WO2013075417A1 - Procédé et système pour générer une clé durant un transfert intercellulaire - Google Patents

Procédé et système pour générer une clé durant un transfert intercellulaire Download PDF

Info

Publication number
WO2013075417A1
WO2013075417A1 PCT/CN2012/071474 CN2012071474W WO2013075417A1 WO 2013075417 A1 WO2013075417 A1 WO 2013075417A1 CN 2012071474 W CN2012071474 W CN 2012071474W WO 2013075417 A1 WO2013075417 A1 WO 2013075417A1
Authority
WO
WIPO (PCT)
Prior art keywords
kenb
base station
mme
key
target
Prior art date
Application number
PCT/CN2012/071474
Other languages
English (en)
Chinese (zh)
Inventor
曹岚健
余万涛
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2013075417A1 publication Critical patent/WO2013075417A1/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W36/00Hand-off or reselection arrangements
    • H04W36/0005Control or signalling for completing the hand-off
    • H04W36/0011Control or signalling for completing the hand-off for data sessions of end-to-end connection
    • H04W36/0033Control or signalling for completing the hand-off for data sessions of end-to-end connection with transfer of context information
    • H04W36/0038Control or signalling for completing the hand-off for data sessions of end-to-end connection with transfer of context information of security context information

Definitions

  • the present invention relates to a key generation technique, and in particular, to a key generation method and system in a handover process. Background technique
  • EPS 3rd Generation Partnership Project
  • Evolved Packet System Evolved Packet System
  • E-UTRAN Evolved Universal Terrestrial Radio Access Network
  • EPS core Evolved Packet Core
  • E-UTRAN base station apparatus an evolved Node B (eNB, Evolved Node B) composition
  • EPS core network including a mobility management entity (MME, Mobility Management Entity) 0 user equipment (UE, User Equipment) through the wireless air interface and eNB Communication, and communication with the MME through the eNB.
  • MME mobility management entity
  • UE User Equipment
  • the protocol layer is divided into an access layer (AS, Access Stratum) and a non-access stratum (NAS, Non Access Stratum).
  • AS access layer
  • NAS Non Access Stratum
  • the EPS system is designed with a two-layer security protection mechanism, that is, the EPS system requires AS and NAS to use different security keys respectively.
  • the root key Kasme is negotiated.
  • the UE and the MME respectively save the root key Kasme and evolve the AS security key and the NAS security key respectively through Kasme.
  • the handover procedure of E-UTRAN supports handover between inter-eNB (Inter-eNB) and radio access (Inter-RAT).
  • Inter-RAT handover is supported by the S1 interface handover signaling procedure;
  • Inter-eNB handover is supported by the S1 or X2 interface handover signaling procedure.
  • the system performs handover between eNBs using the X2 interface.
  • the key generation and distribution process in the current latest handover process is as follows:
  • the UE sends an initial NAS message to the MME to initiate the conversion from the ECM-IDLE state to the ECM-CON ECTED state.
  • the MME initial NAS message includes the updated NAS COUNT and the key KeNB generated according to its own Kasme.
  • the MME initializes the next hop chaining counter (NCC, Next hop Chaining Counter) value.
  • NCC Next hop Chaining Counter
  • the MME generates the next hop It (NH, Next Hop Parameter) using the initially generated KeNB and its own saved Kasme, and updates the NCC value to 1.
  • the MME transmits the KeNB to the eNB, and the eNB uses the KeNB received from the MME as the initial key.
  • the eNB sends an AS security mode command to the UE, and the UE derives the KeNB using the NAS uplink COUNT value and its own saved Kasme.
  • the key generation and distribution process during the first X2 handover in the above scheme is not the first X2 cut Inconsistent key generation and distribution processes result in additional resource consumption.
  • the source eNB derives the key KeNB of the target eNB and sends it to the target eNB.
  • the source eNB may derive the key KeNB when the UE next hops, which may be utilized, thereby causing security risks of the communication system.
  • the main object of the present invention is to provide a key generation method and system in a handover process, which can avoid the key KeNB determined by the base station to determine the next hop in the UE handover process, and ensure the security of the communication system.
  • a key generation method in a handover process comprising:
  • the network side uses the NH to generate a next hop key KeNB; wherein the NH generated by the network side does not notify the base station.
  • the method further includes:
  • the network side and the UE side respectively synchronize the next hop key KeNB with the next hop counter NCC value notified by the target base station; the network side notifies the generated next hop key KeNB Target base station.
  • the using the NH to generate a next hop key KeNB is:
  • the next hop key KeNB is generated using the NH, the cell identity of the target base station, and the target universal terrestrial radio access UTRA downlink carrier frequency number.
  • the method further includes:
  • the initial next hopping key KeNB is generated by the network side based on the root key Kasme and the non-access stratum uplink counter NAS UL COUNT value; the network side initializes the NH according to the root keys Kasme and KeNB.
  • the method further includes:
