WO2015144042A1 - Method and device for network authentication certification - Google Patents

Method and device for network authentication certification Download PDF

Info

Publication number
WO2015144042A1
WO2015144042A1 PCT/CN2015/074962 CN2015074962W WO2015144042A1 WO 2015144042 A1 WO2015144042 A1 WO 2015144042A1 CN 2015074962 W CN2015074962 W CN 2015074962W WO 2015144042 A1 WO2015144042 A1 WO 2015144042A1
Authority
WO
WIPO (PCT)
Prior art keywords
network element
key
terminal
message
exchange
Prior art date
Application number
PCT/CN2015/074962
Other languages
French (fr)
Chinese (zh)
Inventor
赖晓龙
曹军
铁满霞
Original Assignee
西安西电捷通无线网络通信股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 西安西电捷通无线网络通信股份有限公司 filed Critical 西安西电捷通无线网络通信股份有限公司
Publication of WO2015144042A1 publication Critical patent/WO2015144042A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0431Key distribution or pre-distribution; Key agreement
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/106Packet or message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/108Source integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity

Definitions

  • the present application relates to the field of communications technologies, and in particular, to a network authentication and authentication method and device.
  • the AKA protocol is adopted in the authentication and authentication phase of the Long Term Evolution (LTE) network.
  • LTE Long Term Evolution
  • security vulnerabilities in the authentication and authentication phase which are embodied in:
  • the authentication vector is vulnerable to attack during the delivery process.
  • PLMN public land mobile network
  • the network element of the home network sends the authentication vector to the network element of the roaming network.
  • the authentication vector traverses different networks and is vulnerable to attack.
  • the purpose of the application is to provide a method and device for network authentication authentication to solve the security problem existing in the LTE network authentication and authentication phase.
  • a method for network authentication and authentication includes:
  • the terminal generates a second temporary public-private key pair, and sends a terminal hello message including the terminal identifier and the terminal random number and a key exchange message including the second temporary public key to the first network element;
  • the second network element sends the authentication vector information to the first network element, where the information that needs to be sent to the terminal in the authentication vector information is signed by using the second network element signature private key;
  • the first network element acquires the authentication vector information
  • the first network element generates a first temporary public-private key pair and a first network element forward greeting message including a first network element forward random number, and uses the obtained authentication vector information, the second temporary public key, and the first network.
  • Generating a first consistency check key by using the first exchange private key and the first temporary private key, and using the first consistency check key to send the message to the terminal and the first network element Performing a message integrity calculation result on the hello message to generate a first message integrity calculation result, and transmitting the authentication vector information, the key exchange message including the first temporary public key, the first network element forward greeting message, and the a message integrity calculation result;
  • the terminal verifies the signature in the received authentication vector information by using the saved signature certificate of the second network element;
  • the terminal After the verification is successful, the terminal generates a second consistency check key by using the authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key. ;
  • the terminal uses the second consistency check key to perform a message integrity calculation on the terminal hello message and the first network element forward greeting message to generate a second message integrity calculation result, where the second message integrity calculation is performed.
  • the result is compared with the first message integrity calculation result sent by the first network element, and after the comparison is correct, the first network element forward greeting message and the terminal greeting are used by using the generated second consistency check key.
  • the second message integrity calculation is performed by the message to generate a third message integrity calculation result, and the third message integrity calculation result is sent to the first network element.
  • the first network element uses the first consistency check key to perform a message integrity calculation on the first network element forward greeting message and the terminal greeting message to generate a fourth message integrity calculation result, using the fourth message.
  • the integrity calculation result verifies the third message integrity calculation result sent by the terminal. After the verification succeeds, the first network element sends an authentication success message to the terminal.
  • the second network element sends the authentication vector information to the first network element, which specifically includes:
  • the second network element searches for an exchange public key of the terminal corresponding to the terminal identifier
  • the querying center obtains the first network element identifier according to the first network element and the first network element identifier corresponding to the first network element, and the first network element corresponding to the first network element And verifying the signature certificate of the first network element, and generating a signature certificate carrying the first network element and the verification result, the terminal identifier, and the exchange public key of the terminal, and the first network element backward greeting message and The generated message is signed, and the signature, the exchange public key of the first network element, and the first network element identifier are sent to the second network element.
  • the second network element After the second network element uses the signature certificate of the query center to verify that the signature is correct, the second network element sends the authentication vector information to the first network element, where the authentication vector information includes: a first network element's signature certificate and a verification result.
  • the information that is signed by using the second network element signature private key further includes a signature certificate of the first network element, and the terminal uses the saved signature certificate of the second network element to receive the received
  • the signature of the authentication vector information is checked After the certificate is successful, the method further includes:
  • the terminal acquires and saves a signature certificate of the first network element.
  • the terminal generates a second consistency check key by using the received authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key.
  • a second consistency check key by using the received authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key.
  • the terminal generates a second consistency check key by using the received authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key. Specifically include:
  • the terminal calculates a first key seed by multiplying the terminal exchange private key and the first temporary public key, and multiplies the first network element exchange public key and the second temporary private key to calculate a second a key seed, performing a one-way operation on the first key seed and the second key seed to obtain a key;
  • the terminal generates a second consistency check key by using the key, the terminal identifier, the first network element identifier, the first network element forward random number, and the terminal random number;
  • the first network element generates a first consistency check key by using the obtained authentication vector information, the second temporary public key, the first network element exchange private key, and the first temporary private key. Specifically include:
  • the first network element performs a point multiplication of the terminal exchange public key and the first temporary private key to calculate a third key seed, and performs point multiplication calculation on the first network element exchange private key and the second temporary public key.
  • a fourth key seed performing a one-way operation on the third key seed and the fourth key seed to obtain a key
  • the first network element generates a first consistency check key by using the key, the terminal identifier, the first network element identifier, the first network element forward random number, and the terminal random number.
  • the second network element sends the authentication vector information to the first network element, which specifically includes:
  • the second network element uses the second network element signature private key to sign the first network element signature certificate and the verification result, the first network element exchange public key, the terminal identifier, and the saved terminal exchange public key. Then sent to the first network element.
  • the terminal generates a second consistency check key by using the received authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key.
  • a second consistency check key by using the received authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key.
  • the terminal generates a second consistency check key by using the received authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key. Specifically include:
  • the terminal calculates a first key seed by multiplying the terminal exchange private key and the first temporary public key, and multiplies the first network element exchange public key and the second temporary private key to calculate a second a key seed, performing a one-way operation on the first key seed and the second key seed to obtain a key;
  • the terminal generates a second consistency check key by using the key, the terminal identifier, the first network element identifier, the first network element backward random number, and the terminal random number;
  • the first network element generates a first consistency check key by using the obtained authentication vector information, the second temporary public key, the first network element exchange private key, and the first temporary private key. Specifically include:
  • the first network element performs a point multiplication of the terminal exchange public key and the first temporary private key to calculate a third key seed, and performs point multiplication calculation on the first network element exchange private key and the second temporary public key.
  • a fourth key seed performing a one-way operation on the third key seed and the fourth key seed to obtain a key
  • the first network element uses the key, the terminal identifier, the first network element identifier, the first network element backward random number, and the end A random number is generated to generate a first consistency check key.
