WO2014104849A1 - Method for configuring and transmitting key - Google Patents

Method for configuring and transmitting key Download PDF

Info

Publication number
WO2014104849A1
WO2014104849A1 PCT/KR2013/012358 KR2013012358W WO2014104849A1 WO 2014104849 A1 WO2014104849 A1 WO 2014104849A1 KR 2013012358 W KR2013012358 W KR 2013012358W WO 2014104849 A1 WO2014104849 A1 WO 2014104849A1
Authority
WO
WIPO (PCT)
Prior art keywords
scell
kenb
pcell
enb
cell
Prior art date
Application number
PCT/KR2013/012358
Other languages
French (fr)
Inventor
Hong Wang
Huarui Liang
Lixiang Xu
Original Assignee
Samsung Electronics Co., Ltd.
Beijing Samsung Telecommunications Technology Research Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Samsung Electronics Co., Ltd., Beijing Samsung Telecommunications Technology Research Co., Ltd. filed Critical Samsung Electronics Co., Ltd.
Priority to KR1020217020271A priority Critical patent/KR102416366B1/en
Priority to US14/647,381 priority patent/US9924353B2/en
Priority to EP13867957.6A priority patent/EP2939455B1/en
Priority to EP21188133.9A priority patent/EP3955616A1/en
Priority to KR1020207014753A priority patent/KR102272925B1/en
Priority to KR1020157017583A priority patent/KR102116488B1/en
Publication of WO2014104849A1 publication Critical patent/WO2014104849A1/en
Priority to US15/923,767 priority patent/US10433165B2/en
Priority to US16/587,682 priority patent/US11265706B2/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0431Key distribution or pre-distribution; Key agreement
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/12Arrangements for detecting or preventing errors in the information received by using return channel
    • H04L1/16Arrangements for detecting or preventing errors in the information received by using return channel in which the return channel carries supervisory signals, e.g. repetition request signals
    • H04L1/18Automatic repetition systems, e.g. Van Duuren systems
    • H04L1/1812Hybrid protocols; Hybrid automatic repeat request [HARQ]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W48/00Access restriction; Network selection; Access point selection
    • H04W48/08Access restriction or access information delivery, e.g. discovery data delivery
    • H04W48/12Access restriction or access information delivery, e.g. discovery data delivery using downlink control channel
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W72/00Local resource management
    • H04W72/20Control channels or signalling for resource management