  • the target base station will receive the next hop counter NCC value from the source base station and the target base station
  • the selected encryption and integrity protection algorithm notifies the UE by the source base station
  • the method further includes:
  • the target base station After receiving the handover confirmation of the UE, the target base station notifies the network side of the NCC value received from the source base station;
  • the target base station generates an encryption and decryption key and an integrity key for the user plane and the message plane, respectively, based on the received next hop key KeNB.
  • the network side is a mobility management unit MME.
  • the method further includes:
  • the source MME determines the NH corresponding to the NCC value received from the source base station, and sends the received NCC value and its corresponding NH to the target MME;
  • the target MME generates a next hop key KeNB according to the received NH, and increments the NCC value by one, and notifies the target base station of the next hop key KeNB and the added NCC value; the target base station selects encryption. And an integrity algorithm, and notifying the UE by the encryption and integrity algorithm and the received NCC value through the target MME, the source MME, and the source base station;
  • the UE determines an NH corresponding to the currently received NCC value, and generates a new next hop key KeNB according to the determined NH.
  • a key generation system in a handover process including an MME, a base station, and a UE, where: in the UE handover process, the MME uses the NH to generate a next hop key KeNB; wherein the NH generated by the MME does not notify the base station.
  • the MME and the UE side respectively synchronize the next hop key KeNB with the NCC value notified by the target base station; and the MME notifies the generated next hop key KeNB to the target base station.
  • the UE and the MME generate a next hop key KeNB by using the NH, the cell identifier of the target base station, and the target UTRA downlink carrier frequency number.
  • the MME is further configured to: generate an initial next hop key KeNB according to the root key Kasme and NAS UL COUNT values; and the root keys Kasme and KeNB initialize the NH.
  • the target base station is configured to notify the UE by the source base station by using an NCC value received from the source base station and an encryption and integrity protection algorithm selected by the target base station;
  • the UE is configured to determine an NH corresponding to the currently received NCC value, generate a new KeNB according to the determined NH, and generate an encryption and decryption key and an integrity key according to the new KeNB.
  • the target base station is configured to: after receiving the handover confirmation of the UE, notify the MME of the NCC value received from the source base station; and generate an encryption and decryption key and an integrity key according to the KeNB received from the MME. Key
  • the MME is configured to determine an NH corresponding to the currently received NCC value, generate a new KeNB according to the determined NH, and notify the target KeNB of the new KeNB.
  • the source MME is configured to determine an NH corresponding to the NCC value received from the source base station, and send the received NCC value and its corresponding NH to the target MME;
  • the target MME is configured to generate a KeNB according to the received NH, and increase the NCC value by one, and notify the target base station of the KeNB and the added NCC value;
  • the target base station is configured to: select an encryption and integrity algorithm, and notify the UE of the encryption and integrity algorithm and the received NCC value by the target MME, the source MME, and the source base station;
  • the UE is configured to determine an NH corresponding to the currently received NCC value, and generate a new KeNB according to the determined NH.
  • the UE and the MME use the NH to generate the next hop key KeNB; and the NH generated by the MME is not notified to the base station. In this way, since the base station cannot acquire the NH, the next hop key KeNB cannot be generated, and the possibility of illegally acquiring the next hop key KeNB is avoided, and forward security is ensured.
  • the invention greatly enhances the security of the communication system.
  • FIG. 1 is a flowchart of key generation in an X2 handover process between eNBs in a long term evolution system according to an embodiment of the present invention
  • FIG. 2 is a flowchart of key generation for the first handover to the X2 handover procedure according to an embodiment of the present invention
  • FIG. 3 is a key generation process during an X2 handover procedure in a case where a UE, an eNB, and an MME have a security context according to an embodiment of the present invention
  • FIG. 4 is a flowchart of key generation in S1 handover according to an embodiment of the present invention. detailed description
  • the basic idea of the present invention is: In the X2 handover process, the source eNB no longer derives the next hop key for the target eNB, and the source eNB only provides the target eNB with the next hop counter NCC value.
  • the target eNB uses the NCC value to keep the NHs in the UE and the MME in synchronization, so that the same KeNB is stored in the UE and the MME.
  • the target eNB applies for the same KeNB as the UE to the MME by using the NCC value, so that the KeNB of the UE and the KeNB of the UE are kept consistent.
