WO2013064041A1 - 生成组密钥的方法和相关设备 - Google Patents

生成组密钥的方法和相关设备 Download PDF

Info

Publication number
WO2013064041A1
WO2013064041A1 PCT/CN2012/083633 CN2012083633W WO2013064041A1 WO 2013064041 A1 WO2013064041 A1 WO 2013064041A1 CN 2012083633 W CN2012083633 W CN 2012083633W WO 2013064041 A1 WO2013064041 A1 WO 2013064041A1
Authority
WO
WIPO (PCT)
Prior art keywords
group
key
service
mtc device
base station
Prior art date
Application number
PCT/CN2012/083633
Other languages
English (en)
French (fr)
Inventor
张丽佳
陈璟
许怡娴
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to EP12845896.5A priority Critical patent/EP2765795B1/en
Publication of WO2013064041A1 publication Critical patent/WO2013064041A1/zh
Priority to US14/264,566 priority patent/US20140237559A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • H04L9/0833Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/065Network architectures or network communication protocols for network security for supporting key management in a packet data network for group communications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/08Access point devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2463/00Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
    • H04L2463/061Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00 applying further key derivation, e.g. deriving traffic keys from a pair-wise master key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/70Services for machine-to-machine communication [M2M] or machine type communication [MTC]

Definitions

  • the present invention relates to the field of communications, and more particularly to a method and related apparatus for generating a group key in the field of communications.
  • Machine to Machine (M2M) technology is the integration of wireless communication and information technology. It means that the machine and the machine can communicate directly without manual intervention. M2M applications are versatile, including automated instrumentation, remote monitoring, industrial safety and ship automation, payment systems, and vehicle remote control.
  • M2M There are three ways for M2M, including machine-to-machine, machine-to-mobile and mobile-to-machine.
  • M2M devices can access the network through long-distance connection technology and close-range connection technology.
  • the long-distance connection technologies involved include Global System for Mobile communications (GSM) and General Packet Radio (General Packet Radio). Service, GPRS), Universal Mobile Telecommunications System (UMTS) and other wireless access type technologies.
  • the short-range connection technologies include 802.11b/g, Bluetooth (Blue Tooth), Zigbee, Radio Frequency Identification (RFID), and Ultra Wideband (UWB) technologies.
  • M2M communication may also be referred to as Machine Type Communication (MTC), and M2M devices may also be referred to as MTC devices.
  • MTC Machine Type Communication
  • M2M devices may also be referred to as MTC devices.
  • the base station constructs a common physical layer, a Radio Link Control (RLC) layer, a Packet Data Convergence Protocol (PDCP) layer, and a medium access control for the same group of MTC devices ( Media Access Control, MAC) layer.
  • RLC Radio Link Control
  • PDCP Packet Data Convergence Protocol
  • MAC Media Access Control
  • the present invention provides a method and related apparatus for generating a group key to improve base station performance.
  • the present invention provides a method for generating a group key, comprising: receiving, from a mobility management entity MME, a group ID of a group in which the MTC device is located, and a group communication root key associated with the security key, The security key corresponds to the group ID; or, the MME receives a service ID of the MTC device support service, and a service root key related to the security key, where the security key corresponds to the service ID, and Determining, according to the service ID, a group ID of the group in which the MTC device is located, generating the group communication root key according to the group ID and the service root key; generating the group ID according to the group communication root key Corresponding group key; sending, to the MTC device, a generation parameter for generating the group key, so that the MTC device generates the location according to the generation parameter and the security key saved in the MTC device Group key.
  • the present invention provides a method for generating a group key, including: a group ID of a group in which the MTC device is sent by a receiver-type communication MTC device or a service ID of a service supported by the MTC device;
  • the home subscriber system HSS to which the MTC device belongs sends the group ID or the service ID, so that the HSS generates a group communication root key according to the generated random number and the security key corresponding to the group ID, or
  • the HSS generates a service root key according to the generated random number and a security key corresponding to the service ID; receives the group communication root key or the service root key from the HSS; and sends the group ID to a base station Communicating with the group the root key, or the service ID and the service root key, to enable the base station to communicate according to the group if the group ID and the group communication root key are received
  • the root key generates a group key corresponding to the group ID, or determines a group ID of the group in which the MTC device is located according
  • the present invention provides a method for generating a group key, comprising: receiving, from a mobility management entity MME, a group ID of a group in which the MTC device is located or a service ID of the MTC device supporting service; Generating a group communication root key with a security key corresponding to the group ID, or generating a service root key according to a random number and a security key corresponding to the service ID; sending the group communication root density to the MME a key or the service root key, so that the MME sends the group ID and the group communication root key, or the service ID and the service root key to a base station, where the base station receives the Generating a group key corresponding to the group ID according to the group communication root key in the case of the group ID and the group communication root key, or in the case of receiving the service ID and the service root key Determining, by the service ID, a group ID of the group in which the MTC device is located, generating a group communication root key corresponding to the group
  • the present invention provides a method for generating a group key, including: sending, to a mobility management entity MME, a group ID of a group in which a machine type communication MTC device is located or a service ID of a service supported by the MTC device, so as to enable
  • the MME sends the group ID or the service ID to the user home system HSS to which the MTC device belongs, and the HSS generates a group communication root key according to a random number and a security key corresponding to the group ID, or according to a random number Generating a service root key with a security key corresponding to the service ID, and sending the group communication root key or the service root key to the MME, so that the MME sends the group ID and the base station to the base station
  • the group communication root key, or the service ID and the service root key so that the base station receives the group ID and the group communication root key according to the group communication root density Generating, by the key, a group key corresponding to the group ID, or determining, according to
  • the present invention provides a base station, including: a receiving module, configured to receive, from a mobility management entity MME, a group ID of a group in which the MTC device is located, and a group communication root key related to the security key, The security key corresponds to the group ID; or, the MME receives a service ID of the MTC device support service, and a service root key related to the security key, where the security key corresponds to the service ID, Determining, according to the service ID, a group ID of the group in which the MTC device is located, generating the group communication root key according to the group ID and the service root key, and generating a module, configured to use the group communication root density according to the group Generating a group key corresponding to the group ID; a first sending module, configured to send, to the MTC device, a generating parameter used to generate the group key, so that the MTC device generates a parameter according to the The security key stored in the MTC device generates the group key.
  • a receiving module configured to receive
  • the present invention provides a mobility management entity, including: a first receiving module, configured to receive, by a receiver-type communication, an MTC device, a group ID of a group in which the MTC device is located, or a service in which the MTC device supports a service a first sending module, configured to send the group ID or service ID to a home subscriber system HSS to which the MTC device belongs, so that the HSS generates a random number and a security key corresponding to the group ID according to the generated random number Generating a group communication root key, or causing the HSS to generate a service root key according to the generated random number and a security key corresponding to the service ID; and a second receiving module, configured to receive the group from the HSS a communication root key or the service root key; a second sending module, configured to send the group ID and the group communication root key, or the service ID and the service root key to a base station, so that The base station generates a group key corresponding to the group ID according to the group communication root
  • Root key situation Determining, according to the service ID, a group ID of the group in which the MTC device is located, generating a group communication root key corresponding to the group ID according to the group ID and the service root key, and according to the group communication root key Generating a group key corresponding to the group ID, and sending, by the base station, a generation parameter for generating the group key to the MTC device, so that the MTC device is configured according to the generation parameter and the MTC device
  • the saved security key generates the group key.
  • the present invention provides a home subscriber system, including: a receiving module, configured to receive, from a mobility management entity MME, a group ID of a group in which the MTC device is located or a service ID of the MTC device supporting service; a generating module, configured to correspond to the group ID according to the random number
  • the security key generation group communicates the root key, or generates a service root key according to the random number and the security key corresponding to the service ID;
  • the first sending module is configured to send the group communication root key to the MME Or the service root key, so that the MME sends the group ID and the group communication root key, or the service ID and the service root key to a base station, where the base station receives the Generating a group key corresponding to the group ID according to the group communication root key in the case of the group ID and the group communication root key, or in the case of receiving the service ID and the service root key Determining, by the service ID, a group ID of the group in which the MTC device is located, generating
  • the present invention provides a machine type communication device, including: a sending module, configured to send, to a mobility management entity MME, a group ID of a group in which the machine type communication MTC device is located or a service ID of the MTC device support service; And causing the MME to send the group ID or service ID to a user home system HSS to which the MTC device belongs, where the HSS generates a group communication root key according to a random number and a security key corresponding to the group ID, or Generating a service root key according to a random number and a security key corresponding to the service ID, and sending the group communication root key or the service root key to the MME, so that the MME sends the a group ID and the group communication root key, or the service ID and the service root key, so that the base station receives the group ID and the group communication root key according to the group
  • the communication root key generates a group key corresponding to the group ID, or determines a group ID of the group in which the MTC device is located
  • the network side can generate the group key of the group in which the MTC device is located by using the security key and the random number generated by the HSS. And send the generation parameters required to generate the group key to The MTC device in the group, so that the MTC device generates the group key by using the generation parameters and the security key. Therefore, the MTC devices in the same group can use the same group key to perform group communication normally, and in the base station, only the same group key needs to be kept for the same group, so that the complexity of the base station operation can be reduced, and the base station can be reduced. Maintain and manage the number of keys to improve base station performance.
  • FIG. 1 is a flow chart of a method of generating a group key in accordance with an embodiment of the present invention.
  • FIG. 2 is a flow diagram of a first example of generating a group key using a method provided in accordance with an embodiment of the present invention.
  • Fig. 3 is a schematic diagram showing an example of generating a group authentication parameter in the first example.
  • FIG. 4 is a flow chart showing the authentication performed by the MTC device and the MME (Mobility Management Entity) in the first example.
  • Fig. 5 is a flow chart when the MTC device rejoins the group communication from the idle state or the detached state in the first example.
  • FIG. 6 is a flow diagram of a second example of generating a group key using a method provided in accordance with an embodiment of the present invention.
  • Fig. 7 is a schematic diagram showing an example of generating a group authentication parameter in the second example.
  • Fig. 8 is a schematic diagram showing another example of generating a group authentication parameter in the second example.
  • Figure 9 is a flow chart showing the authentication performed by the MTC device and the MME in the second example.
  • Figure 10 is a flow chart when the MTC device rejoins the group communication from the idle state or the detached state in the second example.
  • FIG 11 is a flow diagram of a third example of generating a group key using a method provided in accordance with an embodiment of the present invention.
  • Figure 12 is a flow chart when the MTC device rejoins the group communication from the idle state or the detached state in the third example.
  • Figure 13 is a flow diagram of another method of generating a group key in accordance with an embodiment of the present invention.
  • FIG. 14 is a flow chart showing still another method of generating a group key according to an embodiment of the present invention.
  • 15 is a flow chart of still another method of generating a group key in accordance with an embodiment of the present invention.
  • FIG. 16 is a structural block diagram of a base station according to an embodiment of the present invention.
  • FIG. 17 is a structural block diagram of another base station according to an embodiment of the present invention.
  • FIG. 18 is a structural block diagram of a mobility management entity according to an embodiment of the present invention.
  • 19 is a structural block diagram of another mobility management entity in accordance with an embodiment of the present invention.
  • FIG. 20 is a structural block diagram of a home subscriber system in accordance with an embodiment of the present invention.
  • 21 is a structural block diagram of another home subscriber system in accordance with an embodiment of the present invention.
  • Figure 22 is a block diagram showing the structure of a machine type communication device in accordance with an embodiment of the present invention.
  • 23 is a block diagram showing the structure of another machine type communication device according to an embodiment of the present invention.
  • method 100 can be performed by a base station.
  • the network side can generate a group key by using a security key corresponding to the group ID or the service ID stored in the HSS (Home Subscriber System), and the MTC device does not know the parameters required to generate the group key.
  • the parameter is sent to the MTC device, so that the MTC device can also generate the same group key as the group key on the network side. This ensures that the group key on the device side and the network side are consistent, so that group communication can be performed normally.
  • the parameter with the word "Group” indicates a parameter associated with a group
  • the parameter "XXX_Group” of a group may have A similar usage and role of the parameter "XXX" of an MTC device.
  • an AV-Group may have a similar generation and representation as an Authentication Vector (AV), except that the AV-Group is for one group, not for a particular MTC device.
  • the group ID may be preset in the MTC device, or may be set in the USIM (Universal Subscriber Identity Module), when the USIM is inserted into the MTC device. In the standby mode, the USIM becomes part of the MTC device to determine the group in which the MTC device resides.
  • USIM Universal Subscriber Identity Module
  • KeNB_Group in the following description, which is equal to the Kasme_Group generated by the HSS.
  • KeNB_Group has similar functions as KeNB, except that the KeNB Group is for one group, and the KeNB is for one MTC device, and other keys can be derived through the KeNB-Group.
  • the generation parameter sent to the MTC device may be a parameter required to generate the KeNB-Group, which may be some authentication parameter, and thus may be sent to the MTC device during the authentication process. In this way, the overhead caused by separately generating the generated parameters for the MTC device can be avoided, and the use efficiency of the authentication parameters can be improved.
  • the USIM inserted into the MTC device stores the group information Group ID (group ID) of the group to which the MTC device belongs and the security key K_Group corresponding to the group ID.
  • group ID group ID
  • K_Group security key
  • the Group ID and the security key corresponding to the Group ID can also be directly saved in the MTC device.
  • the K_Group corresponding to the Group ID is also saved in the HSS to which the MTC device belongs.
  • the MTC device sends an attach request to the MME, where the request includes the IMSI of the MTC device and the Group ID of the group to which the MTC device belongs.
  • the MME After the MME receives the attach request sent by the MTC device, the MME determines whether the AV-Group bound to the Group ID is saved.
  • the MME sends an authentication data request to the HSS, and includes an IMSI in the authentication data request. And Group ID;
  • the HSS finds a corresponding K according to IMSI, generates an AV according to K, and the HSS finds a corresponding K Group according to the Group ID, and generates an AV Group according to K Grou;
  • the HSS sends the AV and the AV-Group to the MME through the authentication data response;
  • the MME binds and stores the Group ID and the AV_Group.
  • Figure 3 The way to generate an AV-Group based on K Grou is shown in Figure 3.
  • Figure 3 here is just an example and does not limit the way that K Grou generates AV-Groups.
  • the HSS refers to the way AV is generated to generate an AV-Group for the Group ID.
  • the set AMF and functions F1 to F5 are the same as the prior art, except that the other input parameters and the generated parameters are for one group and not for one MTC device.
  • Kasme_Group KDF (SQN AK-Group, SN ID, IK Group, CK Group)
  • KDF key generation function can have the same calculation method as the prior art, like the KDF function below, on its form No limitation; ten represents XOR calculation; II represents the combination of two physical quantities before and after to form a continuous physical quantity.
  • the MME sends an authentication data request to the HSS, and includes an IMSI in the authentication data request.
  • the HSS finds a corresponding K according to the IMSI, and generates an AV according to K;
  • the MME sends a user authentication request to the MTC device, and in addition to carrying the RAND, AUTH, and KSI ASME to authenticate the MTC device itself, as in the prior art, the MME is required to use the manner of the embodiment of the present invention.
  • RAND Group, AUTH Group, KSIASME-Group can be the same as RAND, AUTH, KSI ASME , except for AND_Group, AUTH Group, KSI ASME _Group is a parameter for one group, and RAND, AUTH, KSI ASME is for For an MTC device.
  • the MTC device when the authentication succeeds, the MTC device returns a user authentication response to the MME, where the response is carried in the manner of the embodiment of the present invention, in addition to carrying the RES to respond to the device authentication as in the prior art.
  • RES-Group responds to group authentication.
  • the MTC device needs to send a user authentication reject message to the MME as in the prior art, and the message carries a CAUSE parameter indicating the reason for the authentication failure.
  • the MME and the MTC device may calculate KeNB_Group according to AV_Grou, in this embodiment Kasme_Group As KeNB_Group.
  • the KeNB Group is the group communication root key of the access layer, and other access layer group keys can be generated by the KeNB Group.
  • the MTC device may merge with the MME into the KeNB and the KeNB-Group at S270, the MTC device may also generate the KeNB and the KeNB-Group at any time after S260 and before S292.
  • the MME transmits the Group ID, KeNB, and KeNB Group to the eNB.
  • the eNB selects an integrity algorithm and an encryption algorithm according to the security capabilities of the MTC device. If the binding associated with the Group ID is not established on the eNB, the eNB selects a group algorithm for generating the group key according to the group security capability of the MTC device, and may include a group integrity algorithm and a group encryption algorithm.
  • the method of selecting the group integrity algorithm and the group encryption algorithm may be similar to the selection algorithm of the MTC device selection integrity algorithm and the encryption algorithm in the prior art, and the group integrity algorithm and the group encryption algorithm may also be respectively associated with the integrity algorithm in the prior art.
  • the encryption algorithm is similar, except that the group integrity algorithm and the group encryption algorithm are algorithms for one group, and the integrity algorithm and encryption algorithm are algorithms for one MTC device.
  • the eNB When the eNB establishes the binding relationship of the group ID for the first time to generate a corresponding group key for a group ID, the eNB sets the key update number Key Count to 0, and the parameter can be used to perform a derivation update on the group key. .
  • the value of the PDCP counter (PDCP Count) reaches the maximum value, the Key Count value can be incremented by one.
  • the PDCP Count value reaches the maximum value, which means that the Hyper Frame Number (HFN) part of the PDCP Count reaches the maximum value, that is, the Key Count is incremented every time the HFN reaches the threshold.
  • HFN Hyper Frame Number
  • the generation parameters for generating the group key and the number of key update times required to update the group key are transmitted to the other MTC device.
  • Count so that the other MTC device generates a group key based on the generation parameters, the number of key updates, and the security key.
  • the eNB can establish a group ID and a group integrity algorithm, a group encryption algorithm, and a Key Count binding.
  • the relationship is determined, and the access layer key of the MTC device and the access layer group key of the group to which the MTC device belongs are calculated, and the access layer group key and the KeNB-Group are also bound to the Group ID.
  • the access layer key of the MTC device is calculated in the same manner as the prior art, and the calculation of the access layer group key can be performed in the manner described below.
  • the access stratum group key may include an access stratum group encryption key Key_Groupenc and an access stratum group integrity key Key_Groupint.
  • KDF is the key generation function
  • Group-enc-alg represents the group encryption algorithm for the current calculation
  • Alg-ID is the algorithm identifier
  • Group-int-alg represents the group integrity algorithm for the current calculation.
  • the eNB does not need to perform the steps of selecting a group algorithm and computing a group key. If the group ID-related binding has been established on the eNB, and the Key Count of the Group ID binding is not 0, the Key Count value needs to be sent in S291 described below.
  • the group integrity algorithm and the group encryption algorithm are selected by the eNB according to the group security capabilities of the MTC device in the first example, in other embodiments, the group integrity algorithm and the group encryption algorithm may also be pre-configured at the eNB and In the MTC device, this does not require the eNB to select the corresponding algorithm.
  • the eNB sends an Access Stratum Security Mode Command (AS SMC) to the MTC device, and negotiates the selected integrity algorithm, the encryption algorithm, the group integrity algorithm, and the group encryption algorithm.
  • AS SMC Access Stratum Security Mode Command
  • the MTC device can calculate an access layer key of the MTC device according to the integrity algorithm and the encryption algorithm in the negotiated algorithm. MTC device based on group integrity algorithms and groups in the negotiated algorithm The encryption algorithm, combined with the KeNB-Group obtained from the AV-Group in S260, can calculate the group keys Key_Groupenc and Key_Groupint of the belonging group.
  • the eNB may update the group key according to the Key Count.
  • the method of updating the group key may be to first derive a new KeNB-Group according to the Key Count, and then calculate the new group key by using the derived KeNB-Group.
  • KeNB_Group is used to represent the derived KeNB_Group
  • KeNB_Group* is replaced by the derived KeNB_Group* as the current KeNB Group:
  • KeNB — Group* KDF ( KeNB — Group, Cell ID, Group ID )
  • KeNB Group* is a generation function and Cell ID is a cell identifier.
  • the Key Count is a few, and it is deduced several times. You can also use the following expression to directly derive KeNB Group* and KeNB-Group* as KeNB Group:
  • KeNB - Group * KDF ( KeNB - Group, Cell ID, Group ID, Key Count )
  • the eNB can recalculate the Key - Groupenc and the negotiated group algorithm using the derived KeNB - Group and the negotiated group algorithm.
  • Key—Groupint Next, group communication is performed using the recalculated Key-Groupenc and Key-Groupint.
  • the eNB When the Key Count is not equal to 0, the eNB also needs to send a Key Count to the MTC device through the AS SMC.
  • the MTC device first derives a new KeNB-Group, and then uses the derived KeNB-Group and combines the negotiated group algorithm to recalculate Key_Groupenc and Key_Groupint. Next, group communication is performed using the recalculated Key_Groupenc and Key Groupint.
  • a group of MTC devices use an AV-Group for a period of time, which can allow AV-Group to reuse.
  • the SQN-Group usage rule can be that the MTC device receives the SQN_Group in the AUTH Grou from the network side. Equal to the SQN_Group saved on the device side. If the SQN-Group is out of sync, it can be resolved by the resynchronization process.
  • an MTC device in a group is originally in group communication but exits the group communication after a period of time, when the MTC device needs to transition from the idle (IDLE) state to the active (active) state and rejoin the group communication.
  • the eNB sends the key update number Key Count required to update the group key to the MTC device, so that the MTC device updates the group key according to the number of key update times.
  • the synchronization of the access layer key and the access layer group key can be performed in the manner shown in FIG.
  • the MME sends a request to the MTC device service message, the message comprising a Group ID, KSI AS ME_Group, wherein KSI ASME _Group key identifier is used to identify the K ASME _Group.
  • the MME checks whether there is a binding relationship corresponding to the Group ID, that is, whether there is an AV-Group bound to the Group ID. If there is no binding relationship, or a binding relationship but KSI ASME _Group KSI ASME _Group inconsistent with the message AV_Group in the bound, and S260 to S220 is executed subsequent execution when no MME in FIG. 2 when the binding relationship S270 to S292.
  • Figure 5 there are stored KSI ASME binding and binding relationship in AV- Group in the MME - Group and message coincides KSIASME- Group, the MME transmits to the eNB in the Group ID in S530.
  • the eNB searches for the bound group algorithm, Key Count, KeNB Group, Key_Groupenc, and Key_Groupint according to the Group ID.
  • the eNB sends an AS SMC to the MTC device, negotiates an integrity algorithm, an encryption algorithm, a group integrity algorithm, a group encryption algorithm, and sends the Key Count to the MTC device.
  • the MTC device calculates the access stratum key and the access stratum group keys Key Groupenc and Key_Groupint according to the negotiated algorithm.
  • the group communication root key is KeNB_Group in the following description, which is equal to the random number randomly generated in the process of HSS generation. Since the base station needs to send a random number to the MTC device, the HSS needs to send the random number to the MME, and then the MME sends the random number to the base station.
  • the group ID of the group to which the MTC device belongs and the key K-Group corresponding to the group ID are stored in the USIM of the MTC device.
  • the Group ID and the security key corresponding to the Group ID can also be directly saved in the MTC device.
  • the correspondence between Group ID and K Grou is also saved in the HSS to which the MTC device belongs.
  • the MTC device sends an attach request to the MME, where the request includes the IMSI and the Group ID of the MTC device.
  • the MME determines whether the Group Key and Nonce bound to the Group ID are saved, where Nonce is a random number randomly generated by the HSS.
  • Nonce is a random number randomly generated by the HSS.
  • the MME sends an authentication data request message to the HSS, where the message includes the IMSI and Group ID.
  • the indicator data should also be included in the authentication data request to indicate that the MME has not established the binding information of the Group ID, and the HSS generation is required.
  • Group Key of course, if the subsequent authentication utilizes the AV in the prior art, the Group Key Indicator may also be carried to indicate that the related binding information of the Group ID is not established;
  • the HSS finds the corresponding K according to IMSI, and generates AV according to K, so that the MTC device and the network side use the AV for authentication.
  • the K corresponding to IMSI can be called the exclusive key of the MTC device, and the value of any K is unique and is only held by one MTC device.
  • the MTC device is assigned a unique ⁇ because K is stored in the USIM.
  • the HSS can also find the corresponding K according to IMSI, find the corresponding K-Group according to the Group ID, and combine K and K-Group to generate the AV-Group, so that the MTC device and the network side can use the AV-Group for authentication.
  • the MTC device and the network side can use the AV-Group for authentication.
  • the AV-Group for authentication.
  • 3 ⁇ 40 ⁇ 10 find the corresponding _01"0 ⁇ , generate a Group Key according to K_Group and the randomly generated random number Nonce;
  • the HSS when authenticating with the AV, transmits the AV, Group Key, and Nonce to the MME through the authentication data response message.
  • the HSS When using AV-Group for authentication, sends the AV Grou, Group Key, and Nonce to the MME through the authentication data response message;
  • the MME binds and stores the Group ID with the Group Key and Nonce.
  • Figure 7 and Figure 8 The way to generate an AV-Group based on K and K-Group can be as shown in Figure 7 and Figure 8.
  • Figure 7 and Figure 8 here are just two examples and do not limit the way AV-Group is generated.
  • the HSS generates the SQN and generates RAND, and takes SQN and RAND as one The serial number and random number of the group.
  • the HSS inputs SQN, RAND, AMF, K into the same F1 to F5 functions as in the prior art as shown in the figure, and obtains MAC, XRES, CK, ⁇ , ⁇ .
  • the HSS inputs ⁇ -Group and MAC, SRES, CK, IK, and AK into other functions F as shown in the figure.