  • a terminal comprising:
  • the authentication message sending module is configured to generate a second temporary public-private key pair, and send, to the first network element, a terminal greeting message including a terminal identifier and a terminal random number, and a key exchange message including the second temporary public key;
  • An authentication module configured to verify, by using a saved signature certificate of the second network element, the signature of the received authentication vector information
  • a key generation module configured to use the authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key after the authentication module succeeds Generating a second consistency check key
  • a message integrity checking module configured to generate a second message integrity calculation result by using the second consistency check key to perform a message integrity calculation on the terminal hello message and the first network element forward greeting message, and send the second message
  • the integrity calculation result is compared with the first message integrity calculation result sent by the first network element, and after the comparison is correct, the generated second consistency check key is used to forward the first network element forward greeting message and the terminal.
  • the second message integrity calculation result is generated by the hello message, and the third message integrity calculation result is sent to the first network element.
  • the information that is signed by using the second network element signature private key includes the signature certificate of the first network element, and the terminal further includes:
  • a signature certificate saving module configured to acquire and save a signature certificate of the first network element after the authentication module succeeds in verifying.
  • the key generation module is specifically configured to:
  • Calculating the first key seed by multiplying the terminal exchange private key and the first temporary public key, and multiplying the first network element exchange public key and the second temporary private key to calculate a second key seed Performing a one-way operation on the first key seed and the second key seed to obtain a key;
  • the key generation module is specifically configured to:
  • Calculating the first key seed by multiplying the terminal exchange private key and the first temporary public key, and multiplying the first network element exchange public key and the second temporary private key to calculate a second key seed Performing a one-way operation on the first key seed and the second key seed to obtain a key;
  • a first network element including:
  • An authentication message sending module configured to send, to the second network element, a terminal greeting message, a first network element backward greeting message including a first network element, a random number, and a first network element signature certificate;
  • An authentication vector information acquiring module configured to acquire the authentication vector information, where the authentication vector information needs to be sent
  • the information for the terminal is signed using the second network element signature private key
  • An authentication module configured to generate a first temporary public-private key pair and a first network element forward greeting message including a first network element forward random number, using the obtained authentication vector information, the second temporary public key, and the first network Generating a first consistency check key by using the first exchange private key and the first temporary private key, and performing message integrity on the terminal greeting message and the first network element forward greeting message by using the first consistency check key Calculating a first message integrity calculation result, and transmitting the authentication vector information, the key exchange message including the first temporary public key, the first network element forward greeting message, and the first message integrity calculation to the terminal result.
  • the authentication vector information acquired by the authentication vector information acquiring module includes: a terminal greeting message signed by the second network element signature private key, and a signature certificate and verification of the first network element.
  • the first network element forward greeting message and the terminal identifier and the exchange public key of the terminal signed with the query center signature private key;
  • the authentication module generates the first consistency check by using the obtained authentication vector information, the second temporary public key, the first network element exchange private key, and the first temporary private key.
  • the key is specifically used to:
  • Calculating a third key seed by multiplying the terminal exchange public key and the first temporary private key, and multiplying the first network element exchange private key and the second temporary public key to calculate a fourth key seed Performing a one-way operation on the third key seed and the fourth key seed to obtain a key;
  • the first consistency check key is generated by using the key, the terminal identifier, the first network element identifier, the first network element forward random number, and the terminal random number.
  • the authentication module generates the acquired authentication vector information, the second temporary public key, the first network element exchange private key, and the first temporary private key.
  • the first consistency check key includes:
  • Calculating a third key seed by multiplying the terminal exchange public key and the first temporary private key, and multiplying the first network element exchange private key and the second temporary public key to calculate a fourth key seed Performing a one-way operation on the third key seed and the fourth key seed to obtain a key;
  • the first consistency check key is generated by using the key, the terminal identifier, the first network element identifier, the first network element backward random number, and the terminal random number.
  • a second network element including:
  • the authentication vector information sending module is configured to send the authentication vector information to the first network element, where the information to be sent to the terminal in the authentication vector information is signed by using the second network element signature private key.
  • the authentication vector information sending module is specifically configured to:
  • the authentication vector information is sent to the first network element, where the authentication vector information includes: a signature of the first network element
  • the authentication vector information includes: a signature of the first network element
  • the certificate and the verification result the exchange public key of the first network element, the terminal identifier and the exchange public key of the terminal, the terminal greeting message signed by the signature private key of the second network element, and the signature certificate and verification of the first network element
  • the first network element backwards greeting message and the terminal identifier and the exchange public key of the terminal are signed using the signature private key of the query center.
  • a query center that includes:
  • the information acquiring module is configured to obtain the first network element identifier according to the first network element, and query the first network element corresponding to the first network element identifier according to the first network element Exchange the public key and verify the signature certificate of the first network element;
  • the information sending module is configured to generate a message carrying the first network element's signature certificate and the verification result, the terminal identifier, and the exchanged public key of the terminal, and sign the first network element back greeting message and the generated message, Transmitting the signature, the exchange public key of the first network element, and the first network element identifier to the second network element.
  • the authentication vector required by the network to be sent to the terminal is signed by the signature private key, so that the terminal verifies whether the information source is legal; the authentication party uses the consistency check key.
  • the message integrity calculation is carried out, and then the authentication is implemented by verifying the result of the message integrity calculation, thereby ensuring the security of the authentication information in the transmission process and the reliability of the authentication.
  • FIG. 1 is a flowchart of a method provided by an embodiment of the present application
  • FIG. 2 is a signaling diagram of a method according to another embodiment of the present application.
  • FIG. 3 is a signaling diagram of a method according to still another embodiment of the present application.
  • FIG. 4 is a schematic structural diagram of a system according to an embodiment of the present application.
  • FIG. 5 is a schematic structural diagram of a terminal according to an embodiment of the present application.
  • FIG. 6 is a schematic structural diagram of a first network element according to an embodiment of the present application.
  • FIG. 7 is a schematic structural diagram of a second network element according to an embodiment of the present application.
  • FIG. 8 is a schematic structural diagram of a query center according to an embodiment of the present application.
  • the embodiment of the present application provides a network authentication authentication method, where the network The required authentication vector transmitted to the terminal is signed by the signature private key, so that the terminal verifies whether the information source is legal; the authentication parties use the consistency check key for message integrity calculation, and then calculate the message integrity. The result is verified to achieve authentication, which ensures the security of the authentication information in the process of transmission and the reliability of authentication.
  • a network authentication and authentication method provided by the embodiment of the present application is as shown in FIG. 1 , and specifically includes the following operations:
  • Step 100 The terminal generates a second temporary public-private key pair, and sends a terminal hello message including a terminal identifier and a terminal random number to the first network element, and a key exchange message including the second temporary public key.
  • Step 110 The first network element sends a terminal greeting message to the second network element, and a first network element backward greeting message including the first network element and the first network element and the first network element signature certificate.
  • Step 120 The second network element sends the authentication vector information to the first network element, where the information that needs to be sent to the terminal in the authentication vector information is signed by using the second network element signature private key.
  • Step 130 The first network element acquires the authentication vector information.
  • Step 140 The first network element generates a first temporary public-private key pair and a first network element forward greeting message that includes a first network element forward random number, and uses the obtained authentication vector information, the second temporary public
  • the first consistency check key is generated by the key, the first network element exchange private key, and the first temporary private key, and the terminal greeting message and the first network are used by using the first consistency check key.
  • Step 150 The terminal verifies the signature in the received authentication vector information by using the saved signature certificate of the second network element.
  • Step 160 After the verification succeeds, the terminal generates a second consistency by using the authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key. Check the key.
  • Step 170 The terminal uses the second consistency check key to perform a message integrity calculation on the terminal hello message and the first network element forward greeting message to generate a second message integrity calculation result, where the second message is sent.
  • the integrity calculation result is compared with the first message integrity calculation result sent by the first network element, and after the comparison is correct, the generated second consistency check key is used to forward the first network element forward greeting message.
