method is similar to the 802.16e protocol method. The difference is that the terminal identifier in the 802.16e authentication method needs to be changed to the RS identifier. If the verification is successful, proceed to step 610, otherwise proceed to step 615;
  • the success of the verification can determine the security of the relay link between the A-RS and the MR-BS, otherwise it is determined that the trunk link is not secure.
  • Step 610 Verify the MS-related message authentication code in the RNG-REQ message by using the X M and MS-related message authentication code packet number count value included in the RNG-REQ message and the AK and AK identifiers in the MS-related AK context, and the specific verification mode.
  • the access link between the MS and the A-RS can be determined. Otherwise, the access link is determined to be insecure.
  • Step 611 the MR-BS makes Y R equal to X R , and sends an RNG-RSP message with a success indication to the A-RS, and the A-RS sends an RNG-RSP message with a success indication to the MS.
  • Step 612 The MR-BS sends a Context_RPt message to the authenticator, where the message carries XM .
  • Step 614 The authenticator sends a Context_Ack message to the MR-BS, and ends.
  • Step 615 The MR-BS sends an RNG-RSP carrying the rejection information to the A-RS.
  • Step 616 The A-RS sends the RNG-RSP carrying the rejection information to the MS.
  • step 604 it may be determined whether the A-RS saves the MS-related AK context, and if so, the related operations in the first embodiment may be performed to verify the security of the access link and the relay link. Otherwise, step 604 can be performed to perform corresponding processing by using the technical solution of the embodiment.
  • the new RNG-REQ may not be generated, that is, the third message authentication code key count value in the second management message is the first message.
  • the authentication code key count value, the third message authentication code group number count value is a first message authentication code packet number count value, the first message authentication code key count value, the first message authentication code group number count value is included in the mobile station
  • the second management message is the first management message forwarded by the A-RS. Subsequent steps involving verifying the security of the relay link can be omitted.
  • the device security authentication device in this embodiment includes: a first receiving module, configured to receive a first management message sent by the mobile station, where the first management message carries the first message authentication code and the first authentication key in the first authentication key context saved by the mobile station itself, and the first The authentication key identifier and the first message authentication code key count value and the first message authentication code group number count value are calculated and generated, and the first authentication key is calculated according to the mobile station identifier and the access relay station identifier according to the setting rule;
  • a first processing module configured to verify, according to the second authentication key, the second authentication key identifier, and the first message authentication code key count value and the first message authentication code group number count value included in the second authentication key context
  • the first message authentication code determines whether the access link between the mobile station and the access relay station is secure according to the verification result, and the second authentication key and the first authentication key are peer keys.
  • the relay station can also include:
  • a first key obtaining module configured to: after the first receiving module receives the first management message, determine whether the first storage module saves the second authentication key context, and if not saved, send the identifier to the authenticator to which the mobile station belongs
  • a context request including a mobile station identity and an access relay station identity is provided to the first processing module with a second authentication key context obtained from the authenticator.
  • steps 301 to 312 of the first embodiment steps 401-413 of the second embodiment, and related parts described in steps 501 and 513 to 516 of the third embodiment.
  • the above device may be an access relay station or a multi-hop relay base station.
  • the multi-hop relay base station in this embodiment includes: a second receiving module, configured to receive a second management message sent by the access relay station, where the second management message carries The third message authentication code and the third message authentication code key count value, the third message authentication code group number count value, and the third message authentication code according to the third message authentication code key count value and the third message authentication code group number count value And generating, by the third authentication key and the third authentication key identifier in the third authentication key context, the third authentication key is obtained according to the setting rule according to the access relay identifier and the multi-hop relay base station identifier;
  • a second processing module configured to: according to the fourth authentication key, the fourth authentication key identifier, and the third message authentication code key count value, the third message authentication code group included in the fourth authentication key context The number of the counters verifies the third message authentication code, and according to the verification result, it is determined whether the relay link between the access relay station and the multi-hop relay base station is secure, and the fourth authentication key and the third authentication key are peer keys.
  • the wireless relay network system in this embodiment includes: an access relay station, configured to receive a first management message sent by the mobile station, according to a second The second authentication key, the second authentication key identifier, and the first message authentication code key count value, and the first message authentication code packet number count value verify the first message authentication code, and determine, between the mobile station and the access relay station, according to the verification result.
  • the first management message carries the first message authentication code and the first authentication key context saved by the mobile station itself a first message authentication code key count value, a first message authentication code packet number count value, and the first message authentication code is based on the first authentication key, the first authentication key identifier, and the first message in the first authentication key context
  • the authentication code key count value and the first message authentication code group number count value are calculated and generated, and the first authentication key is determined according to the mobile station identifier and the access Station identification by setting rule obtained by calculation, the second authentication key and the authentication key for the first key and the like;
  • a multi-hop relay base station configured to receive a second management message sent by the access relay station, and according to the fourth authentication key, the fourth authentication key identifier, and the third message authentication code key included in the fourth authentication key context And the third message authentication code is verified by the count value and the third message authentication code packet number, and the relay link between the access relay station and the multi-hop relay base station is determined according to the verification result, wherein the second management message carries the first The third message authentication code and the third message authentication code key count value, the third message authentication code group number count value, and the third message authentication code according to the third message authentication code key count value and the third message authentication code group number count value And calculating, by the third authentication key and the third authentication key identifier in the third authentication key context, the third authentication key is obtained according to the setting rule according to the access relay identifier and the multi-hop relay base station identifier, and the fourth The authentication key and the third authentication key are peer keys.
  • the embodiment of the present invention provides a specific technical solution for detecting the security of the access link

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A method, device and system for link security authentication in wireless relay networks are disclosed in the present invention, and the method includes that: a multi-hop relay base station or an access relay station receives a first management message sent by a mobile station, the first management message carries a first message authentication code, and the first management message also carries a count value of the first message authentication code key and a count value of the first message authentication code packet number which are contained in a first authentication key context stored by the mobile station itself; the first message authentication code is verified based on a second authentication key and a second authentication key identification which are contained in a second authentication key context, the count value of the first message authentication code key, and the count value of the first message authentication code packet number, and whether the access link between the mobile station and the access relay station is safe is determined based on the verification result. With the technical scheme of the present invention, replay attacks in the wireless relay networks could be prevented effectively