Definitions

  • the present application relates to radio communication technologies, and more particularly to a method for configuring and transmitting a key.
  • FIG 1 is a schematic diagram illustrating the structure of a System Architecture Evolution (SAE).
  • SAE System Architecture Evolution
  • User Equipment (UE) 101 is a terminal device for receiving data.
  • An Evolved Universal Terrestrial Radio Access Network (E-UTRAN) 102 is a radio access network which includes an eNodeB/NodeB for providing a radio network interface for the UE.
  • a Mobile Management Entity (MME) 103 is configured to manage mobility contexts, session contexts and security information of the UE.
  • a Serving Gateway (SGW) 104 is configured to provide functions of a subscriber plane.
  • the MME 103 and the SGW 104 may be located in the same physical entity.
  • a Packet Gateway (PGW) 105 is configured to implement charging and legal monitoring functions.
  • the PGW 105 and the SGW 104 may be located in the same physical entity.
  • a Policy and Charging Rules Function (PCRF) 106 is configured to provide QoS policies and charging rules.
  • a Service GPRS Supporting Node (SGSN) 108 is a network node device for providing routing for data transmission in a Universal Mobile Telecommunications System (UMTS).
  • UMTS Universal Mobile Telecommunications System
  • a Home Subscriber Server (HSS) 109 is a home subsystem of the UE and is configured to protect user information including the current location of the UE, the address of a serving node, user security information and packet data contexts of the UE.
  • each cell supports bandwidth of 20MHz at most.
  • a Carrier Aggregation (CA) technology is introduced in a LTE-Advanced system.
  • the UE may communicate with multiple cells that are managed by the same evolved Node B (eNB) and work on different frequencies, which makes transmission bandwidth up to 100MHz and doubles the uplink and downlink peak rate of the UE.
  • eNB evolved Node B
  • FIG. 2 is a schematic diagram illustrating cross-eNB CA.
  • aggregated cells include a Primary Cell (PCell) and a Secondary Cell (SCell).
  • PCell Primary Cell
  • SCell Secondary Cell
  • the PCell can be handed over only through a handover process.
  • the UE transmits and receives Non-Access Stratum (NAS) information only in the PCell, and a Physical Uplink Control Channel (PUCCH) is transmitted only in the PCell.
  • NAS Non-Access Stratum
  • PUCCH Physical Uplink Control Channel
  • the MME needs to encrypt signalings of non-access layer and the eNB needs to encrypt Radio Resource Control (RRC) signalings and data.
  • RRC Radio Resource Control
  • the MME calculates an initial key (KeNB) and transmits the KeNB to the eNB. Further, the MME transmits a set of parameters (Next Hop, called NH for short, and Next Hop Counter, called NCC for short) to the eNB through a handover message. These parameters may be used for calculating the KeNB.
  • a source eNB calculates a KeNB used by a destination eNB.
  • the KeNB used by the destination eNB may be a new KeNB that is generated based on a KeNB currently used and also referring to the downlink frequency and Protocol Control Information (PCI) of the destination eNB. This method is called a horizontal generating method.
  • the KeNB used by the destination eNB may also be generated according to the NH and NCC saved by the source eNB. This method is called a vertical generating method. These methods have been defined in a current protocol 3GPP 33.401.
  • the UE generates its KeNB by using the same algorithm as that used by the MME.
  • the eNB transmits a message to the UE, to inform the UE of the NCC used currently by the eNB and indicate the UE to generate a new KeNB.
  • the UE generates the new KeNB according to the horizontal or vertical generating method.
  • the NCC is used to determine which one of the horizontal generating method and the vertical generating method is used by the UE. If the NCC is the same as the NCC corresponding to the KeNB used currently by the UE, the UE uses the horizontal generating method, and if the NCC is different from the NCC corresponding to the KeNB used currently by the UE, the UE uses the vertical generating method.
  • KeNB Conventional transmission and calculation methods of KeNB are all applied to the case that only one cell encrypts data. That is, a key used by the serving cell has been defined in the current protocol.
  • the SCell In cross-eNB CA technology, the SCell also participates in data transmission, and thus data should also be encrypted. In this case, multiple cells need to encrypt data, but it is not defined in the current protocol that how a key used by the SCell is configured.
  • the present application provides several methods for configuring a key.
  • data on these links may be encrypted with a key.
  • a method for configuring and transmitting a key includes:
  • PCell Primary Cell
  • KeNB Key
  • SCell Secondary Cell
  • the determining, by the PCell, the KeNB used by the SCell comprises: calculating, by the PCell, the KeNB according to the downlink frequency and physical cell identity of the SCell.
  • the KeNB used by the SCell is the same as a KeNB used by another SCell located in an evolved Node B (eNB) where the SCell is located.
  • eNB evolved Node B
  • the PCell determines that the KeNB used by the SCell is the same as a KeNB used by the PCell.
  • a SCell establishing request message comprises the KeNB used by the SCell and the SCell establishing request message is transmitted to the SCell.
  • a SCell establishing request message comprises indication information of the KeNB and the SCell establishing request message is transmitted to the SCell, wherein the indication information is used for indicating that the KeNB used by the SCell is the same as a KeNB used by another SCell located in an eNB where the SCell is located.
  • the SCell establishing request message comprises an X2 interface identity of the UE, wherein the X2 interface identity of the UE is used as the indication information of the KeNB and is used for indicating the SCell to determine a context of the UE according to the X2 interface identity of the UE and obtain the KeNB used by the SCell.
  • the configuration information for configuring the SCell comprises the KeNB used by the SCell and the configuration information is transmitted to the UE.
  • the configuration information does not include the KeNB used by SCell, which indicates that the KeNB used by the SCell is same as the KeNB used by the PCell.
  • the configuration information for configuring the SCell comprises indication information of the KeNB and the configuration information is transmitted to the UE, wherein the indication information is used for indicating that the KeNB used by the SCell is the same as a KeNB used by another SCell.
  • the configuration information for configuring the SCell does not comprise the KeNB to indicate the UE to obtain the KeNB from a context of the UE;
  • the indication information of the KeNB is a cell identity of said another SCell.
  • a method for configuring and transmitting a key includes:
  • SCell Secondary Cell
  • MME Mobile Management Entity
  • the key information is information for calculating a KeNB used by the SCell or is the KeNB used by the SCell.
  • Figure 1 is a schematic diagram illustrating the structure of a SAE.
  • Figure 2 is a schematic diagram illustrating cross-eNB CA.
  • Figure 3 is a flowchart illustrating a method for configuring and transmitting a KeNB by a PCell according to the present application.
  • Figure 4 is a flowchart illustrating a method according to a first example of the present application.
  • Figure 5 is a flowchart illustrating a method according to a second example of the present application.
  • Figure 6 is a flowchart illustrating a method according to a third example of the present application.
  • Figure 7 is a flowchart illustrating a method for configuring a KeNB for a SCell by the MME according to the present application.
  • Figure 8 is a flowchart illustrating a method according to a fourth example of the present application.
  • the present application provides two methods for configuring and transmitting a KeNB used by a SCell.
  • the KeNB is configured and transmitted by a PCell, and in the other method, the KeNB is configured by the MME.
  • the two methods are illustrated respectively hereinafter.
  • Figure 3 is a flowchart illustrating a method for configuring and transmitting a KeNB by a PCell according to the present application. As shown in Figure 3, the method includes following blocks.
  • a serving cell (PCell) of UE determines a KeNB used by a SCell, and transmits the KeNB to the SCell.
  • the PCell transmits the KeNB used by the SCell to the UE, and receives a response message from the UE.
  • the PCell may make the KeNB used by the Scell different from a KeNB used by the PCell. For example, the PCell may calculate the KeNB used by the SCell according to the downlink frequency and cell identity of the SCell and the KeNB used by the PCell. Or, the PCell may make the KeNB used by the Scell identical to the KeNB used by the PCell. The method is illustrated in detailed hereinafter with reference to three examples.
  • a first example describes a method for configuring and transmitting, by the PCell, the KeNB used by the SCell.
  • the KeNB used by the PCell is different from the KeNB used by the SCell.
  • the MME configures an initial KeNB for the PCell.
  • a KeNB used by the serving cell of the UE needs to be recalculated.
  • the calculation method of the KeNB used by the serving cell of the UE is the same as a current method, and is not illustrated herein.
  • An eNB 1 is an eNB where the serving cell of the UE is located, i.e., the PCell of the UE, and an eNB 2 is an eNB where the SCell of the UE is located and provides a data bearer for the UE.
  • the eNB 2 receives downlink data from a serving gateway or the eNB 1 and transmits the data to the UE.
  • the cell and the eNB are not differentiated any more, and if the cell transmits/receives data, it means that the eNB where the cell is located transmits/receives the data.
  • a signaling communication process between the MME and the gateway is omitted.
  • the method shown in Figure 4 includes following blocks.
  • an RRC connection establishing process is provided.
  • the object of this process is to establish an RRC connection between the UE and the PCell. This process is the same as a current defined process and is omitted herein.
  • the PCell of the UE transmits an Initial UE Message to the MME, where the Initial UE Message is the first S1 interface message and contains an S1 interface identity of the UE and a non-access message.
  • the MME transmits an initial context establishing request message to the PCell of the UE.
  • the MME transmits the initial context establishing request message to establish a context of the UE on the eNB.
  • the initial context establishing request message contains the S1 interface identity of the UE, which uniquely identifies the UE at the S1 interface.
  • the initial context establishing request message further contains the capability information of the UE and information of to-be-established LTE E-UTRAN Radio Access Bearer (E-RAB).
  • E-RAB LTE E-UTRAN Radio Access Bearer
  • the information of to-be-established LTE E-RAB contains an identity and QoS information of the E-RAB, and a transport layer address and tunnel port identity of serving gateway receiving uplink data.
  • the initial context establishing request message contains an initial key (KeNB).
  • the serving cell of the UE i.e., the PCell, saves the KeNB in the context of the UE, and encrypts signalings and data with the KeNB in subsequent signaling transmission and data transmission. If the serving cell of the UE is handed over or the MME updates the KeNB, the calculation method of KeNB used by the new serving cell is the same as a current defined method. Herein, suppose the serving cell obtains its KeNB according to the current defined method.
  • the PCell decides to establish a new SCell for the UE.
  • the PCell makes the decision based on different reasons.
  • a first reason is because the load of the PCell is large and the SCell may transmit data of the UE, so as to share the load the PCell.
  • a second reason is because the MME requests the PCell to establish a new bearer and the PCell decides to establish the new bearer in the SCell.
  • the SCell is selected based on the channel quality of the cell detected by the UE, and the UE reports the detected channel quality to the PCell through a measurement report.
  • the new SCell and the PCell are located in different eNBs. Suppose the new SCell is located in the eNB 2.
  • the PCell transmits a SCell establishing request message to the SCell, and requests the eNB where the SCell is located to establish a new bearer for the UE.
  • the serving cell of the UE decides to establish the bearer in the SCell.
  • the eNB 1 may select the SCell according to radio signal quality.
  • the SCell is located in the eNB 2, and the eNB 1 transmits a message to the eNB 2.
  • the name of the message may be another name.
  • the message contains an identity of destination cell, the X2 interface identity of the UE, information of to-be-established LTE E-RAB.
  • the information of to-be-established LTE E-RAB contains an identity and QoS information of the E-RAB, and a transport layer address and tunnel port identity of serving gateway (or the eNB 1) receiving uplink data.
  • the PCell determines the KeNB used by the Scell.
  • the PCell determines the KeNB used by the SCell according to the KeNB used by the PCell and the downlink power and physical cell identity of the SCell.
  • the SCell establishing request message contains the KeNB used by the SCell.
  • the SCell transmits a SCell establishing response message to the PCell.
  • the eNB 2 confirms that the SCell is established successfully, and transmits a message to the eNB 1.
  • the SCell establishing response message contains information of the SCell newly located in the eNB 2, and a transport layer address and tunnel port identity of serving gateway receiving downlink data.
  • the information of cell may contain a Physical Cell Identity (PCI), cell identity, Public Land Mobile Network (PLMN) identity, uplink and downlink frequency and bandwidth of the cell, and further contains the number of antenna ports, information of Multicast Broadcast Single Frequency Network (MBSFN) subframe, and the configuration of Physical Random Access Channel (PRACH).