  • Step 180 The first network element performs a message integrity calculation on the first network element forward greeting message and the terminal greeting message by using the generated first consistency check key to generate a fourth message integrity calculation result, which is generated by using The fourth message integrity calculation result verifies the third message integrity calculation result sent by the terminal.
  • Step 190 After the verification succeeds, the first network element sends an authentication success message to the terminal.
  • the first network element is a mobility management entity (MME), and the second network element is a home subscriber server (HSS, Home Subscriber). Server).
  • MME mobility management entity
  • HSS Home Subscriber server
  • the first network element is the target MME
  • the second network element is the serving MME
  • CA Certificate Authority
  • QeC Query Center
  • the operator can deploy one QueC for each PLMN according to networking requirements, or deploy one or more QueCs for each province.
  • QueC exchange for saving the public key h MME MME MME and signed certificate under the jurisdiction of the administrative domain, and query the MME exchange public keys h MME and MME signing certificate under the jurisdiction of the designated management domain at the request of other network elements, Or interact with the query center of other management domains to obtain the exchange public key h MME and the signing certificate of the MME of the other management domain.
  • Each operator issues a certificate to the network element in its deployed LTE network through its deployed CA:
  • the CA issues two certificates for the HSS in the LTE network.
  • One is the signature certificate
  • the signature certificate contains the signature public key of the HSS
  • the other is the encryption certificate.
  • the encryption certificate stores the encrypted public key of the HSS.
  • the authentication center (AuC) in the HSS participates in the authentication and authentication process.
  • AuC the authentication center
  • the signature certificate of the HSS described in this application is actually the signature certificate of the AuC
  • the signature public key of the HSS is actually The signature public key of AuC
  • the encryption certificate of HSS is actually the encryption certificate of AuC
  • the encryption public key of HSS is actually the encryption public key of AuC.
  • the CA issues a signature certificate to the MME, and the signature certificate stores the signature public key of the MME.
  • the CA issues a signed certificate to the QueC, and the signed certificate stores the signature public key of the QueC.
  • the network element MME in the LTE network stores public and private key pairs (h MME , P MME ) for key exchange, its own signature certificate, signature private key, and stores the signature certificate of QueC.
  • the US Subscriber Identity Unit (USIM) card stores a public and private key pair (h U , P U ), HSS encryption certificate and signature certificate for key exchange.
  • the HSS stores its own signature certificate, signature private key, its own encryption certificate, and encryption private key, and stores the signature certificate of QueC and the exchange public key h U of the terminal.
  • the initial authentication phase of applying the method provided by the embodiment of the present application is as shown in FIG. 2, and includes the following operations:
  • Step 200 The terminal (UE) generates a second temporary public-private key pair, and sends a message Msg1 to the network side.
  • the message Msg1 includes a UE Hello message and a Key Exchange (UE Key) message, and the message format can be:
  • the terminal identity may be, but is not limited to, the International Mobile Subscriber Identification Number (IMSI) of the terminal.
  • IMSI International Mobile Subscriber Identification Number
  • Step 210 After receiving the foregoing Msg1, the MME determines the HSS of the terminal.
  • the MME may determine the HSS based on the IMSI of the terminal. If the information in Msg1 is encrypted using the encrypted public key of the HSS, the MME may determine the HSS based on IMSI&0x7FF0.
  • Step 220 The MME sends a message Msg2 to the HSS of the terminal.
  • the message Msg2 includes the UE Hello message and a first MME Hello message, and the message format may be:
  • MME.Nounce // first network element backward random number
  • Step 230 After receiving the Msg2, the HSS searches for the h U corresponding to the IMSI.
  • the HSS queries the correspondence between the IMSI stored in the database and the exchanged public key of the terminal, and obtains the h U corresponding to the IMSI.
  • the HSS queries the database prior to using private key encryption HSS EnC (PK HSS, IMSI, UE.Nounce ) decrypts the IMSI of the terminal, the terminal then exchange public keys obtained query h U.
  • HSS EnC private key encryption HSS EnC
  • Step 240 The HSS sends the MME Hello message to the query center, and sends the terminal IMSI plaintext and the terminal exchange public key h U to the query center.
  • Step 250 The query center obtains the MME identity information (MME.ID) according to the MME's signature certificate, queries the corresponding MME's exchange public key (h MME ), and verifies the MME's signature certificate (MME.Cert) to generate query response information.
  • MME identity information MME.ID
  • h MME MME's exchange public key
  • MME.Cert MME's signature certificate
  • the QUE-MMEResp includes the MME.CertResult and the AS-UE-MME.Keyinfo
  • the MME.CertResult carries the signature certificate and the verification result of the MME
  • the AS-UE-MME.Keyinfo carries the plaintext of the terminal IMSI and The terminal exchanges the public key, and then the query center signs the MME Hello message and the QUE-MMEResp, and sends the signature to the HSS together with the exchange public key of the MME and the first network element identifier (MME.ID).
  • the query center may also sign the exchange public key and the MME.ID of the MME, and send the signature to the HSS.
  • the query center searches the database for the exchange public key and the signing certificate of the MME. If the MME is not in the management domain of the query center, the query center obtains the exchange public key h MME and the signing certificate of the MME through interaction with other query centers.
  • Step 260 After verifying that the signature is correct by using the signature certificate of the query center, the HSS sends a message Msg3 to the MME.
  • Msg3 carries authentication vector information, and its message format can be:
  • HSS-UEResp //HSS response message to the UE
  • QUE-MMEResp //Query response information (response information sent by the query center to the MME)
  • HSS-UE.Sig (UE Hello, HSS-UEResp) // UE Hello message and HSS-UEResp signed using the HSS signature private key
  • Step 270 After receiving the Msg3, the MME uses the signature certificate of the query center to verify that the signature of the QUE-MME.Sig is correct, indicating that the data is valid.
  • the signature of the signature private key of the query center is verified by using the signature certificate of the query center. Specifically, the signature of the signature private key based on the query center is verified by using the signature public key saved in the signature certificate of the query center.
  • Step 280 The MME generates a first temporary public-private key pair (x, xP) for key exchange and a first network element forward greeting message including a first network element forward random number, using IMSI, MME.ID, and MME.
  • the exchange private key, the first temporary private key (x), the terminal exchange public key, and the second temporary public key (zP) generate a first consistency check key, and use the first consistency check key pair UE_Hello and the first
  • a network element forward message integrity calculation generates a first message integrity calculation result, and sends a message Msg4 to the terminal.
  • the message Msg4 includes authentication vector information signed using the second network element signature private key, a key exchange (MME-UEKey) message including the first temporary public key, and a first network element forward greeting message (MME-UEHello) And the first message integrity calculation result (MMEFinish).
  • MME-UEKey key exchange
  • MME-UEHello first network element forward greeting message
  • MMEFinish first message integrity calculation result
  • the message format is as follows:
  • MME-UEKey //Key information of MME and UE interaction
  • MME-UE.keyinfo Temporary public key of the MME, which is the first temporary public key
  • the specific implementation manner of the MME to generate the first consistency check key may be, but is not limited to, the following technical means:
  • the MME calculates a third key seed by multiplying h U and x, multiplying P MME and zP to calculate a fourth key seed, and performing one-way operation on the third key seed and the fourth key seed
  • the MME generates the first consistency check key IK ASME by using the Key, the IMSI, the MME.ID, the terminal random number UE.Nounce1, and the MME forward random number MME-UE.Nounce.
  • the IK ASME performs message integrity calculation on the MME forward message MME-UE-Hello generated by the UEHello of the Msg1 and the MME to obtain a first message integrity calculation result (MME-UE.Mic), and the integrity algorithm may adopt a well-known HMAC.