Description

无线中继网络中的链路安全认证方法、 装置和系统 本申请要求于 2009 年 2 月 20 日提交中国专利局、 申请号为 200910004704.5、发明名称为"无线中继网络中的链路安全认证方法、装置 和系统"的中国专利申请的优先权, 其全部内容通过引用结合在本申请中。 技术领域 本发明涉及通信技术领域, 尤其涉及无线中继网络中的链路安全认证 方法、 装置和系统。 背景技术  Link security authentication method, device and system in wireless relay network The application claims to be submitted to the Chinese Patent Office on February 20, 2009, the application number is 200910004704.5, and the invention name is "link security authentication method in the wireless relay network" The priority of the Chinese Patent Application, the entire disclosure of which is incorporated herein by reference. TECHNICAL FIELD The present invention relates to the field of communications technologies, and in particular, to a link security authentication method, apparatus, and system in a wireless relay network. Background technique
WiMAX(Worldwide Interoperability for Microwave Access, 全球接入微 波互操作性), 是一种基于 IEEE 802.16 标准的无线城域网技术。 IEEE 802.16d是固定无线接入的标准, 可以应用于 2〜llGHz非视距 (NLOS, Non Light of Sight) 传输和 10〜66GHz视距 (LOS, Light of Sight) 传输。 IEEE 802.16e在 IEEE 802.16d的基础上加入了支持移动性的新特性。 WiMAX (Worldwide Interoperability for Microwave Access) is a wireless metropolitan area network technology based on the IEEE 802.16 standard. IEEE 802.16d is a standard for fixed wireless access and can be applied to 2 to llGHz Non-Line of Sight (NLOS) transmission and 10 to 66 GHz (Light of Sight) transmission. IEEE 802.16e adds new features to support mobility based on IEEE 802.16d.
IEEE 802.16e协议中定义了一种防止管理消息重放的方法,即在任何时 间, CMAC (Cipher-based message authentication code, 基于密码的消息认 证码, 在本文中简称消息认证码) 分组号计数值和相应的产生 CMAC消息 认证码的密钥的组合是唯一的。 为有效地防止重放, 这些密钥必须经常更 新, 而 CMAC— KEY— COUNT (消息认证码密钥计数)计数值则用来保证密 钥的新鲜性; 同时, 消息认证码分组号计数值在每次发送带消息认证码的 管理消息时也会更新, 进一步增强消息认证码的防重放攻击的能力。 终端 在网络重进入或者进行安全位置更新或者切换到目标基站的过程中, 在向 基站发送 RNG-REQ (测距请求) 消息前, CMAC— KEY— COUNT计数值都 会更新, 而消息认证码分组号计数值置零, 终端利用更新后的计数值生成 新的消息认证码密钥, 然后终端利用该消息认证码密钥和置零后的消息认 证码分组号计数值为 RNG-REQ消息生成 CMAC消息认证码, 同时网络侧 也使用更新后的计数值生成相应密钥用于验证该 RNG-REQ消息, 以此防 止重放攻击。 A method for preventing management message playback is defined in the IEEE 802.16e protocol, that is, a CMAC (Cipher-based message authentication code, referred to herein as a message authentication code) packet number counter value at any time. The combination of the corresponding key that generates the CMAC message authentication code is unique. In order to effectively prevent playback, these keys must be updated frequently, and the CMAC_KEY_COUNT (message authentication code key count) count value is used to ensure the freshness of the key; meanwhile, the message authentication code packet number count value is Each time a management message with a message authentication code is sent, it is also updated to further enhance the ability of the message authentication code to defend against attacks. When the terminal re-enters or performs a secure location update or handover to the target base station, the CMAC_KEY_COUNT count value is updated before the RNG-REQ (Ranging Request) message is sent to the base station, and the message authentication code packet number is updated. The count value is set to zero, and the terminal generates a new message authentication code key by using the updated count value, and then the terminal uses the message authentication code key and the zeroed message to recognize The code group number count value is a RNG-REQ message to generate a CMAC message authentication code, and the network side also uses the updated count value to generate a corresponding key for verifying the RNG-REQ message, thereby preventing a replay attack.
发明人发现现有技术中至少存在如下问题: 在 WiMAX的多跳中继网 络场景中, 现有协议(NWG (Network Working Group, 网络工作小组)和 802.16j )对于终端和网络如何在分布式安全模式下利用消息认证码密钥计 数值以及消息认证码分组号计数值进行防重放攻击没有给出具体的解决方 案。 发明内容 本发明实施例的目的在于提供一种无线中继网络中的链路安全认证方 法、 装置和系统, 用以防止无线中继网络中的重放攻击。  The inventors have found that at least the following problems exist in the prior art: In the multi-hop relay network scenario of WiMAX, existing protocols (NWG (Network Working Group) and 802.16j) are distributed security for terminals and networks. The anti-replay attack using the message authentication code key count value and the message authentication code packet number count value in the mode does not give a specific solution. SUMMARY OF THE INVENTION It is an object of embodiments of the present invention to provide a link security authentication method, apparatus, and system in a wireless relay network for preventing replay attacks in a wireless relay network.
为了实现上述目的, 本发明实施例提供了一种无线中继网络中的链路 安全认证方法, 包括:  In order to achieve the above object, an embodiment of the present invention provides a link security authentication method in a wireless relay network, including:
接收移动台发送的第一管理消息, 第一管理消息中携带第一消息认证 码以及移动台自身保存的第一认证密钥上下文中包含的第一消息认证码密 钥计数值、 第一消息认证码分组号计数值, 第一消息认证码根据第一认证 密钥上下文中的第一认证密钥、 第一认证密钥标识以及第一消息认证码密 钥计数值、 第一消息认证码分组号计数值计算生成, 第一认证密钥上下文 中的第一认证密钥根据移动台标识与接入中继站标识按设定规则计算获 得;  Receiving a first management message sent by the mobile station, where the first management message carries the first message authentication code and the first message authentication code key count value included in the first authentication key context saved by the mobile station itself, and the first message authentication a first packet authentication code according to the first authentication key, the first authentication key identifier, the first message authentication code key count value, and the first message authentication code group number in the first authentication key context. Count value calculation is generated, and the first authentication key in the first authentication key context is calculated according to the mobile station identifier and the access relay station identifier according to the setting rule;
根据第二认证密钥上下文中包含的第二认证密钥、 第二认证密钥标识 以及第一消息认证码密钥计数值、 第一消息认证码分组号计数值验证第一 消息认证码, 根据验证结果确定移动台与接入中继站间的接入链路是否安 全, 第二认证密钥与第一认证密钥为对等密钥。  And verifying the first message authentication code according to the second authentication key, the second authentication key identifier, and the first message authentication code key count value and the first message authentication code packet number count value included in the second authentication key context, according to The verification result determines whether the access link between the mobile station and the access relay station is secure, and the second authentication key and the first authentication key are peer keys.
本发明实施例还提供了一种无线中继网络中的链路安全认证方法, 包 括: The embodiment of the invention further provides a link security authentication method in a wireless relay network, and a package Includes:
接收接入中继站发送的第二管理消息, 第二管理消息中携带第三消息 认证码以及第三消息认证码密钥计数值、 第三消息认证码分组号计数值, 第三消息认证码根据第三消息认证码密钥计数值、 第三消息认证码分组号 计数值以及第三认证密钥上下文中的第三认证密钥、 第三认证密钥标识计 算生成, 第三认证密钥根据接入中继站标识与多跳中继基站标识按设定规 则计算获得, 所述第三认证密钥上下文为所述接入中继站保存的接入中继 站相关的认证密钥上下文;  Receiving a second management message sent by the access relay station, where the second management message carries a third message authentication code, a third message authentication code key count value, a third message authentication code packet number count value, and a third message authentication code according to the third The third message authentication code key count value, the third message authentication code group number count value, and the third authentication key in the third authentication key context are calculated and generated, and the third authentication key is generated according to the access. The relay station identifier and the multi-hop relay base station identifier are obtained according to a setting rule, where the third authentication key context is an authentication key context related to the access relay station saved by the access relay station;
根据第四认证密钥上下文中包含的第四认证密钥、 第四认证密钥标识 以及第三消息认证码密钥计数值、 第三消息认证码分组号计数值验证第三 消息认证码, 根据验证结果确定接入中继站与多跳中继基站间的中继链路 是否安全, 第四认证密钥与第三认证密钥为对等密钥。  And verifying the third message authentication code according to the fourth authentication key, the fourth authentication key identifier, and the third message authentication code key count value and the third message authentication code packet number count value included in the fourth authentication key context, according to The verification result determines whether the relay link between the access relay station and the multi-hop relay base station is secure, and the fourth authentication key and the third authentication key are peer keys.
本发明实施例还提供了一种链路安全认证装置, 包括:  The embodiment of the invention further provides a link security authentication device, including:
第一接收模块, 用于接收移动台发送的第一管理消息, 第一管理消息 中携带第一消息认证码以及移动台自身保存的第一认证密钥上下文中包含 的第一消息认证码密钥计数值、 第一消息认证码分组号计数值, 第一消息 认证码根据第一认证密钥上下文中的第一认证密钥、 第一认证密钥标识以 及第一消息认证码密钥计数值、 第一消息认证码分组号计数值计算计算生 成, 第一认证密钥根据移动台标识与接入中继站标识按设定规则计算获得; 第一处理模块, 用于根据第二认证密钥上下文中包含的第二认证密钥、 第二认证密钥标识以及第一消息认证码密钥计数值、 第一消息认证码分组 号计数值验证第一消息认证码, 根据验证结果确定移动台与接入中继站间 的接入链路是否安全, 第二认证密钥与第一认证密钥为对等密钥。  a first receiving module, configured to receive a first management message sent by the mobile station, where the first management message carries the first message authentication code and the first message authentication code key included in the context of the first authentication key saved by the mobile station itself a count value, a first message authentication code packet number count value, the first message authentication code is based on the first authentication key, the first authentication key identifier, and the first message authentication code key count value in the first authentication key context, The first message authentication code group number count value calculation calculation is generated, and the first authentication key is calculated according to the mobile station identifier and the access relay station identifier according to the setting rule; the first processing module is configured to include according to the second authentication key context The second authentication key, the second authentication key identifier, and the first message authentication code key count value, the first message authentication code packet number count value verify the first message authentication code, and determine the mobile station and the access relay station according to the verification result. Whether the access link is secure, and the second authentication key and the first authentication key are peer keys.
本发明实施例还提供了一种多跳中继基站, 包括:  The embodiment of the invention further provides a multi-hop relay base station, including:
第二接收模块, 用于接收接入中继站发送的第二管理消息, 第二管理 消息中携带第三消息认证码以及第三消息认证码密钥计数值、 第三消息认 证码分组号计数值, 第三消息认证码根据第三消息认证码密钥计数值、 第 三消息认证码分组号计数值以及第三认证密钥上下文中的第三认证密钥、 第三认证密钥标识计算生成, 第三认证密钥根据接入中继站标识与多跳中 继基站标识按设定规则计算获得; a second receiving module, configured to receive a second management message sent by the access relay station, where the second management message carries a third message authentication code and a third message authentication code key count value, and the third message acknowledges a code group number count value, the third message authentication code is based on the third message authentication code key count value, the third message authentication code packet number count value, and the third authentication key and the third authentication in the third authentication key context Key identification calculation is generated, and the third authentication key is calculated according to the access relay identifier and the multi-hop relay base station identifier according to a set rule;
第二处理模块, 用于根据第四认证密钥上下文中包含的第四认证密钥、 第四认证密钥标识以及第三消息认证码密钥计数值、 第三消息认证码分组 号计数值验证第三消息认证码, 根据验证结果确定接入中继站与多跳中继 基站间的中继链路是否安全, 第四认证密钥与第三认证密钥为对等密钥。  a second processing module, configured to verify, according to the fourth authentication key, the fourth authentication key identifier, and the third message authentication code key count value and the third message authentication code group number count value included in the fourth authentication key context The third message authentication code determines whether the relay link between the access relay station and the multi-hop relay base station is secure according to the verification result, and the fourth authentication key and the third authentication key are peer keys.
本发明实施例还提供了一种无线中继网络系统, 包括:  The embodiment of the invention further provides a wireless relay network system, including:
接入中继站, 用于接收移动台发送的第一管理消息, 根据第二认证密 钥上下文中包含的第二认证密钥、 第二认证密钥标识以及第一消息认证码 密钥计数值、 第一消息认证码分组号计数值验证第一消息认证码, 根据验 证结果确定移动台与接入中继站间的接入链路是否安全, 并将第一管理消 息转换为第二管理消息并发送, 其中, 第一管理消息中携带第一消息认证 码以及移动台自身保存的第一认证密钥上下文中包含的第一消息认证码密 钥计数值、 第一消息认证码分组号计数值, 第一消息认证码根据第一认证 密钥上下文中的第一认证密钥、 第一认证密钥标识以及第一消息认证码密 钥计数值、 第一消息认证码分组号计数值计算生成, 第一认证密钥根据移 动台标识与接入中继站标识按设定规则计算获得, 第二认证密钥与第一认 证密钥为对等密钥;  An access relay station, configured to receive a first management message sent by the mobile station, according to the second authentication key, the second authentication key identifier, and the first message authentication code key count value included in the second authentication key context, a message authentication code packet number count value verifies the first message authentication code, determines, according to the verification result, whether the access link between the mobile station and the access relay station is secure, and converts the first management message into a second management message and sends, The first management message carries the first message authentication code and the first message authentication code key count value included in the first authentication key context saved by the mobile station itself, the first message authentication code packet number count value, and the first message. The authentication code is generated according to the first authentication key, the first authentication key identifier, the first message authentication code key count value, and the first message authentication code group number count value in the first authentication key context, and the first authentication key is generated. The key is obtained according to the setting rule according to the mobile station identifier and the access relay station identifier, and the second authentication key and the first authentication key are equal. ;