  • the NH does not leave the MME, the eNB cannot obtain the NH, and the eNB does not have the ability to derive the NH (the calculation NH must have the Kasme). Therefore, the source eNB cannot obtain the KeNB of the target eNB in the next hop, and solves the forward security. problem.
  • the key generation and distribution process in the X2 handover process between the LTE base station eNBs specifically includes the following steps:
  • Step 101 In the initial process, the MME does not send the NH to the source eNB, and the MME only sends the NCC value to the source e
  • the initial procedure refers to the process of establishing an AS security context in the source eNB before the X2 handover occurs.
  • the AS security context already exists in the source eNB before the X2 handover occurs on the source eNB.
  • the process of establishing the security context may be an initial connection request (such as an attach request, a Tracking Area Update (TAU) request, etc.), Intra. - eNB handover, X2 handover, S1 handover or Inter-RAT handover, and the like.
  • the MSC sends an NCC value to the source eNB in the AS security context sent to the eNB.
  • Step 102 The source eNB sends an X2 handover request to the target eNB, that is, the source eNB sends an X2 handover request message to the target eNB, where the X2 handover request message includes an NCC value.
  • the NCC value is the NCC value that the MME sends to the source eNB in step 101.
  • Step 103 The target eNB sends the NCC value to the UE and the MME, and the UE and the MME synchronize the NH by using the NCC value, and use the NH to generate the same KeNB.
  • the target eNB notifies the UE of the NCC value in the handover command by the source eNB, and the UE compares the NCC value obtained from the target eNB with the NCC value saved by itself, and uses the NCC value obtained from the target eNB and the NCC value saved by itself.
  • the difference between the NHs is synchronized.
  • the so-called synchronization means that the NCC value stored in the general UE is smaller than the NCC value notified by the network side, and the KeNB needs to be generated using the NCC value notified by the network side.
  • the target eNB notifies the MME of the NCC value in the path switch request, and the MME compares the NCC value obtained from the target eNB with the NCC value saved by itself, using the NCC value obtained from the target eNB and the NCC value saved by itself.
  • the difference is NH synchronized.
  • the NCC values stored in the MME and the NCC values obtained from the target eNB in the present invention should be equal. This step can ensure that the same ⁇ NH, NCC ⁇ pair is present at the UE and the MME.
  • the UE uses the KeNB to generate an RRC/UP encryption and decryption key and an integrity key for data and signaling, respectively.
  • Step 104 The MME will generate a KeNB by using the synchronized NH, and the KeNB is consistent with the KeNB saved in the UE.
  • the MME carries the KeNB in the path switch request response message and sends the KeNB to the target eNB.
  • the target eNB uses the KeNB to generate an RRC/UP encryption/decryption key and a integrity key for data and signaling, respectively.
  • the RRC/UP encryption and decryption key and the integrity key are consistent with the RRC/UP plus decryption key and integrity key derived in the UE.
  • FIG. 2 is a flow chart of key generation for the first handover to the X2 handover procedure according to an embodiment of the present invention
  • FIG. 2 is a first handover initiated by an eNB that establishes a connection with the UE after establishing an initial connection, where The first switching process is the X2 switching process.
  • this embodiment is a complete process of key generation and key distribution in the X2 handover process, and specifically includes the following steps: Step 200: Establish an initialization AS security context in the UE and the MME, and the purpose is to initialize NH.
  • the MME transmits the NCC value to the source eNB through the SI AP Initialization Context Setup Request message; the UE initializes the ⁇ NH, NCC ⁇ pair and initializes the KeNB.
  • step 200 initial AS security is established in the MME.
  • the NAS UL COUNT is the NAS uplink counter in the initial connection request; if there is an Authentication Key Agreement (AKA) procedure before the AS SMC procedure, the NAS UL COUNT is the NAS uplink counter in the AKA procedure.
  • KDF represents a key algorithm. Specifically, the information corresponding to Kasme and NAS UL COUNT is sequentially arranged as a key.
  • the NCC value is sent to the eNB. Specifically, the eNB sends an SI AP initial context setup request message to the eNB, where the NCC value is carried in the SI AP initial context setup request message, and is sent by the MME to the eNB.
  • the eNB is the source eNB in the X2 handover procedure.
  • the MME does not send NH to the eNB.
  • step 200 the MME sends the NCC value to the eNB. Specifically, after receiving the NCC value sent by the MME, the eNB saves the NCC value.
  • Step 201 The UE sends a measurement report to the source eNB.
  • the source eNB decides to initiate an X2 handover to the target eNB through the measurement report.
  • Step 202 The source eNB sends a handover request to the target eNB, and the source eNB sends the next hop counter NCC value saved by itself to the target eNB in the handover request.
  • the source eNB also forwards the current AS security context of the source eNB and the security capability of the UE to the target eNB.