  • These functions F may be the same or different, and the specific form is not limited herein. Through these functions F, MAC_Group, XRES_Group, CK_Group, IK Group, and AK_Group can be obtained respectively.
  • the HSS generates the SQN and generates RAND, and uses SQN and RAND as the sequence number and random number for a group.
  • the HSS inputs the SQN, RAND, AMF, K, and K-Group into the same F1 to F5 functions as the prior art as shown in the figure, and obtains MAC-Group, XRES-Group, CK-Group, IK-Group, respectively.
  • AK-Group is the HSS.
  • AUTN_Group SQN ten AK_ Group
  • Kasme-Group KDF (SQN Ten AK-Group, SN ID, IK Group, CK-Group)
  • KDF is a key generation function, which can have the same calculation method as the prior art; ten represents an exclusive OR calculation; II represents a physical quantity that is formed by combining two physical quantities together.
  • the MME sends an authentication data request message to the HSS, and when the authentication only needs to be performed by the AV, the IMSI is included in the authentication data request message, and the authentication data request message is used when the AV-Group is required to perform authentication later.
  • the HSS finds a corresponding K according to the IMSI, and generates an AV based on K.
  • the HSS finds the corresponding K according to the IMSI, finds the corresponding K Group according to the Group ID, and generates the AV Group in combination with the K and K Group;
  • the HSS sends the AV or AV-Group to the MME through the authentication data response. At this point, you do not need to execute S650.
  • the MME and MTC devices use AV or AV-Group for authentication.
  • AV authentication the same method as the prior art is used.
  • AV-Group certification the authentication process is shown in Figure 9.
  • the MME sends a user authentication request to the MTC device, where the request carries the RAND_Group, the AUTN-Group in the AV-Group, and the KSI ASME in the prior art.
  • the MTC device when the authentication is successful, the MTC device returns a user authentication response to the MME, and carries the RES_Group in the response. In addition, if the authentication fails, the MTC device sends a user authentication reject message to the MME, and carries the CAUSE parameter in the message.
  • the MME and the MTC device calculate the KeNB as in the prior art, and the MME uses the Group Key as the KeNB-Group. Although in the second example shown in FIG. 6, the MTC device and the MME occur as KeNB at S670, the MTC device may also generate the KeNB at any time after S660 and before S692.
  • the MME transmits the Group ID, KeNB, KeNB Grou, and Nonce to the eNB.
  • the eNB selects an integrity algorithm and an encryption algorithm according to the security capabilities of the MTC device. If the binding associated with the group ID is not established on the eNB, the eNB selects a group algorithm for generating a group key according to the group security capability of the MTC device, and may include a group integrity algorithm and a group encryption algorithm. The access layer key and the group keys Key_Groupenc and Key_Groupint are calculated.
  • the eNB also binds the group algorithm, Key Count, KeNB Group, KeNB_Groupenc, KeNB Groupint, and Nonce to the Group ID.
  • For related content of the S690 refer to the description in S290. To avoid repetition, details are not described herein again.
  • the eNB sends an AS SMC to the MTC device, negotiates a selected integrity algorithm, an encryption algorithm, a group integrity algorithm, a group encryption algorithm, and carries Nonce in the AS SMC.
  • the MTC device calculates an access stratum key according to the negotiated algorithm.
  • the K_Group corresponding to the Group ID calculates KeNB_Group, and uses the KeNB_Group and the negotiated group algorithm to calculate the access layer group key Key_Groupenc and Key_Groupintance
  • the KeNB Grou is derived according to the Key Count, and the access layer group key is updated according to the derived KeNB-Group.
  • the eNB since the Key Count is not 0, the eNB also derives the KeNB-Group according to the Key Count, and updates the access layer group key according to the derived KeNB-Group.
  • the eNB sends the MTC device to the MTC device.
  • the key update number Key Count required to update the group key, so that the MTC device updates the group key according to the number of key updates.
  • the synchronization of the access layer key and the access layer group key can be performed in the manner shown in FIG.
  • the MTC device sends a service request message to the MME, where the message includes the Group ID and the Nonce value saved in the previous group communication process, and the Nonce value is also the MTC device generation group.
  • the Nonce value of the key is also the MTC device generation group.
  • the MME checks whether there is a binding relationship corresponding to the Group ID, that is, whether there is a Group Key and a Nonce bound to the Group ID. If there is no binding relationship, or there is a binding relationship, but the bound Nonce value is inconsistent with the Nonce value sent by the MTC device, then in S1030, the MME sends the Group ID and the MN bound to the eNB to the eNB, so that the eNB will Nonce sends the MTC device and sends the group algorithm bound to the Group ID and the Key Count not 0 to the MTC device. If there is a binding relationship and the bound Nonce value is consistent with the Nonce value sent by the MTC device, then in S 1030, the MME sends the Group ID to the eNB.
  • the MME sends the Group ID to the eNB.
  • the eNB searches for the bound group algorithm, Key Count, KeNB_Group, Key Groupenc, Key Groupint, and Nonce according to the Group ID.
  • the eNB sends an AS SMC to the MTC device, negotiates an integrity algorithm, an encryption algorithm, a group integrity algorithm, a group encryption algorithm, and sends the Key Count to the MTC device if the Key Count is not 0.
  • the MME sends the Nonce value to the eNB in S1030, the Nonce value is carried in the AS SMC and sent to the MTC device.
  • the MTC device calculates the access stratum key and the access stratum group keys Key Groupenc and Key_Groupint according to the negotiated algorithm.
  • the MTC device is divided into different service sets according to the function of the MTC device or the belonging service in advance, and is distinguished by the service ID.
  • the business set does not mean sharing the same group secret
  • the group of keys, the group sharing the same group key also needs to be determined by the base station by grouping according to the service ID.
  • the method of determining the group ID according to the service ID may be the same as the prior art, for example, grouping according to the location where the MTC device supporting the same service is located, and the details are not described herein again.
  • the service ID can be preset in the MTC device. It can also be set in the USIM. When the USIM is inserted into the MTC device, the USIM becomes part of the MTC device to determine the services supported by the MTC device.
  • the service root key is KeNB_Service in the following description, which is equal to the Service Key generated by the HSS.
  • the KeNB-Group can be determined by the base station.
  • the generation parameter sent to the MTC device may be a group ID obtained by the base station after being grouped according to the service ID and a random number required for the HSS to generate a Service Key.
  • the MTC device can combine the K-Service corresponding to the service ID stored in the inserted USIM to generate the same group key as the group key generated by the base station.
  • the service ID of the service to which the MTC device belongs and the key K-Service corresponding to the service ID are stored in the USIM of the MTC device.
  • the correspondence between Service ID and K-Service is also saved in the HSS to which the MTC device belongs.
  • the MTC device sends an attach request to the MME, including IMSI and Service ID in the request.
  • the MME After the MME receives the attach request sent by the MTC device, the MME determines whether the Service Key and Nonce bound to the Service ID are saved.
  • the MME determines that the Service Key and Nonce bound to the Service ID have not been saved, perform the following operations before S1160:
  • the MME sends an authentication data request message to the HSS, where the IMSI and the Service ID are carried in the message;
  • the HSS finds the corresponding K according to IMSI, and generates AV according to K, so that the MME uses the AV and MTC devices for authentication.
  • the HSS finds the K-Service according to the Service ID, and randomly generates a random number Nonce, and then generates a Service Key according to K-Service and Nonce;
  • the HSS sends the AV, the Service key, and the Nonce to the MME through the authentication data response message;
  • the MME binds and stores the Service ID with the Service Key and Nonce.
  • the MME determines that the Service Key and Nonce bound to the Service ID are saved, perform the following operations before SI 160:
  • the MME sends an authentication data request message to the HSS, and carries the IMSI in the message; in S1130, the HSS finds the corresponding K according to the IMSI, and generates an AV according to K;
  • the HSS sends the AV to the MME through an authentication data response message. At this time, you do not need to execute S1150.
  • the MME and the MTC device calculate the KeNB, and the MME uses the Service Key as the KeNB_Service.
  • the MTC device and the MME are both generated as KeNBs at S1170, the MTC device may also generate the KeNB at any time after S1160 and before S1192.
  • the MME transmits the Service ID, KeNB, KeNB_Service, and Nonce to the eNB.
  • the eNB selects an integrity algorithm and an encryption algorithm according to the security capabilities of the MTC device. If the binding relationship related to the Service ID is not established on the eNB, the eNB selects a group algorithm for generating a group key according to the group security capability of the MTC device, and may include a group integrity algorithm and a group encryption algorithm, and calculate the access. Layer key and access layer group key.
  • the method of selecting the group integrity algorithm and the group encryption algorithm may be similar to the selection algorithm of the MTC device selection integrity algorithm and the encryption algorithm in the prior art, and the group integrity algorithm and the group encryption algorithm may also be respectively associated with the integrity algorithm in the prior art.
  • the encryption algorithm is similar, except that the group integrity algorithm and the group encryption algorithm are algorithms for one group, and the integrity algorithm and encryption algorithm are algorithms for one MTC device.
  • the eNB In the process of calculating an access stratum group key including Key Groupenc and Key_Groupint, the eNB first needs to group the MTC devices belonging to the same service according to the Service ID, and then determine a group of KeNB_Group according to the packet, and then according to the KeNB. Grou and the group algorithm generate a group key. There are various ways to group MTC devices belonging to the same service, such as random packets, grouping according to the signal strength of MTC devices, and the like.
  • the KeNB-Group can be calculated as follows:
  • KeNB_Group KDF ( KeNB — Service , Cell ID, Group ID )
  • the KDF is a key generation function
  • the Cell ID is the number of the eNB serving cell
  • the Group ID is the group ID of the group to which the MTC device belongs.
  • KeNB_Group After calculating KeNB_Group, you can calculate the group encryption key Key_Groupenc and the group integrity key Key Groupint:
  • Key_Groupenc KDF ( KeNB — Group, Group-enc-alg, Alg-ID )
  • KDF KeNB — Group , Group-int-alg, Alg-ID
  • KDF is the key generation function
  • Group-enc-alg represents the group encryption algorithm for the current calculation
  • Alg-ID is the algorithm identifier
  • Group-int-alg represents the group integrity algorithm for the current calculation.
  • the eNB After calculating the group key, the eNB also binds the group algorithm, Key Count, KeNB-Group, KeNB Groupenc, and KeNB Groupint to the Group ID.
  • the eNB when the eNB first generates a group key for a group ID to establish a group ID binding relationship, the eNB sets the Key Count to 0, when the PDCP counter value reaches a maximum value. , the Key Count value is incremented by 1, and the group key is deduced and updated by the Key Count value.
  • the group integrity algorithm and the group encryption algorithm may also be pre-configured on the eNB and the MTC device, in which case there is no need to select a group algorithm in S1190 or negotiate a group algorithm in the AS SMC.
  • the eNB sends an AS SMC to the MTC device, negotiates a selected integrity algorithm, an encryption algorithm, a group integrity algorithm, a group encryption algorithm, and carries the Group ID and Nonce in the AS SMC.
  • the MTC device can calculate an access layer key of the MTC device according to the integrity algorithm and the encryption algorithm in the negotiated algorithm.
  • the MTC device calculates the group key according to the group integrity algorithm and the group encryption algorithm in the negotiated algorithm, the Group ID and Nonce obtained in S 1091, and the K-Service stored in the USIM.
  • the eNB may update the group key according to the Key Count.
  • the manner of updating the group key may first derive a new KeNB-Group according to the Key Count, and then use the derived KeNB-Group to calculate. A new group key.
  • For the derivation method refer to the relevant content in S192.
  • the key update number Key Count required to update the group key is sent to the MTC device to make the MTC.
  • the device updates the group key based on the number of key updates.
  • the synchronization of the access layer key and the access layer group key can be performed in the manner shown in FIG.
  • the MTC device sends a service request message to the MME, where the message includes the Service ID and the Nonce value and the Group ID saved in the previous group communication process.
  • the MME checks whether there is a binding relationship corresponding to the service ID, that is, whether there is a Service Key and a Nonce bound to the Service ID. If there is no binding relationship, or there is a binding relationship, but the binding Nonce value is inconsistent with the Nonce value sent by the MTC device, in S1230, the MME sends the Group ID and the MN bound to the eNB to the eNB, so that the eNB will Nonce sends to the MTC device and sends the group algorithm bound to the Group ID and the Key Count not 0 to the MTC device. If there is a binding relationship and the bound Nonce value is consistent with the Nonce value sent by the MTC device, then in S1230, the MME sends the Group ID to the eNB.
  • the MME transmits the Group ID to the eNB.
  • the eNB searches for the bound group algorithm, Key Count, KeNB_Group, Key Groupenc, and Key_Groupint according to the Group ID.
  • the eNB sends an AS SMC to the MTC device, negotiates an integrity algorithm, an encryption algorithm, a group integrity algorithm, a group encryption algorithm, and sends the Key Count to the MTC device if the Key Count is not 0.
  • the MME sends the Nonce value to the eNB in S1230, the Nonce value is carried in the AS SMC and sent to the MTC device.
  • the MTC device calculates an access layer key and an access stratum group key according to the negotiated algorithm, the Nonce value, the K-Service, and the Group ID.
  • the PDCP Count value is composed of two parts: HFN and SN.
  • the eNB may not need to maintain one HFN value for each MTC device, but is one.
  • the group MTC device maintains a group HFN value, wherein the group HFN is shared by a group of MTC devices, and the SN is determined by the sequence number in the data packet transmitted by the MTC device.
  • a PDCP Count value is maintained, and the HFN in the PDCP Count value is synchronized with the HFN of the group HFN and other MTC devices maintained by the eNB, and the SN is separately maintained by the MTC device.
  • the serial number of the transmitted packet is related.
  • each MTC device For the uplink, each MTC device maintains a PDCP Count value, and the HFN maintained by each MTC device in the group is synchronized with the group HFN maintained by the eNB.
  • the intra-group MTC device encrypts the uplink data by using the uplink PDCP Count value, and carries the SN in the header of the uplink data packet data unit (PDU).
  • the eNB decrypts the data packet by using the HFN stored by the eNB and the Count value of the SN carried by the data packet.
  • the eNB When the SN in the data packet sent by any MTC device in the group reaches a threshold, after receiving the data packet, the eNB adds 1 to the group HFN, and notifies the value of the HFN or the information that the HFN needs to be added to the group.
  • the eNB When the SN in the data packet sent by any MTC device in the group reaches a threshold, after receiving the data packet, the eNB adds 1 to the group HFN, and notifies the value of the HFN or the information that the HFN needs to be added to the group.
  • Each MTC device When the SN in the data packet sent by any MTC device in the group reaches a threshold, after receiving the data packet, the eNB adds 1 to the group HFN, and notifies the value of the HFN or the information that the HFN needs to be added to the group.
  • the HFN can have multiple notification methods. For example, for an MTC device with a small traffic volume, the HFN can be set to a fixed value. For example, when the HFN is variable, the eNB may send the HFN to all the MTC devices in the group ID corresponding group by using the grouping ID corresponding to the signaling bearer of each MTC device in the group, the common signaling bearer of the group ID corresponding group, or the broadcast channel. The value. The eNB may send the HFN value to all the MTC devices in the group ID corresponding group when the HFN reaches the threshold, or may send the HFN value to the MTC device when the MTC device joins the group ID corresponding group.
  • the eNB may correspond to the signaling bearer of each MTC device in the group, the common signaling bearer of the group ID corresponding group, or the broadcast channel by the group ID, and all the MTC devices in the group corresponding to the group ID.
  • An indication message indicating that the HFN is incremented by one is transmitted. If the broadcast HFN requires additional indication information, the initial value for the group HFN needs to be negotiated by the MTC device with the eNB or sent by the eNB to the MTC device.
  • the eNB can directly send the PDCP Count value to the MTC device in the PDU header, so that the MTC device can extract the value of the HFN from the header according to the received PDU.
  • the general intra-group MTC device receives the group information sent by the eNB through the common bearer, and the PDCP Count values of the MTC devices in the group change consistently. Therefore, there is no need to introduce a new PDCP Count value mechanism on the downlink.
  • the eNB When the group HFN held by the eNB reaches a threshold, the eNB updates the group key. When the HFN in the PDCP Count value in the MTC device reaches a threshold, the MTC device also updates the group key.
  • the MTC device can be used to determine the HFN to a threshold in a number of ways. For example, the eNB may notify the MTC device of an indication of HFN value or HFN plus 1, so that the MTC device determines that the HFN reaches a threshold after changing the HFN, thereby updating the group key. For another example, the eNB may directly notify the MTC device of the indication that the HFN reaches a threshold, so that the MTC device updates the group key.
  • the group key can be updated in two ways, either in the eNB or in the MTC device.
  • Key_Groupenc* KDF (Key Groupenc, Cell ID, Group ID)
  • Key_Groupint* KDF (Key Groupint, Cell ID, Group ID).
  • the network side may update the group communication root key when certain conditions are met.
  • the network side updates the group root key KeNB_Group, and performs re-authentication with the MTC device or sends information required for updating the KeNB-Group to the MTC device, so that the network side and the MTC device can be newly KeNB—Group updates the group key.
  • the certain condition may be when the timer maintained by the network side reaches a threshold; or the Key Count value maintained at the eNB may reach a threshold; or the counter value maintained for the group or a service maintained at the MME may be wide. When the value is received, the counter value is incremented by 1 each time the MME receives the NAS signaling sent by the MTC device belonging to a group or a service.
  • the method 1300 includes: in S1310, a receiver ID of a group of a group in which the MTC device is sent by a receiver-type communication MTC device or a service ID of a service supported by the MTC device;
  • the group ID or the service ID is sent to the home subscriber system HSS to which the MTC device belongs, so that the HSS generates a group communication root density according to the generated random number and the security key corresponding to the group ID. Key, or to cause the HSS to generate a service root key according to the generated random number and a security key corresponding to the service ID;
  • the group communication root key or the service root key is received from the HSS; in S1340, the group ID and the group communication root key, or the service ID and The service root key, such that the base station receives the group ID and the group communication root key
  • the group key corresponding to the group ID is generated according to the group communication root key, or the group of the MTC device is determined according to the service ID when the service ID and the service root key are received.
  • method 1300 can be performed by an MME.
  • the operation of the MME corresponds to the operation of the base station, the HSS, and the MTC device. Therefore, the description of the steps in the method 1300 may refer to the description of the method 100.
  • the home subscriber system HSS to which the MTC device belongs sends the group ID or service ID.
  • the group ID or service ID is not sent to the HSS.
  • the HSS sends the group communication root key or the service root key determined according to the group ID or the service ID to the MME
  • the MME binds and stores the group communication root key with the group ID, or the service root key and the service.
  • the ID is bound and stored. In this way, when the MME receives the attach request carrying the group ID or the service ID sent by the other MTC device, if the MTC device and the network side authentication succeed, the group ID and the group communication root key, or the service ID and the service are sent to the base station. Root key.
  • the HSS from generating the group communication root key or the service root key according to the group ID or the service ID, and also avoid the group communication root key generated for the same group ID or service ID due to the difference in random numbers generated by the HSS. Or the service root key is different, so it is advantageous to realize that the same group ID shares the same group key.
  • the MME may receive a random number from the HSS in addition to receiving the group communication root key or the service root key from the HSS.
  • the MME may bind and store the group communication root key, the random number, and the group ID, or bind and store the service root key and the random number with the service ID.
  • the MME needs to send the random number to the base station, so that the base station sends the random number to the MTC device, and the MTC device generates the group key according to the random number and the security key.
  • the MME When the MME binds the group communication root key and the random number to the group ID, or binds the service root key and the random number to the service ID, the MME receives the group ID or service sent by the other MTC device. If the MTC device and the network side authenticate successfully, send the group ID and the group communication root key and the random number bound to the group ID to the base station, or send the service ID to the base station and be bound to the service ID. Business root key and random number. In this way, the HSS can be prevented from repeatedly generating a group communication root key or a service root key, and the computational complexity can also be reduced.
  • the MME can use the AV to perform device authentication on the MTC device according to the prior art.
  • the MME can use the group authentication parameter to the MTC in addition to performing device authentication on the MTC device by using the AV.
  • the device performs group authentication.
  • the group authentication parameter may be an AV-Group generated according to the K-Group in the first example.
  • the MME may also perform device authentication and group authentication with the MTC device by using one group authentication parameter.
  • the group authentication parameter may be an AV generated according to K and K-Group in the second example.
  • the parameters in the Group The group authentication parameters used by the MME for group authentication are generated by the HSS according to K-Group or K and K Grou and then sent to the MME.
  • the group key in order to further improve the security of communication, can be updated when certain conditions are met.
  • a predetermined timer maintained by the network side reaches a first predetermined threshold, or when the number of times the base station updates the group key reaches a second predetermined threshold, or when the number of non-access strata maintained is maintained
  • the value reaches the third predetermined threshold, re-authenticate with the MTC device or receive a new group communication root key or service root key from the HSS, and the new group communication root key or service root key is determined by the HSS according to the security key. And new random number generation.
  • the MME when the group key needs to be updated, the MME performs re-authentication with the MTC device, and the re-authentication can transmit the authentication parameters required to generate the new group key to the MTC device.
  • the HSS when the group key needs to be updated, the HSS randomly generates a new random number, and generates a new group communication root key or service root key according to the security key and the new random number.
  • the MME sends the new group communication root key or service root key to the base station and binds with the group ID or the service ID, and the base station according to
  • the new group communication root key or service root key gets a new group key
  • the MTC device will also get a new random number to generate a new group key that is the same as the group side network key.
  • the network side can obtain the random number generated by using the security key and the HSS.
  • the group key of the group in which the MTC device is located is generated, and the generation parameter required to generate the group key is sent to the MTC device in the group, so that the MTC device generates the group key by using the generation parameter and the security key. Therefore, the MTC devices in the same group can use the same group key to perform group communication normally, and in the base station, only the same group key needs to be kept for the same group, so that the complexity of the base station operation can be reduced, and the base station can be reduced. Maintain and manage the number of keys to improve base station performance.
  • method 1400 includes:
  • the mobility management entity MME receiver class communicates the group ID of the group in which the MTC device is located or the service ID of the MTC device support service;
  • a group communication root key is generated according to a random number and a security key corresponding to the group ID, or a service root key is generated according to a random number and a security key corresponding to the service ID;
  • the group communication root key or the service root key is sent to the MME, so that the MME sends the group ID and the group communication root key, or the service ID to a base station.
  • the service root key, the base station when receiving the group ID and the group communication root key, generating a group key corresponding to the group ID according to the group communication root key, or
  • the group ID of the group in which the MTC device is located is determined according to the service ID, and the group corresponding to the group ID is generated according to the group ID and the service root key.
  • Generating a root key, and generating a group key corresponding to the group ID according to the group communication ⁇ ⁇ key, and sending, by the base station, a generation parameter for generating the group key to the MTC device, And causing the MTC device to generate the group key according to the generation parameter and the security key saved in the MTC device.
  • method 1400 can be performed by an HSS to which the MTC device belongs.
  • the operation of the HSS corresponds to the operation of the base station, the MME, and the MTC device. Therefore, the description of the steps in the method 1400 may refer to the descriptions of the method 100 and the method 1300. For specific examples, reference may be made to the foregoing first to third examples, in order to avoid Repeat, no longer repeat them here.
  • the HSS after receiving the group ID or service ID sent by the MME, the HSS
  • the group communication root key or the service root key generated according to the group ID or the security key corresponding to the service ID may also be based on the group ID or the security key corresponding to the service ID, or according to the group ID or service.
  • the security key corresponding to the ID and the exclusive key of the MTC device generate a group authentication parameter for the MTC device to perform group authentication.
  • the HSS generates an AV_Group for group authentication according to the K-Group corresponding to the group ID; in the second example, the HSS is generated according to the K-Group corresponding to the group ID and the K of the MTC device.
  • Group certified AV-Group Group certified AV-Group.
  • the group authentication parameter is sent to the MME, so that the MME performs authentication according to the group authentication parameter and the MTC device.
  • the authentication performed by the group authentication vector may be a group authentication that authenticates whether the MTC device belongs to the group ID corresponding group, or an authentication that includes both the group authentication and the device authentication.
  • the network side can obtain the random number generated by using the security key and the HSS.
  • the group key of the group in which the MTC device is located is generated, and the generation parameter required to generate the group key is sent to the MTC device in the group, so that the MTC device generates the group key by using the generation parameter and the security key. Therefore, the MTC devices in the same group can use the same group key to perform group communication normally, and in the base station, only the same group key needs to be kept for the same group, so that the complexity of the base station operation can be reduced, and the base station can be reduced. Maintain and manage the number of keys to improve base station performance.
  • method 1500 includes:
  • the group ID of the group in which the device-type communication MTC device is located or the service ID of the MTC device support service is sent to the mobility management entity MME, so that the MME sends the MME to the user home system HSS to which the MTC device belongs.
  • the HSS Generating a group ID or a service ID
  • the HSS generating a group communication root key according to a random number and a security key corresponding to the group ID, or generating a service root density according to a random number and a security key corresponding to the service ID Key, and sending the group communication root key or the service root key to the MME, so that the MME sends the group ID and the group communication root key, or the service ID and the location to the base station Determining a service root key, so that the base station generates a group key corresponding to the group ID according to the group communication root key, or receives the group ID and the group communication root key.
  • a generation parameter for generating a group key is received from a base station
  • a group key is generated based on the generation parameters and the security key stored in the MTC device.
  • method 1500 can be performed by an MTC device.
  • steps in the method 1500 reference may be made to the descriptions of the method 100, the method 1300, and the method 1400.
  • the generation parameter received by the MTC device from the base station may be used to generate a group received from the base station during the authentication process of the MTC device.
  • the authentication parameter of the communication root key may be used to generate a group received from the base station during the authentication process of the MTC device.
  • the generation parameter received by the MTC device from the base station may be a random number used by the HSS to generate the group communication root key, the random number. It is sent by the HSS to the MME, and then sent by the MME to the base station.