多跳中继基站, 用于接收接入中继站发送的第二管理消息, 并根据第 四认证密钥上下文中包含的第四认证密钥、 第四认证密钥标识以及第三消 息认证码密钥计数值、第三消息认证码分组号计数值验证第三消息认证码, 根据验证结果确定接入中继站与多跳中继基站间的中继链路是否安全, 其 中, 第二管理消息中携带第三消息认证码以及第三消息认证码密钥计数值、 第三消息认证码分组号计数值, 第三消息认证码根据第三消息认证码密钥 计数值、 第三消息认证码分组号计数值以及第三认证密钥上下文中的第三 认证密钥、 第三认证密钥标识计算生成, 第三认证密钥根据接入中继站标 识与多跳中继基站标识按设定规则计算获得, 第四认证密钥与第三认证密 钥为对等密钥。 a multi-hop relay base station, configured to receive a second management message sent by the access relay station, and according to the fourth authentication key, the fourth authentication key identifier, and the third message authentication code key included in the fourth authentication key context And the third message authentication code is verified by the count value and the third message authentication code packet number, and the relay link between the access relay station and the multi-hop relay base station is determined according to the verification result, wherein the second management message carries the first The third message authentication code and the third message authentication code key count value, the third message authentication code group number count value, and the third message authentication code according to the third message authentication code key The count value, the third message authentication code packet number count value, and the third authentication key and the third authentication key identifier in the third authentication key context are calculated and generated, and the third authentication key is according to the access relay station identifier and the multi-hop. After the base station identifier is calculated according to the setting rule, the fourth authentication key and the third authentication key are peer keys.
本发明实施例的有益效果在于:  The beneficial effects of the embodiments of the present invention are as follows:
本发明实施例为无线中继网络中检测接入链路和中继链路安全性提供 了具体的技术方案, 能够有效防止无线中继网络中的重放攻击。 附图说明 为了更清楚地说明本发明实施例或现有技术中的技术方案, 下面将对 实施例或现有技术描述中所需要使用的附图作简单地介绍, 显而易见地, 下面描述中的附图仅仅是本发明的一些实施例, 对于本领域普通技术人员 来讲, 在不付出创造性劳动性的前提下, 还可以根据这些附图获得其他的 附图。  The embodiment of the invention provides a specific technical solution for detecting the security of the access link and the relay link in the wireless relay network, and can effectively prevent the replay attack in the wireless relay network. BRIEF DESCRIPTION OF THE DRAWINGS In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings to be used in the embodiments or the description of the prior art will be briefly described below, and obviously, in the following description The drawings are only some of the embodiments of the present invention, and other drawings may be obtained from those skilled in the art without departing from the drawings.
图 1为本发明实施例中检测无线中继网络中接入链路安全性的流程图; 图 2为本发明实施例中检测无线中继网络中中继链路安全性的流程图; 图 3为 IEEE 802.16j定义的网络构架示意图;  1 is a flowchart of detecting security of an access link in a wireless relay network according to an embodiment of the present invention; FIG. 2 is a flowchart of detecting security of a relay link in a wireless relay network according to an embodiment of the present invention; A schematic diagram of a network architecture defined for IEEE 802.16j;
图 4为本发明实施例中无线中继网络中的链路安全认证方法的流程示 意图;  4 is a schematic flowchart of a link security authentication method in a wireless relay network according to an embodiment of the present invention;
图 5为本发明实施例中无线中继网络中的链路安全认证方法的流程示 意图;  FIG. 5 is a schematic flowchart of a link security authentication method in a wireless relay network according to an embodiment of the present invention; FIG.
图 6为本发明实施例中无线中继网络中的链路安全认证方法的流程示 意图;  6 is a schematic flowchart of a link security authentication method in a wireless relay network according to an embodiment of the present invention;
图 7为本发明实施例中无线中继网络中的链路安全认证方法的流程示 意图;  7 is a schematic flowchart of a link security authentication method in a wireless relay network according to an embodiment of the present invention;
图 8为本发明实施例中的链路安全认证装置框图; 图 9为本发明实施例中的多跳中继基站框图; 8 is a block diagram of a link security authentication apparatus according to an embodiment of the present invention; FIG. 9 is a block diagram of a multi-hop relay base station according to an embodiment of the present invention;
图 10为本发明实施例中的无线中继网络系统框图。 具体实施方式 在本发明实施例中,检测无线中继网络中接入链路安全性的方法如图 1 所示, 包括以下步骤:  FIG. 10 is a block diagram of a wireless relay network system according to an embodiment of the present invention. DETAILED DESCRIPTION OF THE INVENTION In the embodiment of the present invention, a method for detecting security of an access link in a wireless relay network is as shown in FIG. 1 , and includes the following steps:
步骤 101,多跳中继基站或者接入中继站接收移动台发送的第一管理消 息;  Step 101: The multi-hop relay base station or the access relay station receives the first management message sent by the mobile station.
第一管理消息中携带第一消息认证码以及移动台自身保存的第一认证 密钥上下文中包含的第一消息认证码密钥计数值、 第一消息认证码分组号 计数值。  The first management message carries the first message authentication code and the first message authentication code key count value and the first message authentication code group number count value included in the first authentication key context saved by the mobile station itself.
认证密钥上下文包括认证密钥、 认证密钥标识、 消息认证码密钥、 消 息认证码密钥计数值、 消息认证码分组号计数值, 认证密钥和消息认证码 密钥计数值共同用于计算消息认证码密钥, 消息认证码密钥和认证密钥标 识、消息认证码分组号计数值共同用于计算或验证管理消息的消息认证码。  The authentication key context includes an authentication key, an authentication key identifier, a message authentication code key, a message authentication code key count value, a message authentication code packet number count value, and an authentication key and a message authentication code key count value are used together. The message authentication code key, the message authentication code key and the authentication key identifier, and the message authentication code group number count value are jointly used to calculate or verify the message authentication code of the management message.
第一消息认证码根据第一认证密钥上下文中的第一认证密钥、 第一认 证密钥标识以及所述第一消息认证码密钥计数值、 第一消息认证码分组号 计数值计算生成。  The first message authentication code is generated according to the first authentication key, the first authentication key identifier, the first message authentication code key count value, and the first message authentication code group number count value in the first authentication key context. .
第一认证密钥上下文中的第一认证密钥根据移动台标识与接入中继站 标识按设定规则计算获得。  The first authentication key in the first authentication key context is calculated according to the mobile station identity and the access relay station identity according to a set rule.
步骤 102, 根据第二认证密钥上下文中包含的第二认证密钥、第二认证 密钥标识以及第一消息认证码密钥计数值、 第一消息认证码分组号计数值 验证第一消息认证码, 根据验证结果确定移动台与接入中继站间的接入链 路是否安全。  Step 102: Verify the first message authentication according to the second authentication key, the second authentication key identifier, and the first message authentication code key count value and the first message authentication code group number count value included in the second authentication key context. The code determines whether the access link between the mobile station and the access relay station is secure according to the verification result.
第二认证密钥与第一认证密钥为对等密钥。上述方案的执行主体可以为 A-RS (Acces s Relay Sta t ion,接入中继站)或 MS— BS (Mul t i— hop Relay Base Stat ion, 多跳中继基站) 。 该第二认证密钥上下文可以保存在 A-RS或者 MS-BS本地, 也可以从 MS所属鉴权器处获取。 The second authentication key and the first authentication key are peer keys. The executor of the above solution may be an A-RS (Acces s Relay Station) or an MS-BS (Mul ti- hop Relay Base) Stat ion, multi-hop relay base station). The second authentication key context may be stored locally at the A-RS or the MS-BS, or may be obtained from an authenticator to which the MS belongs.
在本发明实施例中,检测无线中继网络中中继链路安全性的方法如图 2 所示, 包括以下步骤:  In the embodiment of the present invention, a method for detecting security of a relay link in a wireless relay network is as shown in FIG. 2, and includes the following steps:
步骤 201, 接收接入中继站发送的第二管理消息;  Step 201: Receive a second management message sent by the access relay station.
第二管理消息中携带第三消息认证码以及第三消息认证码密钥计数 值、 第三消息认证码分组号计数值, 第三消息认证码根据第三消息认证码 密钥计数值、 第三消息认证码分组号计数值以及第三认证密钥上下文中的 第三认证密钥、 第三认证密钥标识生成, 第三认证密钥根据接入中继站标 识与多跳中继基站标识按设定规则计算获得;  The second management message carries a third message authentication code and a third message authentication code key count value, a third message authentication code packet number count value, and the third message authentication code is based on the third message authentication code key count value, and the third The message authentication code packet number count value and the third authentication key and the third authentication key identifier in the third authentication key context are generated, and the third authentication key is set according to the access relay station identifier and the multi-hop relay base station identifier. Rule calculation is obtained;
步骤 202,根据第四认证密钥上下文中包含的第四认证密钥、第四认证 密钥标识以及第三消息认证码密钥计数值、 第三消息认证码分组号计数值 验证第三消息认证码, 根据验证结果确定接入中继站与多跳中继基站间的 中继链路是否安全。  Step 202: Verify third message authentication according to the fourth authentication key, the fourth authentication key identifier, and the third message authentication code key count value and the third message authentication code group number count value included in the fourth authentication key context. The code determines whether the relay link between the access relay station and the multi-hop relay base station is secure according to the verification result.
第四认证密钥与第三认证密钥为对等密钥, 上述方案的执行主体可以 为 MS-BS, 第四认证密钥上下文可以保存在 MS-BS本地。  The fourth authentication key and the third authentication key are peer keys. The executor of the foregoing solution may be an MS-BS, and the fourth authentication key context may be stored locally in the MS-BS.
下面将结合本发明实施例中的附图, 对本发明实施例中的技术方案进 行详细描述。  The technical solutions in the embodiments of the present invention will be described in detail below with reference to the accompanying drawings in the embodiments of the present invention.
IEEE 802.16j是 IEEE组织制定的在 16e基础上实现中继能力的空口协 议。 其定义的网络构架如图 3所示, 其中包括:  IEEE 802.16j is an air interface protocol developed by the IEEE organization to implement relay capability based on 16e. The network architecture defined by it is shown in Figure 3, which includes:
MR-BS: 一种为中继站和用户终端提供连接, 管理和控制的设备; RS (Relay Station, 中继站): 一种依赖于 MR-BS, 为其他 RS或是移 动台提供连接的设备。 有的 RS也可以为下属 RS或用户终端提供管理和控 制。 RS和 MS间的空口与 MR-BS和 MS间的空口是相同的。 RS就是中转 基站与终端之间数据的站点, 使得无线信号可以经过多次传输(多跳) 到 达目的地。 MS (Mobile Station, 移动台): 用户使用该设备接入 WiMAX网络。 在本实施例提供的无线中继网络中的链路安全认证方法中, 先验证接 入链路安全, 再验证中继链路安全, 其中, 接入链路的安全验证基于 MS 相关 AK (Authentication Key, 认证密钥)上下文, 中继链路的安全验证基 于 A-RS相关 AK上下文;本实施例的替代方案中,接入链路的安全验证基 于 MS相关 AK上下文, 中继链路的安全验证也基于 MS相关 AK上下文。 在以下所有实施例中, MS相关 AK上下文中的 AK密钥为 MS或 MS所属 鉴权器根据 MS标识和 A-RS标识按一定规则计算生成, A-RS相关 AK上 下文中的 AK密钥为 A-RS或 A-RS所属鉴权器根据 A-RS标识和 MR-BS 标识按一定规则计算生成。在本实施例中, MS维护一个 MS相关 AK上下 文, 该上下文中包含 CMAC— KEY— COUNT值 XM, A-RS维护一个 MS相 关 AK上下文, 该上下文中包含 CMAC— KEY— COUNT值 YM, 鉴权器维护 一个 MS相关 AK上下文, 该上下文中包含 CMAC— KEY— COUNT值 ZM, A-RS 还维护一个 A-RS 相关 AK 上下文, 该上下文中包含 CMAC— KEY— COUNT值 XR, MR-BS维护一个 A-RS相关 AK上下文, 上 下文中包含 CMAC— KEY— COUNT值 YRMR-BS: A device that provides connection, management, and control for relay stations and user terminals; RS (Relay Station): A device that relies on MR-BS to provide connectivity to other RSs or mobile stations. Some RSs can also provide management and control for subordinate RSs or user terminals. The air interface between the RS and the MS is the same as the air interface between the MR-BS and the MS. The RS is a station that relays data between the base station and the terminal, so that the wireless signal can reach the destination through multiple transmissions (multi-hop). MS (Mobile Station): The user uses this device to access the WiMAX network. In the link security authentication method in the wireless relay network provided by this embodiment, the security of the access link is verified first, and then the security of the relay link is verified. The security verification of the access link is based on the MS related AK (Authentication). Key, authentication key) context, security verification of the relay link is based on the A-RS related AK context; in an alternative to this embodiment, the security verification of the access link is based on the MS-related AK context, the security of the relay link The verification is also based on the MS related AK context. In all of the following embodiments, the AK key in the MS-related AK context is generated by the MS or the MS-affiliated authenticator according to the MS identifier and the A-RS identifier, and the AK key in the A-RS related AK context is The A-RS or A-RS belonging authenticator is calculated and generated according to a certain rule according to the A-RS identifier and the MR-BS identifier. In this embodiment, MS-related AK MS maintains a context that contains CMAC- KEY- COUNT value X M, A-RS MS maintains a correlation AK context, which context includes CMAC- KEY- COUNT value Y M, The authenticator maintains an MS-related AK context, which contains the CMAC_KEY_COUNT value Z M , and the A-RS also maintains an A-RS related AK context, which includes CMAC_KEY_COUNT value X R , MR -BS a-RS maintains a correlation AK context, context includes CMAC- KEY- COUNT value Y R.
如图 4所示, 本实施例提供的无线中继网络中的链路安全认证方法包 括以下步骤:  As shown in FIG. 4, the link security authentication method in the wireless relay network provided by this embodiment includes the following steps:
步骤 301, MS生成第一管理消息, 即 RNG-REQ消息;  Step 301: The MS generates a first management message, that is, an RNG-REQ message.