  • MME-UE.Mic first message integrity calculation result
  • the function or cryptographic function implementation, the message integrity calculation described later should use the same message integrity algorithm as this step.
  • KDF key, IMSI, MME identifier MME.ID, the terminal random number UE.Nounce1, MME nonce MME-UE.Nounce
  • K ASME is then extended according to the key extension method defined by 3GPP.
  • Step 290 The terminal receives the message Msg4, and uses the HSS signature certificate to verify the HSS-UE.Sig. After the verification succeeds, the information in the Msg4, the IMSI, the first temporary public key (xP), the terminal exchange private key, and the second temporary private are utilized.
  • the key (z) generates a second consistency check key, and uses the second consistency check key to perform a message integrity calculation on the UE_Hello and the first network element forward greeting message to generate a second message integrity calculation result,
  • the second message integrity calculation result is compared with the first message integrity calculation result sent by the MME. After the comparison is correct, the generated second consistency check key is used to perform UE_Hello and the first network element forward greeting message.
  • the second message integrity calculation generates a third message integrity calculation result, and sends Msg5 to the MME.
  • the order of input fields is different when the terminal performs message integrity calculation twice. For example, when performing the message integrity calculation for the first time, first input the first NE forward greeting message and then enter UE_Hello; when performing the second message integrity calculation, first input UE_Hello, and then input the first NE forward greeting. Message.
  • the message format of the message Msg5 is as follows:
  • UE-MME.Mic (UEHello, MME-REQHello) // third message integrity calculation result of message integrity calculation for UE_Hello and first network element forward greeting message using the second consistency check key
  • the specific implementation manner in which the terminal uses the information in the Msg4, the IMSI, the xP, the terminal exchange private key, and the z to generate the second consistency check key may be, but is not limited to, the following technical means:
  • Calculating the first key seed by multiplying P U and xP, multiplying h MME and z to calculate a second key seed, and performing one-way operation on the first key seed and the second key seed Obtaining a key Key; the terminal uses the Key, the IMSI, the MME to identify the MME.ID, the terminal random number UE.Nounce, and the MME forward random number MME-UE.Nounce to generate a second consistency check key IK ASME .
  • the terminal also saves CertMME.
  • Step 2100 After receiving the Msg5, the MME uses the IK ASME to perform a message integrity calculation on the first NE forward greeting message and the UE_Hello to generate a fourth message integrity calculation result, and performs comparison verification with the UE-MME.Mic of the Msg5.
  • Step 2110 The MME sends the Msg6 to the terminal.
  • Msg6 is an authentication success message, otherwise it is a failure message.
  • the TAU stage of the method provided by the embodiment of the present application is as shown in FIG. 3, and includes the following operations:
  • Step 300 The UE generates a second temporary public-private key pair, and transmits Msg1 to the network.
  • the message format of the Msg1 is as follows:
  • GUI Globally Unique Temporary Identity
  • Step 310 After receiving the Msg1, the target MME (MMEn) determines the currently served MME (MMEo) according to the GUTI, and sends the Msg2 to the MMEo.
  • MMEo currently served MME
  • the message format of the Msg2 is as follows:
  • step 320 MMEo receives Msg2 and returns Msg3 to MMEn.
  • the message format of the Msg3 is as follows:
  • MMEo-MMEn.Sig (MMEnHello, MMEo-MMEnResp) // MMEnHello, MMEo-MMEnResp, signed using the signed private key of MMEo
  • the MMEn.CertResult includes the CertMMEn and the verification result thereof
  • the AS-MME-UE.Keyinfo includes the MMEn exchange public key h MMEn
  • the AS-UE-MME includes the terminal exchange public key hu and the terminal identifier.
  • step 330 the MMEn receives the Msg3 and obtains h U .
  • the MMEn trusts the MMEo, the communication channel between them is protected, so that it is not necessary to perform signature verification on the information sent by the MMEo.
  • Step 340 The MMEn generates a first temporary public-private key pair (x, xP) for key exchange and a first network element forward greeting message including a first network element forward random number, using UE.ID, MMEn.ID
  • the MMEn exchange private key, the first temporary private key, the terminal exchange public key, and the second temporary public key generate a first consistency check key, and use the first consistency check key pair UE_Hello and the first network element before Performing a message integrity calculation on the hello message generates a first message integrity calculation result and sends Msg4 to the UE.
  • the message structure of the Msg4 is as follows:
  • MMEn-UEKey //Key information of MMEn and UE interaction
  • MMEn-UE.keyinfo Temporary public key of MMEn, ie the first temporary public key
  • MMEo-MMEnRsep //Message 3 sent by MMEo
  • Step 350 The UE receives the message Msg4, and verifies the MMEo-UE.Sig by using the saved MMEo's signature certificate. After the verification succeeds, the information in the Msg4, the GUTI, the first temporary public key (xP), the terminal exchange private key, and the first The second temporary private key (z) generates a second consistency check key.
  • Step 360 The UE uses the second consistency check key to perform message integrity calculation on the UE_Hello and the first network element forward greeting message to generate a second message integrity calculation result, and send the second message integrity calculation result to the MMEn.
  • the first message integrity calculation result is compared, and after the comparison is correct, the second message integrity calculation is performed on the UE_Hello and the first network element forward greeting message using the generated second consistency check key to generate a third
  • Msg5 is sent to MMEn.
  • the message format of the Msg5 is as follows:
  • UE-MMEn.Mic (UEHello, MMEn-REQHello) // Third message integrity calculation result of message integrity calculation for UE_Hello and first network element forward greeting message using the second consistency check key
  • Step 370 After receiving the Msg5, the MME uses the IK ASME to perform the fourth message integrity calculation result on the first network element forward greeting message and the UE-Hello message integrity calculation, and compares with the UE-MMEn.Mic of the Msg5. verification.
  • KDF Key, GUTI, MMEn identifier MMEn.ID, terminal random number UE-MMEn. Nounce, MMEn random number MMEn-UE.Nounce
  • Step 380 The MMEn sends the Msg6 to the terminal.
  • Msg6 is an authentication success message, otherwise it is a failure message.
  • the embodiment of the present application further provides a system for network authentication and authentication, and the structure thereof is as shown in FIG. 4, which specifically includes: a first network element 401, a second network element 402, and a terminal 403. among them:
  • the terminal 403 is configured to generate a second temporary public-private key pair, and send, to the first network element 401, a terminal hello message including a terminal identifier and a terminal random number, and a key exchange message including the second temporary public key;
  • the first network element 401 is configured to send, by the second network element 402, a terminal greeting message, a first network element backward greeting message including a first network element backward random number and a first network element signature certificate;
  • the second network element 402 is configured to send the authentication vector information to the first network element 401, where the information to be sent to the terminal in the authentication vector information is signed by using the second network element signature private key;
  • the first network element 401 is further configured to obtain the authentication vector information, and generate a first temporary public-private key pair and a first network element forward greeting message that includes a first network element forward random number, and use the acquired information.
  • the weight vector information, the second temporary public key, the first network element exchange private key, and the first temporary private key generate a first consistency check key, and use the first consistency check key to greet the terminal Performing a message integrity calculation with the first network element forward greeting message to generate a first message integrity calculation result, and transmitting the authentication vector information, the key exchange message including the first temporary public key, and the first network to the terminal 403
  • the meta-forward greeting message and the first message integrity calculation result ;
  • the terminal 403 is further configured to: use the saved signature of the second network element to verify the signature of the received authentication vector information; after the verification succeeds, use the received authentication vector information, the terminal identifier, and the a temporary public key, The terminal exchanges the private key and the second temporary private key to generate a second consistency check key; and uses the second consistency check key to complete the message to the terminal greeting message and the first network element forward greeting message.