  • Step 204 The target eNB performs a handover request response message to the source eNB.
  • the handover request response message includes a transmission container, where the transmission container includes an NCC value saved by the target eNB, and an encryption and integrity protection algorithm identifier selected by the target eNB (EIA). , EEA), etc.
  • Step 205 The source eNB sends a handover command to the UE, where the handover command includes the transmission container received from the target eNB in step 204.
  • the source eNB encrypts and integrity protects the message using the current AS security context.
  • the UE extracts the NCC value therein.
  • the UE compares the NCC value received from the source eNB with the NCC value it holds.
  • the UE synchronizes its own ⁇ NH, NCC ⁇ pair to the ⁇ NH, NCC ⁇ pair corresponding to the received NCC value according to the difference between the NCC value received from the source eNB and the NCC value saved by itself.
  • the UE saves the ⁇ NH, NCC ⁇ pair generated by this synchronization.
  • Step 207 After the UE synchronizes the NH, the UE calculates the KeNB by using the NH.
  • the UE calculates an RRC/UP encryption/decryption key and an integrity key for data and signaling according to the received EEA, EIA, and the KeNB updated by itself, and replaces the current AS security context.
  • Step 208 The UE sends a handover confirmation message to the target eNB. This message is protected by the current AS security context of the UE, and the current AS security context of the UE has been updated in step 207.
  • Step 209 The target eNB sends a path switch request message to the MME.
  • the target eNB notifies the MME of the NCC value saved by itself.
  • the NCC value is the same as the NCC value received by the UE in step 206; the target eNB also sends its PCI and EARFCN_DL to the MME for deriving KeNB*.
  • Step 210 After receiving the path switch message from the target eNB, the MME extracts the NCC value. The MME compares the received NCC value with the NCC value saved by itself. If the MME is the same, the MME will take out the NH in the ⁇ NH, NCC ⁇ pair associated with the NCC value; if different, the MME will calculate and receive the received The NH associated with the NCC value.
  • the NCC value stored in the MME is greater than or equal to the NCC value received from the target eNB, and the MME stores the NH associated with the NCC value.
  • Step 213 The MME sends a path switch request response message to the target eNB, where the path switch request response message carries a new NCC value and the KeNB calculated in step 211.
  • the NCC value will be used for the NH synchronization between the UE and the MME of the next hop; the KeNB is consistent with the KeNB held in the UE.
  • the KeNB will be used by the target eNB to generate RRC/UP encryption and decryption keys and integrity keys for data and signaling.
  • Step 214 the target eNB will save the new NCC value, and calculate the RRC/UP encryption and decryption key and the integrity key using the KeNB and the EEA and EIA selected by the KeNB.
  • the target eNB will decrypt and verify the handover acknowledgment message received in step 208 using the newly generated AS security context.
  • Step 215 The target eNB sends a release resource message to the source eNB. After receiving the release resource message from the target eNB, the source eNB deletes all AS-related security contexts associated with the UE.
  • FIG. 3 is a flowchart of key generation in an X2 handover process in a case where a UE, an eNB, and an MME have a security context according to an embodiment of the present invention
  • FIG. 3 is that an AS security context is already present between the UE and the source eNB before the X2 handover is performed.
  • the MME also has a partial AS security context. These security contexts are generated by signaling interactions between previous UEs, eNBs, and MMEs. These signaling interactions may be previous initial connection procedures, handover procedures, and the like.
  • This embodiment is a complete flow of key generation and key distribution in the X2 handover process in the case where the UE, the eNB, and the MME have a security context. The process includes the following steps:
  • the UE Before the UE initiates the measurement report, the UE holds the ⁇ NH, NCC ⁇ pair, which is denoted as NCCJJE; the source eNB has an NCC value, which is denoted as NCC_eNB; and the MME holds the ⁇ NH, NCC ⁇ pair, which is denoted as NCC-MME.
  • the previous signaling interaction process can ensure that the NCC-UE is less than or equal to the NCC-eNB; and the NCC-eNB is less than or equal to the NCC-MME.
  • Step 301 The UE sends a measurement report to the source eNB.
  • the source eNB decides to initiate an X2 handover to the target eNB through the measurement report.
  • Step 302 the source eNB requests the target eNB sends a handover message to the handover request message carries an active saved e NB NCC- eNB.
  • the source eNB also forwards the current AS security context of the source eNB and the security capability of the UE to the target eNB.
  • Step 303 After receiving the handover request message of the source eNB, the target eNB saves the received NCC-eNB. The target eNB also selects an RRC/UP encryption and integrity protection algorithm based on the received UE security capabilities.
  • Step 304 The target eNB sends a handover request response message to the source eNB, where the handover request response message includes a transmission container, where the transmission container includes the target NCC-eNB, the encryption and integrity protection algorithm identifier (EIA, EEA) selected by the target eNB. Wait.