  • the generation parameter received by the MTC device from the base station may be used by the base station to determine the group ID determined by the service ID and the HSS to generate the service root key. random number.
  • a group algorithm for generating a group key may be preset in a base station and
  • the group algorithm may also be sent by the base station to the MTC device.
  • the generation parameters received by the MTC device from the base station may also include a group algorithm identification for generating a group key.
  • the MTC device can determine the corresponding group algorithm to generate the group key.
  • the HFN corresponding to the group ID may be preset to a fixed value; or, the MTC device may be carried by the signaling bearer of the MTC device, the common signaling bearer of the group ID corresponding group, or the broadcast.
  • the MTC device may receive indication information indicating that the HFN is incremented by 1 through the signaling bearer of the MTC device, the common signaling bearer of the group ID corresponding group, or the broadcast channel.
  • the group key can be dynamically updated to further improve the security of the group communication.
  • the MTC device receives update information for updating the group key from the base station, and updates the group key according to the update information, wherein the base station updates the group key when the HFN corresponding to the group ID reaches a threshold.
  • the update information may be the value of the HFN, or may be an indication that the HFN needs to be incremented by one, or may be information that informs the MTC device to deduct the group key.
  • the MTC device may re-authenticate with the MME or receive new generation parameters from the base station to generate a new group key based on the new generation parameters and the security key.
  • the MTC device when the MTC device enters the idle state or the detached state and rejoins the group communication corresponding to the group ID, the number of key updates required to update the group key is received from the base station, where the number of key updates The base station increments by 1 each time the HFN corresponding to the group ID reaches the threshold; the group key is updated according to the number of key updates.
  • the network side can obtain the random number generated by using the security key and the HSS.
  • the group key of the group in which the MTC device is located is generated, and the generation parameter required to generate the group key is sent to the MTC device in the group, so that the MTC device generates the group key by using the generation parameter and the security key. Therefore, the MTC devices in the same group can use the same group key to perform group communication normally, and in the base station, only the same group key needs to be kept for the same group, so that the complexity of the base station operation can be reduced, and the base station can be reduced. Maintain and manage the number of keys to improve base station performance.
  • the method of generating a group key is described above from the perspectives of a base station, an MME, an HSS, and an MTC device, and the related devices are described below with reference to Figs.
  • Figure 16 is a block diagram showing the structure of a base station 1600 according to an embodiment of the present invention.
  • the base station 1600 includes a receiving module 1610, a generating module 1620, and a first transmitting module 1630.
  • the receiving module 1610 can be implemented by an input interface
  • the generating module 1620 can be implemented by a processor
  • the first sending module 1630 can be implemented by an output interface.
  • the receiving module 1610 is configured to receive, from the mobility management entity MME, a group ID of a group in which the MTC device is located, and a group communication root key related to the security key, where the security key corresponds to the group ID; or Receiving, by the MME, a service ID of the MTC device support service, and a service root key related to the security key, where the security key corresponds to the service ID, and determining, according to the service ID, the group of the MTC device a group ID, and the group communication root key is generated according to the group ID and the service root key.
  • the generating module 1620 is configured to generate a group key corresponding to the group ID according to the group communication root key.
  • the first sending module 1630 is configured to send, to the MTC device, a generating parameter used to generate the group key, so that the MTC device generates the security key according to the generated parameter and the saved in the MTC device.
  • the group key is configured to send, to the MTC device, a generating parameter used to generate
  • the receiving module 1610, the generating module 1620, and the first transmitting module 1630 may be referred to the foregoing method 100 and the descriptions in the first to third examples. To avoid repetition, details are not described herein.
  • the network side can generate the group of the MTC device by using the security key and the random number generated by the HSS.
  • the group key, and the base station sends the generation parameter required to generate the group key to the MTC device in the group, so that the MTC device generates the group key by using the generation parameter and the security key. Therefore, the MTC devices in the same group can use the same group key to perform group communication normally, and in the base station, only the same group key needs to be kept for the same group, so that the complexity of the base station operation can be reduced, and the base station can be reduced. Maintain and manage the number of keys to improve base station performance.
  • FIG. 17 is a structural block diagram of a base station 1700 according to an embodiment of the present invention.
  • the receiving module 1710, the generating module 1720, and the first sending module 1730 of the base station 1700 are substantially the same as the receiving module 1610, the generating module 1620, and the first sending module 1630 of the base station 1600.
  • the receiving module 1710 is further configured to receive, from the MME, a random number used to generate a group communication root key.
  • the generation parameter transmitted to the MTC device includes the random number.
  • the group communication root key is generated according to the random number; the first sending module 1730 is configured to send, in the authentication process of the MTC device, the generating the group communication root density to the MTC device.
  • the authentication parameter of the key the authentication reference including the random number.
  • the method when the group communication root key is generated according to the group ID and the service root key, the method further includes: generating a group communication root key according to the random number; And transmitting the group ID and the random number to the MTC device.
  • the first sending module 1730 is further specifically configured to send, to the MTC device, a group algorithm identifier for generating a group key.
  • Base station 1700 can also include a bonding module 1740 and a second transmitting module 1750, in accordance with an embodiment of the present invention.
  • Binding module 1740 is used to bind the group communication root key, group key, and generation parameters with the group ID.
  • the second sending module 1750 is configured to: when determining that the other MTC devices belong to the group corresponding to the group ID, send the generation parameters bound to the group ID to the other MTC devices, so that the other MTC devices generate the group key according to the generated parameters and the security key. .
  • Base station 1700 can also include an update module 1760 and a third transmit module 1770, in accordance with an embodiment of the present invention.
  • the update module 1760 is configured to update the group key when the HFN corresponding to the group ID reaches a threshold, wherein all MTC devices of the group ID share the same HFN.
  • the third sending module 1770 is configured to send update information for updating the group key to the MTC device, so that the MTC device updates the group key according to the update information.
  • All MTC devices with group IDs can share the same HFN.
  • the HFN corresponding to the group ID may be preset to a fixed value; or the base station 1700 may further include a fourth transmitting module 1772.
  • the fourth sending module 1772 can be configured to send the value of the HFN to all the MTC devices in the group ID corresponding group by using the signaling bearer of each MTC device in the group ID group, the common signaling bearer of the group ID corresponding group, or the broadcast channel.
  • the fourth sending module 1772 can be used to: when the HFN corresponding to the group ID reaches a threshold, the group ID corresponds to the signaling bearer of each MTC device in the group, the common signaling bearer of the group ID corresponding group, or the broadcast channel, to the group ID. All MTC devices in the corresponding group send indication information indicating that the HFN is incremented by one.
  • the base station 1700 may further include a fifth sending module 1774, configured to send the update group key to the MTC device when the group communication corresponding to the group ID is rejoined after the MTC device enters the idle state or the detached state.
  • the number of key updates required to enable the MTC device to update the group key based on the number of key updates.
  • the number of key updates is increased by one each time the HFN corresponding to the group ID reaches a threshold.
  • the base station 1700 may further include a sixth sending module 1776, configured to: when other MTC devices belonging to the group ID join the group communication corresponding to the group ID for the first time, send the generation parameters for generating the group key to other MTC devices.
  • the number of key updates required to update the group key so that other MTC devices generate a group key based on the generation parameters, the number of key updates, and the security key.
  • the number of key updates is increased by one each time the HFN corresponding to the group ID reaches a threshold.
  • the above module of the receiving module 1710, the first sending module 1730, the binding module 1740, the second sending module 1750, the updating module 1760, the third sending module 1770, the fourth sending module 1772, the fifth sending module 1774, and the sixth sending module 1776 For other operations and/or functions, reference may be made to the above method 100 and the descriptions in the first to third examples. To avoid repetition, details are not described herein.
  • the binding module 1740 and the update module 1760 can be implemented by a processor, and the second sending module 1750, the third sending module 1770, the fourth sending module 1772, the fifth sending module 1774, and the sixth sending module 1776 can be implemented through an output interface. .
  • the MTC devices in the same group can use the same group key to perform group communication normally, and in the base station, only the same group key needs to be kept for the same group, so that the base station can be reduced.
  • the complexity of the operation reduces the number of keys maintained and managed by the base station and improves the performance of the base station.
  • Figure 18 is a block diagram showing the structure of a mobility management entity 1800 in accordance with an embodiment of the present invention.
  • the mobility management entity 1800 includes a first receiving module 1810, a first transmitting module 1820, a second receiving module 1830, and a second transmitting module 1840.
  • the first receiving module 1810 and the second receiving module 1830 can be implemented through an input interface, and the first transmitting module 1820 and the second transmitting module 1840 can be implemented through an output interface.
  • the first receiving module 1810 is configured to use a group ID of a group in which the MTC device is sent by a receiver-type communication MTC device or a service ID of the MTC device supporting service.
  • the first sending module 1820 is configured to send the group ID or the service ID to the home subscriber system HSS to which the MTC device belongs, so that the HSS generates a group according to the generated random number and the security key corresponding to the group ID. And communicating the root key, or causing the HSS to generate a service root key according to the generated random number and the security key corresponding to the service ID.
  • the second receiving module 1830 is configured to receive the group communication root key or the service root key from the HSS.
  • the second sending module 1840 is configured to send the group ID and the group communication root density to the base station. Key, or the service ID and the service root key, to enable the base station to generate the group according to the group communication root key when receiving the group ID and the group communication root key.
  • the group key corresponding to the ID, or the group ID of the group in which the MTC device is located, the group ID and the service are determined according to the service ID, when the service ID and the service root key are received.
  • first receiving module 1810 the first transmitting module 1820, the second receiving module 1830, and the second transmitting module 1840 may refer to the above method 1300 and the descriptions in the first to third examples, Avoid repetition, no longer repeat them here.
  • the network side can generate the MTC by using the security key and the random number generated by the HSS.
  • the group key of the group in which the device is located, and the base station sends the generation parameter required to generate the group key to the MTC device in the group, so that the MTC device generates the group key by using the generation parameter and the security key. Therefore, the MTC devices in the same group can use the same group key to perform group communication normally, and in the base station, only the same group key needs to be kept for the same group, so that the complexity of the base station operation can be reduced, and the base station can be reduced. Maintain and manage the number of keys to improve base station performance.
  • Figure 19 is a block diagram showing the structure of a mobility management entity 1900 in accordance with an embodiment of the present invention.
  • the receiving module 1830 and the second transmitting module 1840 are substantially identical.
  • the first sending module 1920 is configured to: when the group ID is not bound to the group communication root key corresponding to the group ID, or the service ID is not bound to correspond to the service ID
  • the service root key sends the group ID or service ID to the home subscriber system HSS to which the MTC device belongs.
  • the mobility management entity 1900 may further include a first binding module. 1950 and a third transmitting module 1960.
  • the first binding module 1950 is configured to bind and store the group communication root key with the group ID, or bind and store the service root key with a service ID.
  • the third sending module 1960 is configured to: when receiving an attach request that is sent by another MTC device and carrying the group ID or the service ID, if the MTC device and the network side authentication succeed, send the group ID to the base station And communicating the root key with the group, or the service ID and the service root key.
  • the second receiving module 1930 is configured to receive a group communication root key or a service root key and a random number from the HSS.
  • the second sending module 1940 is further configured to send a random number to the base station, so that the base station The random number is sent to the MTC device.
  • the mobility management entity 1900 may further include a second binding module 1970 for binding and storing the group communication root key, the random number and the group ID, or the service root key, the random number and the service. The ID is bound and stored.
  • the mobility management entity 1900 may further include a fourth sending module 1980, configured to: when receiving an attach request that is sent by another MTC device and carrying the group ID or the service ID, if the MTC device and the network side are successfully authenticated Transmitting, to the base station, the group ID and the group communication root key and the random number bound to the group ID, or sending the service ID to the base station and being tied to the service ID The service root key and the random number are determined.
  • a fourth sending module 1980 configured to: when receiving an attach request that is sent by another MTC device and carrying the group ID or the service ID, if the MTC device and the network side are successfully authenticated Transmitting, to the base station, the group ID and the group communication root key and the random number bound to the group ID, or sending the service ID to the base station and being tied to the service ID The service root key and the random number are determined.
  • the mobility management entity 1900 may also include a third receiving module 1990 and an authentication module 1992, in accordance with an embodiment of the present invention.
  • the third receiving module 1990 is configured to receive a group authentication parameter from the HSS, wherein the group authentication parameter is generated by the HSS according to the security key, or generated by the HSS according to the security key and the exclusive key of the MTC device.
  • the authentication module 1992 is used to authenticate with the MTC device based on the group authentication parameters.
  • the mobility management entity 1900 may further include a processing module 1994, configured to: when a predetermined timer maintained by the network side reaches a first predetermined threshold, or when the number of times the base station updates the group key reaches a second predetermined When the value is wide, or when the count value of the maintained non-access stratum reaches the third predetermined threshold, re-authentication with the MTC device or receiving a new group communication root key or service root key from the HSS, the new group communication The root key or service root key is generated by the HSS based on the security key and the new random number.
  • the above and other operations and/or functions of the authentication module 1992 and the processing module 1994 Reference may be made to the above method 1300 and the descriptions in the first to third examples. To avoid repetition, details are not described herein.
  • the third sending module 1960 and the fourth sending module 1980 can be implemented by using an output interface
  • the third receiving module 1990 can be implemented by using an input interface
  • the first binding module 1950, the second binding module 1970, the authentication module 1992, and the processing module are implemented.
  • 1994 can be implemented by a processor.
  • the MTC devices in the same group can use the same group key to perform group communication normally, and in the base station, only the same group key needs to be kept for the same group, so that The complexity of the base station operation can be reduced, the number of keys maintained and managed by the base station can be reduced, and the performance of the base station can be improved.
  • Figure 20 is a block diagram showing the structure of a home subscriber system 2000 in accordance with an embodiment of the present invention.
  • the home subscriber system 2000 includes a receiving module 2010, a first generating module 2020, and a first transmitting module 2030.
  • the receiving module 2010 can be implemented by using an input interface
  • the first generating module 2020 can be implemented by a processor
  • the first sending module 2030 can be implemented by using an output interface.
  • the receiving module 2010 is configured to receive, from the mobility management entity MME, a group ID of the group in which the MTC device is located or a service ID of the MTC device supporting service.
  • the first generation module 2020 is configured to generate a group communication root key according to a random number and a security key corresponding to the group ID, or generate a service root key according to a random number and a security key corresponding to the service ID.
  • the first sending module 2030 is configured to send the group communication root key or the service root key to the MME, so that the MME sends the group ID and the group communication root key to the base station, or Deriving the service ID and the service root key, the base station, when receiving the group ID and the group communication root key, generating a group key corresponding to the group ID according to the group communication root key Or determining, according to the service ID, a group ID of a group in which the MTC device is located, and generating the group ID according to the group ID and the service root key, when the service ID and the service root key are received.
  • Corresponding group communication root key and generating a group key corresponding to the group ID according to the group communication root key, and sending, by the base station, a generation parameter for generating the group key to the MTC device And causing the MTC device to generate the group key according to the generation parameter and the security key saved in the MTC device.
  • the network side can generate the MTC device by using the security key and the random number generated by the HSS.
  • the group key of the group, and the base station sends the generation parameter required to generate the group key to the MTC device in the group, so that the MTC device generates the group key by using the generation parameter and the security key.
  • the MTC devices in the same group can use the same group key to perform group communication normally, and in the base station, only the same group key needs to be kept for the same group, so that the complexity of the base station operation can be reduced, and the base station can be reduced. Maintain and manage the number of keys to improve base station performance.
  • Figure 21 is a block diagram showing the structure of a home subscriber system 2100 in accordance with an embodiment of the present invention.
  • the receiving module 2110, the first generating module 2120, and the first sending module 2130 of the home subscriber system 2100 are substantially the same as the receiving module 2010, the first generating module 2020, and the first sending module 2030 of the home subscriber system 2100.
  • the home subscriber system 2100 may further include a second generation module 2140 and a second transmission module 2150.
  • the second generation module 2140 is configured to generate, according to the security key corresponding to the group ID or the service ID, or according to the security key corresponding to the group ID or the service ID, and the exclusive key of the MTC device.
  • the second sending module 2150 is configured to send the group authentication parameter to the MME, so that the MME and the MTC device perform authentication.
  • the above and other operations and/or functions of the second generation module 2140 and the second transmission module 2150 can be referred to the above method 1400 and the descriptions in the first to third examples. To avoid repetition, details are not described herein again.
  • the second generating module 2140 can be implemented by a processor, and the second sending module 2150 can be implemented by using an output interface.
  • the MTC devices in the same group can use the same group key to perform group communication normally, and in the base station, only the same group key needs to be kept for the same group, so that Reduce the complexity of base station operation, reduce the number of keys maintained and managed by the base station, and improve base station performance.
  • Figure 22 is a block diagram showing the structure of a machine type communication device 2200 according to an embodiment of the present invention.
  • the machine type communication device 2200 includes a transmitting module 2210, a first receiving module 2220, and a generating module. Block 2230.
  • the sending module 2210 can be implemented by an output interface
  • the first receiving module 2220 can be implemented by an input interface
  • the generating module 2230 can be implemented by a processor.
  • the sending module 2210 is configured to send, to the mobility management entity MME, a group ID of a group in which the machine type communication MTC device is located or a service ID of the MTC device support service, so that the MME sends the user MME to the user home system HSS to which the MTC device belongs.
  • the group ID or service ID the HSS generates a group communication root key according to a random number and a security key corresponding to the group ID, or generates a service root according to a random number and a security key corresponding to the service ID a key, and sending the group communication root key or the service root key to the MME, so that the MME sends the group ID and the group communication root key, or the service ID and a base station to a base station
  • the service root key so that the base station generates a group key corresponding to the group ID according to the group communication root key when receiving the group ID and the group communication root key, or
  • the group ID of the group in which the MTC device is located is determined according to the service ID, and the group corresponding to the group ID is generated according to the group ID and the service root key.
  • the Communication root key and according to Said group communication root key generates a group key corresponding to the ID.
  • the first receiving module 2220 is configured to receive, from the base station, a generation parameter used to generate the group key.
  • the generating module 2230 is configured to generate the group key according to the generating parameter and the security key saved in the MTC device.
  • the above and other operations and/or functions of the transmitting module 2210, the first receiving module 2220, and the generating module 2230 may be referred to the above method 1500 and the descriptions in the first to third examples. To avoid repetition, details are not described herein again.
  • the network side can generate the MTC by using the security key and the random number generated by the HSS.
  • the group key of the group in which the device is located, and the base station sends the generation parameter required to generate the group key to the MTC device in the group, so that the MTC device generates the group key by using the generation parameter and the security key. Therefore, the MTC devices in the same group can use the same group key to perform group communication normally, and in the base station, only the same group key needs to be kept for the same group, so that the complexity of the base station operation can be reduced, and the base station can be reduced. Maintain and manage the number of keys to improve base station performance.
  • Figure 23 is a block diagram showing the structure of a machine type communication device 2300 according to an embodiment of the present invention.
  • the transmitting module 2310, the first receiving module 2320, and the generating module of the machine type communication device 2300 2330 is substantially the same as the transmitting module 2210, the first receiving module 2220, and the generating module 2230 of the machine type communication device 2200.
  • the first receiving module 2320 is configured to receive, from the base station, the group communication root key for generating the group communication root key in the authentication process of the MTC device.
  • the authentication parameter, or the first receiving module 2320 is configured to receive a random number from the base station, where the random number is sent by the HSS to the base station via the MME.
  • the first receiving module 2320 when the base station receives the service ID and the service root key, is configured to receive the group ID and the random number from the base station, where the random number is sent by the HSS to the base station via the MME.
  • the group ID is determined by the base station based on the service ID.
  • the first receiving module 2320 is further configured to receive, from the base station, a group algorithm identifier for generating a group key.
  • the machine type communication device 2300 may further include a second receiving module 2340 and a first update module 2350.
  • the second receiving module 2340 is configured to receive, from the base station, update information for updating the group key, where the base station updates the group key when the HFN corresponding to the group ID reaches a threshold, and all MTC devices of the same group ID share the same HFN.
  • the first update module 2350 is configured to update the group key based on the update information.
  • the HFN corresponding to the group ID may be preset to a fixed value; or the machine type communication device 2300 may further include a third receiving module 2360, which is used for signaling bearer through the MTC device, and a group ID corresponding group.
  • the signalling bearer or the broadcast channel receives the value of the HFN from the base station.
  • the machine type communication device 2300 may further include a fourth receiving module 2370, configured to use the signaling of the MTC device when the HFN corresponding to the group ID reaches a threshold.
  • the common signaling bearer or the broadcast channel of the bearer and the group ID corresponding group receives the indication information indicating that the HFN is incremented by 1 from the base station.
  • the machine type communication device 2300 may further include a fifth receiving module 2380 and a second updating module 2390.
  • the fifth receiving module 2380 is configured to receive the number of key updates required to update the group key from the base station when the group communication corresponding to the group ID is rejoined after the MTC device enters the idle state or the detached state, where the number of key updates is The base station increases by one each time the HFN corresponding to the group ID reaches a threshold.
  • the second update module 2390 is configured to update the group key according to the number of key updates.
  • the machine type communication device 2300 may further include a processing module 2392, configured to: when the predetermined timer maintained by the network side reaches the first predetermined threshold, or when the number of times the base station updates the group key reaches the second predetermined When the value is wide, or when the count value of the non-access stratum maintained by the MME reaches the third predetermined threshold, re-authentication with the MME or receiving new generation parameters from the base station to generate a new one according to the new generation parameter and the security key Group key.
  • a processing module 2392 configured to: when the predetermined timer maintained by the network side reaches the first predetermined threshold, or when the number of times the base station updates the group key reaches the second predetermined When the value is wide, or when the count value of the non-access stratum maintained by the MME reaches the third predetermined threshold, re-authentication with the MME or receiving new generation parameters from the base station to generate a new one according to the new generation parameter and the security key Group key.
  • the above and other operations of the first receiving module 2320, the second receiving module 2340, the first updating module 2350, the third receiving module 2360, the fourth receiving module 2370, the fifth receiving module 2380, the second updating module 2390, and the processing module 2392 For the function and/or function, reference may be made to the above method 1500 and the descriptions in the first to third examples. To avoid repetition, details are not described herein again.
  • the second receiving module 2340, the third receiving module 2360, the fourth receiving module 2370, and the fifth receiving module 2380 can be implemented by using an input interface, where the first updating module 2350, the second updating module 2390, and the processing module 2392 can pass the processor. carried out.
  • the MTC device in the same group can use the same group key to perform group communication normally, and in the base station, only the same group key needs to be kept for the same group.
  • the complexity of the base station operation can be reduced, the number of keys maintained and managed by the base station can be reduced, and the performance of the base station can be improved.
  • the software program can be placed in random access memory (RAM), memory, read only memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, A hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art. While some embodiments of the present invention have been shown and described, it will be understood by those skilled in the art It is within the scope of the invention.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