  • PCI Physical Cell Identity
  • PLMN Public Land Mobile Network
  • MMSFN Multicast Broadcast Single Frequency Network
  • PRACH Physical Random Access Channel
  • the information of cell further contains the general configuration of PDSCH of the cell, such as the reference signal power of the PDSCH and P-B.
  • the information of serving cell further contains the configuration of Physical Hybrid ARQ Indicator Channel (PHICH), such as information indicating that the duration of the PHICH is normal or extended, and resources of the PHICH.
  • PHICH Physical Hybrid ARQ Indicator Channel
  • the PCell transmits a RRC reconfiguring request message to the UE, where the RRC reconfiguring request message contains the configuration information of the SCell.
  • the configuration information of the SCell contains an identity of the SCell and the KeNB used by the SCell.
  • the identity of the SCell may be a physical cell identity, a unique cell identity of the SCell, or an identity with other form.
  • the UE saves one KeNB for each SCell, and the KeNB is used to encrypt and decrypt data of the SCell.
  • the UE transmits a RRC reconfiguring response message to confirm that the SCell is configured successfully at the UE side.
  • the PCell transmits an initial context establishing response message to the MME.
  • the eNB 1 informs the MME that the context of the UE is established successfully, and informs the MME of the information of bearer established successfully by the eNB1.
  • the initial context establishing response message contains the S1 interface identity of the UE, the identity of the bearer established successfully, the transport layer address and tunnel port identity of eNB receiving downlink data.
  • the initial context establishing response message contains an identity (eNB Id) of the eNB 2 where the SCell is located, and a cell identity of the SCell.
  • the PCell configures and transmits the KeNB used by the SCell.
  • the KeNB used by the PCell is different from the that used by the SCell, and KeNBs used by SCells located in one eNB are the same.
  • the MME configures an initial KeNB for the PCell.
  • the KeNB used by the serving cell of the UE needs to be recalculated.
  • the calculation method of the KeNB used by the serving cell of the UE is the same as the current method and is not illustrated herein.
  • the eNB 1 is an eNB where the serving cell of the UE is located, i.e., the PCell of the UE, and the eNB 2 is an eNB where the SCell of the UE is located and provides a data bearer for the UE.
  • the eNB 2 receives downlink data from a serving gateway or the eNB 1 and transmits the data to the UE.
  • the cell and the eNB are not differentiated any more, and if the cell transmits/receives data, it means that the eNB where the cell is located transmits/receives the data.
  • a signaling communication process between the MME and the gateway is omitted.
  • the method shown in Figure 5 includes following blocks.
  • Blocks 501 to 509 are the same as blocks 401 to 409 respectively and are omitted herein. After blocks 501 to 509 are performed, a SCell 1 has been established in the eNB, and a KeNB used by the SCell 1 has been configured.
  • the PCell decides to establish a new SCell for the UE.
  • the PCell makes the decision based on different reasons.
  • a first reason is because the load of the PCell is large and the SCell may transmit data of the UE, so as to share the load the PCell.
  • a second reason is because the MME requests the PCell to establish a new bearer and the PCell decides to establish the new bearer in the SCell.
  • the SCell is selected based on the channel quality of the cell detected by the UE, and the UE reports the detected channel quality to the PCell through a measurement report.
  • the new SCell and the PCell are located in different eNBs. Suppose the new SCell is located in the eNB 2.
  • the PCell transmits a SCell establishing request message to the SCell, and requests the eNB where the SCell is located to establish the new bearer for the UE.
  • the SCell 2 may use the same KeNB as that used by the SCell 1, and data of the SCell 2 is encrypted with the same KeNB as that used by the SCell 1.
  • the SCell establishing request message contains the X2 interface identity of the UE, information of to-be-established bearer and an identity of the SCell 2.
  • the identity of the SCell 2 may be a physical cell identity or a unique Cell Global Identity (CGI).
  • the SCell establishing request message in block 511 further contains indication information for indicating that the KeNB used by the SCell 2 is the same as that used by the SCell 1. This indication information may be implemented through several methods.
  • a SCell 1 is defined as a primary SCell. Only an X2 interface is established between the eNB where the PCell is located and the eNB where the SCell 1 is located, and the communication between the PCell and the multiple SCells is forwarded by the SCell 1.
  • the PCell indicates that the SCell 1 is a primary SCell located in the eNB 2, or in the SCell establishing response message in block 406, the eNB 2 indicates that the SCell 1 is a primary SCell located in the eNB 2.
  • the primary SCell and the KeNB used by the primary SCell are saved in the context of the UE served by the eNB 2.
  • the SCell establishing request message in block 511 contains the X2 interface identity of the UE, through which the eNB 2 finds the context of the UE, obtains the KeNB and uses the KeNB to encrypt the data of the SCell 2.
  • the SCell establishing request message in block 511 contains the KeNB used by the SCell 2.
  • the SCell establishing request message in block 511 contains indication information for indicating that the KeNB used by the SCell 2 is the same as the KeNB used by which cell, such as the identity of the SCell 1.
  • the SCell 2 transmits a SCell establishing response message to the PCell.
  • the eNB 2 confirms that the SCell is established successfully, and transmits a message to the eNB 1.
  • the SCell establishing response message contains information of SCell newly located in the eNB 2, a transport layer address and tunnel port identity of eNB receiving downlink data.
  • the information of cell may contain a Physical Cell Identity (PCI), cell identity, Public Land Mobile Network (PLMN) identity, uplink and downlink frequency and bandwidth of the cell, and further contains the number of antenna ports, information of Multicast Broadcast Single Frequency Network (MBSFN) subframe, and the configuration of Physical Random Access Channel (PRACH).
  • PCI Physical Cell Identity
  • PLMN Public Land Mobile Network
  • MMSFN Multicast Broadcast Single Frequency Network
  • PRACH Physical Random Access Channel
  • the information of cell further contains the general configuration of PDSCH of the cell, such as the reference signal power of the PDSCH and P-B.
  • the information of serving cell further contains the configuration of PHICH, such as information indicating that the duration of the PHICH is normal or extended, and resources of the PHICH.
  • the PCell transmits a RRC reconfiguring request message to the UE, where the RRC reconfiguring request message contains the configuration information of the SCell.
  • the configuration information of the SCell contains the identity of the SCell 2 and the KeNB used by the SCell.
  • the identity of the SCell may be a physical cell identity, or a unique cell identity of the SCell, or an identity with other form.
  • the configuration information of the SCell contains the identity of the SCell 2, and indication information for indicating that the KeNB used by the SCell is the same as the KeNB used by which cell.
  • the indication information may be implemented through several methods.
  • the identity of the SCell 1 is contained, it means that the KeNB used by the SCell 2 is the same as that used by the SCell 1.
  • the identity of cell may be a physical cell identity, or a unique identity of the cell, or an identity with other form.
  • the configuration information of the SCell contains the KeNB used by the SCell 2.
  • the configuration information of the SCell indicates the UE that a certain SCell is a primary SCell located in a certain eNB, the configuration information of the SCell is saved in the UE, and other SCells located in the eNB all use the same KeNB as that used by the primary SCell.
  • the configuration information of the SCell does not contain the KeNB used by the Scell, and the UE finds the KeNB used by the SCell according to the saved context of the UE.
  • the UE saves one KeNB for all SCells located in each eNB, and uses the KeNB to encrypt the data of the SCell.
  • the UE transmits an RRC reconfiguring response message to confirm that the SCell is configured successfully at the UE side.
  • a third example describes a method for configuring and transmitting, by the PCell, the KeNB used by the SCell.
  • the MME configures an initial KeNB for the PCell.
  • the KeNB used by the serving cell of the UE needs to be recalculated.
  • the calculation method of the KeNB used by the serving cell of the UE is the same as a current method, and is not illustrated herein.
  • the eNB 1 is an eNB where the serving cell of the UE is located, that is, the PCell of the UE
  • eNB 2 is an eNB where the SCell of the UE is located and provides a data bearer.
  • the eNB 2 receives downlink data from a serving gateway or the eNB 1 and transmits the data to the UE.
  • the cell and the eNB are not differentiated any more, and if the cell transmits/receives data, it means that the eNB where the cell is located transmits/receives the data.
  • a signaling communication process between the MME and the gateway is omitted. The method shown in Figure 6 includes following blocks.
  • Blocks 601 to 609 are almost identical to blocks 401 to 409, and thus only difference is described herein.
  • the PCell decides to establish a new SCell for the UE.
  • the PCell also decides that the KeNB used by the new SCell is the same as that used by the PCell.
  • the PCell transmits a SCell establishing request message to the SCell, and requests the eNB where the SCell is located to establish a new bearer for the UE.
  • the SCell establishing request message contains the KeNB that is the same as that used by the PCell.
  • the PCell transmits an RRC reconfiguring request message to the UE, where the RRC reconfiguring request message contains the configuration information of the SCell.
  • the configuration information of the SCell contains the identity of the SCell 2 and does not contain the KeNB, which means that the KeNB used by the SCell is the KeNB saved in the context of the UE, i.e., the KeNB used by the PCell.
  • the UE only saves one KeNB, which is used by the PCell and the SCell.
  • the UE transmits an RRC reconfiguring response message to confirm that the SCell is configured successfully at the UE side.
  • the forgoing is the first method for configuring and transmitting the KeNB used by the SCell provided by the present application.
  • FIG. 7 is a flowchart illustrating a method for configuring a KeNB for a SCell by the MME according to the present application.
  • the MME configures the KeNB used by the SCell.
  • the method includes following blocks.
  • the SCell of the UE transmits a cell key request to the MME and receives key information from the MME.
  • the SCell transmits the key information received from the MME to the UE, and receives a response message from the UE.
  • a fourth example describes a method for requesting for the KeNB by the SCell.
  • the object of this method is to make the PCell unknowable the KeNB used by the SCell and make the eNB where the PCell is located unable to encrypt data, so as to improve the security of encryption.
  • the method shown in Figure 8 includes follow blocks.
  • Blocks 801 to 809 are identical to blocks 401 to 409 respectively and are omitted herein.
  • Blocks after block 810 do not depend on blocks 801 to 809, and the implementation before block 810 may be replaced with other implementation, for example, the PCell does not configure the KeNB for the SCell, or the PCell configures the same KeNB as that used by the PCell for the SCell.
  • the SCell transmits a cell key request message to request the MME to configure a new KeNB.
  • the cell key request message contains an identity of cell, and the identity of cell may be a unique CGI.
  • the MME transmits key information to the SCell, and the key information contains information for generating the new KeNB.
  • the key information may be the KeNB, or information for calculating the KeNB.
  • the SCell transmits the configuration information of the KeNB to the UE, and the configuration information contains the identity of cell, and information for generating the KeNB.
  • the configuration information may be the KeNB, or information for calculating the KeNB.
  • the UE transmits a cell key confirmation to confirm that the UE receives the information of the new KeNB.
  • the KeNB used by the SCell is different from the KeNB used by the PCell, it is needed to generating and saving encryption information of cell at the UE side, where the encryption information contains encryption capability and the KeNB.
  • the forgoing are the methods for configuring and transmitting a key provided by the present application.
  • the data of the SCell is transmitted after being encrypted, so as to avoid a case that the data is decoded by other users, and further guarantee the security of the data.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The present application discloses a method for configuring and transmitting a key, which includes that: a) a serving cell (PCell) of UE determines a key (KeNB) used by a SCell and transmits the KeNB to the SCell; and b) the PCell transmits configuration information for configuring the SCell to the UE after receiving a response message from the SCell, and receives a response message from the UE. Or, the method includes that: a SCell of UE transmits a cell key request to a MME and receives key information from the MME; and the SCell transmits the key information received from the MME to the UE, and receives a response message from the UE. By the present application, data of the SCell is transmitted after being encrypted, so as to avoid a case that the data is decoded by other users, and further guarantee the security of the data.