  • EIA encryption and integrity protection algorithm identifier
  • Step 305 The source eNB sends a handover command to the UE, where the handover command includes the transmission container received from the target eNB in step 304.
  • Step 306 After receiving the handover command sent by the source eNB, the UE decrypts and completes the message using the current AS security context.
  • the UE extracts the NCC value therein.
  • the UE compares the NCC value received from the source eNB with the NCC value it holds.
  • the UE synchronizes its own ⁇ NH, NCC ⁇ pair to the ⁇ NH, NCC ⁇ pair corresponding to the received NCC value according to the difference between the NCC value received from the source eNB and the NCC value saved by itself.
  • the UE saves the ⁇ NH, NCC ⁇ pair generated by this synchronization.
  • Step 308 The UE sends a handover confirmation message to the target eNB.
  • Step 309 The target eNB sends a path switch request message to the MME.
  • the target eNB notifies the MME of the NCC-eNB that it holds, and the target eNB notifies the MME of its PCI and EARFCN_DL.
  • Step 310 After receiving the path switch message from the target eNB, the MME extracts the NCC-eNB carried in the path switch message.
  • the MME compares the NCC_eNB with the NCC_MME stored by itself, and if the same, the MME extracts the NH in the ⁇ NH, NCC ⁇ pair associated with the NCC_MME; if different, the MME calculates the association with the received NCC_eNB. Li.
  • Step 311 After the MME synchronizes the NH, the MME calculates the KeNB by using the NH.
  • Step 313 The MME sends a path switch request response message to the target eNB, where the new NCC value and the KeNB calculated in step 311 are attached.
  • the NCC value will be used for the NH synchronization between the UE and the MME of the next hop; the KeNB and the KeNB held in the UE are consistent.
  • the KeNB will be used by the target eNB to generate RRC/UP encryption and decryption keys and integrity keys for data and signaling.
  • step 314 the target eNB will save the new NCC value, and use the KeNB and its selected EEA, EIA to calculate the RRC/UP encryption and decryption key and integrity key for data and signaling.
  • the target eNB will use the newly generated AS security context for the handover received in step 308.
  • the message is decrypted and integrity verified.
  • Step 315 The target eNB sends a release resource message to the source eNB. After receiving the release resource message from the target eNB, the source eNB deletes all AS-related security contexts associated with the UE.
  • the key generation process shown in FIG. 2 is only a special case of the process shown in FIG. 3, whether the first handover is the X2 handover process, or the X2 handover occurs in the UE and the eNB.
  • the present invention can keep the flow of the X2 handover process consistent and ensure forward security.
  • FIG. 4 is a flowchart of key generation in S1 handover according to an embodiment of the present invention
  • FIG. 4 is a key generation and key distribution process in an S1 handover, wherein, in order to ensure forward security in the X2 handover process, the handover process is performed in S1. It is also necessary to make the eNB unable to obtain the NH, so that the source eNB does not have the capability of deriving the KeNB of the target eNB, and specifically includes the following steps:
  • Step 401 The UE sends a measurement report to the source eNB.
  • the UE, the source eNB, and the source MME maintain the AS security context of the UE.
  • Step 402 The source eNB initiates a handover request to the source MME, where the handover requirement related message includes an NCC value saved by the source eNB.
  • Step 403 The source MME synchronizes the ⁇ NH, NCC ⁇ pair according to the NCC value received from the source eNB.
  • the source MME sends a Forwarding Relocation Request message to the target MME to send the synchronized ⁇ NH, NCC ⁇ pair and the Kasme and eKSI to the target MME.
  • Step 404 The target MME first calculates the KeNB according to the received ⁇ NH, NCC ⁇ pair, and then adds 1 to the NCC value to calculate a new ⁇ NH, NCC ⁇ pair.
  • the new ⁇ NH, NCC ⁇ pair is used for the generation of the next hop key.
  • Step 405 The target MME sends a handover request message to the target eNB.
  • the handover request message includes the KeNB and the new NCC value calculated in step 404.
  • the target MME does not send ⁇ to the target e phoenix
  • Step 406 The target eNB selects an encryption and integrity protection algorithm, and the selected encryption and integrity protection algorithm identifier and the NCC value are carried in the handover request response message, and are sent to the target MME.
  • Step 407 The target MME forwards the relocation response message to the source MME, where the relocation response message includes the NCC value, the encryption and the integrity protection algorithm identifier saved in the target eNB.
  • Step 408 The source MME sends a handover command to the source eNB, where the NCC value, the encryption and the integrity protection algorithm identifier saved in the target eNB are included.
  • Step 409 The source eNB sends a handover command to the UE, where the NCC value, the encryption and the integrity protection algorithm identifier saved in the target eNB are included.
  • Step 410 The UE synchronizes the ⁇ NH, NCC ⁇ pair according to the NCC value received from the source eNB, and calculates the KeNB by using the synchronized NH.