本发明实施例提供了生成组密钥的方法和相关设备。该方法包括:从MME接收MTC设备所在组的组ID,和与安全密钥相关的组通信根密钥,安全密钥与组ID相对应;或,从MME接收MTC设备支持业务的业务ID,和与安全密钥相关的业务根密钥,安全密钥与业务ID对应,并根据业务ID确定MTC设备所在组的组ID,根据组ID和业务根密钥生成组通信根密钥;根据组通信根密钥生成组ID对应的组密钥;向MTC设备发送用于生成组密钥的生成参数,以使MTC设备根据生成参数和MTC设备中保存的安全密钥生成组密钥。从而,在基站中只需要为同一组保持相同组密钥,这样可以降低基站操作的复杂性,减少基站维护和管理的密钥数,提高基站性能。

Description

生成组密钥的方法和相关设备 本申请要求于 2011 年 11 月 1 日提交中国专利局、 申请号为 201110339969.8、 发明名称为"生成组密钥的方法和相关设备"的中国专利申请 的优先权, 其全部内容通过引用结合在本申请中。
技术领域
本发明涉及通信领域, 并且更具体地, 涉及通信领域中生成组密钥的方法 和相关设备。
背景技术
机器对机器(Machine to Machine, M2M )技术是无线通信和信息技术的 整合, 是指机器和机器之间可以直接进行通信而无需人工干预。 M2M应用种 类丰富, 包括自动仪表、 远程监控、 工业安全与舰艇自动化、 支付系统以及车 辆远程控制等。
M2M存在三种方式, 包括机器对机器、 机器对移动电话和移动电话对机 器。 在 M2M中, M2M设备可以通过远距离连接技术和近距离连接技术接入 网络,涉及的远距离连接技术包括全球移动通信系统( Global System for Mobile communications , GSM )、 通用分组无线业务 ( General Packet Radio Service, GPRS )、 通用移动通信系统 ( Universal Mobile Telecommunications System, UMTS ) 等无线接入类型技术。 近距离连接技术包括 802.11b/g、 蓝牙 (Blue Tooth ), 紫蜂(Zigbee )、 无线射频识别技术( Radio Frequency Identification, RFID )和超宽带(Ultra Wideband, UWB )技术等。 当然, 不排除还有其他技 术可以用于支撑 M2M通信。 M2M通信也可以被称为机器类通信(Machine Type Communication, MTC ), M2M设备也可以被称为 MTC设备。
在现有技术中, 基站对同一组 MTC设备构建公共的物理层、 无线链路控 制( Radio Link Control , RLC )层、分组数据汇聚协议( Packet Data Convergence Protocol, PDCP )层和媒体接入控制( Media Access Control, MAC )层。 当为 同一组 MTC设备建立公共承载之后, 每个 MTC设备都有各自单独的密钥, 各 MTC设备的密钥互不相同,在基站和 MTC设备之间交互的 PDU单元需要 携带 MTC设备标识以根据该标识来寻找对应的密钥。 因此, 在基站处, 需要 为同一组内的每个 MTC设备维护它们各自的密钥, 这增加了基站操作的复杂 性, 使基站需要维护和管理的密钥过多, 影响基站性能。
发明内容
本发明提供了生成组密钥的方法和相关设备, 以提高基站性能。
一方面, 本发明提供了一种生成组密钥的方法, 包括: 从移动性管理实体 MME接收机器类通信 MTC设备所在组的组 ID, 和与安全密钥相关的组通信 根密钥, 所述安全密钥与所述组 ID相对应; 或者,从 MME接收 MTC设备支 持业务的业务 ID, 和与安全密钥相关的业务根密钥, 所述安全密钥与所述业 务 ID对应,并根据所述业务 ID确定所述 MTC设备所在组的组 ID,根据所述 组 ID和所述业务根密钥生成所述组通信根密钥; 根据所述组通信根密钥生成 所述组 ID对应的组密钥; 向所述 MTC设备发送用于生成所述组密钥的生成 参数, 以使所述 MTC设备根据所述生成参数和所述 MTC设备中保存的所述 安全密钥生成所述组密钥。
另一方面, 本发明提供了一种生成组密钥的方法, 包括: 接收机器类通信 MTC设备发送的所述 MTC设备所在组的组 ID或所述 MTC设备支持业务的 业务 ID;向所述 MTC设备所属的归属用户系统 HSS发送所述组 ID或业务 ID, 以使所述 HSS根据生成的随机数和与所述组 ID对应的安全密钥生成组通信根 密钥,或者以使所述 HSS根据生成的随机数和与所述业务 ID对应的安全密钥 生成业务根密钥; 从所述 HSS接收所述组通信根密钥或所述业务根密钥; 向 基站发送所述组 ID和所述组通信根密钥、或者所述业务 ID和所述业务根密钥, 以使所述基站在收到所述组 ID和所述组通信根密钥的情况下根据所述组通信 根密钥生成所述组 ID对应的组密钥,或者在收到所述业务 ID和业务根密钥的 情况下根据所述业务 ID确定所述 MTC设备所在组的组 ID、根据所述组 ID和 所述业务根密钥生成所述组 ID对应的组通信根密钥、 并根据所述组通信根密 钥生成所述组 ID对应的组密钥, 并由所述基站向所述 MTC设备发送用于生 成所述组密钥的生成参数,使得所述 MTC设备根据所述生成参数和所述 MTC 设备中保存的所述安全密钥生成所述组密钥。
再一方面, 本发明提供了一种生成组密钥的方法, 包括: 从移动性管理实 体 MME接收机器类通信 MTC设备所在组的组 ID或所述 MTC设备支持业务 的业务 ID; 根据随机数和与所述组 ID对应的安全密钥生成组通信根密钥、 或 者根据随机数和与所述业务 ID对应的安全密钥生成业务根密钥;向所述 MME 发送所述组通信根密钥或所述业务根密钥,以使所述 MME向基站发送所述组 ID和所述组通信根密钥、 或者所述业务 ID和所述业务根密钥, 所述基站在收 到所述组 ID和所述组通信根密钥的情况下根据所述组通信根密钥生成所述组 ID对应的组密钥,或者在收到所述业务 ID和业务根密钥的情况下根据所述业 务 ID确定所述 MTC设备所在组的组 ID、根据所述组 ID和所述业务根密钥生 成所述组 ID对应的组通信根密钥、 并根据所述组通信根密钥生成所述组 ID 对应的组密钥, 并由所述基站向所述 MTC设备发送用于生成所述组密钥的生 成参数, 使得所述 MTC设备根据所述生成参数和所述 MTC设备中保存的所 述安全密钥生成所述组密钥。
又一方面, 本发明提供了一种生成组密钥的方法, 包括: 向移动性管理实 体 MME发送机器类通信 MTC设备所在组的组 ID或所述 MTC设备支持业务 的业务 ID, 以使所述 MME向所述 MTC设备所属的用户归属系统 HSS发送 所述组 ID或业务 ID, 所述 HSS根据随机数和与所述组 ID对应的安全密钥生 成组通信根密钥、 或者根据随机数和与所述业务 ID对应的安全密钥生成业务 根密钥, 并向所述 MME发送所述组通信根密钥或所述业务根密钥, 从而所述 MME向基站发送所述组 ID和所述组通信根密钥、 或者所述业务 ID和所述业 务根密钥, 以便所述基站在收到所述组 ID和所述组通信根密钥的情况下根据 所述组通信根密钥生成所述组 ID对应的组密钥,或者在收到所述业务 ID和业 务根密钥的情况下根据所述业务 ID确定所述 MTC设备所在组的组 ID、 根据 所述组 ID和所述业务根密钥生成所述组 ID对应的组通信根密钥、并根据所述 组通信根密钥生成所述组 ID对应的组密钥; 从所述基站接收用于生成所述组 密钥的生成参数; 根据所述生成参数和所述 MTC设备中保存的所述安全密钥 生成所述组密钥。
又一方面, 本发明提供了一种基站, 包括: 接收模块, 用于从移动性管理 实体 MME接收机器类通信 MTC设备所在组的组 ID,和与安全密钥相关的组 通信根密钥, 所述安全密钥与所述组 ID相对应; 或者, 从 MME接收 MTC 设备支持业务的业务 ID, 和与安全密钥相关的业务根密钥, 所述安全密钥与 所述业务 ID对应,并根据所述业务 ID确定所述 MTC设备所在组的组 ID,根 据所述组 ID和所述业务根密钥生成所述组通信根密钥; 生成模块, 用于根据 所述组通信根密钥生成所述组 ID对应的组密钥; 第一发送模块, 用于向所述 MTC设备发送用于生成所述组密钥的生成参数,以使所述 MTC设备根据所述 生成参数和所述 MTC设备中保存的所述安全密钥生成所述组密钥。
又一方面, 本发明提供了一种移动性管理实体, 包括: 第一接收模块, 用 于接收机器类通信 MTC设备发送的所述 MTC设备所在组的组 ID或所述 MTC 设备支持业务的业务 ID; 第一发送模块, 用于向所述 MTC设备所属的归属用 户系统 HSS发送所述组 ID或业务 ID, 以使所述 HSS根据生成的随机数和与 所述组 ID对应的安全密钥生成组通信根密钥,或者以使所述 HSS根据生成的 随机数和与所述业务 ID对应的安全密钥生成业务根密钥; 第二接收模块, 用 于从所述 HSS接收所述组通信根密钥或所述业务根密钥; 第二发送模块, 用 于向基站发送所述组 ID和所述组通信根密钥、或者所述业务 ID和所述业务根 密钥, 以使所述基站在收到所述组 ID和所述组通信根密钥的情况下根据所述 组通信根密钥生成所述组 ID对应的组密钥,或者在收到所述业务 ID和业务根 密钥的情况下根据所述业务 ID确定所述 MTC设备所在组的组 ID、 根据所述 组 ID和所述业务根密钥生成所述组 ID对应的组通信根密钥、并根据所述组通 信根密钥生成所述组 ID对应的组密钥, 并由所述基站向所述 MTC设备发送 用于生成所述组密钥的生成参数, 使得所述 MTC设备根据所述生成参数和所 述 MTC设备中保存的所述安全密钥生成所述组密钥。
又一方面, 本发明提供了一种归属用户系统, 包括: 接收模块, 用于从移 动性管理实体 MME接收机器类通信 MTC设备所在组的组 ID或所述 MTC设 备支持业务的业务 ID; 第一生成模块, 用于根据随机数和与所述组 ID对应的 安全密钥生成组通信根密钥、 或者根据随机数和与所述业务 ID对应的安全密 钥生成业务根密钥; 第一发送模块, 用于向所述 MME发送所述组通信根密钥 或所述业务根密钥, 以使所述 MME向基站发送所述组 ID和所述组通信根密 钥、或者所述业务 ID和所述业务根密钥,所述基站在收到所述组 ID和所述组 通信根密钥的情况下根据所述组通信根密钥生成所述组 ID对应的组密钥, 或 者在收到所述业务 ID和业务根密钥的情况下根据所述业务 ID确定所述 MTC 设备所在组的组 ID、 根据所述组 ID和所述业务根密钥生成所述组 ID对应的 组通信根密钥、 并根据所述组通信根密钥生成所述组 ID对应的组密钥, 并由 所述基站向所述 MTC设备发送用于生成所述组密钥的生成参数, 使得所述 MTC设备根据所述生成参数和所述 MTC设备中保存的所述安全密钥生成所 述组密钥。
又一方面, 本发明提供了一种机器类通信设备, 包括: 发送模块, 用于向 移动性管理实体 MME发送机器类通信 MTC设备所在组的组 ID或所述 MTC 设备支持业务的业务 ID , 以使所述 MME向所述 MTC设备所属的用户归属系 统 HSS发送所述组 ID或业务 ID,所述 HSS根据随机数和与所述组 ID对应的 安全密钥生成组通信根密钥、 或者根据随机数和与所述业务 ID对应的安全密 钥生成业务根密钥, 并向所述 MME发送所述组通信根密钥或所述业务根密 钥, 从而所述 MME向基站发送所述组 ID和所述组通信根密钥、 或者所述业 务 ID和所述业务根密钥,以便所述基站在收到所述组 ID和所述组通信根密钥 的情况下根据所述组通信根密钥生成所述组 ID对应的组密钥, 或者在收到所 述业务 ID和业务根密钥的情况下根据所述业务 ID确定所述 MTC设备所在组 的组 ID、 根据所述组 ID和所述业务根密钥生成所述组 ID对应的组通信根密 钥、 并根据所述组通信根密钥生成所述组 ID对应的组密钥; 第一接收模块, 用于从所述基站接收用于生成所述组密钥的生成参数; 生成模块, 用于根据所 述生成参数和所述 MTC设备中保存的所述安全密钥生成所述组密钥。
根据上述技术方案, 由于在 MTC设备和 HSS中保存有与组 ID或业务 ID 对应的安全密钥, 所以网络侧通过利用安全密钥和 HSS产生的随机数可以生 成 MTC设备所在组的组密钥, 并通过将生成组密钥所需的生成参数发送给该 组内的 MTC设备, 来使 MTC设备利用生成参数和安全密钥生成组密钥。 从 而, 同一组内的 MTC设备可以利用相同的组密钥来正常进行组通信, 而在基 站中也只需要为同一个组保持相同组密钥,这样,可以降低基站操作的复杂性, 减少基站维护和管理的密钥数, 提高基站性能。
附图说明
为了更清楚地说明本发明实施例的技术方案,下面将对实施例中所需要使 用的附图作简单地介绍, 显而易见地, 下面描述中的附图仅仅是本发明的一些 实施例, 对于本领域技术人员来讲, 在不付出创造性劳动的前提下, 还可以根 据这些附图获得其他的附图。
图 1是根据本发明实施例的生成组密钥的方法的流程图。
图 2 是利用根据本发明实施例提供的方法来生成组密钥的第一例子的流 程图。
图 3是在第一例子中生成组认证参数的例子的示意图。
图 4是在第一例子中 MTC设备和 MME ( Mobility Management Entity, 移 动性管理实体)进行认证的流程图。
图 5是在第一例子中当 MTC设备从空闲状态或者去附着状态重新加入组 通信时的流程图。
图 6 是利用根据本发明实施例提供的方法来生成组密钥的第二例子的流 程图。
图 7是在第二例子中生成组认证参数的例子的示意图。
图 8是在第二例子中生成组认证参数的另一例子的示意图。
图 9是在第二例子中 MTC设备和 MME进行认证的流程图。
图 10是在第二例子中当 MTC设备从空闲状态或者去附着状态重新加入 组通信时的流程图。
图 11是利用根据本发明实施例提供的方法来生成组密钥的第三例子的流 程图。 图 12是在第三例子中当 MTC设备从空闲状态或者去附着状态重新加入 组通信时的流程图。
图 13是才艮据本发明实施例的生成组密钥的另一方法的流程图。
图 14是才艮据本发明实施例的生成组密钥的再一方法的流程图。
图 15是才艮据本发明实施例的生成组密钥的又一方法的流程图。
图 16是根据本发明实施例的基站的结构框图。
图 17是根据本发明实施例的另一基站的结构框图。
图 18是根据本发明实施例的移动性管理实体的结构框图。
图 19是根据本发明实施例的另一移动性管理实体的结构框图。
图 20是根据本发明实施例的归属用户系统的结构框图。
图 21是根据本发明实施例的另一归属用户系统的结构框图。
图 22是根据本发明实施例的机器类通信设备的结构框图。
图 23是根据本发明实施例的另一机器类通信设备的结构框图。
具体实施方式
下面将结合本发明实施例中的附图,对本发明实施例的技术方案进行清楚、 完 整地描述, 显然, 所描述的实施例是本发明的一部分实施例, 而不是全部实施 例。基于本发明中的所述实施例, 本领域技术人员在没有做出创造性劳动的前 提下所获得的所有其他实施例, 都应属于本发明保护的范围。 首先, 结合图 1 , 描述根据本发明实施例的生成组密钥的方法 100。 如图 1所示, 方法 100包括: 在 S110中,从移动性管理实体 MME接收机器类通信 MTC设备所在组的 组 ID,和与安全密钥相关的组通信 4艮密钥,所述安全密钥与所述组 ID相对应; 或者, 从 MME接收 MTC设备支持业务的业务 ID, 和与安全密钥相关的业务 根密钥 ,所述安全密钥与所述业务 ID对应 ,并根据所述业务 ID确定所述 MTC 设备所在组的组 ID,根据所述组 ID和所述业务根密钥生成所述组通信根密钥; 在 S120中, 居所述组通信 ^=艮密钥生成所述组 ID对应的组密钥; 在 S130中, 向所述 MTC设备发送用于生成所述组密钥的生成参数, 以使所 述 MTC设备根据所述生成参数和所述 MTC设备中保存的所述安全密钥生成 所述组密钥。 例如, 方法 100 可以由基站执行。 网络侧通过利用 HSS ( Home Subscriber System, 归属用户系统 )中保存的与组 ID或业务 ID对应的安全密钥可以生成 组密钥, 再通过将生成组密钥所需的参数中 MTC设备不知道的参数发送给 MTC设备,使得 MTC设备也可以生成与网络侧的组密钥相同的组密钥,这样 可以保证设备侧和网络侧的组密钥相一致, 从而正常进行组通信。 同时, 由于 一个组共用相同的组密钥, 使得在基站中只需要为同一个组保持相同组密钥, 这样, 可以降低基站操作的复杂性, 减少基站维护和管理的密钥数, 提高基站 性能。 下面, 结合具体的例子来描述方法 100的操作。 在本发明的包括第一例子、第二例子和第三例子的如下实施例中,带有" Group" 字样的参数表示与一个组相关的参数 ,一个组的参数" XXX— Group"可以具有与 一个 MTC设备的参数" XXX"类似的用法和作用。 例如, AV— Group可以具有 与认证向量(Authentication Vector, AV )相似的生成方式和表现形式, 不同之 处在于 AV— Group是针对一个组的, 而不是针对一个特定 MTC设备的。 第一例子 在第一例子中,组 ID可以预置在 MTC设备中;也可以设置在 USIM( Universal Subscriber Identity Module, 全球用户识别模块) 中, 当将 USIM插入 MTC设 备时, USIM成为 MTC设备的一部分, 从而确定 MTC设备所在的组。
组通信根密钥是如下描述中的 KeNB— Group , 它等于 HSS 生成的 Kasme_Group。KeNB_Group具有与 KeNB类似的功能,区别在于 KeNB Group 是针对一个组的, 而 KeNB是针对一个 MTC设备的, 通过 KeNB— Group可以 衍生出其它的密钥。
向 MTC设备发送的生成参数可以是生成 KeNB— Group所需的参数, 该参数可 以是一些认证参数, 从而可以在认证过程中向 MTC设备发送。 这样, 可以避 免单独为 MTC设备发送生成参数造成的开销, 并可以提高认证参数的使用效 率。
在图 2所示的第一例子中, 插入 MTC设备的 USIM中保存有 MTC设备所属 组的组信息 Group ID (组 ID ) 以及与该 Group ID对应的安全密钥 K_Group。 当然, 本领域技术人员也可以想到, Group ID以及与 Group ID对应的安全密 钥也可以直接保存在 MTC设备中。 另外, 在 MTC设备所属的 HSS中同样保 存有与 Group ID对应的 K_Group。
在 S210中, MTC设备向 MME发送附着请求, 请求中包括 MTC设备的 IMSI 和 MTC设备所属组的 Group ID。
当 MME收到 MTC设备发送的附着请求之后, MME确定是否保存有与 Group ID绑定的 AV— Group。
当 MME确定还没有保存有与 Group ID相绑定的 AV— Group时, 在 S260之前 执行如下操作:
在 S220中, MME向 HSS发送认证数据请求, 在认证数据请求中包括 IMSI 和 Group ID;
在 S230中, HSS根据 IMSI找到对应的 K, 根据 K生成 AV, 并且 HSS根据 Group ID找到对应的 K Group, 并根据 K Grou 生成 AV Group;
在 S240中, HSS将 AV和 AV— Group通过认证数据响应发送给 MME;
在 S250中, MME将 Group ID和 AV_Group绑定并存储。
根据 K Grou 生成 AV— Group的方式如图 3所示, 这里图 3只是一个例子而 并不对根据 K Grou 生成 AV— Group的方式进行限制。
在图 3中, HSS参考生成 AV的方式来生成针对 Group ID的 AV— Group。 其中 涉及的置位符 AMF、 函数 F1至 F5与现有技术的含义相同, 不同之处在于其 他输入参数以及产生的参数都是针对一个组的而不是针对一个 MTC设备的。
HSS生成针对 Group ID的序列号 SQN_Group,并生成针对 Group ID的随机数 RAND_Group„ 将 K_Group、 SQN Group, RAND Group和 AMF如图所示输 入各函数中, 生成 MAC_Group、 XRES_Group、 CK Grou , IK Grou 和 AK_Group。 接着, 可以利用如下方式生成 AUTN Group和 Kasme Group: AUTN_Group = SQN㊉ AK— Group 11 AMF 11 MAC— Group
Kasme— Group =KDF( SQN㊉ AK— Group, SN ID, IK Group, CK Group) 其中, KDF 密钥生成函数, 可以具有与现有技术相同的计算方式, 与下文中 的 KDF函数一样, 对其形式不做限定; ㊉代表异或计算; II代表将前后两个物 理量并在一起而形成连续的一个物理量。
生成 AUTN Group和 Kasme Group之后, 可以得到 AV Group:
AV Group = RAND Group || XRES Group || Kasme Group || AUTN Group 返回图 2, 当 MME确定保存有与 Group ID相绑定的 AV— Group时, 在 S260 之前执行如下操作:
在 S220中, MME向 HSS发送认证数据请求, 在认证数据请求中包括 IMSI; 在 S230中, HSS根据 IMSI找到对应的 K, 根据 K生成 AV;
在 S240中, HSS将 AV发送给 MME。 此时, 不需要执行 S250。
继续图 2中的流程。 在 S260中 , MME和 MTC设备利用 AV和 AV— Group进 行认证。 认证过程如图 4所示。
在 S410中, MME向 MTC设备发送用户认证请求, 在该请求中除了如现有技 术那样携带 RAND、 AUTH、 KSIASME来对 MTC设备本身进行认证之外, 还需 要釆用本发明实施例的方式携带 RAND Group、 AUTH Group、 KSIASME_Group 来对 MTC设备属于 Group ID进行组认证。 RAND Group, AUTH Group, KSIASME— Group 的含义和用法可以与 RAND、 AUTH、 KSIASME相同, 除了 AND_Group、 AUTH Group , KSIASME_Group 是针对一个组而言的参数, 而 RAND, AUTH、 KSIASME是针对一个 MTC设备而言的。
在 S420中, 当认证成功时, MTC设备向 MME返回用户认证响应, 在该响应 中除了如现有技术那些携带 RES来对设备认证进行响应之外, 还需要釆用本 发明实施例的方式携带 RES— Group来对组认证进行响应。 另外, 如果认证失 败, 则 MTC设备需要如现有技术那样向 MME发送用户认证拒绝消息, 在该 消息中携带用于表示认证失败原因的 CAUSE参数。
返回图 2并继续图 2的流程。 在 S270中, 如果认证成功, 则 MME和 MTC 设备可以根据 AV_Grou 计算出 KeNB_Group,在该实施例中将 Kasme_Group 作为 KeNB_Group。 KeNB Group是接入层的组通信根密钥,通过 KeNB Group 可以生成其他的接入层组密钥。 虽然在图 2所示的第一例子中, MTC设备在 S270处与 MME并发生成 KeNB和 KeNB— Group ,但是 MTC设备也可以在 S260 之后、 S292之前的任意时刻生成 KeNB和 KeNB— Group。
在 S280中, MME将 Group ID、 KeNB和 KeNB Group发送给 eNB。