Description

METHOD FOR CONFIGURING AND TRANSMITTING KEY
The present application relates to radio communication technologies, and more particularly to a method for configuring and transmitting a key.
Modern mobile communication technology tends to provide high-data-rate multimedia services for users. Figure 1 is a schematic diagram illustrating the structure of a System Architecture Evolution (SAE).
In Figure 1, User Equipment (UE) 101 is a terminal device for receiving data. An Evolved Universal Terrestrial Radio Access Network (E-UTRAN) 102 is a radio access network which includes an eNodeB/NodeB for providing a radio network interface for the UE. A Mobile Management Entity (MME) 103 is configured to manage mobility contexts, session contexts and security information of the UE. A Serving Gateway (SGW) 104 is configured to provide functions of a subscriber plane. The MME 103 and the SGW 104 may be located in the same physical entity. A Packet Gateway (PGW) 105 is configured to implement charging and legal monitoring functions. The PGW 105 and the SGW 104 may be located in the same physical entity. A Policy and Charging Rules Function (PCRF) 106 is configured to provide QoS policies and charging rules. A Service GPRS Supporting Node (SGSN) 108 is a network node device for providing routing for data transmission in a Universal Mobile Telecommunications System (UMTS). A Home Subscriber Server (HSS) 109 is a home subsystem of the UE and is configured to protect user information including the current location of the UE, the address of a serving node, user security information and packet data contexts of the UE.
In current Long Term Evolution (LTE) system, each cell supports bandwidth of 20MHz at most. In order to increase the peak rate of UE, a Carrier Aggregation (CA) technology is introduced in a LTE-Advanced system. Through the CA technology, the UE may communicate with multiple cells that are managed by the same evolved Node B (eNB) and work on different frequencies, which makes transmission bandwidth up to 100MHz and doubles the uplink and downlink peak rate of the UE.
In order to increase the transmission bandwidth, one user may be served by multiple cells, and these cells may be located in one eNB or multiple eNBs, and thus this technology is called CA technology. Figure 2 is a schematic diagram illustrating cross-eNB CA. For UE working in the case of CA, aggregated cells include a Primary Cell (PCell) and a Secondary Cell (SCell). There is only one PCell, and the PCell is a serving cell and is always in an active state. The PCell can be handed over only through a handover process. The UE transmits and receives Non-Access Stratum (NAS) information only in the PCell, and a Physical Uplink Control Channel (PUCCH) is transmitted only in the PCell.
In a current system, the MME needs to encrypt signalings of non-access layer and the eNB needs to encrypt Radio Resource Control (RRC) signalings and data. The MME calculates an initial key (KeNB) and transmits the KeNB to the eNB. Further, the MME transmits a set of parameters (Next Hop, called NH for short, and Next Hop Counter, called NCC for short) to the eNB through a handover message. These parameters may be used for calculating the KeNB. In an X2 handover process, a source eNB calculates a KeNB used by a destination eNB. The KeNB used by the destination eNB may be a new KeNB that is generated based on a KeNB currently used and also referring to the downlink frequency and Protocol Control Information (PCI) of the destination eNB. This method is called a horizontal generating method. The KeNB used by the destination eNB may also be generated according to the NH and NCC saved by the source eNB. This method is called a vertical generating method. These methods have been defined in a current protocol 3GPP 33.401. The UE generates its KeNB by using the same algorithm as that used by the MME. When the UE performs X2 or S1 handover, the eNB transmits a message to the UE, to inform the UE of the NCC used currently by the eNB and indicate the UE to generate a new KeNB. The UE generates the new KeNB according to the horizontal or vertical generating method. The NCC is used to determine which one of the horizontal generating method and the vertical generating method is used by the UE. If the NCC is the same as the NCC corresponding to the KeNB used currently by the UE, the UE uses the horizontal generating method, and if the NCC is different from the NCC corresponding to the KeNB used currently by the UE, the UE uses the vertical generating method.
Conventional transmission and calculation methods of KeNB are all applied to the case that only one cell encrypts data. That is, a key used by the serving cell has been defined in the current protocol. In cross-eNB CA technology, the SCell also participates in data transmission, and thus data should also be encrypted. In this case, multiple cells need to encrypt data, but it is not defined in the current protocol that how a key used by the SCell is configured.
The present application provides several methods for configuring a key. In the case of establishing a data bearer between UE and multiple eNBs, data on these links may be encrypted with a key.
A method for configuring and transmitting a key includes:
a) determining, by a serving cell (Primary Cell (PCell)) of User Equipment (UE), a key (KeNB) used by a Secondary Cell (SCell), and transmitting the KeNB to the SCell; and
b) transmitting, by the PCell, configuration information for configuring the SCell to the UE after receiving a response message from the SCell, and receiving a response message from the UE.
Preferably, the determining, by the PCell, the KeNB used by the SCell comprises: calculating, by the PCell, the KeNB according to the downlink frequency and physical cell identity of the SCell.
Preferably, the KeNB used by the SCell is the same as a KeNB used by another SCell located in an evolved Node B (eNB) where the SCell is located.
Preferably, the PCell determines that the KeNB used by the SCell is the same as a KeNB used by the PCell.
Preferably, in step a), a SCell establishing request message comprises the KeNB used by the SCell and the SCell establishing request message is transmitted to the SCell.
Preferably, in step a), a SCell establishing request message comprises indication information of the KeNB and the SCell establishing request message is transmitted to the SCell, wherein the indication information is used for indicating that the KeNB used by the SCell is the same as a KeNB used by another SCell located in an eNB where the SCell is located.
Preferably, when the KeNB used by the SCell is the same as a KeNB used by a primary SCell located in the eNB where the SCell is located, the SCell establishing request message comprises an X2 interface identity of the UE, wherein the X2 interface identity of the UE is used as the indication information of the KeNB and is used for indicating the SCell to determine a context of the UE according to the X2 interface identity of the UE and obtain the KeNB used by the SCell.
Preferably, in step b), the configuration information for configuring the SCell comprises the KeNB used by the SCell and the configuration information is transmitted to the UE.
Preferably, in step b), the configuration information does not include the KeNB used by SCell, which indicates that the KeNB used by the SCell is same as the KeNB used by the PCell.
Preferably, in step b), the configuration information for configuring the SCell comprises indication information of the KeNB and the configuration information is transmitted to the UE, wherein the indication information is used for indicating that the KeNB used by the SCell is the same as a KeNB used by another SCell.
Preferably, when the KeNB used by the SCell is the same as a KeNB used by a primary SCell located in an eNB where the SCell is located, the configuration information for configuring the SCell does not comprise the KeNB to indicate the UE to obtain the KeNB from a context of the UE;
or, the indication information of the KeNB is a cell identity of said another SCell.
A method for configuring and transmitting a key includes:
a) transmitting, by a Secondary Cell (SCell) of User Equipment (UE), a cell key request to a Mobile Management Entity (MME), and receiving key information from the MME; and
b) transmitting, by the SCell, the key information received from the MME to the UE, and receiving a response message from the UE.
Preferably, the key information is information for calculating a KeNB used by the SCell or is the KeNB used by the SCell.
As can be seen from the above solution of the present application, by the methods for configuring the key for the SCell, data of the SCell is transmitted after being encrypted, so as to avoid a case that the data is decoded by other users, and further guarantee the security of the data.
Figure 1 is a schematic diagram illustrating the structure of a SAE.
Figure 2 is a schematic diagram illustrating cross-eNB CA.
Figure 3 is a flowchart illustrating a method for configuring and transmitting a KeNB by a PCell according to the present application.
Figure 4 is a flowchart illustrating a method according to a first example of the present application.
Figure 5 is a flowchart illustrating a method according to a second example of the present application.
Figure 6 is a flowchart illustrating a method according to a third example of the present application.
Figure 7 is a flowchart illustrating a method for configuring a KeNB for a SCell by the MME according to the present application.
Figure 8 is a flowchart illustrating a method according to a fourth example of the present application.
In order to make the object, technical solution and merits of the present application clearer, the present application will be illustrated in detail hereinafter with reference to the accompanying drawings.
The present application provides two methods for configuring and transmitting a KeNB used by a SCell. In one method, the KeNB is configured and transmitted by a PCell, and in the other method, the KeNB is configured by the MME. The two methods are illustrated respectively hereinafter.
Figure 3 is a flowchart illustrating a method for configuring and transmitting a KeNB by a PCell according to the present application. As shown in Figure 3, the method includes following blocks.