MS在向 A-RS发送第一管理消息前,将自身维护的认证密钥上下文 (本 实施例称为第一认证密钥上下文) 中包含的第一消息认证码密钥计数值, 即 CMAC— KEY— COUNT值 XM自力 B 1, 并将 MS本地保存的 MS相关 AK 上下文 (即第一 AK上下文) 中的第一消息认证码分组号计数值置零, 利 用 MS本地保存的 MS相关 AK上下文为 RNG-REQ消息生成第一消息认证 码; 具体过程是 MS利用 AK上下文中的 AK密钥、 MS标识(具体可为 MS媒体访问控制层地址)、 RS标识以及 XM通过特定的方式计算得到消息 认证码密钥,再利用该消息认证码密钥和 AK上下文中的 AK标识、第一消 息认证码分组号计数值为 RNG-REQ 消息计算生成第一消息认证码, 具体 计算方法可参考 802.16e协议, 不同的是 802.16e计算方法中的 BS标识需 要更改为 RS标识。 The first message authentication code key count value included in the authentication key context (referred to as the first authentication key context in this embodiment) maintained by the MS before sending the first management message to the A-RS, that is, CMAC— KEY_ COUNT value X M is self-powered B 1, and sets the first message authentication code packet number count value in the MS-related AK context (ie, the first AK context) saved locally by the MS to zero, using the MS-related AK context locally saved by the MS. Generating a first message authentication code for the RNG-REQ message; the specific process is that the MS uses the AK key in the AK context, the MS identifier (specifically, the MS media access control layer address), the RS identifier, and the X M to be calculated in a specific manner. Message The authentication code key is used to calculate and generate the first message authentication code by using the message authentication code key and the AK identifier in the AK context and the first message authentication code packet number count value as the RNG-REQ message. For the specific calculation method, refer to 802.16e. Protocol, the difference is that the BS identifier in the 802.16e calculation method needs to be changed to the RS identifier.
需要说明的是, 本文中提到的各种 AK上下文中都包括 AK密钥、 AK 标识、 消息认证码密钥、 消息认证码密钥计数值 CMAC— KEY— COUNT, 以 及消息认证码分组号计数值。其中, MS本地保存的所述第一 AK上下文中 的 AK密钥(本实施例中也称为第一认证密钥)是 MS根据 MS ID (具体可 以是 MS的媒体访问控制层地址) 和 RS ID按照设定规则计算得到的。  It should be noted that the various AK contexts mentioned herein include the AK key, the AK identifier, the message authentication code key, the message authentication code key count value CMAC_KEY_COUNT, and the message authentication code group number count. value. The AK key (also referred to as the first authentication key in this embodiment) in the first AK context saved by the MS is the MS according to the MS ID (specifically, the media access control layer address of the MS) and the RS. The ID is calculated according to the set rules.
MS在 A-RS进行网络重进入或者进行安全位置更新或者切换到目标接 入中继站的情况下发起本步骤。  The MS initiates this step if the A-RS performs network re-entry or performs a secure location update or handover to a target access relay station.
步骤 302, MS向 A-RS发送 RNG-REQ消息,该消息中携带该当前 XM、 第一消息认证码分组号计数值以及第一消息认证码; Step 302: The MS sends an RNG-REQ message to the A-RS, where the message carries the current X M , the first message authentication code packet number count value, and the first message authentication code.
步骤 303, A-RS判断本地是否保存有该 MS相关 AK上下文 (即第二 AK上下文), 若是, 进行步骤 310; 否则进行步骤 304;  Step 303, the A-RS determines whether the MS related AK context (ie, the second AK context) is saved locally, and if so, proceeds to step 310; otherwise, proceeds to step 304;
所述第二 AK上下文是包含有第二认证密钥的 AK上下文,所述第二认 证密钥与所述第一认证密钥为对等密钥。  The second AK context is an AK context including a second authentication key, and the second authentication key and the first authentication key are peer keys.
步骤 304, A-RS向 MR-BS发送 MS— Context-REQ (移动台上下文请求) 消息, 该消息中携带该 MS ID (MS标识);  Step 304: The A-RS sends an MS_Context-REQ (Mobile Station Context Request) message to the MR-BS, where the message carries the MS ID (MS identifier);
该 MS ID可以由 MS携带在 RNG-REQ消息中发送给 A-RS,也可以由 The MS ID may be carried by the MS in the RNG-REQ message and sent to the A-RS, or may be
A-RS通过其他现有技术手段获知。 A-RS is known by other prior art means.
在本发明实施例中, A-RS与 MR-BS以及 MR-BS与鉴权器之间的消息 都可以是直接或间接地发送到的, 所谓间接地发送到即 A-RS经过其他 RS 将消息发送到 MR-BS, MR-BS可以经过其他网元(如网关)将消息发送到 鉴权器。  In the embodiment of the present invention, the message between the A-RS and the MR-BS and the MR-BS and the authenticator may be directly or indirectly sent, so that the indirect transmission to the A-RS passes through other RSs. The message is sent to the MR-BS, and the MR-BS can send the message to the authenticator via other network elements (such as a gateway).
步骤 305, MR-BS向鉴权器 (Authenticator) 发送 Context— Req (上下 文请求) 消息, 该消息中携带 MS ID和 A-RS ID; Step 305, the MR-BS sends a Context_Req to the Authenticator (up and down) Message request) message, the message carries the MS ID and the A-RS ID;
本文中提到的鉴权器均为 MS所属的鉴权器。  The authenticators mentioned in this document are all authenticators to which the MS belongs.
步骤 306, 鉴权器根据 MS ID和 RS ID按照与 MS相同的设定规则计 算 MS相关 AK密钥, 生成 MS相关 AK上下文 (即第二 AK上下文); 步骤 307, 鉴权器向 MR-BS发送 Context— Rpt (上下文报告)消息, 该 消息中携带第二 AK上下文,第二 AK上下文中包含鉴权器本地保存的 MS 相关 CMAC— KEY— COUNT值 ZM; Step 306: The authenticator calculates an MS-related AK key according to the same setting rule as the MS according to the MS ID and the RS ID, and generates an MS-related AK context (ie, a second AK context). Step 307, the authenticator to the MR-BS Sending a Context_Rpt (Context Report) message, the message carries a second AK Context, and the second AK Context includes an MS-related CMAC-KEY-COUNT value ZM locally saved by the authenticator ;
步骤 308, MR-BS向 A-RS返回 MS— Context-RSP (移动台上下文响应) 消息,该消息中携带鉴权器提供的第二 AK上下文,第二 AK上下文中包含 鉴权器本地保存的 MS相关 CMAC— KEY— COUNT值 ZM; Step 308: The MR-BS returns an MS_Context-RSP (Mobile Station Context Response) message to the A-RS, where the message carries the second AK context provided by the authenticator, and the second AK context includes the locally saved by the authenticator. MS related CMAC - KEY - COUNT value Z M ;
步骤 309, A-RS 令 YM等于 ZM, YM为 A-RS 维护的 MS 相关 CMAC— KEY— COUNT值; Step 309, A-RS makes Y M equal to Z M , and Y M is the MS-related CMAC-KEY_COUNT value maintained by the A-RS;
步骤 310, 判断 XM是否大于或等于 YM, 若是, 进行步骤 311, 否则, 进行步骤 325; Step 310, it is determined whether X M is greater than or equal to Y M , and if so, proceed to step 311, otherwise, proceed to step 325;
本步骤即判断第一消息认证码密钥计数值是否不小于第二认证密钥上 下文中包含的第二消息认证码密钥计数值。  In this step, it is determined whether the first message authentication code key count value is not less than the second message authentication code key count value included in the second authentication key context.
本步骤是一个验证接入链路是否安全的辅助手段,若判断出了 XM小于 YM, 则理解为出现了接入链路重放攻击。 不需要进行 RNG-REQ消息的消 息认证码验证了, 可见, 采用本步骤, 可能利用简单的判断手段就获知接 入链路是否安全。 This step is an auxiliary means for verifying whether the access link is secure. If it is determined that X M is less than Y M , it is understood that an access link replay attack occurs. It is not necessary to perform the message authentication code verification of the RNG-REQ message. It can be seen that with this step, it is possible to know whether the access link is secure by using a simple judgment means.
步骤 311, A-RS利用 RNG-REQ消息中包含的 XM、消息认证码分组号 计数值和 MS相关 AK上下文 (即第二 AK上下文) 中的 AK密钥、 AK标 识验证 RNG-REQ消息中的消息认证码,具体验证方式可参考 802.16e协议, 不同的是 802.16e计算方法中的 BS标识需要更改为 RS标识。若验证成功, 进行步骤 312, 否则进行步骤 325; Step 311, A-RS using X M RNG-REQ message includes the message authentication code value and the packet count number associated MS AK context (i.e., a second context AK) in key AK, AK verify identification in the RNG-REQ message For the specific authentication mode, refer to the 802.16e protocol. The difference is that the BS identifier in the 802.16e calculation method needs to be changed to the RS identifier. If the verification is successful, proceed to step 312, otherwise proceed to step 325;
验证成功即可确定 MS与 A-RS间的接入链路安全,否则确定接入链路 不安全。 After the verification is successful, the access link between the MS and the A-RS can be determined to be secure, otherwise the access link is determined. Not safe.
步骤 312, A-RS令 YM等于 XM; Step 312, A-RS makes Y M equal to X M ;
步骤 313, A-RS生成第二管理消息, 即新的 RNG-REQ消息; 本步骤中 A-RS生成第二管理消息的方法为: 将自身维护的 A-RS相关 AK上下文 (即第三 AK上下文) 中的第三 CMAC— KEY— COUNT值
Figure imgf000013_0001
第三消息认证码分组号计数值替换步骤 302 RNG-REQ 消息中的第一 CMAC— KEY— COUNT值 XM和第一消息认证码分组号计数值,并利用 A-RS 相关 AK上下文(即第三 AK上下文)中的第三消息认证码密钥和第三消息 认证码分组号计数值为替换后的 RNG-REQ 消息 (不包含原先消息认证码 部分) 重新计算消息认证码, 即第三消息认证码, 将第三消息认证码替换 原先的第一消息认证码, 得到新的 RNG-REQ消息, 即第二管理消息; 步骤 314, A-RS向 MR-BS发送步骤 313得到的第二管理消息(即新的 RNG-REQ消息), 该消息中包括 XR; Step 313, the A-RS generates a second management message, that is, a new RNG-REQ message. The method for generating the second management message by the A-RS in this step is: A-RS related AK context maintained by itself (ie, the third AK) Third CMAC - KEY - COUNT value in context)
Figure imgf000013_0001
The first CMAC- KEY- COUNT value X M and a first message authentication code value of said third count number of packets message authentication code value of the packet count number replacing step 302 RNG-REQ message, and using A-RS Related AK context (i.e. The third message authentication code key and the third message authentication code packet number in the three AK contexts are the replaced RNG-REQ message (excluding the original message authentication code part). The message authentication code is recalculated, that is, the third message. The authentication code replaces the third message authentication code with the original first message authentication code to obtain a new RNG-REQ message, that is, the second management message. Step 314, the A-RS sends the second management obtained in step 313 to the MR-BS. Message (ie new RNG-REQ message), which includes X R;
步骤 315, MR-BS判断收到的 RNG-REQ消息中包含的 XR是否大于或 等于本地保存的 YR, 若是, 进行步骤 316, 否则进行步骤 324; Step 315, the MR-BS determines whether the X R included in the received RNG-REQ message is greater than or equal to the locally saved Y R , and if yes, proceeds to step 316, otherwise proceeds to step 324;
本步骤即判断第三消息认证码密钥计数值是否不小于 MR-BS本地保存 的第四认证密钥上下文中包含的第四消息认证码密钥计数值, 若判断出 XR 小于 YM, 则理解为出现了中继链路重放攻击。 In this step, it is determined whether the third message authentication code key count value is not less than the fourth message authentication code key count value included in the fourth authentication key context saved by the MR-BS, and if it is determined that X R is less than Y M , It is understood that a relay link replay attack has occurred.
步骤 316, MR-BS根据步骤 314收到的 RNG-REQ消息中包含的 XR、 消息认证码分组号计数值以及本地保存的 A-RS相关 AK上下文 (第四 AK 上下文) 中的 AK密钥、 AK标识验证步骤 314收到的 RNG-REQ消息中的 消息认证码; 具体过程是 MR-BS利用 A-RS相关 AK上下文 (第四 AK上 下文) 中的 AK密钥、 A-RS媒体访问控制层地址、 MR-BS标识以及 ]通 过特定的方式计算得到消息认证码密钥, 再利用该消息认证码密钥和 A-RS 相关 AK上下文中的 AK标识、步骤 314收到的 RNG-REQ消息中的消息认 证码分组号计数值验证 RNG-REQ消息的消息认证码, 具体验证方法类似 802.16e协议方法,不同的是 802.16e验证方法中的终端标识需要更改为 RS 标识。 若验证成功, 进行步骤 317, 否则进行步骤 324; Step 316, the MR-BS receives the X R according to the RNG-REQ message received in step 314, the message authentication code packet number count value, and the AK key in the locally saved A-RS related AK context (fourth AK context). The AK identifies the message authentication code in the RNG-REQ message received by the verification step 314; the specific process is that the MR-BS utilizes the AK key in the A-RS related AK context (fourth AK context), and the A-RS media access control layer address, MR-BS and identify] calculated message authentication code key in a specific way, reuse of the identification AK message authentication code key a-RS and the AK context related, RNG-REQ message received in step 314 The message authentication code packet number count value in the verification of the message authentication code of the RNG-REQ message, the specific verification method is similar The 802.16e protocol method differs in that the terminal identifier in the 802.16e authentication method needs to be changed to the RS identifier. If the verification is successful, go to step 317, otherwise go to step 324;
验证成功即可确定 A-RS与 MR-BS间的中继链路安全, 否则确定中继 链路不安全。  The success of the verification can determine the security of the relay link between the A-RS and the MR-BS, otherwise it is determined that the trunk link is not secure.
步骤 317, MR-BS令 YR等于 XR,并向 A-RS发送带成功指示的 RNG-RSP (测距响应) 消息; Step 317, the MR-BS makes Y R equal to X R , and sends an RNG-RSP (Ranging Response) message with a success indication to the A-RS;
步骤 318, A-RS向 MS返回带成功指示的 RNG-RSP消息;  Step 318: The A-RS returns an RNG-RSP message with a success indication to the MS.
步骤 319, A-RS向 MR-BS发送 MS— Context-REQ消息,该消息中携带 MS ID ^n XM{t; Step 319, the A-RS sends an MS_Context-REQ message to the MR-BS, where the message carries the MS ID ^n X M {t;
在具体实现时, 步骤 318和 319没有一定的先后顺序。  In the specific implementation, steps 318 and 319 do not have a certain order.
步骤 320, MR-BS向鉴权器发送 Context— Rpt消息, 该消息中携带 XM; 该消息还可以是 CMAC— Key— Count— Update (消息认证码密钥计数更 新 ) 消 息 , 与 其 对 应 的 步 骤 322 中 的 响 应 消 息 为 CMAC— Key— Count— Update— Ack (消息认证码密钥计数更新确认) 消息。 Step 320: The MR-BS sends a Context_RPt message to the authenticator, where the message carries XM ; the message may also be a CMAC_Key_Count_Update message authentication step, and the corresponding step The response message in 322 is CMAC_Key_Count_Update_ Ack (Message Authentication Code Key Count Update Confirmation) message.
步骤 321, 鉴权器接收到 Context— Rpt消息后, 更新鉴权器本地保存的 MS相关 AK上下文中的 CMAC— Key— Count值, 具体是取 ZM和 XM中的大 者加 1, 并赋值给 ZM, 即 ZM=max(XM, ZM)++; Step 321: After receiving the Context_RPt message, the authenticator updates the CMAC_Key_Count value in the MS-related AK context saved locally by the authenticator, specifically, the greater of Z M and X M is added, and Assigned to Z M , ie Z M =max(X M , Z M )++ ;
若在具体操作中, 只须检测接入链路的安全性, 则应当在确认接入链 路安全后将 XM通知鉴权器, 鉴权器更新鉴权器本地保存的 MS 相关的 CMAC— Key— Count值。 If in the specific operation, only the security of the access link needs to be detected, the X M should be notified to the authenticator after confirming the security of the access link, and the authenticator updates the MS-related CMAC locally saved by the authenticator— Key—Count value.
步骤 322, 鉴权器向 MR-BS发送 Context— Ack (上下文确认) 消息; 步骤 323, MR-BS 接收到 Context— Ack 消息后, 向 A-RS 发送 MS— Context-RSP消息响应上述 MS— Context-REQ消息, 结束;  Step 322: The authenticator sends a Context_Ack (Context Acknowledgement) message to the MR-BS. Step 323: After receiving the Context_Ack message, the MR-BS sends an MS_Context-RSP message to the A-RS to respond to the MS-Context. -REQ message, end;
步骤 324, MR-BS向 A-RS发送携带拒绝信息的 RNG-RSP;  Step 324: The MR-BS sends an RNG-RSP carrying the rejection information to the A-RS.
本步骤的具体处理方法可以为: 将 RNG-RSP消息中的 Ranging Status (测距状态)设置为 Abort (中止), 或者设置 Location Update Response (位 置更新响应) 为 failure (失败)。 The specific processing method of this step may be: setting the Ranging Status in the RNG-RSP message to Abort, or setting the Location Update Response (bit) Set update response) to failure.
步骤 325, A-RS向 MS发送携带拒绝信息的 RNG-RSP。  Step 325: The A-RS sends an RNG-RSP carrying the rejection information to the MS.
本步骤的具体处理方法可以为: 将 RNG-RSP消息中的 Ranging Status 设置为 Abort, 或者设置 Location Update Response为 failure (失败 )。  The specific processing method of this step may be: setting the Ranging Status in the RNG-RSP message to Abort, or setting the Location Update Response to failure.