在 S290中, eNB根据 MTC设备的安全能力选择完整性算法和加密算法。 如 果 eNB上没有建立有与 Group ID相关的绑定, 则 eNB根据 MTC设备的组安 全能力选择用于生成组密钥的组算法, 可以包括组完整性算法和组加密算法。 选择组完整性算法和组加密算法的方式可以与现有技术中针对 MTC设备选择 完整性算法和加密算法相似,组完整性算法和组加密算法也可以分别与现有技 术中的完整性算法和加密算法相似,不同之处在于组完整性算法和组加密算法 是针对一个组的算法,而完整性算法和加密算法是针对一个 MTC设备的算法。 当 eNB第一次为一个组 ID生成对应的组密钥而建立组 ID的绑定关系时, eNB 将密钥更新次数 Key Count置为 0, 该参数可以用于对组密钥进行推衍更新。 当 PDCP计数器 ( PDCP Count )值达到最大值时, 可以将 Key Count值加 1。 PDCP Count值达到最大值, 可以是指 PDCP Count中的超帧号 ( Hyper Frame Number, HFN )部分达到最大值, 也就是每当 HFN达到阔值时, Key Count 加一。这样, 当属于组 ID的其它 MTC设备第一次加入组 ID对应的组通信时, 向该其它 MTC设备发送用于生成组密钥的生成参数和更新组密钥所需的密钥 更新次数 Key Count, 以使该其它 MTC设备根据生成参数、 密钥更新次数和 安全密钥生成组密钥。
之后, eNB可以建立 Group ID与组完整性算法、组加密算法、 Key Count的绑 定关系, 并计算 MTC设备的接入层密钥和 MTC设备所属组的接入层组密钥 , 再将接入层组密钥和 KeNB— Group也与 Group ID绑定起来。 MTC设备的接入 层密钥的计算方式与现有技术相同,而计算接入层组密钥可以釆用如下所述的 方式。
接入层组密钥可以包括接入层组加密密钥 Key— Groupenc和接入层组完整性密 钥 Key— Groupint。 Key— Groupenc=KDF ( KeNB— Group, Group-enc-alg、 Alg-ID ), Key_Groupint=KDF ( KeNB Group, Group-int-alg, Alg-ID )。 其中, KDF是密 钥生成函数, Group-enc-alg代表当前计算釆用的是组加密算法、 Alg-ID是算 法标识, Group-int-alg代表当前计算釆用的是组完整性算法。
如果 eNB上已经建立有 Group ID相关的绑定,则 eNB不需要执行选择组算法 和计算组密钥的步骤。 如果 eNB上已经建立有 Group ID相关的绑定、 并且 Group ID绑定的 Key Count不为 0, 则在下面描述的 S291中还需要发送 Key Count值。
这里,虽然在第一例子中由 eNB根据 MTC设备的组安全能力选择组完整性算 法和组加密算法,但是在其他实施例中,组完整性算法和组加密算法也可以被 预先配置在 eNB和 MTC设备中, 这样不需要 eNB选择相应算法。
在 S291中, eNB向 MTC设备发送接入层安全模式命令( Access Stratum Security Mode Command, AS SMC ), 协商选择的完整性算法、 加密算法、 组完整性算 法、 组加密算法。
在 S292中, MTC设备根据协商的算法中的完整性算法和加密算法, 可以计算 出 MTC设备的接入层密钥。 MTC设备根据协商的算法中的组完整性算法和组 加密算法, 并结合在 S260中从 AV— Group中获取的 KeNB— Group, 可以计算 出所属组的组密钥 Key— Groupenc和 Key— Groupint。
如果 Key Count不等于 0, 则 eNB可以根据 Key Count来对组密钥进行更新。 更新组密钥的方式可以是首先根据 Key Count推衍新的 KeNB— Group, 然后利 用推衍后的 KeNB— Group计算出新的组密钥。
例如, 可以利用如下表达式来推衍新的 KeNB— Group。 用 KeNB— Group*表示 推衍后的 KeNB_Group,并用推衍出的 KeNB_Group*取代 KeNB_Group,作为 当前的 KeNB Group:
KeNB— Group*=KDF ( KeNB— Group, Cell ID, Group ID )
其中, KDF为生成函数, Cell ID为小区标识。 Key Count为几, 就推衍几次。 还可以利用如下表达式来直接推衍 KeNB Group* , 将 KeNB— Group*作为 KeNB Group:
KeNB— Group*=KDF ( KeNB— Group, Cell ID, Group ID, Key Count ) 当推衍出 KeNB— Group之后, eNB可以利用推衍后的 KeNB— Group和协商的 组算法重新计算 Key— Groupenc 和 Key— Groupint。 接着, 利用重新计算的 Key— Groupenc和 Key— Groupint进行组通信。
当 Key Count不等于 0时, eNB还需要通过 AS SMC向 MTC设备发送 Key Count。 MTC设备根据与 eNB相同的计算方式,首先推衍出新的 KeNB— Group, 然后利用推衍后的 KeNB— Group , 并结合协商的组算法, 重新计算 Key— Groupenc 和 Key— Groupint。 接着, 利用重新计算的 Key— Groupenc 和 Key Groupint进行组通信。 在第一例子中, 一组 MTC设备在一段时间内都使用一个 AV— Group, 可以允 许 AV— Group重用, SQN— Group的使用规则可以是 MTC设备从网络侧收到 AUTH Grou 中的 SQN_Group大于或等于设备侧保存的 SQN_Group。 如果 SQN— Group出现不同步的情况, 可以通过重同步过程来进行解决。
此外, 一个组内的一个 MTC设备如果原本处于组通信中、 但经过一段时间之 后退出组通信, 那么当该 MTC 设备需要从空闲 (IDLE ) 态转换为活动 ( ACTIVE ) 态而重新加入组通信时, eNB向 MTC设备发送更新组密钥所需 的密钥更新次数 Key Count , 以使 MTC设备根据密钥更新次数更新组密钥。 接入层密钥和接入层组密钥的同步可以釆用图 5所示的方式。
在 S510中, MTC设备向 MME发送服务请求消息, 在消息中包含 Group ID、 KSIASME_Group,其中 KSIASME_Group是用来标识 KASME_Group的密钥标识符。 在 S520中, MME检查是否存在与 Group ID对应的绑定关系, 即是否存在与 Group ID绑定的 AV—Group。 如果不存在绑定关系, 或者存在绑定关系但绑定 的 AV_Group中的 KSIASME_Group与消息中的 KSIASME_Group不一致, 则执行 图 2中当 MME没有绑定关系时执行的 S220至 S260以及后续的 S270至 S292。 在图 5中,在 MME中保存有绑定关系且绑定的 AV— Group中的 KSIASME— Group 与消息中的 KSIASME— Group相一致, 则 MME在 S530中将 Group ID发送给 eNB。
在 S540中, eNB根据 Group ID查找绑定的组算法、 Key Count, KeNB Group, Key— Groupenc和 Key— Groupint。 在该处, 由于 MME处存在绑定关系, 则图 2 的流程已经执行, 则 eNB中存在与 Group ID相关的绑定关系。 在 S550中, eNB向 MTC设备发送 AS SMC, 协商完整性算法、 加密算法、 组完整性算法、 组加密算法, 并将 Key Count发送给 MTC设备。
在 S560 中, MTC设备根据协商的算法计算接入层密钥以及接入层组密钥 Key Groupenc和 Key— Groupint。
第二例子
在第二例子中, 组通信根密钥是如下描述中的 KeNB— Group, 它等于 HSS生 的过程中随机产生的随机数。 由于基站需要向 MTC设备发送随机数, 所以 HSS需要将随机数发送给 MME, 再由 MME将随机数发送给基站。
在图 6所示的第二例子中, 在 MTC设备的 USIM中保存有 MTC设备所属组 的 Group ID以及与该 Group ID对应的密钥 K— Group。 当然, 本领域技术人员 也可以想到, Group ID 以及与 Group ID对应的安全密钥也可以直接保存在 MTC设备中。 另外, 在 MTC设备所属的 HSS 中同样保存有 Group ID和 K Grou 的对应关系。
在 S610中, MTC设备向 MME发送附着请求, 请求中包括 MTC设备的 IMSI 和 Group ID。
当 MME收到 MTC设备发送的附着请求之后, MME确定是否保存有与 Group ID绑定的 Group Key和 Nonce, 其中 Nonce是由 HSS随机生成的随机数。 当 MME确定还没有保存有与 Group ID相绑定的 Group Key和 Nonce时, 在 S660之前执行如下操作:
在 S620中, MME向 HSS发送认证数据请求消息, 在该消息中包含 IMSI和 Group ID。 当在后续的认证中需要利用 S630中生成的 AV— Group时, 则在认 证数据请求中还需要包含指示符 Group Key Indicator, 用于表示 MME还没有 建立 Group ID的相关绑定信息, 需要 HSS生成 Group Key, 当然, 如果后续 认证利用现有技术中的 AV, 也可以携带 Group Key Indicator来表示没有建立 有 Group ID的相关绑定信息;
在 S630中, HSS根据 IMSI找到对应的 K, 根据 K生成 AV, 以使 MTC设备 和网络侧利用 AV进行认证。 其中, 与 IMSI对应的 K可以被称为 MTC设备 的专属密钥,任一 K的取值都是唯一的,只由一个 MTC设备持有。当将 USIM 插入 MTC设备时 , 由于在 USIM中保存有 K, 故 MTC设备被分配了唯一的 κ。
HSS也可以根据 IMSI找到对应的 K,根据 Group ID找到对应的 K— Group,结 合 K和 K— Group生成 AV— Group , 以使 MTC设备和网络侧利用 AV— Group进 行认证。 此外, 1½8根据(¾0叩10找到对应的 _01"0叩, 根据 K_Group和随 机产生的随机数 Nonce生成 Group Key;
在 S640中, 当利用 AV进行认证时, HSS将 AV、 Group Key和 Nonce通过认 证数据响应消息发送给 MME。 当利用 AV— Group 进行认证时, HSS 将 AV Grou 、 Group Key和 Nonce通过认证数据响应消息发送给 MME;
在 S650中, MME将 Group ID与 Group Key和 Nonce进行绑定并存储。
根据 K和 K— Group生成 AV— Group的方式可以如图 7和图 8所示。 这里图 7 和图 8只是两个例子而并不对生成 AV— Group的方式进行限制。
在图 7中, HSS生成 SQN并生成 RAND, 并将 SQN和 RAND作为针对一个 组的序列号和随机数。 HSS将 SQN、 RAND, AMF、 K按照如图所示的方式 输入与现有技术相同的 F1至 F5函数, 得到 MAC、 XRES、 CK、 ΙΚ、 ΑΚ。 接 着 HSS将 Κ— Group和 MAC、 SRES、 CK、 IK、 AK按照如图所示的方式输入 其它函数 F, 这些函数 F可以相同也可以不同, 具体形式在此不作限制。 通过 这些函数 F可以分别得到 MAC_Group、 XRES_Group、 CK_Group、 IK Group 和 AK— Group。
在图 8中, HSS生成 SQN并生成 RAND, 并将 SQN和 RAND作为针对一个 组的序列号和随机数。 HSS将 SQN、 RAND, AMF、 K和 K— Group按照如图 所示的方式输入与现有技术相同的 F1 至 F5 函数, 分别得到 MAC— Group、 XRES— Group、 CK— Group、 IK— Group、 AK— Group。
在图 7和图 8中, 都可以釆用如下方式得到 AV— Group:
AUTN_Group = SQN㊉ AK— Group || AMF || MAC— Group
Kasme— Group =KDF( SQN㊉ AK— Group, SN ID, IK Group, CK— Group)
AV— Group = RAND || XRES— Group || Kasme— Group || AUTN_Group
其中, KDF是密钥生成函数, 可以具有与现有技术相同的计算方式; ㊉代表 异或计算; II代表将前后两个物理量并在一起而形成连续的一个物理量。
当 MME确定保存有与 Group ID相绑定的 Group Key和 Nonce时,在 S660之 前执行如下操作:
在 S620中, MME向 HSS发送认证数据请求消息, 当在后续只需要利用 AV 进行认证时, 在认证数据请求消息中包含 IMSI, 当在后续需要利用 AV— Group 进行认证时, 在认证数据请求消息中包含 IMSI和 Group ID; 在 S630中, 当利用 AV进行认证时, HSS根据 IMSI找到对应的 K, 根据 K 生成 AV。 当利用 AV— Group进行认证时, HSS根据 IMSI找到对应的 K, 根据 Group ID找到对应的 K Group, 结合 K和 K Group生成 AV Group;
在 S640中 , HSS将 AV或 AV— Group通过认证数据响应发送给 MME。 此时 , 不需要执行 S650。
继续图 6中的流程。 在 S660中, MME和 MTC设备利用 AV或者 AV— Group 进行认证。 当利用 AV认证时,釆用与现有技术相同的方式。 当利用 AV— Group 认证时, 认证过程如图 9所示。
在 S910中, MME向 MTC设备发送用户认证请求,在该请求中携带 AV— Group 中的 RAND— Group、 AUTN— Group以及现有技术中的 KSIASME
在 S920中, 当认证成功时, MTC设备向 MME返回用户认证响应, 在该响应 中携带 RES— Group。 另外, 如果认证失败, 则 MTC设备向 MME发送用户认 证拒绝消息, 并在该消息中携带 CAUSE参数。
返回图 6并继续图 6的流程。 在 S670中, 如果认证成功, 则 MME和 MTC 设备如现有技术那样计算出 KeNB, MME将 Group Key作为 KeNB— Group。 虽然在图 6所示的第二例子中, MTC设备在 S670处与 MME并发生成 KeNB, 但是 MTC设备也可以在 S660之后、 S692之前的任意时刻生成 KeNB。
在 S680中, MME将 Group ID、 KeNB, KeNB Grou 和 Nonce发送给 eNB。 在 S690中, eNB根据 MTC设备的安全能力选择完整性算法和加密算法。 如 果 eNB上没有建立有与 Group ID相关的绑定, 则 eNB根据 MTC设备的组安 全能力选择用于生成组密钥的组算法, 可以包括组完整性算法和组加密算法, 并计算出接入层密钥以及组密钥 Key— Groupenc和 Key— Groupint。 此外, eNB 还将组算法、 Key Count、 KeNB Group 、 KeNB— Groupenc、 KeNB Groupint 和 Nonce与 Group ID相绑定。 S690的相关内容可以参考 S290中的描述, 为 了避免重复, 在此不再赘述。
在 S691中, eNB向 MTC设备发送 AS SMC, 协商选择的完整性算法、 加密 算法、 组完整性算法、 组加密算法, 并在 AS SMC中携带 Nonce。
在 S692中, MTC设备根据协商的算法计算接入层密钥。根据 Nonce,与 Group ID对应的 K_Group计算 KeNB_Group, 并利用 KeNB_Group和协商的组算法 计算接入层组密钥 Key— Groupenc和 Key_Groupint„
如果在 AS SMC 中携带有不为 0 的 Key Count, 则根据 Key Count 对 KeNB Grou 进行推衍,根据推衍后的 KeNB— Group更新接入层组密钥。同时, 在 eNB处, 由于 Key Count不为 0 , eNB同样根据 Key Count对 KeNB— Group 进行推衍,并根据推衍后的 KeNB— Group更新接入层组密钥。推衍的相关内容 可以参考 S292中的相关内容, 为了避免重复, 在此不再赘述。
此外, 一个组内的一个 MTC设备如果原本处于组通信中、 但经过一段时间之 后退出组通信, 那么当该 MTC设备需要从 IDLE态转换为 ACTIVE态而重新 加入组通信时, eNB 向 MTC设备发送更新组密钥所需的密钥更新次数 Key Count, 以使 MTC设备根据密钥更新次数更新组密钥。接入层密钥和接入层组 密钥的同步可以釆用图 10所示的方式。
在 S 1010中, MTC设备向 MME发送服务请求消息,在该消息中包含 Group ID 和之前进行组通信过程中保存的 Nonce值,该 Nonce值也是 MTC设备生成组 密钥的 Nonce值。
在 S1020中, MME检查是否存在与该 Group ID对应的绑定关系, 即是否存在 与 Group ID绑定的 Group Key和 Nonce。 如果不存在绑定关系, 或者存在绑 定关系但绑定的 Nonce值与 MTC设备发送的 Nonce值不一致,则在 S1030中, MME将 Group ID和 MME绑定的 Nonce发送给 eNB , 以使 eNB将 Nonce发 送给 MTC设备,并将与 Group ID绑定的组算法和不为 0的 Key Count发送给 MTC设备。 如果存在绑定关系且绑定的 Nonce值与 MTC设备发送的 Nonce 值一致, 则在 S 1030中, MME将 Group ID发送给 eNB。
在图 10中, 假设在 MME中存在绑定关系且 Nonce值一致, 则在 S1030中, MME将 Group ID发送给 eNB。
在 S1040中, eNB根据 Group ID查找绑定的组算法、 Key Count, KeNB_Group、 Key Groupenc、 Key Groupint和 Nonce。
在 S1050中, eNB向 MTC设备发送 AS SMC, 协商完整性算法、 加密算法、 组完整性算法、 组加密算法, 并在 Key Count不为 0的情况下将 Key Count发 送给 MTC设备。 此外, 如果在 S1030中 MME将 Nonce值发送给 eNB , 则在 AS SMC中携带 Nonce值发送给 MTC设备。
在 S1060 中, MTC设备根据协商的算法计算接入层密钥以及接入层组密钥 Key Groupenc和 Key— Groupint。
第三例子
在第三例子中, 提前根据 MTC设备的功能或者所属业务将 MTC设备分成了 不同的业务集合, 由业务 ID进行区分。 但是业务集合并不等于共用相同组密 钥的组, 共用相同组密钥的组还需要由基站根据业务 ID进行分组来确定。 根 据业务 ID确定组 ID的方式可以与现有技术相同, 例如根据支持相同业务的 MTC设备所处的位置进行分组等, 在此不再赘述。
业务 ID可以预置在 MTC设备中; 也可以设置在 USIM中, 当将 USIM插入 MTC设备时, USIM成为 MTC设备的一部分, 从而确定 MTC设备所支持的 业务。
业务根密钥是如下描述中的 KeNB— Service, 它等于 HSS生成的 Service Key。 通过 KeNB— Service, 可以由基站确定 KeNB— Group。
向 MTC设备发送的生成参数可以是基站根据业务 ID分组后得到的组 ID以及 HSS生成 Service Key所需的随机数。 这样, MTC设备再结合保存在插入的 USIM中与业务 ID对应的 K— Service, 可以生成与基站生成的组密钥相同的组 密钥。
在图 11所示的第三例子中,在 MTC设备的 USIM中保存有 MTC设备所属业 务的 Service ID以及与该 Service ID对应的密钥 K— Service。 在 MTC设备所属 的 HSS中同样保存有 Service ID和 K— Service的对应关系。
在 SI 110中, MTC设备向 MME发送附着请求,在该请求中包括 IMSI和 Service ID。
当 MME收到 MTC设备发送的附着请求之后, MME确定是否保存有与 Service ID绑定的 Service Key和 Nonce。
当 MME确定还没有保存有与 Service ID相绑定的 Service Key和 Nonce时, 在 S1160之前执行如下操作: 在 S1120中, MME向 HSS发送认证数据请求消息, 在该消息中携带 IMSI和 Service ID;
在 S1130中, HSS根据 IMSI找到对应的 K, 并根据 K生成 AV, 以使 MME 利用 AV与 MTC设备进行认证。 HSS根据 Service ID找到 K— Service, 并随机 生成随机数 Nonce, 接着根据 K— Service和 Nonce生成 Service key;
在 SI 140中, HSS将 AV、 Service key和 Nonce通过认证数据响应消息发送给 MME;
在 S1150中, MME将 Service ID与 Service Key和 Nonce进行绑定并存储。 当 MME确定保存有与 Service ID相绑定的 Service Key和 Nonce时,在 SI 160 之前执行如下操作:
在 S1120中, MME向 HSS发送认证数据请求消息, 在该消息中携带 IMSI; 在 S1130中, HSS根据 IMSI找到对应的 K, 并根据 K生成 AV;
在 S1140中, HSS将 AV通过认证数据响应消息发送给 MME。 此时, 不需要 执行 S1150。
继续图 11中的流程。 在 S1160中, MME和 MTC设备利用 AV进行认证。 利 用 AV的认证过程与现有技术相同, 在此不再赘述。
在 S1170中, 如果认证成功, 则 MME和 MTC设备计算出 KeNB, 并且 MME 将 Service Key作为 KeNB— Service。 虽然在图 11所示的第三例子中, MTC设 备在 S1170处与 MME并发生成 KeNB,但是 MTC设备也可以在 S1160之后、 S1192之前的任意时刻生成 KeNB。
在 SI 180中, MME将 Service ID、 KeNB、 KeNB— Service和 Nonce发送给 eNB。 在 S1190中, eNB根据 MTC设备的安全能力选择完整性算法和加密算法。 如 果 eNB上没有建立有与 Service ID相关的绑定关系, 则 eNB根据 MTC设备 的组安全能力选择用于生成组密钥的组算法,可以包括组完整性算法和组加密 算法, 并计算接入层密钥以及接入层组密钥。选择组完整性算法和组加密算法 的方式可以与现有技术中针对 MTC设备选择完整性算法和加密算法相似, 组 完整性算法和组加密算法也可以分别与现有技术中的完整性算法和加密算法 相似, 不同之处在于组完整性算法和组加密算法是针对一个组的算法, 而完整 性算法和加密算法是针对一个 MTC设备的算法。