  • the second calculation completes the result of the second message integrity calculation, and compares the second message integrity calculation result with the first message integrity calculation result sent by the first network element. After the comparison is correct, the generated second consistency check is used.
  • the second message integrity calculation result is generated by the key to the first network element forward greeting message and the terminal greeting message to generate a third message integrity calculation result, and the third message integrity calculation result is sent to the first network element 401;
  • the first network element 401 is further configured to generate a fourth message integrity calculation result by using the first consistency check key to perform message integrity calculation on the first network element forward greeting message and the terminal greeting message, and use The generated fourth message integrity calculation result verifies the third message integrity calculation result sent by the terminal. After the verification succeeds, the first network element sends an authentication success message to the terminal.
  • the authentication vector transmitted in the network is signed by the signature private key, and the authentication parties use the consistency check key to perform message integrity calculation, and then perform authentication by verifying the message integrity calculation result.
  • the security of the authentication information in the delivery process and the reliability of the authentication are guaranteed.
  • the embodiment of the present application further provides a terminal, and the structure thereof is as shown in FIG. 5, which specifically includes: an authentication message sending module 501, an authentication module 502, a key generation module 503, and a message complete. Sex test module 504. among them:
  • the authentication message sending module 501 is configured to generate a second temporary public-private key pair, and send, to the first network element, a terminal greeting message including a terminal identifier and a terminal random number, and a key exchange message including the second temporary public key;
  • the authentication module 502 is configured to verify the signature of the received authentication vector information by using the saved signature certificate of the second network element.
  • the key generation module 503 is configured to use the authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key after the authentication module successfully succeeds Generating a second consistency check key;
  • the message integrity check module 504 is configured to generate a second message integrity calculation result by using the second consistency check key to perform a message integrity calculation on the terminal hello message and the first network element forward greeting message, and the second The result of the message integrity calculation is compared with the first message integrity calculation result sent by the first network element. After the comparison is correct, the first network element forward greeting message and the terminal greeting are used by using the generated second consistency check key. The second message integrity calculation is performed by the message to generate a third message integrity calculation result, and the third message integrity calculation result is sent to the first network element.
  • the embodiment of the present application further provides a first network element, and the structure thereof is as shown in FIG. 6, which specifically includes: an authentication message sending module 601, an authentication vector information acquiring module 602, and an authentication. Module 603. among them:
  • the authentication message sending module 601 is configured to send, to the second network element, a terminal greeting message, a first network element backward greeting message including a first network element, a random number, and a first network element signature certificate;
  • the authentication vector information obtaining module 602 is configured to obtain the authentication vector information, where the information that needs to be sent to the terminal in the authentication vector information is signed by using the second network element signature private key;
  • the authentication module 603 is configured to generate a first temporary public-private key pair and a first network element forward greeting message including a first network element forward random number, and use the acquired authentication vector information, the second temporary public key, and the first Generating a first consistency check key by using the network exchange private key and the first temporary private key, and using the first consistency check key to complete the message to the terminal greeting message and the first network element forward greeting message.
  • the performance calculation generates a first message integrity calculation result, and sends the authentication vector information, the key exchange message including the first temporary public key, the first network element forward greeting message, and the first message integrity calculation result to the terminal. .
  • the embodiment of the present application further provides a second network element, and the structure thereof is as shown in FIG. 7 , which specifically includes: an authentication vector information sending module 701, configured to send an authentication to the first network element.
  • the vector information, the information that needs to be sent to the terminal in the authentication vector information is signed by using the second network element signature private key.
  • the embodiment of the present application further provides a query center, and the structure thereof is as shown in FIG. 8 , which specifically includes:
  • the information obtaining module 801 is configured to obtain the first network element identifier according to the first network element, and the first network element corresponding to the first network element identifier, and the first network element corresponding to the first network element identifier. Exchange the public key and verify the signature certificate of the first network element;
  • the information sending module 802 is configured to generate a message carrying the first network element's signature certificate and the verification result, the terminal identifier, and the exchanged public key of the terminal, and sign the first network element to the hello message and the generated message. And sending the signature, the exchange public key of the first network element, and the first network element identifier to the second network element.
  • embodiments of the present application can be provided as a method, system, or computer program product.
  • the present application can take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment in combination of software and hardware.
  • the application can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) including computer usable program code.
  • the computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device.
  • the apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
  • These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device.
  • the instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)

Abstract

Disclosed are a method and device for LTE network authentication certification. The method comprises: acquiring, by a first network element, authentication vector information from a second network element, conducting first message integrity calculation on a corresponding message, and sending the authentication vector information and a message integrity calculation result to a terminal; verifying, by the terminal, a signature of the authentication vector information , and generating a second temporary public and private key pair after the verification is successful; generating, by the terminal, an authentication message comprising the second temporary private key and conducting first message integrity calculation on the authentication message, comparing a calculation result with the received message integrity calculation result, after the comparison is successful, conducting second message integrity calculation on the authentication message, and carrying the calculation result in the authentication message and then sending same to the first network element; and conducting, by the first network element, message integrity calculation on the authentication message, and verifying the calculation result carried in the authentication message using the calculation result. The security and authentication reliability of authentication vector information in the transfer process are guaranteed.

Description

一种网络鉴权认证的方法及设备Method and device for network authentication authentication
本申请要求在2014年3月27日提交中国专利局、申请号为201410120427.5、发明名称为“一种网络鉴权认证的方法及设备”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。The present application claims priority to Chinese Patent Application No. 201410120427.5, entitled "A Method and Apparatus for Network Authentication Authentication", filed on March 27, 2014, the entire contents of which are incorporated by reference. In this application.
技术领域Technical field
本申请涉及通信技术领域,尤其涉及一种网络鉴权认证的方法及设备。The present application relates to the field of communications technologies, and in particular, to a network authentication and authentication method and device.
背景技术Background technique
长期演进(LTE,Long Term Evolution)网络的鉴权认证阶段采用AKA协议。现有的LTE网络中,鉴权认证阶段存在安全漏洞,具体体现在:The AKA protocol is adopted in the authentication and authentication phase of the Long Term Evolution (LTE) network. In the existing LTE network, there are security vulnerabilities in the authentication and authentication phase, which are embodied in:
鉴权向量在传递过程中容易受到攻击。特别是当终端跨公共陆地移动网络(PLMN,Public Land Mobile Network)漫游时,为了对终端进行鉴权认证,归属地网络的网元会把鉴权向量发送到漫游网络的网元。在这个过程中,鉴权向量穿过不同的网络,很容易受到攻击。The authentication vector is vulnerable to attack during the delivery process. In particular, when the terminal roams across the public land mobile network (PLMN), in order to authenticate the terminal, the network element of the home network sends the authentication vector to the network element of the roaming network. In this process, the authentication vector traverses different networks and is vulnerable to attack.
发明内容Summary of the invention
本申请的目的是提供一种网络鉴权认证的方法及设备,以解决LTE网络鉴权认证阶段存在的安全问题。The purpose of the application is to provide a method and device for network authentication authentication to solve the security problem existing in the LTE network authentication and authentication phase.