在具体的实现中, 可以对上述流程进行一些调整, 例如: 在步骤 314 中, RNG-REQ消息中可以同时携带 MS的 CMAC— Key— Count值 XM和 RS 的 CMAC— Key— Count值 XR, 则 MR-BS可以在此时便获知 XM, 并在步骤 315中判断结果为是的情况下进行步骤 320至 322, 将 XM通知鉴权器。 这 样, 步骤 319和 323则可以省略。 In a specific implementation, some adjustments may be made to the foregoing process, for example: In step 314, the RNG-REQ message may carry the CMAC_Key_Count value X M of the MS and the CMAC_Key_Count value X R of the RS. Then, the MR-BS can know X M at this time, and if the result of the determination in step 315 is YES, steps 320 to 322 are performed, and X M is notified to the authenticator. Thus, steps 319 and 323 can be omitted.
本实施例还有一种替代方案, 即在图 4所述方案的基础上, MR-BS还 需要维护 MS相关 AK上下文 (第二 AK上下文), 该第二 AK上下文中包 含 MS相关 CMAC— Key— Count值 YM,此时: 步骤 305~307、 313、 319、 323 可省略。 保留步骤 320~322 的原因是, 可能有其他能够与鉴权器通信的 MR-BS需要从鉴权器获得该 MS的相关 AK上下文。 若能够与鉴权器通信 的所有 MR-BS都保存 MS相关 AK上下文, 则步骤 320-322可以省略。 There is another alternative in this embodiment, that is, based on the scheme described in FIG. 4, the MR-BS also needs to maintain an MS-related AK context (second AK context), and the second AK context includes an MS-related CMAC-Key- Count value Y M , at this time: Steps 305~307, 313, 319, 323 can be omitted. The reason for retaining steps 320-322 is that there may be other MR-BSs that can communicate with the authenticator that need to obtain the relevant AK context of the MS from the authenticator. If all MR-BSs that can communicate with the authenticator save the MS-related AK context, steps 320-322 may be omitted.
在具体实现时, 可以只检测中继链路是否安全或者只检测接入链路是 否安全。 在本实施例中, 若只检测接入链路是否安全, 则可以省略步骤 313-317, 在步骤 312结束后直接进行步骤 318; 若只检测中继链路是否安 全, 则可以省略步骤 303~312、 319-323 下面几个实施例的情况与本实施 例类似, 本领域技术人员可以根据各步骤是与接入链路的安全检测相关还 是与中继链路的安全检测相关来确定只检测接入链路是否安全时的情况或 者只检测中继链路是否安全时的情况, 在后续各实施例中不再赘述。  In specific implementation, it is possible to detect only whether the relay link is secure or only to detect whether the access link is secure. In this embodiment, if only the access link is detected to be safe, step 313-317 may be omitted. After step 312 is ended, step 318 is directly performed. If only the relay link is detected to be safe, step 303 may be omitted. 312, 319-323 The situation of the following embodiments is similar to that of the embodiment, and those skilled in the art can determine whether to detect only according to whether the steps are related to the security detection of the access link or the security detection of the relay link. The case when the access link is secure or the case where only the relay link is safe is not described in the following embodiments.
另一个实施例, 在本实施例提供的无线中继网络中的链路安全认证方 法中, 先验证接入链路安全, 再验证中继链路安全, 接入链路的安全验证 基于 MS相关 AK上下文, 中继链路的安全验证基于 A-RS相关 AK上下文 和接入链路 RNG-REQ所使用的 CMAC— KEY— COUNT值。 在本实施例中, MS维护一个 MS相关 AK上下文, 该上下文中包含 CMAC— KEY— COUNT 值 XM, A-RS 维护一个 MS 相关 AK 上下文, 该上下文中包含 CMAC— KEY— COUNT值 YM, 鉴权器维护一个 MS相关 AK上下文, 该上 下文中包含 CMAC— KEY— COUNT值 ZM, A-RS还维护一个 A-RS相关 AK 上下文, MR-BS维护一个 A-RS相关 AK上下文, 同时维护一个 MS相关 的 CMAC— KEY— COUNT值 YMR。 与前一个实施例相比, 本实施例中不需 要维护 A-RS相关 CMAC— KEY— COUNT值。 In another embodiment, in the link security authentication method in the wireless relay network provided by the embodiment, the access link is first verified to be secure, and the relay link is verified. The security verification of the access link is based on the MS correlation. The AK context, the security verification of the relay link is based on the A-RS related AK context and the CMAC_KEY_COUNT value used by the access link RNG-REQ. In this embodiment, MS maintains a relevant MS AK context, which context includes CMAC- KEY- COUNT value X M, A-RS MS maintains a correlation AK context, which context includes CMAC- KEY- COUNT value Y M, authenticator maintains a MS Related AK context, which context includes CMAC- KEY- COUNT value Z M, a-RS still maintains a relevant a-RS AK context, MR-BS maintains a relevant a-RS AK context, while maintaining a MS associated CMAC- KEY—COUNT value YMR. Compared with the previous embodiment, it is not necessary to maintain the A-RS related CMAC_KEY_COUNT value in this embodiment.
在本实施例提供的无线中继网络中的链路安全认证方法如图 5所示, 包括以下步骤:  The link security authentication method in the wireless relay network provided in this embodiment is as shown in FIG. 5, and includes the following steps:
步骤 401, MS生成第一管理消息, 即 RNG-REQ消息;  Step 401: The MS generates a first management message, that is, an RNG-REQ message.
第一管理消息中携带第一消息认证码以及移动台自身保存的第一认证 密钥上下文中包含的第一消息认证码密钥计数值 XM、第一消息认证码分组 号计数值。 The first management message carries the first message authentication code and the first message authentication code key count value X M and the first message authentication code group number count value included in the first authentication key context saved by the mobile station itself.
步骤 402, MS向 A-RS发送该 RNG-REQ消息, 该消息中携带该当前 XM、 第一消息认证码分组号计数值以及第一消息认证码; Step 402: The MS sends the RNG-REQ message to the A-RS, where the message carries the current X M , the first message authentication code packet number count value, and the first message authentication code.
步骤 403, A-RS判断本地是否保存有该 MS相关 AK上下文 (即第二 AK上下文), 若是, 进行步骤 410; 否则进行步骤 404;  Step 403, the A-RS determines whether the MS-related AK context (ie, the second AK context) is saved locally, and if yes, proceeds to step 410; otherwise, proceeds to step 404;
步骤 404, A-RS向 MR-BS发送 MS— Context-REQ消息,该消息中携带 该 MS ID;  Step 404: The A-RS sends an MS_Context-REQ message to the MR-BS, where the message carries the MS ID.
步骤 405, MR-BS向鉴权器发送 Context— Req消息, 该消息中携带 MS ID禾口 A-RS ID;  Step 405: The MR-BS sends a Context_Req message to the authenticator, where the message carries the MS ID and the A-RS ID.
本文中提到的鉴权器均为 MS所属的鉴权器。  The authenticators mentioned in this document are all authenticators to which the MS belongs.
步骤 406, 鉴权器根据 MS ID和 RS ID按照与 MS相同的设定规则计 算 MS相关 AK密钥, 生成 MS相关 AK上下文 (即第二 AK上下文); 步骤 407, 鉴权器向 MR-BS发送 Context— Rpt消息, 该消息中携带第 二 AK 上下文, 第二 AK 上下文中包含鉴权器本地保存的第二 CMAC— KEY— COUNT值 ZM; Step 406: The authenticator calculates an MS-related AK key according to the same setting rule as the MS according to the MS ID and the RS ID, and generates an MS-related AK context (ie, a second AK context). Step 407, the authenticator to the MR-BS Send a Context_Rpt message, the message carries a second AK context, and the second AK context contains a second locally saved by the authenticator CMAC—KEY—COUNT value Z M;
步骤 408, MR-BS令自身维护的 MS相关 CMAC— KEY— COUNT值 YMR 等于 ZM; Step 408, the MR-BS maintains the MS related CMAC-KEY- COUNT value Y MR is equal to Z M;
步骤 409, MR-BS向 A-RS返回 MS— Context-RSP消息, 该消息中携带 鉴权器提供的第二 AK上下文;  Step 409: The MR-BS returns an MS_Context-RSP message to the A-RS, where the message carries the second AK context provided by the authenticator;
步骤 410, A-RS令 YM等于 ZM; Step 410, A-RS makes Y M equal to Z M ;
步骤 411, 判断 XM是否大于或等于 YM, 若是, 进行步骤 412, 否则, 进行步骤 424; Step 411, it is determined whether X M is greater than or equal to Y M , and if so, proceed to step 412, otherwise, proceed to step 424;
本步骤即判断第一消息认证码密钥计数值是否不小于第二认证密钥上 下文中包含的第二消息认证码密钥计数值。  In this step, it is determined whether the first message authentication code key count value is not less than the second message authentication code key count value included in the second authentication key context.
步骤 412, A-RS利用 RNG-REQ消息中包含的 XM、消息认证码分组号 计数值和 MS相关 AK上下文中的 AK、 AK标识验证 RNG-REQ消息中的 消息认证码, 具体验证方式可参考 802.16e协议, 不同的是 802.16e计算方 法中的 BS标识需要更改为 RS标识。 若验证成功, 进行步骤 413, 否则进 行步骤 424; Step 412, A-RS using X M RNG-REQ message includes the message authentication code packet number counter value and MS-related AK context of the AK, AK identification verification RNG-REQ message is a message authentication code, the specific authentication manner Referring to the 802.16e protocol, the difference is that the BS identifier in the 802.16e calculation method needs to be changed to the RS identifier. If the verification is successful, proceed to step 413, otherwise proceed to step 424;
验证成功即可确定 MS与 A-RS间的接入链路安全,否则确定接入链路 不安全。  If the verification is successful, the access link between the MS and the A-RS can be determined. Otherwise, the access link is determined to be insecure.
步骤 413, A-RS令 YM等于 XM; Step 413, A-RS makes Y M equal to X M;
步骤 414, A-RS生成第二管理消息, 即新的 RNG-REQ消息; 本步骤中, A-RS利用自身维护的 A-RS相关 AK上下文 (即第三 AK 上下文) 中 AK 密钥、 AK 标识以及 RNG-REQ 消息中 的 CMAC— KEY— COUNT值 XM和消息认证码分组号计数值, 为 RNG-REQ消 息 (不包含原先消息认证码部分) 重新计算消息认证码, 将重新计算的消 息认证码替换原先的消息认证码, 得到新的 RNG-REQ消息; Step 414, the A-RS generates a second management message, that is, a new RNG-REQ message. In this step, the A-RS uses the AK key, AK in the A-RS related AK context (ie, the third AK context) maintained by itself. The identifier and the CMAC_KEY_COUNT value X M and the message authentication code packet number count value in the RNG-REQ message, for the RNG-REQ message (excluding the original message authentication code part), recalculate the message authentication code, and the recalculated message The authentication code replaces the original message authentication code to obtain a new RNG-REQ message;
步骤 415, A-RS向 MR-BS发送新的 RNG-REQ消息;  Step 415: The A-RS sends a new RNG-REQ message to the MR-BS.
步骤 416, MR-BS判断收到的 RNG-REQ消息中包含的 XM是否大于或 等于本地保存的 YMR, 若是, 进行步骤 417, 否则进行步骤 423; Step 416: The MR-BS determines whether the X M included in the received RNG-REQ message is greater than or Is equal to the locally saved Y MR , if yes, proceed to step 417, otherwise proceed to step 423;
本步骤即判断第三消息认证码密钥计数值是否不小于 MR-BS本地保存 的第四认证密钥上下文中包含的第四消息认证码密钥计数值。  In this step, it is determined whether the third message authentication code key count value is not less than the fourth message authentication code key count value included in the fourth authentication key context saved locally by the MR-BS.
步骤 417, MR-BS根据收到的 RNG-REQ消息中包含的 XM、 消息认证 码分组号计数值以及本地保存的 A-RS相关 AK上下文 (第四 AK上下文) 中的 AK密钥、 AK标识验证 RNG-REQ消息中的消息认证码; 具体过程是 MR-BS利用 A-RS相关 AK上下文(第四 AK上下文)中的 AK密钥、 A-RS 媒体访问控制层地址、 MR-BS标识以及 XM通过特定的方式计算得到消息 认证码密钥, 再利用该消息认证码密钥和 A-RS相关 AK上下文 (第四 AK 上下文)中的 AK标识、 RNG-REQ消息中的消息认证码分组号计数值验证 RNG-REQ消息的消息认证码, 具体验证方法类似 802.16e协议方法, 不同 的是 802.16e验证方法中的终端标识需要更改为 RS标识, 并且验证所需的 参数来自不同的上下文。 若验证成功, 进行步骤 418, 否则进行步骤 423; 验证成功即可确定 A-RS与 MR-BS间的中继链路安全, 否则确定中继 链路不安全。 Step 417, the MR-BS according to the X M , the message authentication code packet number count value included in the received RNG-REQ message, and the AK key, AK in the locally saved A-RS related AK context (fourth AK context) Identifying the message authentication code in the RNG-REQ message; the specific procedure is that the MR-BS utilizes the AK key in the A-RS related AK context (fourth AK context), the A-RS media access control layer address, and the MR-BS identifier. And X M calculates the message authentication code key in a specific manner, and then utilizes the message authentication code key and the AK identifier in the A-RS related AK context (fourth AK context), and the message authentication code in the RNG-REQ message. The packet number count value verifies the message authentication code of the RNG-REQ message, and the specific verification method is similar to the 802.16e protocol method. The difference is that the terminal identifier in the 802.16e authentication method needs to be changed to the RS identifier, and the parameters required for the verification are from different contexts. . If the verification is successful, go to step 418, otherwise go to step 423; verify the success to determine the security of the relay link between the A-RS and the MR-BS, otherwise determine that the relay link is not secure.
步骤 418, MR-BS 令 YMR等于 XM, 并向 A-RS 发送带成功指示的Step 418, MR-BS causes YMR to be equal to X M , and sends a success indication to the A-RS.
RNG-RSP消息; RNG-RSP message;
步骤 419, A-RS向 MS返回带成功指示的 RNG-RSP消息;  Step 419: The A-RS returns an RNG-RSP message with a success indication to the MS.
步骤 420, MR-BS向鉴权器发送 Context— Rpt消息, 该消息中携带 XM; 在具体实现时, 步骤 419和 420没有一定的先后顺序。 Step 420: The MR-BS sends a Context_RPt message to the authenticator, where the message carries XM . In the specific implementation, steps 419 and 420 do not have a certain sequence.
步骤 421, 鉴权器接收到 Context— Rpt消息后, 更新鉴权器本地保存的 Step 421: After the authenticator receives the Context_RPt message, the update identifier is locally saved.
MS相关上下文中的 CMAC— Key— Count值, 具体是取 ZM和 XM中的大者加The CMAC-Key-Count value in the context of the MS is specifically the larger of Z M and X M plus
1, 并赋值给 ZM, 即 ZM=max(XM, ZM)++; 1, and assigned to Z M , ie Z M =max(X M , Z M )++ ;
步骤 422, 鉴权器向 MR-BS发送 Context— Ack消息 4, 结束; 步骤 423, MR-BS向 A-RS发送携带拒绝信息的 RNG-RSP;  Step 422, the authenticator sends a Context_Ack message 4 to the MR-BS, and ends; Step 423, the MR-BS sends the RNG-RSP carrying the rejection information to the A-RS;
步骤 424, A-RS向 MS发送携带拒绝信息的 RNG-RSP。 另一个实施例, 在本实施例提供的无线中继网络中的链路安全认证方 法中, 先验证中继链路安全, 再验证接入链路安全。 接入链路的安全验证 基于 MS相关 AK上下文,中继链路的安全验证基于 A-RS相关 AK上下文。 在本实施例中, MS 维护一个 MS 相关 AK 上下文, 该上下文中包含 CMAC— KEY— COUNT值 XM, A-RS维护一个 MS相关 AK上下文, 该上下 文中包含 CMAC— KEY— COUNT值 YM, 鉴权器维护一个 MS相关 AK上下 文, 该上下文中包含 CMAC— KEY— COUNT值 ZM, A-RS维护一个 A-RS相 关 AK上下文, 该上下文中包含 CMAC— KEY— COUNT值 XR, MR-BS维护 一个 A-RS相关 AK上下文, 该上下文中包含 CMAC— KEY— COUNT值 YR。 与第一个实施例相比, 本实施例先验证中继链路安全, 再验证接入链路安 全。 Step 424: The A-RS sends an RNG-RSP carrying the rejection information to the MS. In another embodiment, in the link security authentication method in the wireless relay network provided in this embodiment, the security of the relay link is verified first, and then the security of the access link is verified. The security verification of the access link is based on the MS-related AK context, and the security verification of the relay link is based on the A-RS related AK context. In this embodiment, MS-related AK MS maintains a context that contains CMAC- KEY- COUNT value X M, A-RS MS maintains a correlation AK context, which context includes CMAC- KEY- COUNT value Y M, The authenticator maintains an MS-related AK context, which contains CMAC_KEY_COUNT value Z M , and the A-RS maintains an A-RS related AK context, which includes CMAC_KEY_COUNT value X R , MR- a-RS BS maintains a correlation AK context, which context includes CMAC- KEY- COUNT value Y R. Compared with the first embodiment, this embodiment first verifies the security of the relay link and then verifies the security of the access link.