In block 301, a serving cell (PCell) of UE determines a KeNB used by a SCell, and transmits the KeNB to the SCell.
In block 302, after the PCell receives a response message from the SCell, the PCell transmits the KeNB used by the SCell to the UE, and receives a response message from the UE.
When the PCell determines the KeNB used by the SCell, the PCell may make the KeNB used by the Scell different from a KeNB used by the PCell. For example, the PCell may calculate the KeNB used by the SCell according to the downlink frequency and cell identity of the SCell and the KeNB used by the PCell. Or, the PCell may make the KeNB used by the Scell identical to the KeNB used by the PCell. The method is illustrated in detailed hereinafter with reference to three examples.
A first example describes a method for configuring and transmitting, by the PCell, the KeNB used by the SCell. In this method, the KeNB used by the PCell is different from the KeNB used by the SCell. The MME configures an initial KeNB for the PCell. When the UE moves, a KeNB used by the serving cell of the UE needs to be recalculated. The calculation method of the KeNB used by the serving cell of the UE is the same as a current method, and is not illustrated herein. An eNB 1 is an eNB where the serving cell of the UE is located, i.e., the PCell of the UE, and an eNB 2 is an eNB where the SCell of the UE is located and provides a data bearer for the UE. The eNB 2 receives downlink data from a serving gateway or the eNB 1 and transmits the data to the UE. There is an X2 interface between the eNB 1 and the eNB 2. Hereinafter, the cell and the eNB are not differentiated any more, and if the cell transmits/receives data, it means that the eNB where the cell is located transmits/receives the data. A signaling communication process between the MME and the gateway is omitted. The method shown in Figure 4 includes following blocks.
In block 401, an RRC connection establishing process is provided. The object of this process is to establish an RRC connection between the UE and the PCell. This process is the same as a current defined process and is omitted herein.
In block 402, the PCell of the UE transmits an Initial UE Message to the MME, where the Initial UE Message is the first S1 interface message and contains an S1 interface identity of the UE and a non-access message.
In block 403, the MME transmits an initial context establishing request message to the PCell of the UE.
The MME transmits the initial context establishing request message to establish a context of the UE on the eNB. The initial context establishing request message contains the S1 interface identity of the UE, which uniquely identifies the UE at the S1 interface. The initial context establishing request message further contains the capability information of the UE and information of to-be-established LTE E-UTRAN Radio Access Bearer (E-RAB). The information of to-be-established LTE E-RAB contains an identity and QoS information of the E-RAB, and a transport layer address and tunnel port identity of serving gateway receiving uplink data. The initial context establishing request message contains an initial key (KeNB).
The serving cell of the UE, i.e., the PCell, saves the KeNB in the context of the UE, and encrypts signalings and data with the KeNB in subsequent signaling transmission and data transmission. If the serving cell of the UE is handed over or the MME updates the KeNB, the calculation method of KeNB used by the new serving cell is the same as a current defined method. Herein, suppose the serving cell obtains its KeNB according to the current defined method.
In block 404, the PCell decides to establish a new SCell for the UE.
The PCell makes the decision based on different reasons. A first reason is because the load of the PCell is large and the SCell may transmit data of the UE, so as to share the load the PCell. A second reason is because the MME requests the PCell to establish a new bearer and the PCell decides to establish the new bearer in the SCell. The SCell is selected based on the channel quality of the cell detected by the UE, and the UE reports the detected channel quality to the PCell through a measurement report. The new SCell and the PCell are located in different eNBs. Suppose the new SCell is located in the eNB 2.
In block 405, the PCell transmits a SCell establishing request message to the SCell, and requests the eNB where the SCell is located to establish a new bearer for the UE.
The serving cell of the UE decides to establish the bearer in the SCell. The eNB 1 may select the SCell according to radio signal quality. Suppose the SCell is located in the eNB 2, and the eNB 1 transmits a message to the eNB 2. The name of the message may be another name. The message contains an identity of destination cell, the X2 interface identity of the UE, information of to-be-established LTE E-RAB. The information of to-be-established LTE E-RAB contains an identity and QoS information of the E-RAB, and a transport layer address and tunnel port identity of serving gateway (or the eNB 1) receiving uplink data.
The PCell determines the KeNB used by the Scell. The PCell determines the KeNB used by the SCell according to the KeNB used by the PCell and the downlink power and physical cell identity of the SCell. The SCell establishing request message contains the KeNB used by the SCell.
In block 406, the SCell transmits a SCell establishing response message to the PCell.
The eNB 2 confirms that the SCell is established successfully, and transmits a message to the eNB 1. The SCell establishing response message contains information of the SCell newly located in the eNB 2, and a transport layer address and tunnel port identity of serving gateway receiving downlink data.
The information of cell may contain a Physical Cell Identity (PCI), cell identity, Public Land Mobile Network (PLMN) identity, uplink and downlink frequency and bandwidth of the cell, and further contains the number of antenna ports, information of Multicast Broadcast Single Frequency Network (MBSFN) subframe, and the configuration of Physical Random Access Channel (PRACH). The information of cell further contains the general configuration of PDSCH of the cell, such as the reference signal power of the PDSCH and P-B. The information of serving cell further contains the configuration of Physical Hybrid ARQ Indicator Channel (PHICH), such as information indicating that the duration of the PHICH is normal or extended, and resources of the PHICH.
In block 407, the PCell transmits a RRC reconfiguring request message to the UE, where the RRC reconfiguring request message contains the configuration information of the SCell. The configuration information of the SCell contains an identity of the SCell and the KeNB used by the SCell. The identity of the SCell may be a physical cell identity, a unique cell identity of the SCell, or an identity with other form.
In this example, the UE saves one KeNB for each SCell, and the KeNB is used to encrypt and decrypt data of the SCell.
In block 408, the UE transmits a RRC reconfiguring response message to confirm that the SCell is configured successfully at the UE side.
In block 409, the PCell transmits an initial context establishing response message to the MME.
The eNB 1 informs the MME that the context of the UE is established successfully, and informs the MME of the information of bearer established successfully by the eNB1. The initial context establishing response message contains the S1 interface identity of the UE, the identity of the bearer established successfully, the transport layer address and tunnel port identity of eNB receiving downlink data. The initial context establishing response message contains an identity (eNB Id) of the eNB 2 where the SCell is located, and a cell identity of the SCell.
And thus, the process described in the first example ends.
In the second example, multiple SCells are located in one eNB, and the PCell configures and transmits the KeNB used by the SCell. In this example, the KeNB used by the PCell is different from the that used by the SCell, and KeNBs used by SCells located in one eNB are the same. The MME configures an initial KeNB for the PCell. When the UE moves, the KeNB used by the serving cell of the UE needs to be recalculated. The calculation method of the KeNB used by the serving cell of the UE is the same as the current method and is not illustrated herein. The eNB 1 is an eNB where the serving cell of the UE is located, i.e., the PCell of the UE, and the eNB 2 is an eNB where the SCell of the UE is located and provides a data bearer for the UE. The eNB 2 receives downlink data from a serving gateway or the eNB 1 and transmits the data to the UE. There is an X2 interface between the eNB 1 and the eNB 2. Hereinafter, the cell and the eNB are not differentiated any more, and if the cell transmits/receives data, it means that the eNB where the cell is located transmits/receives the data. A signaling communication process between the MME and the gateway is omitted. The method shown in Figure 5 includes following blocks.
Blocks 501 to 509 are the same as blocks 401 to 409 respectively and are omitted herein. After blocks 501 to 509 are performed, a SCell 1 has been established in the eNB, and a KeNB used by the SCell 1 has been configured.
In block 510, the PCell decides to establish a new SCell for the UE.
The PCell makes the decision based on different reasons. A first reason is because the load of the PCell is large and the SCell may transmit data of the UE, so as to share the load the PCell. A second reason is because the MME requests the PCell to establish a new bearer and the PCell decides to establish the new bearer in the SCell. The SCell is selected based on the channel quality of the cell detected by the UE, and the UE reports the detected channel quality to the PCell through a measurement report. The new SCell and the PCell are located in different eNBs. Suppose the new SCell is located in the eNB 2.
In block 511, the PCell transmits a SCell establishing request message to the SCell, and requests the eNB where the SCell is located to establish the new bearer for the UE.