  • the UE calculates the encryption and decryption key and the integrity key for data and signaling based on the received encryption and integrity protection algorithm identification and the KeNB.
  • Step 411 The UE sends a handover confirmation message to the target eNB.
  • AS security is established between the UE and the target eNB.
  • the present invention also describes a key generation system in a handover process, including an MME, a base station, and a UE, where:
  • the MME uses the NH to generate a next hop key KeNB; wherein the NH generated by the MME does not notify the base station.
  • the MME and the UE side respectively use the NCC value notified by the target base station to synchronize the next hop key KeNB; and the MME notifies the generated next hop key KeNB to the target base station.
  • the UE and the MME generate a next hop key KeNB by using the NH, the cell identifier of the target base station, and the target universal terrestrial radio access UTRA downlink carrier frequency.
  • the MME is further configured to generate an initial next hop key KeNB according to the root key Kasme and the NAS UL COUNT value; and the root keys Kasme and KeNB initialize the NH.
  • the target base station is configured to: notify, by the source base station, the NCC value received from the source base station and the encryption and integrity protection algorithm selected by the target base station;
  • the UE is configured to determine an NH corresponding to the currently received NCC value, generate a new KeNB according to the determined NH, and generate an encryption and decryption key and an integrity key according to the new KeNB.
  • the target base station is configured to: after receiving the handover confirmation of the UE, notify the MME of the NCC value received from the source base station; and generate an encryption and decryption key and an integrity key according to the KeNB received from the MME. Key
  • the MME is configured to determine an NH corresponding to the currently received NCC value, generate a new KeNB according to the determined NH, and notify the target KeNB of the new KeNB.
  • the source MME is configured to: determine an NH corresponding to the NCC value received from the source base station, and send the received NCC value and its corresponding NH to the target MME;
  • the target MME is configured to generate a KeNB according to the received NH, and increase the NCC value by one, and notify the target base station of the KeNB and the added NCC value;
  • the target base station is configured to: select an encryption and integrity algorithm, and notify the UE of the encryption and integrity algorithm and the received NCC value by the target MME, the source MME, and the source base station;
  • the UE is configured to determine an NH corresponding to the currently received NCC value, and generate a new KeNB according to the determined NH.
  • the functions of the network elements in the key generation system in the example switching process can be understood by referring to the related descriptions of the foregoing FIGS. 1 to 4.
  • the key generation system is based on the existing network structure, and only the corresponding network element function has been modified.
  • the network structure can still be understood by referring to the existing network structure.
  • the source eNB no longer derives the next hop key for the target eNB, and the source eNB only provides the next hop variable counter NCC value for the target eNB.
  • the target eNB uses the NCC value to keep the NHs in the UE and the MME in synchronization, so that the same KeNB is stored in the UE and the MME.
  • the target eNB applies for the same KeNB as the UE to the MME using the NCC value, thereby keeping its own KeNB and the KeNB of the UE consistent.
  • the NH does not leave the MME, the eNB cannot obtain the NH, and the eNB does not have the ability to derive the NH (the calculation NH must have the Kasme). Therefore, the source eNB cannot obtain the KeNB of the target eNB in the next hop, and solves the forward security. problem.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La présente invention se rapporte à un procédé et à un système adaptés pour générer une clé durant un transfert intercellulaire. Le procédé selon l'invention comprend les étapes suivantes : durant un transfert intercellulaire d'un UE, un côté réseau utilise un paramètre de bond suivant, NH, afin de générer une clé de bond suivant, KeNB, le NH généré par le côté réseau n'étant pas communiqué à une station de base ; le côté réseau et le côté UE utilisent chacun la valeur d'un compteur de bond suivant, NCC, qui est communiquée par une station de base cible dans le but de synchroniser la clé de bond suivant, KeNB ; le côté réseau communique ensuite la clé de bond suivant ainsi générée, KeNB, à la station de base cible. Comme la station de base ne peut pas obtenir de NH, elle ne peut donc pas générer la clé de bond suivant, KeNB. De cette manière, il est possible de supprimer le risque d'une obtention illégale de la clé de bond suivant, KeNB, et, partant, de renforcer la confidentialité totale vers l'avant. La présente invention est apte à améliorer de façon significative la sécurité d'un système de communication.
PCT/CN2012/071474 2011-11-25 2012-02-22 Procédé et système pour générer une clé durant un transfert intercellulaire WO2013075417A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201110382646.7 2011-11-25
CN201110382646.7A CN103139771B (zh) 2011-11-25 2011-11-25 切换过程中密钥生成方法及系统