在本实施例提供的无线中继网络中的链路安全认证方法如图 6所示, 包括以下步骤:  The link security authentication method in the wireless relay network provided in this embodiment is as shown in FIG. 6, and includes the following steps:
步骤 501, MS生成第一管理消息, 即 RNG-REQ消息;  Step 501: The MS generates a first management message, that is, an RNG-REQ message.
步骤 502, MS向 A-RS发送 RNG-REQ消息,该消息中携带该当前 XM、 第一消息认证码分组号计数值以及第一消息认证码; Step 502: The MS sends an RNG-REQ message to the A-RS, where the message carries the current X M , the first message authentication code packet number count value, and the first message authentication code.
步骤 503, A-RS生成第二管理消息, 即新的 RNG-REQ消息; 在本步骤中, A-RS将自身维护的 A-RS相关 AK上下文 (即第三 AK 上下文)中的 CMAC— KEY— COUNT值 ]^和消息认证码分组号计数值替换 收到的 RNG-REQ消息中的 CMAC— KEY— COUNT值 XM和消息认证码分组 号计数值,并利用 A-RS相关 AK上下文中的消息认证码密钥和消息认证码 分组号计数值为替换后的 RNG-REQ 消息 (不包含原先消息认证码部分) 重新计算消息认证码, 将重新计算的消息认证码替换原先的消息认证码, 得到新的 RNG-REQ消息; Step 503: The A-RS generates a second management message, that is, a new RNG-REQ message. In this step, the A-RS will maintain the A-RS related AK context (ie, the third AK context) CMAC_KEY. — COUNT value ] ^ and the message authentication code packet number count value replaces the CMAC_KEY_COUNT value X M and the message authentication code packet number count value in the received RNG-REQ message, and utilizes the A-RS related AK context The message authentication code key and the message authentication code packet number count value are the replaced RNG-REQ message (excluding the original message authentication code part). The message authentication code is recalculated, and the recalculated message authentication code is replaced with the original message authentication code. Obtain a new RNG-REQ message;
步骤 504, A-RS向 MR-BS发送新的 RNG-REQ消息;  Step 504: The A-RS sends a new RNG-REQ message to the MR-BS.
步骤 505, MR-BS判断收到的 RNG-REQ消息中包含的 XR是否大于或 等于本地保存的 YR, 若是, 进行步骤 506, 否则进行步骤 522; Step 505: The MR-BS determines whether the X R included in the received RNG-REQ message is greater than or Is equal to the locally saved Y R , if yes, proceed to step 506, otherwise proceed to step 522;
步骤 506, MR-BS根据收到的 RNG-REQ消息中包含的 XR、 消息认证 码分组号计数值以及本地保存的 A-RS相关 AK上下文(即第四 AK上下文) 中的 AK密钥、 AK标识验证收到的 RNG-REQ消息中的消息认证码; 具体 过程是 MR-BS利用 A-RS相关 AK上下文中的 AK密钥、 A-RS媒体访问控 制层地址、 MR-BS标识以及 通过特定的方式计算得到消息认证码密钥, 再利用该消息认证码密钥和 A-RS相关 AK上下文中的 AK标识、 收到的 RNG-REQ消息中的消息认证码分组号计数值验证 RNG-REQ消息的消息认 证码, 具体验证方法类似 802.16e协议方法, 不同的是 802.16e验证方法中 的终端标识需要更改为 RS标识。 若验证成功, 进行步骤 507, 否则进行步 骤 522; Step 506: The MR-BS according to the X R included in the received RNG-REQ message, the message authentication code packet number count value, and the AK key in the locally saved A-RS related AK context (ie, the fourth AK context), The AK identifier verifies the message authentication code in the received RNG-REQ message; the specific process is that the MR-BS utilizes the AK key in the A-RS related AK context, the A-RS media access control layer address, the MR-BS identifier, and the pass The message authentication code key is calculated in a specific manner, and the RNG- is verified by using the message authentication code key and the AK identifier in the A-RS related AK context, and the message authentication code packet number count value in the received RNG-REQ message. The message authentication code of the REQ message is similar to the 802.16e protocol method. The difference is that the terminal identifier in the 802.16e authentication method needs to be changed to the RS identifier. If the verification is successful, proceed to step 507, otherwise proceed to step 522;
验证成功即可确定 A-RS与 MR-BS间的中继链路安全, 否则确定中继 链路不安全。  The success of the verification can determine the security of the relay link between the A-RS and the MR-BS, otherwise it is determined that the trunk link is not secure.
步骤 507, MR-BS令 YR等于 XR,并向 A-RS发送带成功指示的 RNG-RSP 消息; Step 507, the MR-BS makes Y R equal to X R , and sends an RNG-RSP message with a success indication to the A-RS.
步骤 508, MR-BS 向鉴权器发送 Context— Req消息, 该消息中携带 MS ID和 A-RS ID;  Step 508: The MR-BS sends a Context_Req message to the authenticator, where the message carries the MS ID and the A-RS ID.
步骤 509, 鉴权器根据 MS ID和 RS ID按照与 MS相同的设定规则计 算 MS相关 AK密钥, 生成 MS相关 AK上下文 (即第二 AK上下文); 步骤 510, 鉴权器向 MR-BS发送 Context— Rpt消息, 该消息中携带第 二 AK 上下文, 该第二 AK 上下文中包含鉴权器本地保存的 MS 相关 CMAC— KEY— COUNT值 ZM; Step 509: The authenticator calculates an MS-related AK key according to the same setting rule as the MS according to the MS ID and the RS ID, and generates an MS-related AK context (ie, a second AK context). Step 510, the authenticator to the MR-BS Context- Rpt send message, and the message carries a second AK context, the second context includes AK locally stored authentication MS-related CMAC- KEY- COUNT value Z M;
步骤 511, MR-BS向 A-RS返回 MS— Context-RSP消息, 该消息中携带 鉴权器提供的第二 AK上下文;  Step 511: The MR-BS returns an MS_Context-RSP message to the A-RS, where the message carries the second AK context provided by the authenticator;
在本实施例中, MR-BS验证 A-RS CMAC的相关步骤与获取 MS相关 AK上下文的相关步骤之间没有确定的先后关系。 步骤 512, A-RS令 YM等于 ZM; In this embodiment, there is no determined sequential relationship between the steps of the MR-BS to verify the A-RS CMAC and the steps of obtaining the MS-related AK context. Step 512, A-RS makes Y M equal to Z M ;
步骤 513, 判断 XM是否大于或等于 YM, 若是, 进行步骤 514, 否则, 进行步骤 523; Step 513, it is determined whether X M is greater than or equal to Y M , and if so, proceed to step 514, otherwise, proceed to step 523;
步骤 514, A-RS利用步骤 502收到的 RNG-REQ消息中包含的 XM、消 息认证码分组号计数值和步骤 511收到的 MS相关 AK上下文中的 AK、AK 标识验证 RNG-REQ消息中的消息认证码,具体验证方式可参考 802.16e协 议, 不同的是 802.16e计算方法中的 BS标识需要更改为 RS标识。 若验证 成功, 进行步骤 515, 否则进行步骤 523; Step 514, X M RNG-REQ message received from A-RS 502 utilizing the step comprising, MS AK context 511 associated message authentication code received packet count value and the number of steps AK, AK identification verification RNG-REQ message The message authentication code in the medium can be referred to the 802.16e protocol. The difference is that the BS identifier in the 802.16e calculation method needs to be changed to the RS identifier. If the verification is successful, proceed to step 515, otherwise proceed to step 523;
验证成功即可确定 MS与 A-RS间的接入链路安全,否则确定接入链路 不安全。  If the verification is successful, the access link between the MS and the A-RS can be determined. Otherwise, the access link is determined to be insecure.
步骤 515, A-RS令 YM等于 XM; Step 515, A-RS makes Y M equal to X M;
步骤 516, A-RS向 MS返回带成功指示的 RNG-RSP消息;  Step 516: The A-RS returns an RNG-RSP message with a success indication to the MS.
步骤 517, A-RS向 MR-BS发送 MS— Context-REQ消息,该消息中携带 MS ID ^n XM{t; Step 517, the A-RS sends an MS_Context-REQ message to the MR-BS, where the message carries the MS ID ^n X M {t;
在具体实现时, 步骤 516和 517没有一定的先后顺序。  In the specific implementation, steps 516 and 517 do not have a certain order.
步骤 518, MR-BS向鉴权器发送 Context— Rpt消息, 该消息中携带 XM; 步骤 519, 鉴权器接收到 Context— Rpt消息后, 更新鉴权器本地保存的Step 518: The MR-BS sends a Context_RPt message to the authenticator, where the message carries XM . In step 519, after the authenticator receives the Context_RPt message, the updater locally saves the identifier.
MS相关的 CMAC— Key— Count值, 具体是取 ZM和 XM中的大者加 1, 并赋 值给 ZM, 即 ZM=max(XM, ZM)++; MS related CMAC - Key - Count value, specifically take the larger of Z M and X M plus 1 and assign it to Z M , ie Z M =max(X M , Z M )++;
步骤 520, 鉴权器向 MR-BS发送 Context— Ack消息;  Step 520: The authenticator sends a Context_Ack message to the MR-BS.
步骤 521, MR-BS 接收到 Context— Ack 消息后, 向 A-RS 发送 Step 521: After receiving the Context_Ack message, the MR-BS sends the message to the A-RS.
MS— Context-RSP消息响应上述 MS— Context-REQ消息, 结束; The MS_Context-RSP message responds to the above MS_Context-REQ message, and ends;
步骤 522, MR-BS向 A-RS发送携带拒绝信息的 RNG-RSP;  Step 522: The MR-BS sends an RNG-RSP carrying the rejection information to the A-RS.
步骤 523, A-RS向 MS发送携带拒绝信息的 RNG-RSP。  Step 523: The A-RS sends the RNG-RSP carrying the rejection information to the MS.
在具体实现时, MR-BS可以判断 A-RS是否保存有 MS相关 AK上下 文, 若是, 则步骤 508-511可以省略。 另一个实施例, 在本实施例提供的无线中继网络中的链路安全认证方 法中, 接入链路的安全验证和中继链路的安全验证都在 MR-BS进行。接入 链路的安全验证基于 MS相关 AK上下文, 中继链路的安全验证基于 A-RS 相关 AK上下文。 在本实施例中, MS维护一个 MS相关 AK上下文, 该上 下文中包含 CMAC— KEY— COUNT值 XM, 鉴权器维护一个 MS相关 AK上 下文, 该上下文中包含 CMAC— KEY— COUNT值 ZM, A-RS维护一个 A-RS 相关 AK上下文, 该上下文中包含 CMAC— KEY— COUNT值 XR, MR-BS维 护一个 A-RS相关 AK上下文, 该上下文中包含 CMAC— KEY— COUNT值 YR, MR-BS还可能维护一个 MS相关 AK上下文。 与第一个相比, 本实施 例中的接入链路安全和中继链路安全都在 MR-BS进行。 In a specific implementation, the MR-BS can determine whether the A-RS holds the MS-related AK context, and if so, steps 508-511 can be omitted. In another embodiment, in the link security authentication method in the wireless relay network provided by the embodiment, the security verification of the access link and the security verification of the relay link are performed on the MR-BS. The security verification of the access link is based on the MS-related AK context, and the security verification of the relay link is based on the A-RS related AK context. In this embodiment, MS-related AK MS maintains a context that contains CMAC- KEY- COUNT value X M, MS-related authenticator maintains a AK context, which context includes CMAC- KEY- COUNT value Z M, a-RS a-RS maintains a correlation AK context, which context includes CMAC- KEY- COUNT value X R, MR-BS maintains a relevant a-RS AK context, which context includes CMAC- KEY- COUNT values Y R, The MR-BS may also maintain an MS related AK context. Compared with the first one, the access link security and the relay link security in this embodiment are all performed in the MR-BS.
在本实施例提供的无线中继网络中的链路安全认证方法如图 7所示, 包括以下步骤:  The link security authentication method in the wireless relay network provided in this embodiment is as shown in FIG. 7, and includes the following steps:
步骤 601, MS生成第一管理消息, 即 RNG-REQ消息;  Step 601: The MS generates a first management message, that is, an RNG-REQ message.
步骤 602, MS向 A-RS发送 RNG-REQ消息,该消息中携带该当前 XM、 第一消息认证码分组号计数值以及第一消息认证码; Step 602: The MS sends an RNG-REQ message to the A-RS, where the message carries the current X M , the first message authentication code packet number count value, and the first message authentication code.
步骤 603, A-RS生成第二管理消息, 即新的 RNG-REQ消息; 在本步骤中, A-RS将自身维护的 A-RS相关 AK上下文 (即第三 AK 上下文)中的第三消息认证码密钥计数值 和第三消息认证码分组号计数 值添加到 RNG-REQ消息末尾,并用 A-RS相关 AK上下文为添加新字段后 的 RNG-REQ消息计算 A-RS相关第三消息认证码,将新的消息认证码添加 到添加新字段后的 RNG-REQ消息, 生成新的 RNG-REQ消息, A-RS相关 消息认证码的具体计算方法可参考 802.16e协议, 不同的是 802.16e计算方 法中的终端标识需要更改为 RS标识;  Step 603, the A-RS generates a second management message, that is, a new RNG-REQ message. In this step, the A-RS will maintain the third message in the A-RS related AK context (ie, the third AK context) maintained by itself. The authentication code key count value and the third message authentication code packet number count value are added to the end of the RNG-REQ message, and the A-RS related third message authentication is calculated by using the A-RS related AK context for adding the new field after the RNG-REQ message. The code adds a new message authentication code to the RNG-REQ message after adding the new field, and generates a new RNG-REQ message. The specific calculation method of the A-RS related message authentication code can refer to the 802.16e protocol, and the difference is 802.16e. The terminal identifier in the calculation method needs to be changed to the RS identifier;
此时, 新的 RNG-REQ消息中包括第一消息认证码、 第一消息认证码 密钥计数值、 第一消息认证码分组号计数值, 以及第三消息认证码密钥计 数值 XR、 第三消息认证码分组号计数值、 第三消息认证码。 步骤 604, A-RS向 MR-BS发送新的 RNG-REQ消息; 步骤 605, MR-BS向鉴权器发送 Context— Req消息, 该消息中携带 MS ID禾口 A-RS ID; At this time, the new RNG-REQ message includes a first message authentication code, a first message authentication code key count value, a first message authentication code packet number count value, and a third message authentication code key count value X R , The third message authentication code packet number count value and the third message authentication code. Step 604: The A-RS sends a new RNG-REQ message to the MR-BS. Step 605: The MR-BS sends a Context_Req message to the authenticator, where the message carries the MS ID and the A-RS ID.
步骤 606, 鉴权器根据 MS ID和 RS ID按照与 MS相同的设定规则计 算 MS相关 AK密钥, 生成 MS相关 AK上下文 (即第二 AK上下文); 步骤 607, 鉴权器向 MR-BS发送 Context— Rpt消息, 该消息中携带第 二 AK上下文, 该第二 AK 上下文中包含鉴权器本地保存的 MS 相关 CMAC— KEY— COUNT值 ZM; Step 606: The authenticator calculates an MS-related AK key according to the same setting rule as the MS according to the MS ID and the RS ID, and generates an MS-related AK context (ie, a second AK context). Step 607, the authenticator to the MR-BS Sending a Context_RPpt message, where the message carries a second AK context, where the second AK context includes an MS-related CMAC-KEY_COUNT value ZM locally saved by the authenticator ;
步骤 608, MR-BS判断是否满足 RNG-REQ消息中包含的 ]大于或等 于本地保存的 ¥ 且^0-^0消息中包含的 XM大于或等于 ZM, 若是, 进 行步骤 609, 否则进行步骤 615; Step 608, MR-BS judges whether] ¥ RNG-REQ message includes greater than or equal locally stored and ^ 0- ^ X M 0 contained in the message is greater than or equal to Z M, if yes, proceeds to step 609, otherwise proceeds Step 615;
步骤 609, MR-BS根据收到的 RNG-REQ消息中末尾包含的 XR、 A-RS 相关消息认证码分组号计数值以及本地保存的 A-RS相关 AK上下文(即第 四 AK上下文) 中的 AK密钥、 AK标识验证收到的 RNG-REQ消息中的 A-RS相关消息认证码;具体过程是 MR-BS利用 A-RS相关 AK上下文中的 AK密钥、 A-RS媒体访问控制层地址、 MR-BS标识以及 XR通过特定的方 式计算得到消息认证码密钥,再利用该消息认证码密钥和 A-RS相关 AK上 下文中的 AK标识、收到的 RNG-REQ消息中的消息认证码分组号计数值验 证 RNG-REQ消息的 A-RS相关消息认证码, 具体验证方法类似 802.16e协 议方法, 不同的是 802.16e验证方法中的终端标识需要更改为 RS标识。 若 验证成功, 进行步骤 610, 否则进行步骤 615; Step 609: The MR-BS according to the X R and A-RS related message authentication code group number count value included in the received RNG-REQ message and the locally saved A-RS related AK context (ie, the fourth AK context) The AK key and the AK identifier verify the A-RS related message authentication code in the received RNG-REQ message; the specific process is that the MR-BS utilizes the AK key in the A-RS related AK context, and the A-RS media access control The layer address, the MR-BS identifier, and the X R calculate the message authentication code key in a specific manner, and then use the message authentication code key and the AK identifier in the A-RS related AK context, and the received RNG-REQ message. The message authentication code packet number count value verifies the A-RS related message authentication code of the RNG-REQ message, and the specific verification method is similar to the 802.16e protocol method. The difference is that the terminal identifier in the 802.16e authentication method needs to be changed to the RS identifier. If the verification is successful, proceed to step 610, otherwise proceed to step 615;