Suppose a newly established SCell 2 and the SCell 1 are located in the same eNB. The SCell 2 may use the same KeNB as that used by the SCell 1, and data of the SCell 2 is encrypted with the same KeNB as that used by the SCell 1. The SCell establishing request message contains the X2 interface identity of the UE, information of to-be-established bearer and an identity of the SCell 2. The identity of the SCell 2 may be a physical cell identity or a unique Cell Global Identity (CGI). The SCell establishing request message in block 511 further contains indication information for indicating that the KeNB used by the SCell 2 is the same as that used by the SCell 1. This indication information may be implemented through several methods.
In a first method, in multiple SCells located in one eNB, a SCell 1 is defined as a primary SCell. Only an X2 interface is established between the eNB where the PCell is located and the eNB where the SCell 1 is located, and the communication between the PCell and the multiple SCells is forwarded by the SCell 1. In the SCell establishing request message in block 405, the PCell indicates that the SCell 1 is a primary SCell located in the eNB 2, or in the SCell establishing response message in block 406, the eNB 2 indicates that the SCell 1 is a primary SCell located in the eNB 2. The primary SCell and the KeNB used by the primary SCell are saved in the context of the UE served by the eNB 2. The SCell establishing request message in block 511 contains the X2 interface identity of the UE, through which the eNB 2 finds the context of the UE, obtains the KeNB and uses the KeNB to encrypt the data of the SCell 2.
In a second method, the SCell establishing request message in block 511 contains the KeNB used by the SCell 2.
In a third method, the SCell establishing request message in block 511 contains indication information for indicating that the KeNB used by the SCell 2 is the same as the KeNB used by which cell, such as the identity of the SCell 1.
In block 512, the SCell 2 transmits a SCell establishing response message to the PCell.
The eNB 2 confirms that the SCell is established successfully, and transmits a message to the eNB 1. The SCell establishing response message contains information of SCell newly located in the eNB 2, a transport layer address and tunnel port identity of eNB receiving downlink data.
The information of cell may contain a Physical Cell Identity (PCI), cell identity, Public Land Mobile Network (PLMN) identity, uplink and downlink frequency and bandwidth of the cell, and further contains the number of antenna ports, information of Multicast Broadcast Single Frequency Network (MBSFN) subframe, and the configuration of Physical Random Access Channel (PRACH). The information of cell further contains the general configuration of PDSCH of the cell, such as the reference signal power of the PDSCH and P-B. The information of serving cell further contains the configuration of PHICH, such as information indicating that the duration of the PHICH is normal or extended, and resources of the PHICH.
In block 513, the PCell transmits a RRC reconfiguring request message to the UE, where the RRC reconfiguring request message contains the configuration information of the SCell. The configuration information of the SCell contains the identity of the SCell 2 and the KeNB used by the SCell. The identity of the SCell may be a physical cell identity, or a unique cell identity of the SCell, or an identity with other form.
Or, the configuration information of the SCell contains the identity of the SCell 2, and indication information for indicating that the KeNB used by the SCell is the same as the KeNB used by which cell. Identical to block 511, the indication information may be implemented through several methods.
For example, if the identity of the SCell 1 is contained, it means that the KeNB used by the SCell 2 is the same as that used by the SCell 1. The identity of cell may be a physical cell identity, or a unique identity of the cell, or an identity with other form. Or, the configuration information of the SCell contains the KeNB used by the SCell 2. Or, in a former block, e.g., block 407, the configuration information of the SCell indicates the UE that a certain SCell is a primary SCell located in a certain eNB, the configuration information of the SCell is saved in the UE, and other SCells located in the eNB all use the same KeNB as that used by the primary SCell. In block 513, the configuration information of the SCell does not contain the KeNB used by the Scell, and the UE finds the KeNB used by the SCell according to the saved context of the UE.
Different from the first example, in the second example, the UE saves one KeNB for all SCells located in each eNB, and uses the KeNB to encrypt the data of the SCell.
In block 515, the UE transmits an RRC reconfiguring response message to confirm that the SCell is configured successfully at the UE side.
And thus, the process described in the second example ends.
A third example describes a method for configuring and transmitting, by the PCell, the KeNB used by the SCell. The MME configures an initial KeNB for the PCell. When the UE moves, the KeNB used by the serving cell of the UE needs to be recalculated. The calculation method of the KeNB used by the serving cell of the UE is the same as a current method, and is not illustrated herein. The eNB 1 is an eNB where the serving cell of the UE is located, that is, the PCell of the UE, and eNB 2 is an eNB where the SCell of the UE is located and provides a data bearer. The eNB 2 receives downlink data from a serving gateway or the eNB 1 and transmits the data to the UE. There is an X2 interface between the eNB 1 and the eNB 2. Hereinafter, the cell and the eNB are not differentiated any more, and if the cell transmits/receives data, it means that the eNB where the cell is located transmits/receives the data. A signaling communication process between the MME and the gateway is omitted. The method shown in Figure 6 includes following blocks.
Blocks 601 to 609 are almost identical to blocks 401 to 409, and thus only difference is described herein.
In block 604, the PCell decides to establish a new SCell for the UE. The PCell also decides that the KeNB used by the new SCell is the same as that used by the PCell.
In block 605, the PCell transmits a SCell establishing request message to the SCell, and requests the eNB where the SCell is located to establish a new bearer for the UE. The SCell establishing request message contains the KeNB that is the same as that used by the PCell.
In block 607, the PCell transmits an RRC reconfiguring request message to the UE, where the RRC reconfiguring request message contains the configuration information of the SCell.
The configuration information of the SCell contains the identity of the SCell 2 and does not contain the KeNB, which means that the KeNB used by the SCell is the KeNB saved in the context of the UE, i.e., the KeNB used by the PCell.
In this example, the UE only saves one KeNB, which is used by the PCell and the SCell.
In block 608, the UE transmits an RRC reconfiguring response message to confirm that the SCell is configured successfully at the UE side.
And thus, the process described in the third example ends.
The forgoing is the first method for configuring and transmitting the KeNB used by the SCell provided by the present application.
Figure 7 is a flowchart illustrating a method for configuring a KeNB for a SCell by the MME according to the present application. In this method, the MME configures the KeNB used by the SCell. As shown in Figure 7, the method includes following blocks.
In block 701, after the SCell is established, the SCell of the UE transmits a cell key request to the MME and receives key information from the MME.
In block 702, the SCell transmits the key information received from the MME to the UE, and receives a response message from the UE.
The method shown in Figure 7 is illustrated in detail hereinafter with reference to an example.
A fourth example describes a method for requesting for the KeNB by the SCell. The object of this method is to make the PCell unknowable the KeNB used by the SCell and make the eNB where the PCell is located unable to encrypt data, so as to improve the security of encryption. The method shown in Figure 8 includes follow blocks.
Blocks 801 to 809 are identical to blocks 401 to 409 respectively and are omitted herein.
Blocks after block 810 do not depend on blocks 801 to 809, and the implementation before block 810 may be replaced with other implementation, for example, the PCell does not configure the KeNB for the SCell, or the PCell configures the same KeNB as that used by the PCell for the SCell.
In block 810, the SCell transmits a cell key request message to request the MME to configure a new KeNB. The cell key request message contains an identity of cell, and the identity of cell may be a unique CGI.
In block 811, the MME transmits key information to the SCell, and the key information contains information for generating the new KeNB. The key information may be the KeNB, or information for calculating the KeNB.
In block 812, the SCell transmits the configuration information of the KeNB to the UE, and the configuration information contains the identity of cell, and information for generating the KeNB. The configuration information may be the KeNB, or information for calculating the KeNB.
In block 813, the UE transmits a cell key confirmation to confirm that the UE receives the information of the new KeNB.
And thus, the process described in the fourth example ends.
If the KeNB used by the SCell is different from the KeNB used by the PCell, it is needed to generating and saving encryption information of cell at the UE side, where the encryption information contains encryption capability and the KeNB.
The forgoing are the methods for configuring and transmitting a key provided by the present application. By the methods, the data of the SCell is transmitted after being encrypted, so as to avoid a case that the data is decoded by other users, and further guarantee the security of the data.
The foregoing is only preferred examples of the present application and is not used to limit the protection scope of the present application. Any modification, equivalent substitution and improvement without departing from the spirit and principle of the present application are within the protection scope of the present application.