在计算包括 Key Groupenc和 Key— Groupint的接入层组密钥的过程中, eNB首 先需要根据 Service ID对属于同一业务的 MTC设备进行分组, 然后根据分组 确定一个组的 KeNB— Group, 再根据 KeNB Grou 和组算法生成组密钥。 对属于同一业务的 MTC设备进行分组的方式多种多样, 例如随机分组、 根据 MTC设备的信号强度分组等。
可以釆用如下方式计算 KeNB— Group:
KeNB_Group=KDF ( KeNB— Service , Cell ID, Group ID )
其中, KDF是密钥生成函数, Cell ID是 eNB服务小区的编号, Group ID是经 过分组得到的 MTC设备所属组的组 ID。
计算出 KeNB— Group之后, 可以计算组加密密钥 Key— Groupenc和组完整性密 钥 Key Groupint:
Key_Groupenc=KDF ( KeNB— Group, Group-enc-alg、 Alg-ID )
Key— Groupint=KDF ( KeNB— Group , Group-int-alg, Alg-ID ) 其中, KDF是密钥生成函数, Group-enc-alg代表当前计算釆用的是组加密算 法、 Alg-ID是算法标识, Group-int-alg代表当前计算釆用的是组完整性算法。 计算出组密钥之后, eNB 还将组算法、 Key Count、 KeNB— Group、 KeNB Groupenc和 KeNB Groupint与 Group ID相绑定。 另外, 如第一例子所 述,当 eNB第一次为一个组 ID生成对应的组密钥而建立组 ID的绑定关系时, eNB将 Key Count置为 0, 当 PDCP计数器值达到最大值时, 将 Key Count值 加 1 , 通过 Key Count值对组密钥进行推衍更新。
在其它实施例中, 组完整性算法和组加密算法也可以被预先配置在 eNB 和 MTC设备上, 此时无需在 S1190中选择组算法, 也无需在 AS SMC中协商组 算法。
在 S1191中, eNB向 MTC设备发送 AS SMC, 协商选择的完整性算法、 加密 算法、 组完整性算法、 组加密算法, 并在 AS SMC中携带 Group ID和 Nonce。 在 S1192中, MTC设备根据协商的算法中的完整性算法和加密算法, 可以计 算出 MTC设备的接入层密钥。 MTC设备根据协商的算法中的组完整性算法和 组加密算法、 在 S 1091 中获取的 Group ID和 Nonce 以及保存在 USIM内的 K— Service计算组密钥。
如果 Key Count值不等于 0, 则 eNB可以根据 Key Count对组密钥进行更新, 更新组密钥的方式可以首先根据 Key Count推衍新的 KeNB— Group, 再利用推 衍后的 KeNB— Group计算出新的组密钥。 推衍方式可以参考 S192中的相关内 容。
此外, 当一个组内的一个 MTC设备如果原本处于组通信中、 但经过一段时间 之后退出组通信, 那么当该 MTC设备需要从 IDLE状态或去附着状态转换为 ACTIVE状态而重新加入组通信时 , 向 MTC设备发送更新组密钥所需的密钥 更新次数 Key Count, 以使 MTC设备根据密钥更新次数更新组密钥。 接入层 密钥和接入层组密钥的同步可以釆用图 12所示的方式。
在 S1210中, MTC设备向 MME发送服务请求消息,在该消息中包含 Service ID 和之前进行组通信过程中保存的 Nonce值和 Group ID。
在 S 1220中, MME检查是否存在与该 Service ID对应的绑定关系, 即是否存 在与 Service ID绑定的 Service Key和 Nonce。如果不存在绑定关系,或者存在 绑定关系但绑定的 Nonce值与 MTC设备发送的 Nonce值不一致, 则在 S1230 中, MME将 Group ID和 MME绑定的 Nonce发送给 eNB ,以使 eNB 将 Nonce 发送给 MTC设备,并将与 Group ID绑定的组算法和不为 0的 Key Count发送 给 MTC设备。如果存在绑定关系且绑定的 Nonce值与 MTC设备发送的 Nonce 值一致, 则在 S1230中 , MME将 Group ID发送 eNB。
在图 12中, 假设在 MME中存在绑定关系且 Nonce值一致, 则在 S1230中, MME将 Group ID发送给 eNB。
在 SI 240 中, eNB 根据 Group ID 查找绑定的组算法、 Key Count、 KeNB— Group、 Key Groupenc和 Key— Groupint。
在 S1250中, eNB向 MTC设备发送 AS SMC, 协商完整性算法、 加密算法、 组完整性算法、 组加密算法, 并在 Key Count不为 0的情况下将 Key Count发 送给 MTC设备。 此外, 如果在 S1230中 MME将 Nonce值发送给 eNB , 则在 AS SMC中携带 Nonce值发送给 MTC设备。 在 S 1260中, MTC设备根据协商的算法、 Nonce值、 K— Service, Group ID计 算接入层密钥以及接入层组密钥。
根据本发明的实施例 , PDCP Count值由 HFN和 SN两部分组成, 在 MTC设 备和 eNB之间进行组通信的过程中, eNB可以不需要为每个 MTC设备维护一 个 HFN值, 而是为一组 MTC设备维护一个组 HFN值, 其中组 HFN由一组 MTC设备共用, SN由 MTC设备发送的数据包中的序列号决定。在一组 MTC 设备的每个 MTC设备中, 都维护一个 PDCP Count值, 该 PDCP Count值中的 HFN与 eNB维护的组 HFN和其它 MTC设备的 HFN保存同步, SN由 MTC 设备单独维护, 与自己发送的数据包的序列号有关。
对于上行链路,每个 MTC设备维护一个 PDCP Count值,组内每个 MTC设备 维护的 HFN与 eNB维护的组 HFN保持同步。 组内 MTC设备利用上行 PDCP Count值对上行数据进行加密, 并在上行数据分组数据单元( Packet Data Unit, PDU ) 头部中携带 SN。 eNB收到公共承载上的数据包时, 利用 eNB保存的 HFN和数据包携带的 SN组成的 Count值解密该数据包。 当组内任一 MTC设 备发送数据包中的 SN达到阔值时, eNB收到该数据包之后, 将组 HFN加 1 , 并将该 HFN的取值或者 HFN需要加 1的信息通知给组内的各 MTC设备。
HFN可以有多种通知方式。 例如, 对于业务量小的 MTC设备, 可以将 HFN 设置为固定值。 再例如 , 当 HFN可变时, eNB可以通过组 ID对应组内所有 MTC设备各自的信令承载、组 ID对应组的公共信令承载或者广播信道, 向组 ID对应组内所有 MTC设备发送 HFN的取值。 eNB可以在 HFN达到阔值时向 组 ID对应组内的所有 MTC设备发送 HFN取值, 也可以在有 MTC设备加入 组 ID对应组时, 向该 MTC设备发送 HFN取值。 又例如, 当 HFN可变时, 如果组 ID对应的 HFN达到阔值,那么 eNB可以通过组 ID对应组内所有 MTC 设备各自的信令承载、 组 ID对应组的公共信令承载或者广播信道, 向组 ID 对应组内所有 MTC设备发送用于指示 HFN加 1的指示信息。 如果广播 HFN 需要增加的指示信息, 则对于组 HFN的初始值需要 MTC设备与 eNB协商或 由 eNB发送给 MTC设备。 另外, eNB还可以直接将 PDCP Count值放在 PDU 头部中发送给 MTC设备, 这样 MTC设备根据收到的 PDU, 可以从头部中提 取中 HFN的取值。
对于下行链路,如果组通信基于 eNB和一组 MTC设备之间的公共承载, 则一 般组内 MTC设备通过公共承载接收 eNB发送的组信息, 此时组内 MTC设备 的 PDCP Count值变化一致, 故不需要在下行链路引入新的 PDCP Count值机 制。
当 eNB保存的组 HFN达到阔值时 , eNB对组密钥进行更新。 当 MTC设备内 的 PDCP Count值中的 HFN达到阔值时, MTC设备也对组密钥进行更新。 可 以通过多种方式使 MTC设备确定 HFN达到阔值。 例如 eNB可以向 MTC设 备通知 HFN取值或 HFN加 1的指示, 以使 MTC设备在改变 HFN之后确定 HFN达到阔值,从而更新组密钥。再例如 eNB可以直接向 MTC设备通知 HFN 达到阔值的指示, 以使 MTC设备更新组密钥。
无论在 eNB中还是在 MTC设备中, 可以有两种方式对组密钥进行更新。
一种是先更新 KeNB— Group , 然后利用更新后的 KeNB— Group 计算 Key Groupenc 和 Key— Groupint。 在该种更新方式中, KeNB— Group *=KDF ( KeNB— Group, Cell ID, Group ID )或者 KeNB— Group *=KDF ( KeNB— Group, cell ID , Group ID , Key Count )。 另一种是直接对 Key Groupenc和 Key Groupint进行更新。 在该更新方式中, Key_Groupenc*=KDF( Key Groupenc , Cell ID, Group ID ), Key_Groupint*=KDF ( Key Groupint, Cell ID , Group ID )。 在本发明的实施例中, 为了进一步保证通信的安全, 网络侧可以在满足一定条 件时对组通信根密钥进行更新。 当满足一定条件时, 网络侧更新组根密钥 KeNB— Group, 并与 MTC设备进行重认证或者向 MTC设备发送用于更新 KeNB— Group所需的信息,以使网络侧和 MTC设备可以根据新的 KeNB— Group 更新组密钥。 该一定条件可以是当网络侧维护的定时器达到阔值时; 也可以是 eNB处维护 的 Key Count值达到阔值时; 还可以是 MME处维护的针对一个组或一个业务 的计数器值达到阔值时, 每当 MME收到属于一个组或一个业务的 MTC设备 发送的 NAS信令时, 该计数器值加 1。 接下来, 结合图 13描述根据本发明实施例的生成组密钥的方法 1300。 如图 13所示, 方法 1300包括: 在 S1310中, 接收机器类通信 MTC设备发送的所述 MTC设备所在组的 组 ID或所述 MTC设备支持业务的业务 ID;
在 S1320中, 向所述 MTC设备所属的归属用户系统 HSS发送所述组 ID 或业务 ID, 以使所述 HSS根据生成的随机数和与所述组 ID对应的安全密钥 生成组通信根密钥,或者以使所述 HSS根据生成的随机数和与所述业务 ID对 应的安全密钥生成业务根密钥;
在 S1330中, 从所述 HSS接收所述组通信根密钥或所述业务根密钥; 在 S1340中, 向基站发送所述组 ID和所述组通信根密钥、 或者所述业务 ID和所述业务根密钥, 以使所述基站在收到所述组 ID和所述组通信根密钥的 情况下根据所述组通信根密钥生成所述组 ID对应的组密钥, 或者在收到所述 业务 ID和业务根密钥的情况下根据所述业务 ID确定所述 MTC设备所在组的 组 ID、根据所述组 ID和所述业务根密钥生成所述组 ID对应的组通信根密钥、 并根据所述组通信根密钥生成所述组 ID对应的组密钥, 并由所述基站向所述 MTC设备发送用于生成所述组密钥的生成参数,使得所述 MTC设备根据所述 生成参数和所述 MTC设备中保存的所述安全密钥生成所述组密钥。
例如, 方法 1300可以由 MME执行。 由于 MME的操作与基站、 HSS、 MTC 设备的操作相对应, 因此方法 1300中的各步骤的描述可以参考方法 100的描 述, 具体例子可以参考上述第一例子至第三例子, 为了避免重复, 在此不再赘 述。 根据本发明的实施例 ,当所述组 ID没有绑定与所述组 ID对应的组通信根 密钥、或者所述业务 ID没有绑定与所述业务 ID对应的业务根密钥时,向所述 MTC设备所属的归属用户系统 HSS发送所述组 ID或业务 ID。 如果组 ID或 业务 ID绑定有组通信根密钥或业务根密钥,则不向 HSS发送组 ID或业务 ID。 当 HSS将根据组 ID或业务 ID确定的组通信根密钥或业务根密钥发送给 MME 之后, MME将组通信根密钥与组 ID相绑定并存储、 或者将业务根密钥与业 务 ID相绑定并存储。 这样, 当 MME收到其它 MTC设备发送的携带有组 ID 或业务 ID的附着请求时, 如果 MTC设备与网络侧认证成功, 则向基站发送 组 ID和组通信根密钥、 或者业务 ID与业务根密钥。 从而, 可以避免 HSS重 复根据组 ID或业务 ID生成组通信根密钥或业务根密钥,也可以避免由于 HSS 产生的随机数不同而使得针对同一组 ID或业务 ID产生的组通信根密钥或业务 根密钥不同, 因此有利于实现同一组 ID共用相同的组密钥。
根据本发明的一个实施例,在 S1330中, MME除了从 HSS接收组通信根 密钥或业务根密钥外, 还可以从 HSS接收随机数。 在该情况下, MME可以将 组通信根密钥、 随机数与组 ID绑定并存储、 或者将业务根密钥、 随机数与业 务 ID绑定并存储。 此外, MME需要将随机数也发送给基站, 以使基站将随 机数发送给 MTC设备, 供 MTC设备根据随机数和安全密钥来生成组密钥。 在 MME针对组 ID绑定有组通信根密钥和随机数、或者针对业务 ID绑定 有业务根密钥和随机数的情况下, 当 MME收到其它 MTC设备发送的携带有 组 ID或业务 ID的附着请求时, 如果 MTC设备与网络侧认证成功, 则向基站 发送组 ID 以及与组 ID绑定的组通信根密钥和随机数, 或者向基站发送业务 ID以及与业务 ID绑定的业务根密钥和随机数。 这样, 可以避免 HSS重复生 成组通信根密钥或业务根密钥, 也可以降低计算复杂度。
在认证过程中, MME可以按照现有技术那样利用 AV对 MTC设备进行 设备认证, 在本发明的实施例中, MME除了用 AV对 MTC设备进行设备认 证之外, 还可以利用组认证参数对 MTC设备进行组认证, 例如, 组认证参数 可以是第一例子中根据 K— Group生成的 AV— Group。 此外, 在本发明的实施例 中, MME还可以用一个组认证参数同时与 MTC设备进行设备认证和组认证, 例如, 组认证参数可以是第二例子中根据 K和 K— Group生成的 AV— Group中 的参数。 MME用于进行组认证的组认证参数由 HSS根据 K— Group或者 K和 K Grou 生成之后发送给 MME。
此外, 在进行组通信的过程中, 为了进一步提高通信的安全性, 可以在达 到一定条件时, 对组密钥进行更新。 根据本发明的实施例, 当网络侧维护的预 定定时器达到第一预定阔值时,或者当基站更新组密钥的次数达到第二预定阔 值时, 或者当维护的非接入层的计数值达到第三预定阔值时, 与 MTC设备进 行重认证或者从 HSS接收新的组通信根密钥或业务根密钥, 新的组通信根密 钥或业务根密钥由 HSS根据安全密钥和新的随机数生成。
例如, 在第一例子中, 当需要更新组密钥时, MME与 MTC设备进行重 认证, 通过重认证可以向 MTC设备发送生成新的组密钥所需的认证参数。 在 第二例子和第三例子中, 当需要更新组密钥时, HSS随机生成新的随机数, 并 根据安全密钥和新的随机数来生成新的组通信根密钥或业务根密钥,将新的组 通信根密钥或业务根密钥参数发送给 MME, MME再将新的组通信根密钥或 业务根密钥发送给基站并与组 ID或业务 ID相绑定,基站根据新的组通信根密 钥或业务根密钥得到新的组密钥, 而 MTC设备也将得到新的随机数来生成与 网络侧的组密钥相同的新的组密钥。 根据本发明实施例提供的生成组密钥的方法,由于在 MTC设备和 HSS中 保存有与组 ID或业务 ID对应的安全密钥, 所以网络侧通过利用安全密钥和 HSS产生的随机数可以生成 MTC设备所在组的组密钥, 并通过将生成组密钥 所需的生成参数发送给该组内的 MTC设备, 来使 MTC设备利用生成参数和 安全密钥生成组密钥。 从而, 同一组内的 MTC设备可以利用相同的组密钥来 正常进行组通信, 而在基站中也只需要为同一个组保持相同组密钥, 这样, 可 以降低基站操作的复杂性, 减少基站维护和管理的密钥数, 提高基站性能。
接下来, 参考图 14描述根据本发明实施例的生成组密钥的方法 1400。 如图 14所示, 方法 1400包括:
在 S1410中, 从移动性管理实体 MME接收机器类通信 MTC设备所在组 的组 ID或所述 MTC设备支持业务的业务 ID;
在 S1420中, 根据随机数和与所述组 ID对应的安全密钥生成组通信根密 钥、 或者根据随机数和与所述业务 ID对应的安全密钥生成业务根密钥;
在 S1430中, 向所述 MME发送所述组通信根密钥或所述业务根密钥, 以 使所述 MME向基站发送所述组 ID和所述组通信根密钥、或者所述业务 ID和 所述业务根密钥, 所述基站在收到所述组 ID和所述组通信根密钥的情况下根 据所述组通信根密钥生成所述组 ID对应的组密钥, 或者在收到所述业务 ID 和业务根密钥的情况下根据所述业务 ID确定所述 MTC设备所在组的组 ID、 根据所述组 ID和所述业务根密钥生成所述组 ID对应的组通信根密钥、并根据 所述组通信^ =艮密钥生成所述组 ID对应的组密钥, 并由所述基站向所述 MTC 设备发送用于生成所述组密钥的生成参数, 使得所述 MTC设备根据所述生成 参数和所述 MTC设备中保存的所述安全密钥生成所述组密钥。
例如, 方法 1400可以由 MTC设备所属的 HSS执行。 由于 HSS的操作与 基站、 MME、 MTC设备的操作相对应, 因此方法 1400中的各步骤的描述可 以参考方法 100和方法 1300的描述, 具体例子可以参考上述第一例子至第三 例子, 为了避免重复, 在此不再赘述。
根据本发明的实施例, HSS在收到 MME发送的组 ID或业务 ID之后,除 了根据组 ID或业务 ID对应的安全密钥生成的组通信根密钥或业务根密钥之 夕卜, 还可以根据组 ID或业务 ID对应的安全密钥, 或者, 根据与组 ID或业务 ID对应的安全密钥和 MTC设备的专属密钥, 生成用于供 MTC设备进行组认 证的组认证参数。 例如, 在第一例子中, HSS根据组 ID对应的 K— Group生成 用于组认证的 AV— Group; 在第二例子中, HSS根据组 ID对应的 K— Group和 MTC设备的 K生成用于组认证的 AV— Group。
HSS生成组认证参数之后, 将组认证参数发送给 MME , 以使 MME根据 该组认证参数与 MTC设备进行认证。 通过组认证向量进行的认证既可以是认 证 MTC设备是否属于组 ID对应组的组认证, 又可以是既包含组认证又包含 设备认证的认证。
根据本发明实施例提供的生成组密钥的方法,由于在 MTC设备和 HSS中 保存有与组 ID或业务 ID对应的安全密钥, 所以网络侧通过利用安全密钥和 HSS产生的随机数可以生成 MTC设备所在组的组密钥, 并通过将生成组密钥 所需的生成参数发送给该组内的 MTC设备, 来使 MTC设备利用生成参数和 安全密钥生成组密钥。 从而, 同一组内的 MTC设备可以利用相同的组密钥来 正常进行组通信, 而在基站中也只需要为同一个组保持相同组密钥, 这样, 可 以降低基站操作的复杂性, 减少基站维护和管理的密钥数, 提高基站性能。
接下来, 参考图 15描述根据本发明实施例的生成组密钥的方法 1500。 如图 15所示, 方法 1500包括:
在 S1510中, 向移动性管理实体 MME发送机器类通信 MTC设备所在组 的组 ID或所述 MTC设备支持业务的业务 ID, 以使所述 MME向所述 MTC 设备所属的用户归属系统 HSS发送所述组 ID或业务 ID, 所述 HSS根据随机 数和与所述组 ID对应的安全密钥生成组通信根密钥、 或者根据随机数和与所 述业务 ID对应的安全密钥生成业务根密钥, 并向所述 MME发送所述组通信 根密钥或所述业务根密钥, 从而所述 MME向基站发送所述组 ID和所述组通 信根密钥、 或者所述业务 ID和所述业务根密钥, 以便所述基站在收到所述组 ID和所述组通信根密钥的情况下根据所述组通信根密钥生成所述组 ID对应的 组密钥,或者在收到所述业务 ID和业务根密钥的情况下根据所述业务 ID确定 所述 MTC设备所在组的组 ID、 根据所述组 ID和所述业务根密钥生成所述组 ID对应的组通信根密钥、并根据所述组通信根密钥生成所述组 ID对应的组密 钥;
在 S1520中, 从基站接收用于生成组密钥的生成参数;
在 S1530中, 根据生成参数和所述 MTC设备中保存的所述安全密钥生成 组密钥。
例如, 方法 1500可以由 MTC设备执行。 由于 MTC设备的操作与基站、 MME、 HSS 的操作相对应, 因此方法 1500 中的各步骤的描述可以参考方法 100、 方法 1300和方法 1400的描述, 具体例子可以参考上述第一例子至第三 例子, 为了避免重复, 在此不再赘述。
根据本发明的一个实施例, 在基站收到组 ID和组通信根密钥的情况下, MTC设备从基站接收的生成参数可以是在 MTC设备的认证过程中,从基站接 收的用于生成组通信根密钥的认证参数。
根据本发明的一个实施例, 在基站收到组 ID和组通信根密钥的情况下, MTC设备从基站接收的生成参数可以是 HSS生成组通信根密钥所利用的随机 数, 该随机数由 HSS发送给 MME, 再由 MME发送给基站。
根据本发明的一个实施例, 在基站收到业务 ID和业务根密钥的情况下, MTC设备从基站接收的生成参数可以是基站根据业务 ID确定的组 ID和 HSS 生成业务根密钥利用的随机数。
根据本发明的实施例, 生成组密钥所用的组算法可以预先设置在基站和
MTC设备中, 也可以由基站将组算法发送给 MTC设备。 因此, MTC设备从 基站接收的生成参数还可以包括用于生成组密钥的组算法标识。通过组算法标 识, MTC设备可以确定相应组算法来生成组密钥。
此外, 同一组 ID的所有 MTC设备可以共用相同的 HFN。 为了共用相同 的 HFN, 根据本发明的实施例, 组 ID对应的 HFN可以被预先设置为固定值; 或者, MTC设备可以通过 MTC设备的信令承载、 组 ID对应组的公共信令承 载或者广播信道, 从基站接收所述 HFN的取值; 或者, 当组 ID对应的 HFN 达到阔值时, MTC设备可以通过 MTC设备的信令承载、 组 ID对应组的公共 信令承载或者广播信道, 从基站接收用于指示 HFN加 1的指示信息。
在进行组通信的过程中 ,可以动态更新组密钥来进一步提高组通信的安全 性。 根据本发明的一个实施例, MTC设备从基站接收用于更新组密钥的更新 信息,根据更新信息更新组密钥,其中当组 ID对应的 HFN达到阔值时基站更 新组密钥。更新信息可以是 HFN的取值,还可以是 HFN需要加 1的指示信息, 也可以是通知 MTC设备对组密钥进行推衍的信息。 此外, 当网络侧维护的预 定定时器达到第一预定阔值时,或者当基站更新组密钥的次数达到第二预定阔 值时, 或者当 MME维护的非接入层的计数值达到第三预定阔值时, MTC设 备可以与 MME 进行重认证或者从基站接收新的生成参数以根据新的生成参 数和安全密钥生成新的组密钥。
根据本发明的一个实施例, 当 MTC设备进入空闲状态或者去附着状态后 重新加入组 ID对应的组通信时 ,从基站接收更新组密钥所需的密钥更新次数, 其中 , 密钥更新次数由基站在组 ID对应的 HFN每次达到阔值时增加 1; 根据 密钥更新次数更新组密钥。