验证成功即可确定 A-RS与 MR-BS间的中继链路安全, 否则确定中继 链路不安全。  The success of the verification can determine the security of the relay link between the A-RS and the MR-BS, otherwise it is determined that the trunk link is not secure.
步骤 610, 利用 RNG-REQ消息中包含的 XM、 MS相关消息认证码分 组号计数值和 MS相关 AK上下文中的 AK、 AK标识验证 RNG-REQ消息 中的 MS相关消息认证码, 具体验证方式可参考 802.16e协议, 不同的是 802.16e计算方法中的 BS标识需要更改为 RS标识, 并且验证时需要忽略 RNG-REQ消息末尾的 XR、 A-RS相关消息认证码分组号计数值和 A-RS相 关消息认证码。 若验证成功, 进行步骤 611, 否则进行步骤 615; Step 610: Verify the MS-related message authentication code in the RNG-REQ message by using the X M and MS-related message authentication code packet number count value included in the RNG-REQ message and the AK and AK identifiers in the MS-related AK context, and the specific verification mode. Can refer to the 802.16e protocol, the difference is The BS identifier in the 802.16e calculation method needs to be changed to the RS identifier, and the X R , the A-RS related message authentication code packet number count value, and the A-RS related message authentication code at the end of the RNG-REQ message need to be ignored in the verification. If the verification is successful, proceed to step 611, otherwise proceed to step 615;
验证成功即可确定 MS与 A-RS间的接入链路安全,否则确定接入链路 不安全。  If the verification is successful, the access link between the MS and the A-RS can be determined. Otherwise, the access link is determined to be insecure.
步骤 611, MR-BS令 YR等于 XR,并向 A-RS发送带成功指示的 RNG-RSP 消息, A-RS向 MS发送带成功指示的 RNG-RSP消息; Step 611, the MR-BS makes Y R equal to X R , and sends an RNG-RSP message with a success indication to the A-RS, and the A-RS sends an RNG-RSP message with a success indication to the MS.
步骤 612, MR-BS向鉴权器发送 Context— Rpt消息, 该消息中携带 XM; 步骤 613, 鉴权器接收到 Context— Rpt消息后, 更新鉴权器本地保存的 MS相关的 CMAC— Key— Count值, 具体是取 ZM和 XM中的大者加 1, 并赋 值给 ZM, 即 ZM=max(XM, ZM)++; Step 612: The MR-BS sends a Context_RPt message to the authenticator, where the message carries XM . In step 613, after receiving the Context_RPt message, the authenticator updates the MS-related CMAC-Key saved locally by the authenticator. — Count value, specifically taking the larger of Z M and X M plus 1 and assigning it to Z M , ie Z M =max(X M , Z M )++;
步骤 614, 鉴权器向 MR-BS发送 Context— Ack消息, 结束;  Step 614: The authenticator sends a Context_Ack message to the MR-BS, and ends.
步骤 615, MR-BS向 A-RS发送携带拒绝信息的 RNG-RSP;  Step 615: The MR-BS sends an RNG-RSP carrying the rejection information to the A-RS.
步骤 616, A-RS向 MS发送携带拒绝信息的 RNG-RSP。  Step 616: The A-RS sends the RNG-RSP carrying the rejection information to the MS.
在本实施例中, 进行步骤 604之前, 可以先判断 A-RS有没有保存 MS 相关 AK上下文, 若是, 则可以进行实施例一中的相关操作验证接入链路 和中继链路的安全性, 否则, 可以进行步骤 604, 利用本实施例的技术方案 进行相应处理。  In this embodiment, before performing step 604, it may be determined whether the A-RS saves the MS-related AK context, and if so, the related operations in the first embodiment may be performed to verify the security of the access link and the relay link. Otherwise, step 604 can be performed to perform corresponding processing by using the technical solution of the embodiment.
在具体实现时, 可以只验证接入链路是否安全, 在这种情况下, 可以 不用生成新的 RNG-REQ,即第二管理消息中的第三消息认证码密钥计数值 为第一消息认证码密钥计数值, 第三消息认证码分组号计数值为第一消息 认证码分组号计数值, 第一消息认证码密钥计数值、 第一消息认证码分组 号计数值包含在移动台自身保存的第一认证密钥上下文中, 即第二管理消 息即 A-RS转发的第一管理消息。后续涉及到验证中继链路安全的步骤均可 以省略。  In a specific implementation, it is possible to verify only whether the access link is secure. In this case, the new RNG-REQ may not be generated, that is, the third message authentication code key count value in the second management message is the first message. The authentication code key count value, the third message authentication code group number count value is a first message authentication code packet number count value, the first message authentication code key count value, the first message authentication code group number count value is included in the mobile station In the first authentication key context saved by itself, that is, the second management message is the first management message forwarded by the A-RS. Subsequent steps involving verifying the security of the relay link can be omitted.
装置实施例, 本实施例中的链路安全认证装置, 如图 8所示, 包括: 第一接收模块, 用于接收移动台发送的第一管理消息, 第一管理消息 中携带第一消息认证码以及移动台自身保存的第一认证密钥上下文中的第 一认证密钥、 第一认证密钥标识以及第一消息认证码密钥计数值、 第一消 息认证码分组号计数值计算生成, 第一认证密钥根据移动台标识与接入中 继站标识按设定规则计算获得; The device security authentication device in this embodiment, as shown in FIG. 8, includes: a first receiving module, configured to receive a first management message sent by the mobile station, where the first management message carries the first message authentication code and the first authentication key in the first authentication key context saved by the mobile station itself, and the first The authentication key identifier and the first message authentication code key count value and the first message authentication code group number count value are calculated and generated, and the first authentication key is calculated according to the mobile station identifier and the access relay station identifier according to the setting rule;
第一处理模块, 用于根据第二认证密钥上下文中包含的第二认证密钥、 第二认证密钥标识以及第一消息认证码密钥计数值、 第一消息认证码分组 号计数值验证第一消息认证码, 根据验证结果确定移动台与接入中继站间 的接入链路是否安全, 第二认证密钥与第一认证密钥为对等密钥。  a first processing module, configured to verify, according to the second authentication key, the second authentication key identifier, and the first message authentication code key count value and the first message authentication code group number count value included in the second authentication key context The first message authentication code determines whether the access link between the mobile station and the access relay station is secure according to the verification result, and the second authentication key and the first authentication key are peer keys.
该中继站还可以包括:  The relay station can also include:
第一密钥获得模块, 用于在第一接收模块接收到第一管理消息后, 判 断第一存储模块是否保存第二认证密钥上下文, 若无保存, 则向移动台所 属的鉴权器发送包括移动台标识与接入中继站标识的上下文请求, 以从鉴 权器获得的第二认证密钥上下文提供给第一处理模块。  a first key obtaining module, configured to: after the first receiving module receives the first management message, determine whether the first storage module saves the second authentication key context, and if not saved, send the identifier to the authenticator to which the mobile station belongs A context request including a mobile station identity and an access relay station identity is provided to the first processing module with a second authentication key context obtained from the authenticator.
具体的处理方法可以参见实施例一的步骤 301~312、 实施例二的步骤 401-413, 实施例三的步骤 501、 513~516描述的相关部分。  For the specific processing method, refer to steps 301 to 312 of the first embodiment, steps 401-413 of the second embodiment, and related parts described in steps 501 and 513 to 516 of the third embodiment.
上述装置可以为接入中继站或多跳中继基站。  The above device may be an access relay station or a multi-hop relay base station.
另一个装置实施例, 本实施例中的多跳中继基站, 如图 9所示, 包括: 第二接收模块, 用于接收接入中继站发送的第二管理消息, 第二管理 消息中携带第三消息认证码以及第三消息认证码密钥计数值、 第三消息认 证码分组号计数值, 第三消息认证码根据第三消息认证码密钥计数值、 第 三消息认证码分组号计数值以及第三认证密钥上下文中的第三认证密钥、 第三认证密钥标识计算生成, 第三认证密钥根据接入中继站标识与多跳中 继基站标识按设定规则计算获得;  Another apparatus embodiment, the multi-hop relay base station in this embodiment, as shown in FIG. 9, includes: a second receiving module, configured to receive a second management message sent by the access relay station, where the second management message carries The third message authentication code and the third message authentication code key count value, the third message authentication code group number count value, and the third message authentication code according to the third message authentication code key count value and the third message authentication code group number count value And generating, by the third authentication key and the third authentication key identifier in the third authentication key context, the third authentication key is obtained according to the setting rule according to the access relay identifier and the multi-hop relay base station identifier;
第二处理模块, 用于根据第四认证密钥上下文中包含的第四认证密钥、 第四认证密钥标识以及第三消息认证码密钥计数值、 第三消息认证码分组 号计数值验证第三消息认证码, 根据验证结果确定接入中继站与多跳中继 基站间的中继链路是否安全, 第四认证密钥与第三认证密钥为对等密钥。 a second processing module, configured to: according to the fourth authentication key, the fourth authentication key identifier, and the third message authentication code key count value, the third message authentication code group included in the fourth authentication key context The number of the counters verifies the third message authentication code, and according to the verification result, it is determined whether the relay link between the access relay station and the multi-hop relay base station is secure, and the fourth authentication key and the third authentication key are peer keys.
具体的处理方法可以参见实施例一的步骤 314~318、 实施例二的步骤 415-419, 实施例三的步骤 504~507描述的相关部分。  For the specific processing method, refer to the related parts described in steps 314 to 318 of the first embodiment, steps 415 to 419 of the second embodiment, and steps 504 to 507 of the third embodiment.
系统实施例, 本实施例中的无线中继网络系统, 如图 10所示, 包括: 接入中继站, 用于接收移动台发送的第一管理消息, 根据第二认证密 钥上下文中包含的第二认证密钥、 第二认证密钥标识以及第一消息认证码 密钥计数值、 第一消息认证码分组号计数值验证第一消息认证码, 根据验 证结果确定移动台与接入中继站间的接入链路是否安全, 并将第一管理消 息转换为第二管理消息并发送, 其中, 第一管理消息中携带第一消息认证 码以及移动台自身保存的第一认证密钥上下文中包含的第一消息认证码密 钥计数值、 第一消息认证码分组号计数值, 第一消息认证码根据第一认证 密钥上下文中的第一认证密钥、 第一认证密钥标识以及第一消息认证码密 钥计数值、 第一消息认证码分组号计数值计算生成, 第一认证密钥根据移 动台标识与接入中继站标识按设定规则计算获得, 第二认证密钥与第一认 证密钥为对等密钥;  System Embodiment, the wireless relay network system in this embodiment, as shown in FIG. 10, includes: an access relay station, configured to receive a first management message sent by the mobile station, according to a second The second authentication key, the second authentication key identifier, and the first message authentication code key count value, and the first message authentication code packet number count value verify the first message authentication code, and determine, between the mobile station and the access relay station, according to the verification result. Whether the access link is secure, and the first management message is converted into a second management message and sent, where the first management message carries the first message authentication code and the first authentication key context saved by the mobile station itself a first message authentication code key count value, a first message authentication code packet number count value, and the first message authentication code is based on the first authentication key, the first authentication key identifier, and the first message in the first authentication key context The authentication code key count value and the first message authentication code group number count value are calculated and generated, and the first authentication key is determined according to the mobile station identifier and the access Station identification by setting rule obtained by calculation, the second authentication key and the authentication key for the first key and the like;
多跳中继基站, 用于接收接入中继站发送的第二管理消息, 并根据第 四认证密钥上下文中包含的第四认证密钥、 第四认证密钥标识以及第三消 息认证码密钥计数值、第三消息认证码分组号计数值验证第三消息认证码, 根据验证结果确定接入中继站与多跳中继基站间的中继链路是否安全, 其 中, 第二管理消息中携带第三消息认证码以及第三消息认证码密钥计数值、 第三消息认证码分组号计数值, 第三消息认证码根据第三消息认证码密钥 计数值、 第三消息认证码分组号计数值以及第三认证密钥上下文中的第三 认证密钥、 第三认证密钥标识计算生成, 第三认证密钥根据接入中继站标 识与多跳中继基站标识按设定规则计算获得, 第四认证密钥与第三认证密 钥为对等密钥。 综上所述, 本发明实施例为无线中继网络中检测接入链路和中继链路 安全性提供了具体的技术方案, 能够有效防止无线中继网络中的重放攻击。 a multi-hop relay base station, configured to receive a second management message sent by the access relay station, and according to the fourth authentication key, the fourth authentication key identifier, and the third message authentication code key included in the fourth authentication key context And the third message authentication code is verified by the count value and the third message authentication code packet number, and the relay link between the access relay station and the multi-hop relay base station is determined according to the verification result, wherein the second management message carries the first The third message authentication code and the third message authentication code key count value, the third message authentication code group number count value, and the third message authentication code according to the third message authentication code key count value and the third message authentication code group number count value And calculating, by the third authentication key and the third authentication key identifier in the third authentication key context, the third authentication key is obtained according to the setting rule according to the access relay identifier and the multi-hop relay base station identifier, and the fourth The authentication key and the third authentication key are peer keys. In summary, the embodiment of the present invention provides a specific technical solution for detecting the security of the access link and the relay link in the wireless relay network, and can effectively prevent the replay attack in the wireless relay network.
本领域普通技术人员可以理解上述实施例方法中的全部或部分处理是 可以通过程序来指令相关的硬件完成, 所述的程序可以存储于一种计算机 可读存储介质中。 显然, 本领域的技术人员可以对本发明进行各种改动和变型而不脱离 本发明的精神和范围。 这样, 倘若本发明的这些修改和变型属于本发明权 利要求及其等同技术的范围之内, 则本发明也意图包含这些改动和变型在 内。  One of ordinary skill in the art will appreciate that all or part of the processing of the above-described embodiments can be accomplished by a program that instructs the associated hardware, which can be stored in a computer readable storage medium. It is apparent that those skilled in the art can make various modifications and variations to the invention without departing from the spirit and scope of the invention. Thus, it is intended that the present invention cover the modifications and modifications of the invention