Claims (13)

  1. A method for configuring and transmitting a key, comprising:
    a) determining, by a serving cell (Primary Cell (PCell)) of User Equipment (UE), a key (KeNB) used by a Secondary Cell (SCell), and transmitting the KeNB to the SCell; and
    b) transmitting, by the PCell, configuration information for configuring the SCell to the UE after receiving a response message from the SCell, and receiving a response message from the UE.
  2. The method of claim 1, wherein the determining, by the PCell, the KeNB used by the SCell comprises: calculating, by the PCell, the KeNB according to the downlink frequency and physical cell identity of the SCell.
  3. The method of claim 1 or 2, wherein the KeNB used by the SCell is the same as a KeNB used by another SCell located in an evolved Node B (eNB) where the SCell is located.
  4. The method of claim 1, wherein the PCell determines that the KeNB used by the SCell is the same as a KeNB used by the PCell.
  5. The method of claim 1, wherein, in step a), a SCell establishing request message comprises the KeNB used by the SCell and the SCell establishing request message is transmitted to the SCell.
  6. The method of claim 1, wherein, in step a), a SCell establishing request message comprises indication information of the KeNB and the SCell establishing request message is transmitted to the SCell, wherein the indication information is used for indicating that the KeNB used by the SCell is the same as a KeNB used by another SCell located in an eNB where the SCell is located.
  7. The method of claim 6, wherein, when the KeNB used by the SCell is the same as a KeNB used by a primary SCell located in the eNB where the SCell is located, the SCell establishing request message comprises an X2 interface identity of the UE, wherein the X2 interface identity of the UE is used as the indication information of the KeNB and is used for indicating the SCell to determine a context of the UE according to the X2 interface identity of the UE and obtain the KeNB used by the SCell.
  8. The method of claim 1, wherein, in step b), the configuration information for configuring the SCell comprises the KeNB used by the SCell and the configuration information is transmitted to the UE.
  9. The method of claim 1, wherein, in step b), the configuration information does not include the KeNB used by SCell, which indicates that the KeNB used by the SCell is same as the KeNB used by the PCell.
  10. The method of claim 1, wherein, in step b), the configuration information for configuring the SCell comprises indication information of the KeNB and the configuration information is transmitted to the UE, wherein the indication information is used for indicating that the KeNB used by the SCell is the same as a KeNB used by another SCell.
  11. The method of claim 10, wherein, when the KeNB used by the SCell is the same as a KeNB used by a primary SCell located in an eNB where the SCell is located, the configuration information for configuring the SCell does not comprise the KeNB to indicate the UE to obtain the KeNB from a context of the UE;
    or, the indication information of the KeNB is a cell identity of said another SCell.
  12. A method for configuring and transmitting a key, comprising:
    a) transmitting, by a Secondary Cell (SCell) of User Equipment (UE), a cell key request to a Mobile Management Entity (MME), and receiving key information from the MME; and
    b) transmitting, by the SCell, the key information received from the MME to the UE, and receiving a response message from the UE.
  13. The method of claim 12, wherein the key information is information for calculating a KeNB used by the SCell or is the KeNB used by the SCell.
PCT/KR2013/012358 2012-12-28 2013-12-30 Method for configuring and transmitting key WO2014104849A1 (en)

Priority Applications (8)

Application Number Priority Date Filing Date Title
KR1020217020271A KR102416366B1 (en) 2012-12-28 2013-12-30 Method for configuring and transmitting key
US14/647,381 US9924353B2 (en) 2012-12-28 2013-12-30 Method for configuring and transmitting key
EP13867957.6A EP2939455B1 (en) 2012-12-28 2013-12-30 Method for configuring and transmitting key
EP21188133.9A EP3955616A1 (en) 2012-12-28 2013-12-30 Method for configuring and transmitting key
KR1020207014753A KR102272925B1 (en) 2012-12-28 2013-12-30 Method for configuring and transmitting key
KR1020157017583A KR102116488B1 (en) 2012-12-28 2013-12-30 Method for configuring and transmitting key
US15/923,767 US10433165B2 (en) 2012-12-28 2018-03-16 Method for configuring and transmitting key
US16/587,682 US11265706B2 (en) 2012-12-28 2019-09-30 Method for configuring and transmitting key