本申请的目的是通过以下技术方案实现的:The purpose of this application is achieved by the following technical solutions:
一种网络鉴权认证的方法,包括:A method for network authentication and authentication includes:
终端生成第二临时公私钥对,向第一网元发送包含终端标识和终端随机数的终端问候消息和包含第二临时公钥的密钥交换消息;The terminal generates a second temporary public-private key pair, and sends a terminal hello message including the terminal identifier and the terminal random number and a key exchange message including the second temporary public key to the first network element;
第一网元向第二网元发送终端问候消息、包含第一网元后向随机数和第一网元签名证书的第一网元后向问候消息;Transmitting, by the first network element, a terminal greeting message to the second network element, and the first network element backward greeting message including the first network element, the random number, and the first network element signature certificate;
第二网元向第一网元发送鉴权向量信息,所述鉴权向量信息中需要发送给终端的信息使用第二网元签名私钥进行签名;The second network element sends the authentication vector information to the first network element, where the information that needs to be sent to the terminal in the authentication vector information is signed by using the second network element signature private key;
所述第一网元获取所述鉴权向量信息;The first network element acquires the authentication vector information;
所述第一网元生成第一临时公私钥对和包含第一网元前向随机数的第一网元前向问候消息,利用获取的鉴权向量信息、第二临时公钥、第一网元交换私钥和第一临时私钥生成第一一致性检查密钥,使用所述第一一致性检查密钥对所述终端问候消息和第一网元前 向问候消息进行消息完整性计算产生第一消息完整性计算结果,并向终端发送所述鉴权向量信息、包含第一临时公钥的密钥交换消息、第一网元前向问候消息和第一消息完整性计算结果;The first network element generates a first temporary public-private key pair and a first network element forward greeting message including a first network element forward random number, and uses the obtained authentication vector information, the second temporary public key, and the first network. Generating a first consistency check key by using the first exchange private key and the first temporary private key, and using the first consistency check key to send the message to the terminal and the first network element Performing a message integrity calculation result on the hello message to generate a first message integrity calculation result, and transmitting the authentication vector information, the key exchange message including the first temporary public key, the first network element forward greeting message, and the a message integrity calculation result;
所述终端使用保存的第二网元的签名证书对接收到的鉴权向量信息中的签名进行验证;The terminal verifies the signature in the received authentication vector information by using the saved signature certificate of the second network element;
验证成功后,所述终端利用所述鉴权向量信息、所述终端标识、所述第一临时公钥、终端交换私钥、和所述第二临时私钥生成第二一致性检查密钥;After the verification is successful, the terminal generates a second consistency check key by using the authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key. ;
所述终端使用所述第二一致性检查密钥对终端问候消息和第一网元前向问候消息进行消息完整性计算产生第二消息完整性计算结果,将所述第二消息完整性计算结果与第一网元发送的所述第一消息完整性计算结果比对,比对正确后,使用生成的所述第二一致性检查密钥对第一网元前向问候消息和终端问候消息进行第二次消息完整性计算产生第三消息完整性计算结果,将所述第三消息完整性计算结果发送给所述第一网元;The terminal uses the second consistency check key to perform a message integrity calculation on the terminal hello message and the first network element forward greeting message to generate a second message integrity calculation result, where the second message integrity calculation is performed. The result is compared with the first message integrity calculation result sent by the first network element, and after the comparison is correct, the first network element forward greeting message and the terminal greeting are used by using the generated second consistency check key. The second message integrity calculation is performed by the message to generate a third message integrity calculation result, and the third message integrity calculation result is sent to the first network element.
所述第一网元使用所述第一一致性检查密钥对第一网元前向问候消息和终端问候消息进行消息完整性计算产生第四消息完整性计算结果,使用所述第四消息完整性计算结果验证终端发送的所述第三消息完整性计算结果,验证成功后,所述第一网元向所述终端发送鉴权成功消息。The first network element uses the first consistency check key to perform a message integrity calculation on the first network element forward greeting message and the terminal greeting message to generate a fourth message integrity calculation result, using the fourth message. The integrity calculation result verifies the third message integrity calculation result sent by the terminal. After the verification succeeds, the first network element sends an authentication success message to the terminal.
较佳地,在所述终端的初始认证阶段,所述第二网元向第一网元发送鉴权向量信息,具体包括:Preferably, in the initial authentication phase of the terminal, the second network element sends the authentication vector information to the first network element, which specifically includes:
所述第二网元查找所述终端标识对应的所述终端的交换公钥;The second network element searches for an exchange public key of the terminal corresponding to the terminal identifier;
所述第二网元向查询中心发送所述第一网元后向问候消息、终端标识和终端的交换公钥;Transmitting, by the second network element, the first network element to the greeting center, the terminal identifier, and the exchange public key of the terminal to the query center;
所述查询中心根据所述第一网元后向问候消息中携带的第一网元的签名证书获取所述第一网元标识,查询所述第一网元标识对应的第一网元的交换公钥并验证所述第一网元的签名证书,生成携带第一网元的签名证书及验证结果、终端标识和所述终端的交换公钥的消息,对第一网元后向问候消息和生成的所述消息进行签名,将所述签名、所述第一网元的交换公钥和所述第一网元标识发送给所述第二网元;The querying center obtains the first network element identifier according to the first network element and the first network element identifier corresponding to the first network element, and the first network element corresponding to the first network element And verifying the signature certificate of the first network element, and generating a signature certificate carrying the first network element and the verification result, the terminal identifier, and the exchange public key of the terminal, and the first network element backward greeting message and The generated message is signed, and the signature, the exchange public key of the first network element, and the first network element identifier are sent to the second network element.
所述第二网元使用所述查询中心的签名证书验证签名正确后,向所述第一网元发送鉴权向量信息,所述鉴权向量信息包括:第一网元的签名证书及验证结果、第一网元的交换公钥、终端标识和终端的交换公钥、使用所述第二网元的签名私钥进行签名的终端问候消息和第一网元的签名证书及验证结果、使用所述查询中心的签名私钥进行签名的第一网元后向问候消息、终端标识和终端的交换公钥。After the second network element uses the signature certificate of the query center to verify that the signature is correct, the second network element sends the authentication vector information to the first network element, where the authentication vector information includes: a first network element's signature certificate and a verification result. The exchange public key of the first network element, the terminal identifier, and the exchange public key of the terminal, the terminal greeting message signed by the signature private key of the second network element, the signature certificate of the first network element, the verification result, and the use The first network element back-end greeting message, the terminal identifier, and the exchange public key of the terminal, which are signed by the signature private key of the query center.
较佳地,所述使用所述第二网元签名私钥进行签名的信息中还包括所述第一网元的签名证书,所述终端使用保存的第二网元的签名证书对接收到的鉴权向量信息的签名进行验 证成功后,该方法还包括:Preferably, the information that is signed by using the second network element signature private key further includes a signature certificate of the first network element, and the terminal uses the saved signature certificate of the second network element to receive the received The signature of the authentication vector information is checked After the certificate is successful, the method further includes:
所述终端获取并保存所述第一网元的签名证书。The terminal acquires and saves a signature certificate of the first network element.