根据本发明实施例提供的生成组密钥的方法,由于在 MTC设备和 HSS中 保存有与组 ID或业务 ID对应的安全密钥, 所以网络侧通过利用安全密钥和 HSS产生的随机数可以生成 MTC设备所在组的组密钥, 并通过将生成组密钥 所需的生成参数发送给该组内的 MTC设备, 来使 MTC设备利用生成参数和 安全密钥生成组密钥。 从而, 同一组内的 MTC设备可以利用相同的组密钥来 正常进行组通信, 而在基站中也只需要为同一个组保持相同组密钥, 这样, 可 以降低基站操作的复杂性, 减少基站维护和管理的密钥数, 提高基站性能。
上面分别从基站、 MME、 HSS和 MTC设备的角度描述了生成组密钥的 方法, 下面结合图 16至 23描述相关设备。
图 16是根据本发明实施例的基站 1600的结构框图。
基站 1600包括接收模块 1610、 生成模块 1620和第一发送模块 1630。 接 收模块 1610可以通过输入接口实现, 生成模块 1620可以通过处理器实现, 第 一发送模块 1630可以通过输出接口实现。 接收模块 1610用于从移动性管理实体 MME接收机器类通信 MTC设备所 在组的组 ID, 和与安全密钥相关的组通信根密钥, 所述安全密钥与所述组 ID 相对应; 或者, 从 MME接收 MTC设备支持业务的业务 ID, 和与安全密钥相 关的业务根密钥,所述安全密钥与所述业务 ID对应,并根据所述业务 ID确定 所述 MTC设备所在组的组 ID, 根据所述组 ID和所述业务根密钥生成所述组 通信根密钥。生成模块 1620用于根据所述组通信根密钥生成所述组 ID对应的 组密钥。 第一发送模块 1630用于向所述 MTC设备发送用于生成所述组密钥 的生成参数, 以使所述 MTC设备根据所述生成参数和所述 MTC设备中保存 的所述安全密钥生成所述组密钥。
接收模块 1610、 生成模块 1620和第一发送模块 1630的上述和其他操作 和 /或功能可以参考上述方法 100 以及第一例子至第三例子中的描述, 为了避 免重复, 在此不再赘述。
根据本发明实施例提供的基站,由于在 MTC设备和 HSS中保存有与组 ID 或业务 ID对应的安全密钥,所以网络侧通过利用安全密钥和 HSS产生的随机 数可以生成 MTC设备所在组的组密钥, 并由基站通过将生成组密钥所需的生 成参数发送给该组内的 MTC设备, 来使 MTC设备利用生成参数和安全密钥 生成组密钥。 从而, 同一组内的 MTC设备可以利用相同的组密钥来正常进行 组通信, 而在基站中也只需要为同一个组保持相同组密钥, 这样, 可以降低基 站操作的复杂性, 减少基站维护和管理的密钥数, 提高基站性能。
图 17是根据本发明实施例的基站 1700的结构框图。
基站 1700的接收模块 1710、 生成模块 1720和第一发送模块 1730与基站 1600的接收模块 1610、 生成模块 1620和第一发送模块 1630基本相同。
根据本发明的一个实施例, 接收模块 1710还用于从所述 MME接收用于 生成组通信根密钥的随机数。 在该情况下, 所述向 MTC设备发送的生成参数 包括所述随机数。
根据本发明的一个实施例,组通信根密钥根据随机数生成; 第一发送模块 1730用于在所述 MTC设备的认证过程中, 向所述 MTC设备发送用于生成所 述组通信根密钥的认证参数, 所述认证参考包括所述随机数。 根据本发明的一个实施例, 当根据所述组 ID和所述业务根密钥生成所述 组通信根密钥时, 进一步包括根据随机数生成组通信根密钥; 则第一发送模块 1730用于向所述 MTC设备发送所述组 ID和所述随机数。
根据本发明的实施例, 第一发送模块 1730还可具体用于向 MTC设备发 送用于生成组密钥的组算法标识。
根据本发明的实施例,基站 1700还可以包括绑定模块 1740和第二发送模 块 1750。 绑定模块 1740用于将组通信根密钥、 组密钥、 生成参数与组 ID相 绑定。 第二发送模块 1750用于当确定其他 MTC设备属于组 ID对应的组时, 向其他 MTC设备发送与组 ID绑定的生成参数,以使其他 MTC设备根据生成 参数和安全密钥生成组密钥。
根据本发明的实施例,基站 1700还可以包括更新模块 1760和第三发送模 块 1770。 更新模块 1760用于当组 ID对应的 HFN达到阔值时 , 更新组密钥 , 其中组 ID的所有 MTC设备共用相同的 HFN。第三发送模块 1770用于向 MTC 设备发送用于更新组密钥的更新信息, 以使 MTC设备根据更新信息更新组密 钥。
组 ID的所有 MTC设备可以共用相同的 HFN。在该情况下,组 ID对应的 HFN可以被预先设置为固定值;或者基站 1700还可以包括第四发送模块 1772。 第四发送模块 1772可用于通过组 ID对应组内所有 MTC设备各自的信令承载、 组 ID对应组的公共信令承载或者广播信道, 向组 ID对应组内所有 MTC设备 发送 HFN的取值。或者第四发送模块 1772可用于当组 ID对应的 HFN达到阔 值时, 通过组 ID对应组内所有 MTC设备各自的信令承载、 组 ID对应组的公 共信令承载或者广播信道,向组 ID对应组内所有 MTC设备发送用于指示 HFN 加 1的指示信息。
根据本发明的实施例, 基站 1700还可以包括第五发送模块 1774, 用于当 MTC设备进入空闲状态或者去附着状态后重新加入组 ID对应的组通信时,向 MTC设备发送更新组密钥所需的密钥更新次数,以使 MTC设备根据密钥更新 次数更新组密钥。其中, 密钥更新次数在组 ID对应的 HFN每次达到阔值时增 加 1。 此外, 基站 1700还可以包括第六发送模块 1776, 用于当属于组 ID的其 它 MTC设备第一次加入组 ID对应的组通信时,向其它 MTC设备发送用于生 成组密钥的生成参数和更新组密钥所需的密钥更新次数, 以使其它 MTC设备 根据生成参数、 密钥更新次数和安全密钥生成组密钥。 其中, 密钥更新次数在 组 ID对应的 HFN每次达到阔值时增加 1。
接收模块 1710、第一发送模块 1730、绑定模块 1740、第二发送模块 1750、 更新模块 1760、 第三发送模块 1770、 第四发送模块 1772、 第五发送模块 1774 和第六发送模块 1776的上述和其他操作和 /或功能可以参考上述方法 100以及 第一例子至第三例子中的描述, 为了避免重复, 在此不再赘述。 其中, 绑定模 块 1740和更新模块 1760可以通过处理器实现, 第二发送模块 1750、 第三发 送模块 1770、 第四发送模块 1772、 第五发送模块 1774和第六发送模块 1776 可以通过输出接口实现。
根据本发明实施例提供的基站, 同一组内的 MTC设备可以利用相同的组 密钥来正常进行组通信, 而在基站中也只需要为同一个组保持相同组密钥, 这 样, 可以降低基站操作的复杂性, 减少基站维护和管理的密钥数, 提高基站性 能。
图 18是根据本发明实施例的移动性管理实体 1800的结构框图。
移动性管理实体 1800包括第一接收模块 1810、第一发送模块 1820、第二 接收模块 1830和第二发送模块 1840。第一接收模块 1810和第二接收模块 1830 可以通过输入接口实现,第一发送模块 1820和第二发送模块 1840可以通过输 出接口实现。
第一接收模块 1810用于接收机器类通信 MTC设备发送的所述 MTC设备 所在组的组 ID或所述 MTC设备支持业务的业务 ID。第一发送模块 1820用于 向所述 MTC设备所属的归属用户系统 HSS发送所述组 ID或业务 ID, 以使所 述 HSS根据生成的随机数和与所述组 ID对应的安全密钥生成组通信根密钥, 或者以使所述 HSS根据生成的随机数和与所述业务 ID对应的安全密钥生成业 务根密钥。第二接收模块 1830用于从所述 HSS接收所述组通信根密钥或所述 业务根密钥。第二发送模块 1840用于向基站发送所述组 ID和所述组通信根密 钥、或者所述业务 ID和所述业务根密钥, 以使所述基站在收到所述组 ID和所 述组通信根密钥的情况下根据所述组通信根密钥生成所述组 ID 对应的组密 钥 ,或者在收到所述业务 ID和业务根密钥的情况下根据所述业务 ID确定所述 MTC设备所在组的组 ID、 居所述组 ID和所述业务^ =艮密钥生成所述组 ID对 应的组通信根密钥、 并根据所述组通信根密钥生成所述组 ID对应的组密钥, 并由所述基站向所述 MTC设备发送用于生成所述组密钥的生成参数, 使得所 述 MTC设备根据所述生成参数和所述 MTC设备中保存的所述安全密钥生成 所述组密钥。
第一接收模块 1810、 第一发送模块 1820、第二接收模块 1830和第二发送 模块 1840的上述和其他操作和 /或功能可以参考上述方法 1300以及第一例子 至第三例子中的描述, 为了避免重复, 在此不再赘述。
根据本发明实施例提供的移动性管理实体,由于在 MTC设备和 HSS中保 存有与组 ID或业务 ID对应的安全密钥 ,所以网络侧通过利用安全密钥和 HSS 产生的随机数可以生成 MTC设备所在组的组密钥, 并由基站通过将生成组密 钥所需的生成参数发送给该组内的 MTC设备, 来使 MTC设备利用生成参数 和安全密钥生成组密钥。 从而, 同一组内的 MTC设备可以利用相同的组密钥 来正常进行组通信, 而在基站中也只需要为同一个组保持相同组密钥, 这样, 可以降低基站操作的复杂性, 减少基站维护和管理的密钥数, 提高基站性能。
图 19是根据本发明实施例的移动性管理实体 1900的结构框图。
移动性管理实体 1900的第一接收模块 1910、第一发送模块 1920、第二接 收模块 1930和第二发送模块 1940与移动性管理实体 1800 的第一接收模块 1810、 第一发送模块 1820、 第二接收模块 1830和第二发送模块 1840基本相 同。
根据本发明的一个实施例,第一发送模块 1920用于当所述组 ID没有绑定 与所述组 ID对应的组通信根密钥、 或者所述业务 ID没有绑定与所述业务 ID 对应的业务根密钥时,向所述 MTC设备所属的归属用户系统 HSS发送所述组 ID或业务 ID。
根据本发明的实施例, 移动性管理实体 1900 还可以包括第一绑定模块 1950和第三发送模块 1960。第一绑定模块 1950用于将所述组通信根密钥与所 述组 ID相绑定并存储、或者将所述业务根密钥与业务 ID相绑定并存储。第三 发送模块 1960用于当收到其它 MTC设备发送的携带有所述组 ID或业务 ID 的附着请求时, 如果所述 MTC设备与网络侧认证成功, 则向所述基站发送所 述组 ID和所述组通信根密钥、 或者所述业务 ID与所述业务根密钥。
根据本发明的实施例, 第二接收模块 1930用于从 HSS接收组通信根密钥 或所业务根密钥和随机数; 第二发送模块 1940还用于向基站发送随机数, 以 使基站将随机数发送给 MTC设备。 在该情况下, 移动性管理实体 1900还可 以包括第二绑定模块 1970,用于将组通信根密钥、随机数与组 ID绑定并存储、 或者将业务根密钥、 随机数与业务 ID绑定并存储。 此时, 移动管理实体 1900 还可以包括第四发送模块 1980,用于当收到其它 MTC设备发送的携带有所述 组 ID或业务 ID的附着请求时, 如果所述 MTC设备与网络侧认证成功, 则向 所述基站发送所述组 ID以及与所述组 ID绑定的所述组通信根密钥和所述随机 数,或者向所述基站发送所述业务 ID以及与所述业务 ID绑定的所述业务根密 钥和所述随机数。
根据本发明的一个实施例, 移动性管理实体 1900还可以包括第三接收模 块 1990和认证模块 1992。 第三接收模块 1990用于从 HSS接收组认证参数, 其中组认证参数由 HSS根据安全密钥生成,或者由 HSS根据安全密钥和 MTC 设备的专属密钥生成。 认证模块 1992用于根据组认证参数, 与 MTC设备进 行认证。
根据本发明的实施例, 移动性管理实体 1900还可以包括处理模块 1994, 用于当网络侧维护的预定定时器达到第一预定阔值时,或者当基站更新组密钥 的次数达到第二预定阔值时,或者当维护的非接入层的计数值达到第三预定阔 值时,与 MTC设备进行重认证或者从 HSS接收新的组通信根密钥或业务根密 钥,新的组通信根密钥或业务根密钥由 HSS根据安全密钥和新的随机数生成。
第一发送模块 1920、 第二接收模块 1830、 第二发送模块 1840、 第一绑定 模块 1950、 第三发送模块 1960、 第二绑定模块 1970、 第四发送模块 1980、 第 三接收模块 1990、 认证模块 1992和处理模块 1994的上述和其他操作和 /或功 能可以参考上述方法 1300以及第一例子至第三例子中的描述,为了避免重复, 在此不再赘述。其中, 第三发送模块 1960和第四发送模块 1980可以通过输出 接口实现, 第三接收模块 1990可以通过输入接口实现, 第一绑定模块 1950、 第二绑定模块 1970、 认证模块 1992和处理模块 1994可以通过处理器实现。
根据本发明实施例提供的移动性管理实体, 同一组内的 MTC设备可以利 用相同的组密钥来正常进行组通信,而在基站中也只需要为同一个组保持相同 组密钥, 这样, 可以降低基站操作的复杂性, 减少基站维护和管理的密钥数, 提高基站性能。
图 20是根据本发明实施例的归属用户系统 2000的结构框图。
归属用户系统 2000包括接收模块 2010、 第一生成模块 2020和第一发送 模块 2030。 接收模块 2010可以通过输入接口实现, 第一生成模块 2020可以 通过处理器实现, 第一发送模块 2030可以通过输出接口实现。
接收模块 2010用于从移动性管理实体 MME接收机器类通信 MTC设备所 在组的组 ID或所述 MTC设备支持业务的业务 ID。第一生成模块 2020用于根 据随机数和与所述组 ID对应的安全密钥生成组通信根密钥、 或者根据随机数 和与所述业务 ID对应的安全密钥生成业务根密钥。第一发送模块 2030用于向 所述 MME发送所述组通信根密钥或所述业务根密钥, 以使所述 MME向基站 发送所述组 ID和所述组通信根密钥、或者所述业务 ID和所述业务根密钥,所 述基站在收到所述组 ID和所述组通信根密钥的情况下根据所述组通信根密钥 生成所述组 ID对应的组密钥,或者在收到所述业务 ID和业务根密钥的情况下 根据所述业务 ID确定所述 MTC设备所在组的组 ID、根据所述组 ID和所述业 务根密钥生成所述组 ID对应的组通信根密钥、 并根据所述组通信根密钥生成 所述组 ID对应的组密钥, 并由所述基站向所述 MTC设备发送用于生成所述 组密钥的生成参数, 使得所述 MTC设备根据所述生成参数和所述 MTC设备 中保存的所述安全密钥生成所述组密钥。
接收模块 2010、 第一生成模块 2020和第一发送模块 2030的上述和其他 操作和 /或功能可以参考上述方法 1400以及第一例子至第三例子中的描述, 为 了避免重复, 在此不再赘述。 根据本发明实施例提供的归属用户系统,由于在 MTC设备和 HSS中保存 有与组 ID或业务 ID对应的安全密钥, 所以网络侧通过利用安全密钥和 HSS 产生的随机数可以生成 MTC设备所在组的组密钥, 并由基站通过将生成组密 钥所需的生成参数发送给该组内的 MTC设备, 来使 MTC设备利用生成参数 和安全密钥生成组密钥。 从而, 同一组内的 MTC设备可以利用相同的组密钥 来正常进行组通信, 而在基站中也只需要为同一个组保持相同组密钥, 这样, 可以降低基站操作的复杂性, 减少基站维护和管理的密钥数, 提高基站性能。
图 21是根据本发明实施例的归属用户系统 2100的结构框图。
归属用户系统 2100的接收模块 2110、 第一生成模块 2120和第一发送模 块 2130与归属用户系统 2100的接收模块 2010、 第一生成模块 2020和第一发 送模块 2030基本相同。
根据本发明的一个实施例, 归属用户系统 2100还可以包括第二生成模块 2140和第二发送模块 2150。 第二生成模块 2140用于根据与所述组 ID或业务 ID对应的安全密钥, 或者, 根据与所述组 ID或业务 ID对应的安全密钥和所 述 MTC设备的专属密钥, 生成用于供所述 MTC设备进行组认证的组认证参 数。第二发送模块 2150用于向所述 MME发送所述组认证参数,以使所述 MME 与所述 MTC设备进行认证。
第二生成模块 2140和第二发送模块 2150的上述和其他操作和 /或功能可 以参考上述方法 1400以及第一例子至第三例子中的描述, 为了避免重复, 在 此不再赘述。 其中, 第二生成模块 2140可以通过处理器实现, 第二发送模块 2150可以通过输出接口实现。
根据本发明实施例提供的归属用户系统, 同一组内的 MTC设备可以利用 相同的组密钥来正常进行组通信,而在基站中也只需要为同一个组保持相同组 密钥, 这样, 可以降低基站操作的复杂性, 减少基站维护和管理的密钥数, 提 高基站性能。
图 22是根据本发明实施例的机器类通信设备 2200的结构框图。
机器类通信设备 2200包括发送模块 2210、 第一接收模块 2220和生成模 块 2230。 发送模块 2210可以通过输出接口实现, 第一接收模块 2220可以通 过输入接口实现, 生成模块 2230可以通过处理器实现。
发送模块 2210用于向移动性管理实体 MME发送机器类通信 MTC设备所 在组的组 ID或所述 MTC设备支持业务的业务 ID ,以使所述 MME向所述 MTC 设备所属的用户归属系统 HSS发送所述组 ID或业务 ID, 所述 HSS根据随机 数和与所述组 ID对应的安全密钥生成组通信根密钥、 或者根据随机数和与所 述业务 ID对应的安全密钥生成业务根密钥, 并向所述 MME发送所述组通信 根密钥或所述业务根密钥, 从而所述 MME向基站发送所述组 ID和所述组通 信根密钥、 或者所述业务 ID和所述业务根密钥, 以便所述基站在收到所述组 ID和所述组通信根密钥的情况下根据所述组通信根密钥生成所述组 ID对应的 组密钥,或者在收到所述业务 ID和业务根密钥的情况下根据所述业务 ID确定 所述 MTC设备所在组的组 ID、 根据所述组 ID和所述业务根密钥生成所述组 ID对应的组通信根密钥、并根据所述组通信根密钥生成所述组 ID对应的组密 钥。第一接收模块 2220用于从所述基站接收用于生成所述组密钥的生成参数。 生成模块 2230用于根据所述生成参数和所述 MTC设备中保存的所述安全密 钥生成所述组密钥。
发送模块 2210、 第一接收模块 2220和生成模块 2230的上述和其他操作 和 /或功能可以参考上述方法 1500以及第一例子至第三例子中的描述, 为了避 免重复, 在此不再赘述。
根据本发明实施例提供的机器类通信设备,由于在 MTC设备和 HSS中保 存有与组 ID或业务 ID对应的安全密钥 ,所以网络侧通过利用安全密钥和 HSS 产生的随机数可以生成 MTC设备所在组的组密钥, 并由基站通过将生成组密 钥所需的生成参数发送给该组内的 MTC设备, 来使 MTC设备利用生成参数 和安全密钥生成组密钥。 从而, 同一组内的 MTC设备可以利用相同的组密钥 来正常进行组通信, 而在基站中也只需要为同一个组保持相同组密钥, 这样, 可以降低基站操作的复杂性, 减少基站维护和管理的密钥数, 提高基站性能。
图 23是根据本发明实施例的机器类通信设备 2300的结构框图。
机器类通信设备 2300的发送模块 2310、 第一接收模块 2320和生成模块 2330与机器类通信设备 2200的发送模块 2210、 第一接收模块 2220和生成模 块 2230基本相同。
根据本发明的实施例, 在基站收到组 ID和组通信根密钥的情况下, 第一 接收模块 2320用于在 MTC设备的认证过程中, 从基站接收用于生成组通信 根密钥的认证参数, 或者, 第一接收模块 2320用于从基站接收随机数, 其中 随机数由 HSS经由 MME发送给基站。
根据本发明的一个实施例, 在基站收到业务 ID和业务根密钥的情况下, 第一接收模块 2320用于从基站接收组 ID和随机数, 其中随机数由 HSS经由 MME发送给基站 , 组 ID由基站根据业务 ID确定。
根据本发明的实施例, 第一接收模块 2320还可用于从基站接收用于生成 组密钥的组算法标识。
根据本发明的实施例, 机器类通信设备 2300 还可以包括第二接收模块 2340和第一更新模块 2350。第二接收模块 2340用于从基站接收用于更新组密 钥的更新信息 ,其中基站在组 ID对应的 HFN达到阔值时更新组密钥 , 同一组 ID的所有 MTC设备共用相同的 HFN。 第一更新模块 2350用于根据更新信息 更新组密钥。
同一组的所有 MTC设备可以共用相同的 HFN。 在该情况下, 组 ID对应 的 HFN可以被预先设置为固定值; 或者,机器类通信设备 2300还可以包括第 三接收模块 2360, 用于通过 MTC设备的信令承载、 组 ID对应组的公共信令 承载或者广播信道, 从基站接收 HFN 的取值; 或者, 机器类通信设备 2300 还可以包括第四接收模块 2370, 用于当组 ID对应的 HFN达到阔值时, 通过 MTC设备的信令承载、组 ID对应组的公共信令承载或者广播信道,从基站接 收用于指示 HFN加 1的指示信息。
根据本发明的一个实施例, 机器类通信设备 2300还可以包括第五接收模 块 2380和第二更新模块 2390。第五接收模块 2380用于当 MTC设备进入空闲 状态或者去附着状态后重新加入组 ID对应的组通信时, 从基站接收更新组密 钥所需的密钥更新次数 ,其中, 密钥更新次数由基站在组 ID对应的 HFN每次 达到阔值时增加 1。 第二更新模块 2390用于根据密钥更新次数更新组密钥。 根据本发明的实施例, 机器类通信设备 2300还可以包括处理模块 2392 , 用于当网络侧维护的预定定时器达到第一预定阔值时,或者当基站更新组密钥 的次数达到第二预定阔值时,或者当 MME维护的非接入层的计数值达到第三 预定阔值时,与 MME进行重认证或者从基站接收新的生成参数以根据新的生 成参数和安全密钥生成新的组密钥。
第一接收模块 2320、 第二接收模块 2340、 第一更新模块 2350、 第三接收 模块 2360、 第四接收模块 2370、 第五接收模块 2380、 第二更新模块 2390和 处理模块 2392的上述和其他操作和 /或功能可以参考上述方法 1500以及第一 例子至第三例子中的描述, 为了避免重复, 在此不再赘述。 其中, 第二接收模 块 2340、 第三接收模块 2360、 第四接收模块 2370和第五接收模块 2380可以 通过输入接口实现, 第一更新模块 2350、第二更新模块 2390和处理模块 2392 可以通过处理器执行。
根据本发明实施例提供的机器类通信设备, 同一组内的 MTC设备可以利 用相同的组密钥来正常进行组通信,而在基站中也只需要为同一个组保持相同 组密钥, 这样, 可以降低基站操作的复杂性, 减少基站维护和管理的密钥数, 提高基站性能。
本领域技术人员可以意识到,结合本文中所公开的实施例中描述的各方法步骤 和单元, 能够以电子硬件、 计算机软件或者二者的结合来实现, 为了清楚地说 明硬件和软件的可互换性,在上述说明中已经按照功能一般性地描述了各实施 例的步骤及组成。 这些功能究竟以硬件还是软件方式来执行,取决于技术方案 的特定应用和设计约束条件。本领域技术人员可以对每个特定的应用使用不同 方法来实现所描述的功能, 但是这种实现不应认为超出本发明的范围。 结合本文中所公开的实施例描述的方法步骤可以用硬件、处理器执行的软件程 序、 或者二者的结合来实施。 软件程序可以置于随机存取存储器(RAM )、 内 存、 只读存储器 (ROM )、 电可编程 ROM、 电可擦除可编程 ROM、 寄存器、 硬盘、 可移动磁盘、 CD-ROM或技术领域内所公知的任意其它形式的存储介 质中。 尽管已示出和描述了本发明的一些实施例, 但本领域技术人员应该理解, 在不脱离本发明的原理和精神的情况下, 可对这些实施例进行各种修改, 这样 的修改应落入本发明的范围内。