Publications (1)

Publication Number Publication Date
WO2013075417A1 true WO2013075417A1 (fr) 2013-05-30

Family

ID=48469050

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2012/071474 WO2013075417A1 (fr) 2011-11-25 2012-02-22 Procédé et système pour générer une clé durant un transfert intercellulaire

Country Status (2)

Country Link
CN (1) CN103139771B (fr)
WO (1) WO2013075417A1 (fr)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102078866B1 (ko) * 2013-08-09 2020-02-19 삼성전자주식회사 듀얼 커넥티비티 지원을 위한 pdcp 분산 구조의 보안 키 생성 및 관리 방안
WO2015113197A1 (fr) * 2014-01-28 2015-08-06 华为技术有限公司 Appareil et procédé de chiffrement de données
WO2018227431A1 (fr) * 2017-06-14 2018-12-20 Zte Corporation Procédés et dispositif informatique pour obtenir une clé de sécurité pour un accès à un réseau sans fil
ES2969548T3 (es) * 2017-09-15 2024-05-21 Ericsson Telefon Ab L M Contexto de seguridad en un sistema de comunicación inalámbrica
CN108337661B (zh) * 2018-01-04 2020-05-19 西南交通大学 基于票据的lte-r车-地通信接入层切换认证方法
CN110830988B (zh) * 2018-08-08 2023-08-15 维沃移动通信有限公司 一种安全更新方法、网络设备及终端