较佳地,所述终端利用接收到的鉴权向量信息、终端标识、所述第一临时公钥、终端交换私钥、和所述第二临时私钥生成第二一致性检查密钥,具体包括:Preferably, the terminal generates a second consistency check key by using the received authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key. Specifically include:
所述终端将终端交换私钥与所述第一临时公钥进行点乘计算出第一密钥种子,将第一网元交换公钥与所述第二临时私钥进行点乘计算出第二密钥种子,对所述第一密钥种子和第二密钥种子进行单向运算得到密钥;The terminal calculates a first key seed by multiplying the terminal exchange private key and the first temporary public key, and multiplies the first network element exchange public key and the second temporary private key to calculate a second a key seed, performing a one-way operation on the first key seed and the second key seed to obtain a key;
所述终端利用所述密钥、终端标识、第一网元标识、第一网元前向随机数、和终端随机数,生成第二一致性检查密钥;The terminal generates a second consistency check key by using the key, the terminal identifier, the first network element identifier, the first network element forward random number, and the terminal random number;
所述第一网元利用获取的鉴权向量信息、所述第二临时公钥、所述第一网元交换私钥、和所述第一临时私钥生成第一一致性检查密钥,具体包括:The first network element generates a first consistency check key by using the obtained authentication vector information, the second temporary public key, the first network element exchange private key, and the first temporary private key. Specifically include:
所述第一网元将终端交换公钥与所述第一临时私钥进行点乘计算出第三密钥种子,将第一网元交换私钥与所述第二临时公钥进行点乘计算出第四密钥种子,对所述第三密钥种子和第四密钥种子进行单向运算得到密钥;The first network element performs a point multiplication of the terminal exchange public key and the first temporary private key to calculate a third key seed, and performs point multiplication calculation on the first network element exchange private key and the second temporary public key. a fourth key seed, performing a one-way operation on the third key seed and the fourth key seed to obtain a key;
所述第一网元利用所述密钥、终端标识、第一网元标识、第一网元前向随机数、和终端随机数,生成第一一致性检查密钥。The first network element generates a first consistency check key by using the key, the terminal identifier, the first network element identifier, the first network element forward random number, and the terminal random number.
较佳地,在跟踪区域更新阶段,所述第二网元向第一网元发送鉴权向量信息,具体包括:Preferably, in the tracking area update phase, the second network element sends the authentication vector information to the first network element, which specifically includes:
所述第二网元使用第二网元签名私钥对所述第一网元签名证书及验证结果和所述第一网元交换公钥、所述终端标识和保存的终端交换公钥进行签名后发送给所述第一网元。The second network element uses the second network element signature private key to sign the first network element signature certificate and the verification result, the first network element exchange public key, the terminal identifier, and the saved terminal exchange public key. Then sent to the first network element.
较佳地,所述终端利用接收到的鉴权向量信息、终端标识、所述第一临时公钥、终端交换私钥、和所述第二临时私钥生成第二一致性检查密钥,具体包括:Preferably, the terminal generates a second consistency check key by using the received authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key. Specifically include:
所述终端将终端交换私钥与所述第一临时公钥进行点乘计算出第一密钥种子,将第一网元交换公钥与所述第二临时私钥进行点乘计算出第二密钥种子,对所述第一密钥种子和第二密钥种子进行单向运算得到密钥;The terminal calculates a first key seed by multiplying the terminal exchange private key and the first temporary public key, and multiplies the first network element exchange public key and the second temporary private key to calculate a second a key seed, performing a one-way operation on the first key seed and the second key seed to obtain a key;
所述终端利用所述密钥、终端标识、第一网元标识、第一网元后向随机数、和终端随机数,生成第二一致性检查密钥;The terminal generates a second consistency check key by using the key, the terminal identifier, the first network element identifier, the first network element backward random number, and the terminal random number;
所述第一网元利用获取的鉴权向量信息、所述第二临时公钥、所述第一网元交换私钥、和所述第一临时私钥生成第一一致性检查密钥,具体包括:The first network element generates a first consistency check key by using the obtained authentication vector information, the second temporary public key, the first network element exchange private key, and the first temporary private key. Specifically include:
所述第一网元将终端交换公钥与所述第一临时私钥进行点乘计算出第三密钥种子,将第一网元交换私钥与所述第二临时公钥进行点乘计算出第四密钥种子,对所述第三密钥种子和第四密钥种子进行单向运算得到密钥;The first network element performs a point multiplication of the terminal exchange public key and the first temporary private key to calculate a third key seed, and performs point multiplication calculation on the first network element exchange private key and the second temporary public key. a fourth key seed, performing a one-way operation on the third key seed and the fourth key seed to obtain a key;
所述第一网元利用所述密钥、终端标识、第一网元标识、第一网元后向随机数、和终 端随机数,生成第一一致性检查密钥。The first network element uses the key, the terminal identifier, the first network element identifier, the first network element backward random number, and the end A random number is generated to generate a first consistency check key.
一种终端,包括:A terminal comprising:
鉴权消息发送模块,用于生成第二临时公私钥对,向第一网元发送包含终端标识和终端随机数的终端问候消息和包含第二临时公钥的密钥交换消息;The authentication message sending module is configured to generate a second temporary public-private key pair, and send, to the first network element, a terminal greeting message including a terminal identifier and a terminal random number, and a key exchange message including the second temporary public key;
鉴权模块,用于使用保存的第二网元的签名证书对接收到的鉴权向量信息的签名进行验证;An authentication module, configured to verify, by using a saved signature certificate of the second network element, the signature of the received authentication vector information;
密钥生成模块,用于所述鉴权模块验证成功后,利用所述鉴权向量信息、所述终端标识、所述第一临时公钥、终端交换私钥、和所述第二临时私钥生成第二一致性检查密钥;a key generation module, configured to use the authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key after the authentication module succeeds Generating a second consistency check key;
消息完整性检验模块,用于使用所述第二一致性检查密钥对终端问候消息和第一网元前向问候消息进行消息完整性计算产生第二消息完整性计算结果,将第二消息完整性计算结果与第一网元发送的第一消息完整性计算结果比对,比对正确后,使用生成的所述第二一致性检查密钥对第一网元前向问候消息和终端问候消息进行第二次消息完整性计算产生第三消息完整性计算结果,将所述第三消息完整性计算结果发送给所述第一网元。a message integrity checking module, configured to generate a second message integrity calculation result by using the second consistency check key to perform a message integrity calculation on the terminal hello message and the first network element forward greeting message, and send the second message The integrity calculation result is compared with the first message integrity calculation result sent by the first network element, and after the comparison is correct, the generated second consistency check key is used to forward the first network element forward greeting message and the terminal. The second message integrity calculation result is generated by the hello message, and the third message integrity calculation result is sent to the first network element.
较佳地,初始认证阶段,使用所述第二网元签名私钥进行签名的信息中包括所述第一网元的签名证书,所述终端还包括:Preferably, in the initial authentication phase, the information that is signed by using the second network element signature private key includes the signature certificate of the first network element, and the terminal further includes:
签名证书保存模块,用于在所述鉴权模块验证成功后,获取并保存所述第一网元的签名证书。And a signature certificate saving module, configured to acquire and save a signature certificate of the first network element after the authentication module succeeds in verifying.
较佳地,所述密钥生成模块具体用于:Preferably, the key generation module is specifically configured to:
将终端交换私钥与所述第一临时公钥进行点乘计算出第一密钥种子,将第一网元交换公钥与所述第二临时私钥进行点乘计算出第二密钥种子,对所述第一密钥种子和第二密钥种子进行单向运算得到密钥;Calculating the first key seed by multiplying the terminal exchange private key and the first temporary public key, and multiplying the first network element exchange public key and the second temporary private key to calculate a second key seed Performing a one-way operation on the first key seed and the second key seed to obtain a key;
利用所述密钥、终端标识、第一网元标识、第一网元前向随机数、和终端随机数,生成第二一致性检查密钥。And generating, by using the key, the terminal identifier, the first network element identifier, the first network element forward random number, and the terminal random number, a second consistency check key.