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201210583709.XA CN103906053B (en) 2012-12-28 2012-12-28 The method of configuration and transmission cryptographic keys
CN201210583709.X 2012-12-28

Related Child Applications (2)

Application Number Title Priority Date Filing Date
US14/647,381 A-371-Of-International US9924353B2 (en) 2012-12-28 2013-12-30 Method for configuring and transmitting key
US15/923,767 Continuation US10433165B2 (en) 2012-12-28 2018-03-16 Method for configuring and transmitting key

Publications (1)

Publication Number Publication Date
WO2014104849A1 true WO2014104849A1 (en) 2014-07-03

Family

ID=50997161

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2013/012358 WO2014104849A1 (en) 2012-12-28 2013-12-30 Method for configuring and transmitting key

Country Status (5)

Country Link
US (3) US9924353B2 (en)
EP (2) EP2939455B1 (en)
KR (3) KR102416366B1 (en)
CN (2) CN110290523B (en)
WO (1) WO2014104849A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2024065438A1 (en) * 2022-09-29 2024-04-04 Apple Inc. Ue-initiated spcell access

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10136423B2 (en) * 2013-08-09 2018-11-20 Samsung Electronics Co., Ltd. Method and apparatus, in mobile communication system, for effectively providing configuration information about small cell that has small cell service region
WO2015180181A1 (en) * 2014-05-30 2015-12-03 华为技术有限公司 Data transmission method and base station
EP3741186A1 (en) * 2018-01-19 2020-11-25 Sony Corporation Method and apparatus for handoff of multiple bearers with differing quality of service levels in a wireless communication system
US11363582B2 (en) * 2019-12-20 2022-06-14 Qualcomm Incorporated Key provisioning for broadcast control channel protection in a wireless network
CN116367153A (en) * 2021-12-27 2023-06-30 华为技术有限公司 Communication method, device and system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009253985A (en) * 2008-04-07 2009-10-29 Ntt Docomo Inc Method and apparatus for generating new key
KR20110017426A (en) * 2008-06-06 2011-02-21 텔레폰악티에볼라겟엘엠에릭슨(펍) Cryptographic key generation
US20110274276A1 (en) * 2010-05-10 2011-11-10 Samsung Electronics Co. Ltd. Method and system for positioning mobile station in handover procedure
EP2456244A1 (en) 2009-07-16 2012-05-23 NTT DoCoMo, Inc. Mobile communication system, mobile station and radio base station
JP2012134975A (en) * 2010-12-21 2012-07-12 Tektronix Inc Method for deciphering captured data packet, method for deciphering data in lte network, method for identifying deciphering data during handover, method for identifying deciphering data during idle mode mobility, and method for correlating user equipment identifiers to captured messages
CN102651894A (en) 2011-02-28 2012-08-29 华为技术有限公司 Cell switching method, terminal equipment, base station equipment and communication system

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8179860B2 (en) * 2008-02-15 2012-05-15 Alcatel Lucent Systems and method for performing handovers, or key management while performing handovers in a wireless communication system
CN101616408B (en) * 2008-06-23 2012-04-18 华为技术有限公司 Key derivation method, key derivation device and system
US20120039468A1 (en) 2009-04-17 2012-02-16 Panasonic Corporation Wireless communication apparatus
CN101931950B (en) * 2009-06-19 2014-02-05 电信科学技术研究院 Method, system and device for acquiring key in switching process
CN101998388B (en) * 2009-08-21 2015-05-20 中兴通讯股份有限公司 Interaction method and device for security information
CN102026324B (en) * 2009-09-18 2014-01-29 电信科学技术研究院 Method, equipment and system for reconfiguring aggregated cell
KR101422040B1 (en) * 2010-02-23 2014-07-30 엘지전자 주식회사 A method and an apparatus for initiating a session in Home Network System
CN102104922B (en) * 2010-06-12 2014-08-20 电信科学技术研究院 Method, system and equipment for transferring switching information
US9179457B2 (en) * 2012-06-20 2015-11-03 Ofinno Technologies, Llc Carrier configuration in wireless networks
JP2015095675A (en) * 2013-11-08 2015-05-18 株式会社Nttドコモ Mobile communication method

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009253985A (en) * 2008-04-07 2009-10-29 Ntt Docomo Inc Method and apparatus for generating new key
KR20110017426A (en) * 2008-06-06 2011-02-21 텔레폰악티에볼라겟엘엠에릭슨(펍) Cryptographic key generation
EP2456244A1 (en) 2009-07-16 2012-05-23 NTT DoCoMo, Inc. Mobile communication system, mobile station and radio base station
US20110274276A1 (en) * 2010-05-10 2011-11-10 Samsung Electronics Co. Ltd. Method and system for positioning mobile station in handover procedure
JP2012134975A (en) * 2010-12-21 2012-07-12 Tektronix Inc Method for deciphering captured data packet, method for deciphering data in lte network, method for identifying deciphering data during handover, method for identifying deciphering data during idle mode mobility, and method for correlating user equipment identifiers to captured messages
CN102651894A (en) 2011-02-28 2012-08-29 华为技术有限公司 Cell switching method, terminal equipment, base station equipment and communication system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP2939455A4

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2024065438A1 (en) * 2022-09-29 2024-04-04 Apple Inc. Ue-initiated spcell access

Also Published As

Publication number Publication date
CN110290523A (en) 2019-09-27
KR20150100710A (en) 2015-09-02
US20150312757A1 (en) 2015-10-29
US10433165B2 (en) 2019-10-01
CN103906053B (en) 2019-09-10
US20180227753A1 (en) 2018-08-09
CN103906053A (en) 2014-07-02
KR102116488B1 (en) 2020-06-05
EP2939455A4 (en) 2016-08-17
KR20200060542A (en) 2020-05-29
US11265706B2 (en) 2022-03-01
EP2939455B1 (en) 2021-08-04
KR102272925B1 (en) 2021-07-05
KR20210084668A (en) 2021-07-07
KR102416366B1 (en) 2022-07-05
EP3955616A1 (en) 2022-02-16
EP2939455A1 (en) 2015-11-04
US20200037154A1 (en) 2020-01-30
US9924353B2 (en) 2018-03-20
CN110290523B (en) 2022-12-27

Similar Documents

Publication Publication Date Title
WO2014098470A1 (en) Method and apparatus for configuring aggregate maximum bit rate
WO2015199411A1 (en) Method and apparatus for assigning data to split bearers in dual connectivity
WO2015108389A1 (en) Dual connectivity mode of operation of a user equipment in a wireless communication network
WO2011142568A2 (en) Method and system for positioning mobile station in handover procedure
WO2014104853A1 (en) Method for synchronizing encryption information between scell and ue
WO2016114623A1 (en) Handover method and apparatus
WO2014104849A1 (en) Method for configuring and transmitting key
WO2015115761A1 (en) Method and apparatus for ue mobility in a small cell system
WO2015147604A1 (en) Method for allocating aggregate maximum bit rate of ue, method for allocating aggregate bit rates of non-gbr services and base stations
WO2018230983A1 (en) Method for reporting ue capability and device supporting the same
WO2018182224A1 (en) Access control method and device for supporting same
WO2017078459A1 (en) Method, ue and network node for protecting user privacy in networks
WO2014133359A1 (en) Method and device for controlling cell connection from wireless lan in wireless communication system and providing valid information on peripheral wireless lan access points
WO2015020366A1 (en) Methods, systems and devices for supporting local breakout in small cell architecture
WO2013187709A1 (en) Method and system for securing control packets and data packets in a mobile broadband network environment
WO2023080677A1 (en) Method by which distributed unit processes paging message in wireless mobile communication system, and apparatus

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13867957

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 14647381

Country of ref document: US

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 20157017583

Country of ref document: KR

Kind code of ref document: A

WWE Wipo information: entry into national phase

Ref document number: 2013867957

Country of ref document: EP