Claims

权 利 要 求
1. 一种生成组密钥的方法, 其特征在于, 包括:
从移动性管理实体 MME接收机器类通信 MTC设备所在组的组 ID,和与 安全密钥相关的组通信^ =艮密钥, 所述安全密钥与所述组 ID相对应; 或者, 从 MME接收 MTC设备支持业务的业务 ID, 和与安全密钥相关的业务根密钥, 所述安全密钥与所述业务 ID对应, 并 居所述业务 ID确定所述 MTC设备所 在组的组 ID, 根据所述组 ID和所述业务根密钥生成所述组通信根密钥; 根据所述组通信根密钥生成所述组 ID对应的组密钥;
向所述 MTC设备发送用于生成所述组密钥的生成参数, 以使所述 MTC 设备根据所述生成参数和所述 MTC设备中保存的所述安全密钥生成所述组密 钥。
2. 根据权利要求 1所述的方法, 其特征在于, 所述方法进一步包括: 从 MME接收用于生成组通信根密钥的随机数;
所述向 MTC设备发送的生成参数包括所述随机数。
3. 根据权利要求 1所述的方法, 其特征在于, 所述组通信根密钥根据随 机数生成;
所述向所述 MTC设备发送用于生成所述组密钥的生成参数包括: 在所述 MTC设备的认证过程中, 向所述 MTC设备发送用于生成所述组 通信根密钥的认证参数, 所述认证参考包括所述随机数。
4. 根据权利要求 1所述的方法, 其特征在于, 所述根据所述组 ID和所述 业务根密钥生成所述组通信根密钥时,进一步包括根据随机数生成组通信根密 钥;
则所述向所述 MTC设备发送用于生成所述组密钥的生成参数包括: 向所述 MTC设备发送所述组 ID和所述随机数。
5. 根据权利要求 1至 4中任一所述的方法, 其特征在于, 还包括: 将所述组通信根密钥、 所述组密钥、 所述生成参数与所述组 ID相绑定; 当确定其他 MTC设备属于所述组 ID对应的组时,向所述其他 MTC设备 发送与所述组 ID绑定的所述生成参数, 以使所述其他 MTC设备根据所述生 成参数和所述安全密钥生成所述组密钥。
6. 根据权利要求 1至 5中任一所述的方法, 其特征在于, 同一组 ID的所 有 MTC设备共用相同的超帧号 HFN。
7. 根据权利要求 6所述的方法, 其特征在于, 还包括:
当所述组 ID对应的 HFN达到阔值时 , 更新所述组密钥;
向所述 MTC设备发送用于更新所述组密钥的更新信息, 以使所述 MTC 设备根据所述更新信息更新所述组密钥。
8. 根据权利要求 6或 7所述的方法, 其特征在于,
所述组 ID对应的 HFN被预先设置为固定值; 或者
通过所述组 ID对应组内所有 MTC设备各自的信令承载、 所述组 ID对应 组的公共信令承载或者广播信道, 向所述组 ID对应组内所有 MTC设备发送 所述 HFN的取值; 或者
当所述组 ID对应的 HFN达到阔值时 ,通过所述组 ID对应组内所有 MTC 设备各自的信令承载、 所述组 ID对应组的公共信令承载或者广播信道, 向所 述组 ID对应组内所有 MTC设备发送用于指示所述 HFN加 1的指示信息。
9. 根据权利要求 6所述的方法, 其特征在于, 还包括:
当所述 MTC设备进入空闲状态或者去附着状态后重新加入所述组 ID对 应的组通信时, 向所述 MTC设备发送更新所述组密钥所需的密钥更新次数, 以使所述 MTC设备根据密钥更新次数更新所述组密钥; 或者
当其它 MTC设备第一次加入所述组 ID对应的组通信时,向所述其它 MTC 设备发送用于生成所述组密钥的生成参数和更新所述组密钥所需的密钥更新 次数, 以使所述其它 MTC设备根据所述生成参数、 所述密钥更新次数和所述 安全密钥生成组密钥,
其中,所述密钥更新次数在所述组 ID对应的 HFN每次达到阔值时增加 1。
10. 一种生成组密钥的方法, 其特征在于, 包括:
接收机器类通信 MTC设备发送的所述 MTC设备所在组的组 ID或所述 MTC设备支持业务的业务 ID;
向所述 MTC设备所属的归属用户系统 HSS发送所述组 ID或业务 ID, 以 使所述 HSS根据生成的随机数和与所述组 ID对应的安全密钥生成组通信根密 钥,或者以使所述 HSS根据生成的随机数和与所述业务 ID对应的安全密钥生 成业务根密钥;
从所述 HSS接收所述组通信根密钥或所述业务根密钥;
向基站发送所述组 ID和所述组通信根密钥、或者所述业务 ID和所述业务 根密钥, 以使所述基站在收到所述组 ID和所述组通信根密钥的情况下根据所 述组通信根密钥生成所述组 ID对应的组密钥,或者在收到所述业务 ID和业务 根密钥的情况下根据所述业务 ID确定所述 MTC设备所在组的组 ID、 根据所 述组 ID和所述业务根密钥生成所述组 ID对应的组通信根密钥、并根据所述组 通信根密钥生成所述组 ID对应的组密钥, 并由所述基站向所述 MTC设备发 送用于生成所述组密钥的生成参数, 使得所述 MTC设备根据所述生成参数和 所述 MTC设备中保存的所述安全密钥生成所述组密钥。
11. 根据权利要求 10所述的方法, 其特征在于, 所述向所述 MTC设备 所属的归属用户系统 HSS发送所述组 ID或业务 ID包括:
当所述组 ID没有绑定与所述组 ID对应的组通信根密钥、 或者所述业务 ID没有绑定与所述业务 ID对应的业务 ^=艮密钥时, 向所述 MTC设备所属的归 属用户系统 HSS发送所述组 ID或业务 ID。
12. 根据权利要求 10或 11所述的方法, 其特征在于, 所述从所述 HSS 接收所述组通信根密钥或所述业务根密钥之后, 还包括:
将所述组通信根密钥与所述组 ID相绑定并存储、 或者将所述业务根密钥 与业务 ID相绑定并存储;
当收到其它 MTC设备发送的携带有所述组 ID或业务 ID的附着请求时, 如果所述 MTC设备与网络侧认证成功, 则向所述基站发送所述组 ID和所述 组通信根密钥、 或者所述业务 ID与所述业务根密钥。
13. 根据权利要求 10至 12中任一项所述的方法, 其特征在于, 所述从所 述 HSS接收所述组通信根密钥或所述业务根密钥包括:
从所述 HSS接收所述组通信根密钥或所述业务根密钥和所述随机数; 其中, 所述向基站发送所述组 ID和所述组通信根密钥、 或者所述业务 ID 和所述业务根密钥还包括: 向基站发送所述随机数, 以使所述基站将所述随机 数发送给所述 MTC设备。
14. 根据权利要求 13所述的方法, 其特征在于, 所述从所述 HSS接收所 述组通信根密钥或所述业务根密钥和所述随机数之后, 还包括:
将所述组通信根密钥、 所述随机数与所述组 ID绑定并存储、 或者将所述 业务根密钥、 所述随机数与所述业务 ID绑定并存储;
当收到其它 MTC设备发送的携带有所述组 ID或业务 ID的附着请求时, 如果所述 MTC设备与网络侧认证成功, 则向所述基站发送所述组 ID以及与 所述组 ID绑定的所述组通信根密钥和所述随机数, 或者向所述基站发送所述 业务 ID以及与所述业务 ID绑定的所述业务根密钥和所述随机数。
15. 根据权利要求 10至 14中任一项所述的方法, 其特征在于, 所述向所 述 MTC设备所属的归属用户系统 HSS发送所述组 ID或业务 ID之后,还包括: 从所述 HSS接收组认证参数, 其中所述组认证参数由所述 HSS根据所述 安全密钥生成,或者由所述 HSS才艮据所述安全密钥和所述 MTC设备的专属密 钥生成;
根据所述组认证参数, 与所述 MTC设备进行认证。
16. 根据权利要求 10至 15中任一项所述的方法, 其特征在于, 还包括: 当网络侧维护的预定定时器达到第一预定阔值时,或者当所述基站更新组 密钥的次数达到第二预定阔值时,或者当维护的非接入层的计数值达到第三预 定阔值时,与所述 MTC设备进行重认证或者从所述 HSS接收新的组通信根密 钥或业务根密钥, 所述新的组通信根密钥或业务根密钥由所述 HSS根据所述 安全密钥和新的随机数生成。
17. 一种生成组密钥的方法, 其特征在于, 包括:
从移动性管理实体 MME接收机器类通信 MTC设备所在组的组 ID或所述 MTC设备支持业务的业务 ID;
根据随机数和与所述组 ID对应的安全密钥生成组通信根密钥、 或者根据 随机数和与所述业务 ID对应的安全密钥生成业务根密钥;
向所述 MME发送所述组通信根密钥或所述业务根密钥, 以使所述 MME 向基站发送所述组 ID和所述组通信根密钥、或者所述业务 ID和所述业务根密 钥, 所述基站在收到所述组 ID和所述组通信根密钥的情况下根据所述组通信 根密钥生成所述组 ID对应的组密钥,或者在收到所述业务 ID和业务根密钥的 情况下根据所述业务 ID确定所述 MTC设备所在组的组 ID、根据所述组 ID和 所述业务根密钥生成所述组 ID对应的组通信根密钥、 并根据所述组通信根密 钥生成所述组 ID对应的组密钥, 并由所述基站向所述 MTC设备发送用于生 成所述组密钥的生成参数,使得所述 MTC设备根据所述生成参数和所述 MTC 设备中保存的所述安全密钥生成所述组密钥。
18. 根据权利要求 17所述的方法, 其特征在于, 所述从移动性管理实体
MME接收机器类通信 MTC设备所在组的组 ID或所述 MTC设备支持业务的 业务 ID之后, 还包括:
根据与所述组 ID或业务 ID对应的安全密钥, 或者, 根据与所述组 ID或 业务 ID对应的安全密钥和所述 MTC设备的专属密钥, 生成用于供所述 MTC 设备进行组认证的组认证参数;
向所述 MME发送所述组认证参数, 以使所述 MME与所述 MTC设备进 行认证。
19. 一种生成组密钥的方法, 其特征在于, 包括:
向移动性管理实体 MME发送机器类通信 MTC设备所在组的组 ID或所述 MTC设备支持业务的业务 ID , 以使所述 MME向所述 MTC设备所属的用户 归属系统 HSS发送所述组 ID或业务 ID,所述 HSS根据随机数和与所述组 ID 对应的安全密钥生成组通信根密钥、 或者根据随机数和与所述业务 ID对应的 安全密钥生成业务根密钥,并向所述 MME发送所述组通信根密钥或所述业务 根密钥, 从而所述 MME向基站发送所述组 ID和所述组通信根密钥、 或者所 述业务 ID和所述业务根密钥 ,以便所述基站在收到所述组 ID和所述组通信根 密钥的情况下根据所述组通信根密钥生成所述组 ID对应的组密钥, 或者在收 到所述业务 ID和业务根密钥的情况下根据所述业务 ID确定所述 MTC设备所 在组的组 ID、 根据所述组 ID和所述业务根密钥生成所述组 ID对应的组通信 根密钥、 并根据所述组通信根密钥生成所述组 ID对应的组密钥;
从所述基站接收用于生成所述组密钥的生成参数;
根据所述生成参数和所述 MTC设备中保存的所述安全密钥生成所述组密 钥。
20. 根据权利要求 19所述的方法, 其特征在于, 在基站收到所述组 ID和 所述组通信根密钥的情况下,所述从所述基站接收用于生成所述组密钥的生成 参数包括:
在所述 MTC设备的认证过程中, 从所述基站接收用于生成所述组通信根 密钥的认证参数; 或者
从所述基站接收所述随机数,其中所述随机数由所述 HSS经由所述 MME 发送给所述基站。
21. 根据权利要求 19所述的方法, 其特征在于, 在基站收到所述业务 ID 和所述业务根密钥的情况下,所述从所述基站接收用于生成所述组密钥的生成 参数包括:
从所述基站接收所述组 ID和所述随机数,其中所述随机数由所述 HSS经 由所述 MME发送给所述基站, 所述组 ID由所述基站根据所述业务 ID确定。
22. 根据权利要求 19所述的方法, 其特征在于, 同一组 ID的所有 MTC 设备共用相同的超帧号 HFN。
23. 根据权利要求 22所述的方法, 其特征在于, 还包括:
从所述基站接收用于更新所述组密钥的更新信息 ,其中所述基站在所述组 ID对应的 HFN达到阔值时更新所述组密钥; 才艮据所述更新信息更新所述组密钥。
24. 根据权利要求 22或 23所述的方法, 其特征在于,
所述组 ID对应的 HFN被预先设置为固定值; 或者
通过所述 MTC设备的信令承载、 所述组 ID对应组的公共信令承载或者 广播信道, 从所述基站接收所述 HFN的取值; 或者
当所述组 ID对应的 HFN达到阔值时, 通过所述 MTC设备的信令承载、 所述组 ID对应组的公共信令承载或者广播信道, 从所述基站接收用于指示所 述 HFN加 1的指示信息。
25. 根据权利要求 22至 24中任一项所述的方法, 其特征在于, 还包括: 当所述 MTC设备进入空闲状态或者去附着状态后重新加入所述组 ID对 应的组通信时, 从所述基站接收更新所述组密钥所需的密钥更新次数, 其中, 所述密钥更新次数由所述基站在所述组 ID对应的 HFN每次达到阔值时增加 1 ;
根据所述密钥更新次数更新所述组密钥。
26. 根据权利要求 19至 25中任一项所述的方法, 其特征在于, 还包括: 当网络侧维护的预定定时器达到第一预定阔值时,或者当基站更新组密钥 的次数达到第二预定阔值时,或者当 MME维护的非接入层的计数值达到第三 预定阔值时,与 MME进行重认证或者从所述基站接收新的生成参数以根据新 的生成参数和所述安全密钥生成新的组密钥。
27. 一种基站, 其特征在于, 包括:
接收模块, 用于从移动性管理实体 MME接收机器类通信 MTC设备所在 组的组 ID, 和与安全密钥相关的组通信 ^=艮密钥, 所述安全密钥与所述组 ID相 对应; 或者, 从 MME接收 MTC设备支持业务的业务 ID, 和与安全密钥相关 的业务根密钥,所述安全密钥与所述业务 ID对应,并根据所述业务 ID确定所 述 MTC设备所在组的组 ID, 根据所述组 ID和所述业务根密钥生成所述组通 信根密钥; 生成模块, 用于根据所述组通信根密钥生成所述组 ID对应的组密钥; 第一发送模块, 用于向所述 MTC设备发送用于生成所述组密钥的生成参 数, 以使所述 MTC设备根据所述生成参数和所述 MTC设备中保存的所述安 全密钥生成所述组密钥。
28. 根据权利要求 27所述的基站, 其特征在于, 所述接收模块还用于从 所述 MME接收用于生成组通信根密钥的随机数;
所述向 MTC设备发送的生成参数包括所述随机数。
29. 根据权利要求 27所述的基站, 其特征在于, 所述组通信根密钥根据 随机数生成;
所述第一发送模块用于在所述 MTC设备的认证过程中, 向所述 MTC设 备发送用于生成所述组通信根密钥的认证参数, 所述认证参考包括所述随机 数。
30. 根据权利要求 27所述的基站, 其特征在于, 当根据所述组 ID和所述 业务根密钥生成所述组通信根密钥时,进一步包括根据随机数生成组通信根密 钥;
则所述第一发送模块用于向所述 MTC设备发送所述组 ID和所述随机数。
31. 根据权利要求 27至 30中任一项所述的基站, 其特征在于, 还包括: 绑定模块, 用于将所述组通信根密钥、 所述组密钥、 所述生成参数与所述 组 ID相绑定;
第二发送模块, 用于当确定其他 MTC设备属于所述组 ID对应的组时, 向所述其他 MTC设备发送与所述组 ID绑定的所述生成参数, 以使所述其他 MTC设备根据所述生成参数和所述安全密钥生成所述组密钥。
32. 根据权利要求 27所述的基站, 其特征在于, 还包括:
更新模块,用于当所述组 ID对应的超帧号 HFN达到阔值时, 更新所述组 密钥, 其中所述组 ID的所有 MTC设备共用相同的 HFN;
第三发送模块, 用于向所述 MTC设备发送用于更新所述组密钥的更新信 息, 以使所述 MTC设备根据所述更新信息更新所述组密钥。
33. 根据权利要求 27所述的基站, 其特征在于, 所述组 ID的所有 MTC 设备共用相同的 HFN,
所述组 ID对应的 HFN被预先设置为固定值; 或者
所述基站还包括第四发送模块, 用于通过所述组 ID对应组内所有 MTC 设备各自的信令承载、 所述组 ID对应组的公共信令承载或者广播信道, 向所 述组 ID对应组内所有 MTC设备发送所述 HFN的取值;或者用于当所述组 ID 对应的 HFN达到阔值时 , 通过所述组 ID对应组内所有 MTC设备各自的信令 承载、所述组 ID对应组的公共信令承载或者广播信道,向所述组 ID对应组内 所有 MTC设备发送用于指示所述 HFN加 1的指示信息。
34. 根据权利要求 27所述的基站, 其特征在于, 还包括:
第五发送模块, 用于当所述 MTC设备进入空闲状态或者去附着状态后重 新加入所述组 ID对应的组通信时, 向所述 MTC设备发送更新所述组密钥所 需的密钥更新次数, 以使所述 MTC设备根据密钥更新次数更新所述组密钥; 或者
第六发送模块, 用于当其它 MTC设备第一次加入所述组 ID对应的组通 信时, 向所述其它 MTC设备发送用于生成所述组密钥的生成参数和更新所述 组密钥所需的密钥更新次数, 以使所述其它 MTC设备根据所述生成参数、 所 述密钥更新次数和所述安全密钥生成组密钥,
其中,所述密钥更新次数在所述组 ID对应的 HFN每次达到阔值时增加 1。
35. 一种移动性管理实体, 其特征在于, 包括:
第一接收模块, 用于接收机器类通信 MTC设备发送的所述 MTC设备所 在组的组 ID或所述 MTC设备支持业务的业务 ID;
第一发送模块,用于向所述 MTC设备所属的归属用户系统 HSS发送所述 组 ID或业务 ID, 以使所述 HSS根据生成的随机数和与所述组 ID对应的安全 密钥生成组通信根密钥, 或者以使所述 HSS根据生成的随机数和与所述业务 ID对应的安全密钥生成业务根密钥; 第二接收模块, 用于从所述 HSS接收所述组通信根密钥或所述业务根密 钥;
第二发送模块, 用于向基站发送所述组 ID和所述组通信根密钥、 或者所 述业务 ID和所述业务根密钥 ,以使所述基站在收到所述组 ID和所述组通信根 密钥的情况下根据所述组通信根密钥生成所述组 ID对应的组密钥, 或者在收 到所述业务 ID和业务根密钥的情况下根据所述业务 ID确定所述 MTC设备所 在组的组 ID、 根据所述组 ID和所述业务根密钥生成所述组 ID对应的组通信 根密钥、 并根据所述组通信根密钥生成所述组 ID对应的组密钥, 并由所述基 站向所述 MTC设备发送用于生成所述组密钥的生成参数, 使得所述 MTC设 备根据所述生成参数和所述 MTC设备中保存的所述安全密钥生成所述组密 钥。
36. 根据权利要求 35所述的移动性管理实体, 其特征在于, 所述第一发 送模块用于当所述组 ID没有绑定与所述组 ID对应的组通信根密钥、或者所述 业务 ID没有绑定与所述业务 ID对应的业务根密钥时, 向所述 MTC设备所属 的归属用户系统 HSS发送所述组 ID或业务 ID。
37.根据权利要求 35或 36所述的移动性管理实体,其特征在于,还包括: 第一绑定模块, 用于将所述组通信根密钥与所述组 ID相绑定并存储、 或 者将所述业务根密钥与业务 ID相绑定并存储;
第三发送模块, 用于当收到其它 MTC设备发送的携带有所述组 ID或业 务 ID的附着请求时, 如果所述 MTC设备与网络侧认证成功, 则向所述基站 发送所述组 ID和所述组通信根密钥、 或者所述业务 ID与所述业务根密钥。
38.根据权利要求 35至 37中任一项所述的移动性管理实体,其特征在于, 所述第二接收模块用于从所述 HSS接收所述组通信根密钥或所述业务根密钥 和所述随机数;
所述第二发送模块还用于向基站发送所述随机数,以使所述基站将所述随 机数发送给所述 MTC设备。
39. 根据权利要求 38所述的移动性管理实体, 其特征在于, 还包括: 第二绑定模块, 用于将所述组通信根密钥、 所述随机数与所述组 ID绑定 并存储、 或者将所述业务根密钥、 所述随机数与所述业务 ID绑定并存储; 第四发送模块, 用于当收到其它 MTC设备发送的携带有所述组 ID或业 务 ID的附着请求时, 如果所述 MTC设备与网络侧认证成功, 则向所述基站 发送所述组 ID以及与所述组 ID绑定的所述组通信根密钥和所述随机数,或者 向所述基站发送所述业务 ID以及与所述业务 ID绑定的所述业务根密钥和所述 随机数。
40.根据权利要求 35至 39中任一项所述的移动性管理实体,其特征在于, 还包括:
第三接收模块, 用于从所述 HSS接收组认证参数, 其中所述组认证参数 由所述 HSS根据所述安全密钥生成, 或者由所述 HSS根据所述安全密钥和所 述 MTC设备的专属密钥生成;
认证模块, 用于根据所述组认证参数, 与所述 MTC设备进行认证。
41.根据权利要求 35至 40中任一项所述的移动性管理实体,其特征在于, 还包括:
处理模块, 用于当网络侧维护的预定定时器达到第一预定阔值时, 或者当 所述基站更新组密钥的次数达到第二预定阔值时,或者当维护的非接入层的计 数值达到第三预定阔值时,与所述 MTC设备进行重认证或者从所述 HSS接收 新的组通信根密钥或业务根密钥,所述新的组通信根密钥或业务根密钥由所述 HSS根据所述安全密钥和新的随机数生成。
42. 一种归属用户系统, 其特征在于, 包括:
接收模块, 用于从移动性管理实体 MME接收机器类通信 MTC设备所在 组的组 ID或所述 MTC设备支持业务的业务 ID;
第一生成模块, 用于根据随机数和与所述组 ID对应的安全密钥生成组通 信根密钥、或者根据随机数和与所述业务 ID对应的安全密钥生成业务根密钥; 第一发送模块,用于向所述 MME发送所述组通信根密钥或所述业务根密 钥, 以使所述 MME向基站发送所述组 ID和所述组通信根密钥、 或者所述业 务 ID和所述业务根密钥,所述基站在收到所述组 ID和所述组通信根密钥的情 况下根据所述组通信根密钥生成所述组 ID对应的组密钥, 或者在收到所述业 务 ID和业务根密钥的情况下根据所述业务 ID确定所述 MTC设备所在组的组 ID、 根据所述组 ID和所述业务根密钥生成所述组 ID对应的组通信根密钥、 并根据所述组通信根密钥生成所述组 ID对应的组密钥, 并由所述基站向所述 MTC设备发送用于生成所述组密钥的生成参数,使得所述 MTC设备根据所述 生成参数和所述 MTC设备中保存的所述安全密钥生成所述组密钥。
43. 根据权利要求 42所述的归属用户系统, 其特征在于, 还包括: 第二生成模块, 用于根据与所述组 ID或业务 ID对应的安全密钥, 或者, 根据与所述组 ID或业务 ID对应的安全密钥和所述 MTC设备的专属密钥, 生 成用于供所述 MTC设备进行组认证的组认证参数;
第二发送模块, 用于向所述 MME发送所述组认证参数, 以使所述 MME 与所述 MTC设备进行认证。
44. 一种机器类通信设备, 其特征在于, 包括:
发送模块, 用于向移动性管理实体 MME发送机器类通信 MTC设备所在 组的组 ID或所述 MTC设备支持业务的业务 ID, 以使所述 MME向所述 MTC 设备所属的用户归属系统 HSS发送所述组 ID或业务 ID, 所述 HSS根据随机 数和与所述组 ID对应的安全密钥生成组通信根密钥、 或者根据随机数和与所 述业务 ID对应的安全密钥生成业务根密钥, 并向所述 MME发送所述组通信 根密钥或所述业务根密钥, 从而所述 MME向基站发送所述组 ID和所述组通 信根密钥、 或者所述业务 ID和所述业务根密钥, 以便所述基站在收到所述组 ID和所述组通信根密钥的情况下根据所述组通信根密钥生成所述组 ID对应的 组密钥,或者在收到所述业务 ID和业务根密钥的情况下根据所述业务 ID确定 所述 MTC设备所在组的组 ID、 根据所述组 ID和所述业务根密钥生成所述组 ID对应的组通信^ =艮密钥、并 4艮据所述组通信^ =艮密钥生成所述组 ID对应的组密 钥;
第一接收模块, 用于从所述基站接收用于生成所述组密钥的生成参数; 生成模块, 用于根据所述生成参数和所述 MTC设备中保存的所述安全密 钥生成所述组密钥。
45. 根据权利要求 44所述的机器类通信设备, 其特征在于, 在基站收到 所述组 ID和所述组通信根密钥的情况下,所述第一接收模块用于在所述 MTC 设备的认证过程中, 从所述基站接收用于生成所述组通信根密钥的认证参数; 或者从所述基站接收所述随机数,其中所述随机数由所述 HSS经由所述 MME 发送给所述基站。
46. 根据权利要求 44所述的机器类通信设备, 其特征在于, 在基站收到 所述业务 ID和所述业务根密钥的情况下, 所述第一接收模块用于从所述基站 接收所述组 ID和所述随机数, 其中所述随机数由所述 HSS经由所述 MME发 送给所述基站, 所述组 ID由所述基站根据所述业务 ID确定。
47.根据权利要求 44至 46中任一项所述的机器类通信设备,其特征在于, 还包括:
第二接收模块, 用于从所述基站接收用于更新所述组密钥的更新信息, 其 中所述基站在所述组 ID对应的 HFN达到阔值时更新所述组密钥, 同一组 ID 的所有 MTC设备共用相同的 HFN;
第一更新模块, 用于根据所述更新信息更新所述组密钥。
48.根据权利要求 44至 47中任一项所述的机器类通信设备,其特征在于, 同一组 ID的所有 MTC设备共用相同的 HFN,
所述组 ID对应的 HFN被预先设置为固定值; 或者
所述机器类通信设备还包括第三接收模块, 用于通过所述 MTC设备的信 令承载、 所述组 ID对应组的公共信令承载或者广播信道, 从所述基站接收所 述 HFN的取值; 或者
所述机器类通信设备还包括第四接收模块, 用于当所述组 ID对应的 HFN 达到阔值时, 通过所述 MTC设备的信令承载、 所述组 ID对应组的公共信令 承载或者广播信道, 从所述基站接收用于指示所述 HFN加 1的指示信息。
49. 根据权利要求 44所述的机器类通信设备, 其特征在于, 还包括: 第五接收模块, 用于当所述 MTC设备进入空闲状态或者去附着状态后重 新加入所述组 ID对应的组通信时, 从所述基站接收更新所述组密钥所需的密 钥更新次数,其中,所述密钥更新次数由所述基站在所述组 ID对应的 HFN每 次达到阔值时增加 1 ;
第二更新模块, 用于根据所述密钥更新次数更新所述组密钥。
50.根据权利要求 44至 49中任一项所述的机器类通信设备,其特征在于, 还包括:
处理模块, 用于当网络侧维护的预定定时器达到第一预定阔值时, 或者当 基站更新组密钥的次数达到第二预定阔值时,或者当 MME维护的非接入层的 计数值达到第三预定阔值时,与 MME进行重认证或者从所述基站接收新的生 成参数以根据新的生成参数和所述安全密钥生成新的组密钥。
PCT/CN2012/083633 2011-11-01 2012-10-27 生成组密钥的方法和相关设备 WO2013064041A1 (zh)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP12845896.5A EP2765795B1 (en) 2011-11-01 2012-10-27 Devices for generating an mtc group key
US14/264,566 US20140237559A1 (en) 2011-11-01 2014-04-29 Method and related device for generating group key

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201110339969.8A CN103096308B (zh) 2011-11-01 2011-11-01 生成组密钥的方法和相关设备
CN201110339969.8 2011-11-01

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US14/264,566 Continuation US20140237559A1 (en) 2011-11-01 2014-04-29 Method and related device for generating group key

Publications (1)

Publication Number Publication Date
WO2013064041A1 true WO2013064041A1 (zh) 2013-05-10

Family

ID=48191314

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/083633 WO2013064041A1 (zh) 2011-11-01 2012-10-27 生成组密钥的方法和相关设备

Country Status (4)

Country Link
US (1) US20140237559A1 (zh)
EP (1) EP2765795B1 (zh)
CN (1) CN103096308B (zh)
WO (1) WO2013064041A1 (zh)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3163923A4 (en) * 2014-03-18 2017-05-03 Huawei Technologies Co., Ltd. Key generation method, master enodeb, secondary enodeb and user equipment
CN114448609A (zh) * 2020-10-16 2022-05-06 中国移动通信有限公司研究院 组密钥的管理方法、装置、相关设备及存储介质

Families Citing this family (31)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2014050064A (ja) * 2012-09-04 2014-03-17 Sony Corp 情報処理装置、情報処理システム、情報処理方法、プログラム及びクライアント端末
US9326144B2 (en) * 2013-02-21 2016-04-26 Fortinet, Inc. Restricting broadcast and multicast traffic in a wireless network to a VLAN
CN105432058A (zh) * 2013-07-31 2016-03-23 日本电气株式会社 针对mtc组密钥管理的装置和方法
CN104581704B (zh) * 2013-10-25 2019-09-24 中兴通讯股份有限公司 一种实现机器类通信设备间安全通信的方法及网络实体
US20160277418A1 (en) * 2013-10-28 2016-09-22 Nec Corporation Security management according to location change in proximity based services
CN104918242B (zh) * 2014-03-14 2020-04-03 中兴通讯股份有限公司 从基站密钥更新方法、从基站、终端及通信系统
US10083311B2 (en) * 2014-06-30 2018-09-25 Konica Minolta Laboratory U.S.A., Inc. Cryptographic key
US9918225B2 (en) * 2014-11-03 2018-03-13 Qualcomm Incorporated Apparatuses and methods for wireless communication
CN105611527A (zh) * 2014-11-18 2016-05-25 中兴通讯股份有限公司 实现点对多点安全通信的方法、核心单元、终端和系统
CN105792095A (zh) * 2014-12-23 2016-07-20 中兴通讯股份有限公司 用于mtc分组通信的密钥协商方法、系统及网络实体
US10110945B2 (en) * 2015-03-13 2018-10-23 Lattice Semiconductor Corporation Maintaining synchronization of encryption process across devices by sending frame numbers
US9693178B2 (en) * 2015-03-18 2017-06-27 Intel IP Corporation Procedures to provision and attach a cellular internet of things device to a cloud service provider
WO2016205991A1 (zh) * 2015-06-23 2016-12-29 华为技术有限公司 免授权传输的方法、用户设备、接入网设备和核心网设备
JP6485747B2 (ja) * 2015-07-07 2019-03-20 パナソニックIpマネジメント株式会社 認証方法
US10051003B2 (en) * 2015-07-30 2018-08-14 Apple Inc. Privacy enhancements for wireless devices
CN106453203A (zh) * 2015-08-07 2017-02-22 索尼公司 无线通信系统中的装置和方法以及无线通信系统
US10382206B2 (en) * 2016-03-10 2019-08-13 Futurewei Technologies, Inc. Authentication mechanism for 5G technologies
US10873464B2 (en) 2016-03-10 2020-12-22 Futurewei Technologies, Inc. Authentication mechanism for 5G technologies
US11343673B2 (en) * 2016-07-14 2022-05-24 Telefonaktiebolaget Lm Ericsson (Publ) Enhanced aggregated re-authentication for wireless devices
EP3471365A4 (en) * 2016-07-15 2019-06-19 Huawei Technologies Co., Ltd. METHOD AND APPARATUS FOR ACQUIRING KEY
US10887295B2 (en) * 2016-10-26 2021-01-05 Futurewei Technologies, Inc. System and method for massive IoT group authentication
CN108650233B (zh) * 2018-04-12 2020-11-03 江南大学 一种JavaScript数据传输加密方法
CN108616354B (zh) * 2018-04-27 2021-10-26 北京信息科技大学 一种移动通信中密钥协商方法和设备
JP7163835B2 (ja) * 2019-03-19 2022-11-01 株式会社Jvcケンウッド 無線機、無線機の制御方法、及び、無線機の制御プログラム
US11363582B2 (en) * 2019-12-20 2022-06-14 Qualcomm Incorporated Key provisioning for broadcast control channel protection in a wireless network
JP2021128261A (ja) * 2020-02-14 2021-09-02 株式会社野村総合研究所 秘密分散ベースのマルチパーティ計算のための装置
WO2022032525A1 (zh) * 2020-08-12 2022-02-17 华为技术有限公司 一种组密钥分发方法及装置
CN113016201B (zh) * 2020-12-31 2022-05-24 华为技术有限公司 密钥供应方法以及相关产品
CN112788571A (zh) * 2021-01-14 2021-05-11 兰州大学 Lte网中机器类型通信设备的组认证方法及系统
US11924341B2 (en) 2021-04-27 2024-03-05 Rockwell Collins, Inc. Reliable cryptographic key update
CN117643088A (zh) * 2022-06-27 2024-03-01 北京小米移动软件有限公司 密钥生成方法及装置、通信设备及存储介质

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008151540A1 (fr) * 2007-06-08 2008-12-18 Huawei Technologies Co., Ltd. Procédé, système et dispositif pour générer une clé de groupe
US20100106967A1 (en) * 2008-10-28 2010-04-29 Mattias Johansson Method and arrangement for provisioning and managing a device
CN102196436A (zh) * 2010-03-11 2011-09-21 华为技术有限公司 安全认证方法、装置及系统
CN102215474A (zh) * 2010-04-12 2011-10-12 华为技术有限公司 对通信设备进行认证的方法和装置
WO2011127804A1 (zh) * 2010-04-16 2011-10-20 华为技术有限公司 M2m中数据加密传输的方法、设备及系统

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6363154B1 (en) * 1998-10-28 2002-03-26 International Business Machines Corporation Decentralized systems methods and computer program products for sending secure messages among a group of nodes
CN1758593A (zh) * 2004-10-10 2006-04-12 大唐移动通信设备有限公司 多媒体组播业务的业务密钥更新方法
US7817986B2 (en) * 2006-04-28 2010-10-19 Motorola, Inc. Method and system for providing cellular assisted secure communications of a plurality of ad hoc devices
CN101237444B (zh) * 2007-01-31 2013-04-17 华为技术有限公司 密钥处理方法、系统和设备
FR2923668B1 (fr) * 2007-11-13 2010-04-23 Eads Defence And Security Syst Procede et systeme de distribution de cles cryptographiques dans un reseau hierarchise.
CN101511082B (zh) * 2008-02-15 2011-01-05 中国移动通信集团公司 组密钥的更新方法、设备及系统
WO2012077999A2 (en) * 2010-12-08 2012-06-14 Lg Electronics Inc. Traffic encryption key management for machine to machine multicast group

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008151540A1 (fr) * 2007-06-08 2008-12-18 Huawei Technologies Co., Ltd. Procédé, système et dispositif pour générer une clé de groupe
US20100106967A1 (en) * 2008-10-28 2010-04-29 Mattias Johansson Method and arrangement for provisioning and managing a device
CN102196436A (zh) * 2010-03-11 2011-09-21 华为技术有限公司 安全认证方法、装置及系统
CN102215474A (zh) * 2010-04-12 2011-10-12 华为技术有限公司 对通信设备进行认证的方法和装置
WO2011127804A1 (zh) * 2010-04-16 2011-10-20 华为技术有限公司 M2m中数据加密传输的方法、设备及系统

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP2765795A4 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3163923A4 (en) * 2014-03-18 2017-05-03 Huawei Technologies Co., Ltd. Key generation method, master enodeb, secondary enodeb and user equipment
EP3768039A1 (en) * 2014-03-18 2021-01-20 Huawei Technologies Co., Ltd. Key generation method, master enodeb, secondary enodeb and user equipment
CN114448609A (zh) * 2020-10-16 2022-05-06 中国移动通信有限公司研究院 组密钥的管理方法、装置、相关设备及存储介质

Also Published As

Publication number Publication date
EP2765795A4 (en) 2014-10-08
CN103096308B (zh) 2016-01-20
EP2765795B1 (en) 2018-08-15
CN103096308A (zh) 2013-05-08
US20140237559A1 (en) 2014-08-21
EP2765795A1 (en) 2014-08-13

Similar Documents

Publication Publication Date Title
WO2013064041A1 (zh) 生成组密钥的方法和相关设备
EP2765793B1 (en) Method and related device for generating group key
KR101675088B1 (ko) Mtc에서의 네트워크와의 상호 인증 방법 및 시스템
KR101554396B1 (ko) 통신 시스템들에서 가입자 인증과 디바이스 인증을 바인딩하는 방법 및 장치
CN101616410B (zh) 一种蜂窝移动通信网络的接入方法和系统
WO2019019736A1 (zh) 安全实现方法、相关装置以及系统
WO2012100749A1 (zh) 密钥生成方法和设备
WO2011091751A1 (zh) 对mtc设备的认证方法、mtc网关及相关设备
US20150012744A1 (en) Group based bootstrapping in machine type communication
US11343673B2 (en) Enhanced aggregated re-authentication for wireless devices
KR20190020140A (ko) 이종 네트워크들에 대한 통합 인증
KR20200003108A (ko) 키 생성 방법, 사용자 장비, 장치, 컴퓨터 판독가능 저장 매체, 및 통신 시스템
WO2012174959A1 (zh) 一种机器到机器通信中组认证的方法、系统及网关
WO2010012203A1 (zh) 鉴权方法、重认证方法和通信装置
CN101583083A (zh) 一种实时数据业务的实现方法和实时数据业务系统
WO2009103214A1 (zh) 网络认证通信方法及网状网络系统
US20220182822A1 (en) Methods and apparatus relating to authentication of a wireless device
JP2017098986A (ja) Mtcのためのシステム、コアネットワーク、及び方法
WO2012075825A1 (zh) 无线局域网中端站的安全配置方法、ap、sta、as及系统
AU2021417645A1 (en) Secure communication method and device
EP4327505A2 (en) Methods and apparatus for provisioning, authentication, authorization, and user equipment (ue) key generation and distribution in an on-demand network
WO2023216531A1 (zh) 一种通信鉴权处理方法、装置、设备及计算机可读存储介质
CN109905345B (zh) 通信方法、通信装置和通信设备
WO2021109770A1 (zh) 无线网络切换方法及设备
TWI832776B (zh) 節點配對方法

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12845896

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 2012845896

Country of ref document: EP