Claims

权利要求 Rights request
1、 一种无线中继网络中的链路安全认证方法, 其特征在于, 包括: 多跳中继基站或者接入中继站接收移动台发送的第一管理消息, 所述 第一管理消息中携带第一消息认证码以及所述移动台自身保存的第一认证 密钥上下文中包含的第一消息认证码密钥计数值、 第一消息认证码分组号 计数值, 所述第一消息认证码根据所述第一认证密钥上下文中的第一认证 密钥、 第一认证密钥标识以及所述第一消息认证码密钥计数值、 第一消息 认证码分组号计数值计算生成, 所述第一认证密钥上下文中的第一认证密 钥根据移动台标识与接入中继站标识按设定规则计算获得;  A link security authentication method in a wireless relay network, comprising: a multi-hop relay base station or an access relay station receiving a first management message sent by a mobile station, where the first management message carries a a message authentication code and a first message authentication code key count value and a first message authentication code packet number count value included in a first authentication key context saved by the mobile station itself, the first message authentication code according to the Generating, by the first authentication key, the first authentication key identifier, the first message authentication code key count value, and the first message authentication code packet number count value in the first authentication key context, the first The first authentication key in the authentication key context is calculated according to the mobile station identifier and the access relay station identifier according to a setting rule;
根据第二认证密钥上下文中包含的第二认证密钥、 第二认证密钥标识 以及所述第一消息认证码密钥计数值、 第一消息认证码分组号计数值验证 所述第一消息认证码, 根据验证结果确定所述移动台与所述接入中继站间 的接入链路是否安全, 所述第二认证密钥与所述第一认证密钥为对等密钥。  And verifying the first message according to the second authentication key, the second authentication key identifier, and the first message authentication code key count value and the first message authentication code group number count value included in the second authentication key context. The authentication code determines whether the access link between the mobile station and the access relay station is secure according to the verification result, and the second authentication key and the first authentication key are peer keys.
2、 根据权利要求 1所述的方法, 其特征在于, 接收到所述第一管理消 息后, 先判断本地是否保存所述第二认证密钥上下文, 若无保存, 则向所 述移动台所属的鉴权器发送包括所述移动台标识与所述接入中继站标识的 上下文请求, 并从所述鉴权器获得所述第二认证密钥上下文。  The method according to claim 1, wherein after receiving the first management message, it is first determined whether the second authentication key context is saved locally, and if not saved, to the mobile station The authenticator sends a context request including the mobile station identity and the access relay identity, and obtains the second authentication key context from the authenticator.
3、 根据权利要求 1所述的方法, 其特征在于, 接收到所述第一管理消 息后, 先判断所述第一消息认证码密钥计数值是否不小于所述第二认证密 钥上下文中包含的第二消息认证码密钥计数值, 若是, 则进行验证所述第 一消息认证码的步骤, 否则, 确定所述接入链路不安全。  The method according to claim 1, wherein, after receiving the first management message, determining whether the first message authentication code key count value is not less than the second authentication key context The second message authentication code key count value is included, and if yes, the step of verifying the first message authentication code is performed, otherwise, determining that the access link is insecure.
4、 根据权利要求 1所述的方法, 其特征在于, 还包括:  4. The method according to claim 1, further comprising:
若接收所述第一管理消息的为接入中继站, 则所述接入中继站还向多 跳中继基站发送第二管理消息, 所述第二管理消息中携带第三消息认证码 以及第三消息认证码密钥计数值、 第三消息认证码分组号计数值, 所述第 三消息认证码根据所述第三消息认证码密钥计数值、 第三消息认证码分组 号计数值以及第三认证密钥上下文中的第三认证密钥、 第三认证密钥标识 计算生成, 所述第三认证密钥根据所述接入中继站标识与多跳中继基站标 识按设定规则计算获得; And if the receiving the first management message is an access relay station, the access relay station further sends a second management message to the multi-hop relay base station, where the second management message carries the third message authentication code and the third message. An authentication code key count value, a third message authentication code packet number count value, and the third message authentication code is grouped according to the third message authentication code key count value and the third message authentication code group The third counter key and the third authentication key identifier in the third authentication key context are calculated and generated, and the third authentication key is set according to the access relay station identifier and the multi-hop relay base station identifier. The rule is calculated and obtained;
以使所述多跳中继基站根据第四认证密钥上下文中包含的第四认证密 钥、 第四认证密钥标识以及所述第三消息认证码密钥计数值、 第三消息认 证码分组号计数值验证所述第三消息认证码, 根据验证结果确定所述接入 中继站与所述多跳中继基站间的中继链路是否安全, 所述第四认证密钥与 所述第三认证密钥为对等密钥。  The fourth multi-hop relay base station according to the fourth authentication key, the fourth authentication key identifier, and the third message authentication code key count value and the third message authentication code group included in the fourth authentication key context. Verifying the third message authentication code, determining, according to the verification result, whether the relay link between the access relay station and the multi-hop relay base station is secure, the fourth authentication key and the third The authentication key is a peer key.
5、 一种无线中继网络中的链路安全认证方法, 其特征在于, 包括: 接收接入中继站发送的第二管理消息, 所述第二管理消息中携带第三 消息认证码以及第三消息认证码密钥计数值、 第三消息认证码分组号计数 值, 所述第三消息认证码根据所述第三消息认证码密钥计数值、 第三消息 认证码分组号计数值以及第三认证密钥上下文中的第三认证密钥、 第三认 证密钥标识计算生成, 所述第三认证密钥根据所述接入中继站标识与多跳 中继基站标识按设定规则计算获得, 所述第三认证密钥上下文为所述接入 中继站保存的接入中继站相关的认证密钥上下文;  A link security authentication method in a wireless relay network, comprising: receiving a second management message sent by an access relay station, where the second management message carries a third message authentication code and a third message An authentication code key count value, a third message authentication code packet number count value, the third message authentication code according to the third message authentication code key count value, a third message authentication code packet number count value, and a third authentication The third authentication key and the third authentication key identifier in the key context are calculated and generated, and the third authentication key is calculated according to the access relay identifier and the multi-hop relay base station identifier according to a setting rule, where The third authentication key context is an authentication relay context associated with the access relay station saved by the access relay station;
根据第四认证密钥上下文中包含的第四认证密钥、 第四认证密钥标识 以及所述第三消息认证码密钥计数值、 第三消息认证码分组号计数值验证 所述第三消息认证码, 根据验证结果确定所述接入中继站与所述多跳中继 基站间的中继链路是否安全, 所述第四认证密钥与所述第三认证密钥为对 等密钥。  Verifying the third message according to the fourth authentication key, the fourth authentication key identifier, and the third message authentication code key count value and the third message authentication code packet number count value included in the fourth authentication key context The authentication code determines whether the relay link between the access relay station and the multi-hop relay base station is secure according to the verification result, and the fourth authentication key and the third authentication key are peer keys.
6、 根据权利要求 5所述的方法, 其特征在于, 接收到所述第二管理消 息后, 先判断所述第三消息认证码密钥计数值是否不小于所述第四认证密 钥上下文中包含的第四消息认证码密钥计数值, 若是, 则进行验证所述第 三消息认证码的步骤, 否则, 确定所述中继链路不安全。  The method according to claim 5, wherein, after receiving the second management message, determining whether the third message authentication code key count value is not less than the fourth authentication key context The fourth message authentication code key count value is included, and if yes, the step of verifying the third message authentication code is performed, otherwise, determining that the relay link is insecure.
7、 根据权利要求 5所述的方法, 其特征在于, 所述第三消息认证码密 钥计数值为第一消息认证码密钥计数值, 所述第三消息认证码分组号计数 值为第一消息认证码分组号计数值, 所述第一消息认证码密钥计数值、 第 一消息认证码分组号计数值包含在移动台自身保存的第一认证密钥上下文 中。 The method according to claim 5, wherein the third message authentication code is dense The key count value is a first message authentication code key count value, the third message authentication code packet number count value is a first message authentication code packet number count value, the first message authentication code key count value, the first The message authentication code packet number count value is included in the context of the first authentication key held by the mobile station itself.
8、 根据权利要求 5所述的方法, 其特征在于, 所述第三消息认证码密 钥计数值、 第三消息认证码分组号计数值为所述第三认证密钥上下文中包 含的消息认证码密钥计数值、 消息认证码分组号计数值。  The method according to claim 5, wherein the third message authentication code key count value and the third message authentication code group number count value are message authentications included in the third authentication key context. Code key count value, message authentication code group number count value.
9、 根据权利要求 8所述的方法, 其特征在于, 所述第二管理消息还携 带第一消息认证码以及所述移动台自身保存的第一认证密钥上下文中包含 的第一消息认证码密钥计数值、 第一消息认证码分组号计数值, 所述第一 消息认证码根据所述第一认证密钥上下文中的第一认证密钥、 第一认证密 钥标识以及所述第一消息认证码密钥计数值、 第一消息认证码分组号计数 值计算生成, 所述第一认证密钥上下文中的第一认证密钥根据移动台标识 与接入中继站标识按设定规则计算获得;  The method according to claim 8, wherein the second management message further carries a first message authentication code and a first message authentication code included in a first authentication key context saved by the mobile station itself a first key authentication value, a first authentication key, a first message authentication code, a first message authentication code, and a first message authentication code The message authentication code key count value and the first message authentication code packet number count value are calculated and generated, and the first authentication key in the first authentication key context is calculated according to the mobile station identifier and the access relay station identifier according to the setting rule. ;
在接收到所述第二管理消息后, 还根据第二认证密钥上下文中包含的 第二认证密钥、 第二认证密钥标识以及所述第一消息认证码密钥计数值、 第一消息认证码分组号计数值验证所述第一消息认证码, 根据验证结果确 定所述移动台与所述接入中继站间的接入链路是否安全, 所述第二认证密 钥与所述第一认证密钥为对等密钥。  After receiving the second management message, the second authentication key, the second authentication key identifier, and the first message authentication code key count value and the first message included in the second authentication key context are further The authentication code packet number counter value verifies the first message authentication code, and determines, according to the verification result, whether the access link between the mobile station and the access relay station is secure, the second authentication key and the first The authentication key is a peer key.
10、 一种无线中继网络中的链路安全认证装置, 其特征在于, 包括: 第一接收模块, 用于接收移动台发送的第一管理消息, 所述第一管理 消息中携带第一消息认证码以及所述移动台自身保存的第一认证密钥上下 文中包含的第一消息认证码密钥计数值、 第一消息认证码分组号计数值, 所述第一消息认证码根据所述第一认证密钥上下文中的第一认证密钥、 第 一认证密钥标识以及所述第一消息认证码密钥计数值、 第一消息认证码分 组号计数值计算计算生成, 所述第一认证密钥根据移动台标识与接入中继 站标识按设定规则计算获得; A link security authentication device in a wireless relay network, comprising: a first receiving module, configured to receive a first management message sent by a mobile station, where the first management message carries a first message An authentication code and a first message authentication code key count value and a first message authentication code packet number count value included in a first authentication key context saved by the mobile station itself, the first message authentication code according to the first The first authentication key, the first authentication key identifier, the first message authentication code key count value, the first message authentication code packet number count value calculation calculation, and the first authentication Key based on mobile station identity and access relay The station identification is calculated according to the set rules;
第一处理模块, 用于根据第二认证密钥上下文中包含的第二认证密钥、 第二认证密钥标识以及所述第一消息认证码密钥计数值、 第一消息认证码 分组号计数值验证所述第一消息认证码, 根据验证结果确定所述移动台与 接入中继站间的接入链路是否安全, 所述第二认证密钥与所述第一认证密 钥为对等密钥。  a first processing module, configured to count, according to the second authentication key, the second authentication key identifier, and the first message authentication code key count value, the first message authentication code group number included in the second authentication key context And verifying, by the value, the first message authentication code, determining, according to the verification result, whether the access link between the mobile station and the access relay station is secure, and the second authentication key and the first authentication key are peer-to-peer key.
11、 根据权利要求 10所述的装置, 其特征在于, 还包括:  The device according to claim 10, further comprising:
第一密钥获得模块, 用于在所述第一接收模块接收到所述第一管理消 息后, 判断所述第一存储模块是否保存所述第二认证密钥上下文, 若无保 存, 则向所述移动台所属的鉴权器发送包括所述移动台标识与所述接入中 继站标识的上下文请求, 以从所述鉴权器获得所述第二认证密钥上下文提 供给所述第一处理模块。  a first key obtaining module, configured to determine, after the first receiving module receives the first management message, whether the first storage module saves the second authentication key context, if not saved, An authenticator to which the mobile station belongs sends a context request including the mobile station identity and the access relay station identity, to obtain the second authentication key context from the authenticator to provide to the first process Module.
12、 根据权利要求 10或 11所述的装置, 其特征在于, 所述装置为接 入中继站或多跳中继基站。  12. Apparatus according to claim 10 or 11, wherein said apparatus is an access relay station or a multi-hop relay base station.
13、 一种多跳中继基站, 其特征在于, 包括:  A multi-hop relay base station, comprising:
第二接收模块, 用于接收接入中继站发送的第二管理消息, 所述第二 管理消息中携带第三消息认证码以及第三消息认证码密钥计数值、 第三消 息认证码分组号计数值, 所述第三消息认证码根据所述第三消息认证码密 钥计数值、 第三消息认证码分组号计数值以及第三认证密钥上下文中的第 三认证密钥、 第三认证密钥标识计算生成, 所述第三认证密钥根据所述接 入中继站标识与多跳中继基站标识按设定规则计算获得;  a second receiving module, configured to receive a second management message sent by the access relay station, where the second management message carries a third message authentication code, a third message authentication code key count value, and a third message authentication code group number count And the third message authentication code is based on the third message authentication code key count value, the third message authentication code packet number count value, and the third authentication key and the third authentication key in the third authentication key context. Key identification calculation is generated, and the third authentication key is calculated according to the access relay identifier and the multi-hop relay base station identifier according to a setting rule;
第二处理模块, 用于根据第四认证密钥上下文中包含的第四认证密钥、 第四认证密钥标识以及所述第三消息认证码密钥计数值、 第三消息认证码 分组号计数值验证所述第三消息认证码, 根据验证结果确定所述接入中继 站与多跳中继基站间的中继链路是否安全, 所述第四认证密钥与所述第三 认证密钥为对等密钥。 a second processing module, configured to count, according to the fourth authentication key, the fourth authentication key identifier, and the third message authentication code key count value and the third message authentication code group number included in the fourth authentication key context And verifying, by the value, the third message authentication code, determining, according to the verification result, whether the relay link between the access relay station and the multi-hop relay base station is secure, and the fourth authentication key and the third authentication key are Peer key.
14、 一种无线中继网络系统, 其特征在于, 包括: 14. A wireless relay network system, comprising:
接入中继站, 用于接收移动台发送的第一管理消息, 根据第二认证密 钥上下文中包含的第二认证密钥、 第二认证密钥标识以及所述第一消息认 证码密钥计数值、第一消息认证码分组号计数值验证所述第一消息认证码, 根据验证结果确定所述移动台与所述接入中继站间的接入链路是否安全, 并将所述第一管理消息转换为所述第二管理消息并发送, 其中, 所述第一 管理消息中携带第一消息认证码以及所述移动台自身保存的第一认证密钥 上下文中包含的第一消息认证码密钥计数值、 第一消息认证码分组号计数 值, 所述第一消息认证码根据所述第一认证密钥上下文中的第一认证密钥、 第一认证密钥标识以及所述第一消息认证码密钥计数值、 第一消息认证码 分组号计数值计算生成, 所述第一认证密钥根据移动台标识与接入中继站 标识按设定规则计算获得, 所述第二认证密钥与所述第一认证密钥为对等 密钥;  An access relay station, configured to receive a first management message sent by the mobile station, according to the second authentication key, the second authentication key identifier, and the first message authentication code key count value included in the second authentication key context And determining, by the first message authentication code packet number, the first message authentication code, determining, according to the verification result, whether the access link between the mobile station and the access relay station is secure, and the first management message is Converting to the second management message and transmitting, where the first management message carries a first message authentication code and a first message authentication code key included in a first authentication key context saved by the mobile station itself a first value, a first message authentication code, a first message authentication code, a first message authentication code, a first authentication key, a first authentication key identifier, and a first message authentication. The code key count value and the first message authentication code group number count value are calculated and generated, and the first authentication key is set according to the mobile station identifier and the access relay station identifier according to a setting rule. Calculating, the second authentication key and the first authentication key are peer keys;
多跳中继基站, 用于接收接入中继站发送的第二管理消息, 并根据第 四认证密钥上下文中包含的第四认证密钥、 第四认证密钥标识以及所述第 三消息认证码密钥计数值、 第三消息认证码分组号计数值验证所述第三消 息认证码, 根据验证结果确定所述接入中继站与所述多跳中继基站间的中 继链路是否安全, 其中, 所述第二管理消息中携带第三消息认证码以及第 三消息认证码密钥计数值、 第三消息认证码分组号计数值, 所述第三消息 认证码根据所述第三消息认证码密钥计数值、 第三消息认证码分组号计数 值以及第三认证密钥上下文中的第三认证密钥、 第三认证密钥标识计算生 成, 所述第三认证密钥根据所述接入中继站标识与多跳中继基站标识按设 定规则计算获得, 所述第四认证密钥与所述第三认证密钥为对等密钥。  a multi-hop relay base station, configured to receive a second management message sent by the access relay station, and according to the fourth authentication key, the fourth authentication key identifier, and the third message authentication code included in the fourth authentication key context Determining, by the key count value, the third message authentication code packet number, the third message authentication code, determining, according to the verification result, whether the relay link between the access relay station and the multi-hop relay base station is secure, wherein The second management message carries a third message authentication code, a third message authentication code key count value, and a third message authentication code packet number count value, where the third message authentication code is based on the third message authentication code. The key count value, the third message authentication code packet number count value, and the third authentication key and the third authentication key identifier in the third authentication key context are calculated and generated, and the third authentication key is generated according to the access The relay station identifier and the multi-hop relay base station identifier are obtained according to a setting rule, and the fourth authentication key and the third authentication key are peer keys.
PCT/CN2009/076217 2009-02-20 2009-12-29 Method for link security authentication in wireless relay networks, device and system thereof WO2010094206A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN200910004704.5 2009-02-20
CN2009100047045A CN101815293B (en) 2009-02-20 2009-02-20 Link security certification method, device and system in wireless relay network

Publications (1)

Publication Number Publication Date
WO2010094206A1 true WO2010094206A1 (en) 2010-08-26

Family

ID=42622380

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2009/076217 WO2010094206A1 (en) 2009-02-20 2009-12-29 Method for link security authentication in wireless relay networks, device and system thereof

Country Status (2)

Country Link
CN (1) CN101815293B (en)
WO (1) WO2010094206A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8769283B2 (en) 2010-01-29 2014-07-01 Huawei Technologies Co., Ltd. MTC device authentication method, MTC gateway, and related device

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102056159B (en) 2009-11-03 2014-04-02 华为技术有限公司 Method and device for acquiring safe key of relay system
CN102724197B (en) * 2012-06-25 2015-08-12 上海交通大学 Link bidirectional safety certifying method in wireless relay network
JP6199335B2 (en) * 2014-06-05 2017-09-20 Kddi株式会社 Communication network system and message inspection method
JP7372527B2 (en) * 2019-09-26 2023-11-01 富士通株式会社 Communication relay program, relay device, and communication relay method
CN116828468A (en) * 2020-01-08 2023-09-29 华为技术有限公司 Method and device for checking relay user equipment

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101060405A (en) * 2006-04-19 2007-10-24 华为技术有限公司 A method and system for preventing the replay attack
WO2008030667A2 (en) * 2006-09-07 2008-03-13 Motorola, Inc. Security authentication and key management within an infrastructure-based wireless multi-hop network
CN101232378A (en) * 2007-12-29 2008-07-30 西安西电捷通无线网络通信有限公司 Authentication accessing method of wireless multi-hop network
KR20080090733A (en) * 2007-04-05 2008-10-09 삼성전자주식회사 Method and system for security association in broadband wireless communication system based on multi-hop

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101060405A (en) * 2006-04-19 2007-10-24 华为技术有限公司 A method and system for preventing the replay attack
WO2008030667A2 (en) * 2006-09-07 2008-03-13 Motorola, Inc. Security authentication and key management within an infrastructure-based wireless multi-hop network
KR20080090733A (en) * 2007-04-05 2008-10-09 삼성전자주식회사 Method and system for security association in broadband wireless communication system based on multi-hop
CN101232378A (en) * 2007-12-29 2008-07-30 西安西电捷通无线网络通信有限公司 Authentication accessing method of wireless multi-hop network

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8769283B2 (en) 2010-01-29 2014-07-01 Huawei Technologies Co., Ltd. MTC device authentication method, MTC gateway, and related device

Also Published As

Publication number Publication date
CN101815293B (en) 2012-08-15
CN101815293A (en) 2010-08-25

Similar Documents

Publication Publication Date Title
EP3576446B1 (en) Key derivation method
US10542425B2 (en) Method and apparatus for reducing overhead for integrity check of data in wireless communication system
US10091175B2 (en) Authenticating a device in a network
KR100764153B1 (en) Method and apparatus for detecting counterfeiting of portable subscriber station in portable internet system
KR100991522B1 (en) Security context transmission method for handover in the High speed Portable internet system
EP2432265B1 (en) Method and apparatus for sending a key on a wireless local area network
EP2418883B1 (en) Wireless local area network terminal pre-authentication method and wireless local area network system
US8707045B2 (en) Method and apparatus for traffic count key management and key count management
US8959333B2 (en) Method and system for providing a mesh key
EP1890518B1 (en) Communication system, wireless-communication device, and control method therefor
WO2009132599A1 (en) Method for deriving traffic encryption key
JP2008533609A (en) Negotiation method of terminal security related parameters in wireless mobile internet system
WO2010094206A1 (en) Method for link security authentication in wireless relay networks, device and system thereof
WO2007032499A1 (en) Wireless communication system and wireless communication method
AU2010284792B2 (en) Method and apparatus for reducing overhead for integrity check of data in wireless communication system
KR101718096B1 (en) Method and system for authenticating in wireless communication system
KR101042839B1 (en) Authentication system in wireless mobile communication system and method thereof
CN111615837A (en) Data transmission method, related equipment and system
WO2011003352A1 (en) Method and device for protecting terminal privacy
Kim et al. Improving Cross-domain Authentication overWireless Local Area Networks
JP2012510232A (en) Prevention of bid-off attacks in communication systems
CN1997212A (en) Method for location update in the wireless communication network
WO2015064475A1 (en) Communication control method, authentication server, and user equipment
Zhang et al. Research on Key Management Scheme of X2 Handover Protocol in LTE-R
KR200427594Y1 (en) Apparatus for detecting counterfeiting of portable subscriber station in portable internet system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09840257

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09840257

Country of ref document: EP

Kind code of ref document: A1