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101772100A (zh) * 2008-12-29 2010-07-07 中国移动通信集团公司 LTE系统中基站eNB切换时的密钥更新方法、设备及系统
CN102027769A (zh) * 2008-09-22 2011-04-20 株式会社Ntt都科摩 移动通信方法
CN102244862A (zh) * 2010-05-10 2011-11-16 北京三星通信技术研究有限公司 一种获取安全密钥的方法

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2424795B (en) * 2005-03-31 2007-04-18 Motorola Inc Apparatus and method for controlling a radio bearer reconfiguration

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102027769A (zh) * 2008-09-22 2011-04-20 株式会社Ntt都科摩 移动通信方法
CN101772100A (zh) * 2008-12-29 2010-07-07 中国移动通信集团公司 LTE系统中基站eNB切换时的密钥更新方法、设备及系统
CN102244862A (zh) * 2010-05-10 2011-11-16 北京三星通信技术研究有限公司 一种获取安全密钥的方法

Also Published As

Publication number Publication date
CN103139771B (zh) 2018-03-30
CN103139771A (zh) 2013-06-05

Similar Documents

Publication Publication Date Title
EP3576446B1 (fr) Procédé de dérivation de clé
CN109922051B (zh) 用于使能用于enb间的传输的安全通信的方法和系统
US11658817B2 (en) Security key usage across handover that keeps the same wireless termination
KR101463671B1 (ko) 무선 통신 장치에서의 로컬 보안 키 업데이트
EP2663107B1 (fr) Procédé et appareil de génération de clé
US20170359719A1 (en) Key generation method, device, and system
JP5774096B2 (ja) エアインターフェースキーの更新方法、コアネットワークノード及び無線アクセスシステム
WO2011137805A1 (fr) Procédé, appareil et système permettant un traitement sécuritaire dans un processus de commutation
Forsberg LTE key management analysis with session keys context
JP2011526097A (ja) トラフィック暗号化キー生成方法及び更新方法
WO2011127791A1 (fr) Procédé et système pour établir clef optimisée lorsqu'un terminal passe à un réseau d'accès radio terrestre umts (« universal terrestrial radio access network » ou utran) optimisé
KR20100114927A (ko) 무선 통신 시스템에서 핸드오버를 실행하는 동안 키 관리를 실행하기 위한 시스템 및 방법
WO2011085682A1 (fr) Procédé et système de mise à jour de clés d'interface radio
JP2010045692A (ja) 移動通信方法、無線基地局及び移動局
WO2013075417A1 (fr) Procédé et système pour générer une clé durant un transfert intercellulaire
WO2007022727A1 (fr) Procede et systeme pour communiquer des informations contextuelles de cle d'autorisation
EP2648437B1 (fr) Procédé, appareil et système de génération de clé
KR20150103063A (ko) Scell 및 ue 사이의 암호화 정보 동기 방법
JP2013541864A (ja) エアーインターフェースキーの更新方法、コアネットワークノード及びユーザ設備
JP2011515904A (ja) ワイヤレス通信システムにおいてハンドオーバ、またはハンドオーバ実行中の鍵管理を実行するシステムおよび方法
JP2017524273A (ja) Twagとueとの間でのwlcpメッセージ交換の保護
WO2011143977A1 (fr) Procédé et système d'établissement de clés améliorées lorsqu'un terminal rentre dans un réseau d'accès radio terrestre universel (utran) amélioré
WO2010105442A1 (fr) Procédé, appareil et système de génération de paramètres-clés d'évolution
WO2011127775A1 (fr) Procédé de mise à jour pour clé d'interface hertzienne et système d'accès radio
US8713317B2 (en) Method and system for encrypting data in a wireless communication system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 12852268

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 12852268

Country of ref document: EP

Kind code of ref document: A1