较佳地,在跟踪区更新阶段,所述密钥生成模块具体用于:Preferably, in the tracking area update phase, the key generation module is specifically configured to:
将终端交换私钥与所述第一临时公钥进行点乘计算出第一密钥种子,将第一网元交换公钥与所述第二临时私钥进行点乘计算出第二密钥种子,对所述第一密钥种子和第二密钥种子进行单向运算得到密钥;Calculating the first key seed by multiplying the terminal exchange private key and the first temporary public key, and multiplying the first network element exchange public key and the second temporary private key to calculate a second key seed Performing a one-way operation on the first key seed and the second key seed to obtain a key;
利用所述密钥、终端标识、第一网元标识、第一网元后向随机数、和终端随机数,生成第二一致性检查密钥。And generating, by using the key, the terminal identifier, the first network element identifier, the first network element backward random number, and the terminal random number, a second consistency check key.
一种第一网元,包括:A first network element, including:
鉴权消息发送模块,用于向第二网元发送终端问候消息、包含第一网元后向随机数和第一网元签名证书的第一网元后向问候消息;An authentication message sending module, configured to send, to the second network element, a terminal greeting message, a first network element backward greeting message including a first network element, a random number, and a first network element signature certificate;
鉴权向量信息获取模块,用于获取所述鉴权向量信息,所述鉴权向量信息中需要发送 给终端的信息使用第二网元签名私钥进行签名;An authentication vector information acquiring module, configured to acquire the authentication vector information, where the authentication vector information needs to be sent The information for the terminal is signed using the second network element signature private key;
鉴权模块,用于生成第一临时公私钥对和包含第一网元前向随机数的第一网元前向问候消息,利用获取的鉴权向量信息、第二临时公钥、第一网元交换私钥和第一临时私钥生成第一一致性检查密钥,使用所述第一一致性检查密钥对所述终端问候消息和第一网元前向问候消息进行消息完整性计算产生第一消息完整性计算结果,并向终端发送所述鉴权向量信息、包含第一临时公钥的密钥交换消息、第一网元前向问候消息和所述第一消息完整性计算结果。An authentication module, configured to generate a first temporary public-private key pair and a first network element forward greeting message including a first network element forward random number, using the obtained authentication vector information, the second temporary public key, and the first network Generating a first consistency check key by using the first exchange private key and the first temporary private key, and performing message integrity on the terminal greeting message and the first network element forward greeting message by using the first consistency check key Calculating a first message integrity calculation result, and transmitting the authentication vector information, the key exchange message including the first temporary public key, the first network element forward greeting message, and the first message integrity calculation to the terminal result.
较佳地,在终端的初始认证阶段,所述鉴权向量信息获取模块获取的鉴权向量信息包括:使用第二网元签名私钥签名的终端问候消息和第一网元的签名证书及验证结果,和使用查询中心签名私钥签名的第一网元前向问候消息和终端标识和终端的交换公钥;Preferably, in the initial authentication phase of the terminal, the authentication vector information acquired by the authentication vector information acquiring module includes: a terminal greeting message signed by the second network element signature private key, and a signature certificate and verification of the first network element. As a result, the first network element forward greeting message and the terminal identifier and the exchange public key of the terminal signed with the query center signature private key;
较佳地,所述鉴权模块利用获取的鉴权向量信息、所述第二临时公钥、所述第一网元交换私钥、和所述第一临时私钥生成第一一致性检查密钥时,具体用于:Preferably, the authentication module generates the first consistency check by using the obtained authentication vector information, the second temporary public key, the first network element exchange private key, and the first temporary private key. When the key is used, it is specifically used to:
将终端交换公钥与所述第一临时私钥进行点乘计算出第三密钥种子,将第一网元交换私钥与所述第二临时公钥进行点乘计算出第四密钥种子,对所述第三密钥种子和第四密钥种子进行单向运算得到密钥;Calculating a third key seed by multiplying the terminal exchange public key and the first temporary private key, and multiplying the first network element exchange private key and the second temporary public key to calculate a fourth key seed Performing a one-way operation on the third key seed and the fourth key seed to obtain a key;
利用所述密钥、终端标识、第一网元标识、第一网元前向随机数、和终端随机数,生成第一一致性检查密钥。The first consistency check key is generated by using the key, the terminal identifier, the first network element identifier, the first network element forward random number, and the terminal random number.
较佳地,在跟踪区更新阶段,所述鉴权模块利用获取的鉴权向量信息、所述第二临时公钥、所述第一网元交换私钥、和所述第一临时私钥生成第一一致性检查密钥,具体包括:Preferably, in the tracking area update phase, the authentication module generates the acquired authentication vector information, the second temporary public key, the first network element exchange private key, and the first temporary private key. The first consistency check key includes:
将终端交换公钥与所述第一临时私钥进行点乘计算出第三密钥种子,将第一网元交换私钥与所述第二临时公钥进行点乘计算出第四密钥种子,对所述第三密钥种子和第四密钥种子进行单向运算得到密钥;Calculating a third key seed by multiplying the terminal exchange public key and the first temporary private key, and multiplying the first network element exchange private key and the second temporary public key to calculate a fourth key seed Performing a one-way operation on the third key seed and the fourth key seed to obtain a key;
利用所述密钥、终端标识、第一网元标识、第一网元后向随机数、和终端随机数,生成第一一致性检查密钥。The first consistency check key is generated by using the key, the terminal identifier, the first network element identifier, the first network element backward random number, and the terminal random number.
一种第二网元,包括:A second network element, including:
鉴权向量信息发送模块,用于向第一网元发送鉴权向量信息,所述鉴权向量信息中需要发送给终端的信息使用第二网元签名私钥进行签名。The authentication vector information sending module is configured to send the authentication vector information to the first network element, where the information to be sent to the terminal in the authentication vector information is signed by using the second network element signature private key.
较佳地,在终端初始认证阶段,所述鉴权向量信息发送模块具体用于:Preferably, in the initial authentication phase of the terminal, the authentication vector information sending module is specifically configured to:
查找所述终端标识对应的所述终端的交换公钥;Finding an exchange public key of the terminal corresponding to the terminal identifier;
向查询中心发送后向问候消息、终端标识和终端的交换公钥;Sending a backward greeting message, a terminal identifier, and an exchange public key of the terminal to the query center;
获取经过查询中心私钥签名的第一网元的签名证书及验证结果、所述终端标识、所述终端交换公钥、和所述第一网元后向随机数随机数,使用所述查询中心的签名证书验证签名正确后,向所述第一网元发送鉴权向量信息,所述鉴权向量信息包括:第一网元的签名 证书及验证结果、第一网元的交换公钥、终端标识和终端的交换公钥、使用所述第二网元的签名私钥进行签名的终端问候消息和第一网元的签名证书及验证结果、使用所述查询中心的签名私钥进行签名的第一网元后向问候消息和终端标识和终端的交换公钥。Obtaining a signature certificate and a verification result of the first network element signed by the query center private key, the terminal identifier, the terminal exchange public key, and the first network element backward random number random number, using the query center After the signature certificate verification signature is correct, the authentication vector information is sent to the first network element, where the authentication vector information includes: a signature of the first network element The certificate and the verification result, the exchange public key of the first network element, the terminal identifier and the exchange public key of the terminal, the terminal greeting message signed by the signature private key of the second network element, and the signature certificate and verification of the first network element As a result, the first network element backwards greeting message and the terminal identifier and the exchange public key of the terminal are signed using the signature private key of the query center.
一种查询中心,包括:A query center that includes:
信息获取模块,用于根据所述第一网元后向问候消息中携带的第一网元的签名证书获取所述第一网元标识,查询所述第一网元标识对应的第一网元的交换公钥并验证第一网元的签名证书;The information acquiring module is configured to obtain the first network element identifier according to the first network element, and query the first network element corresponding to the first network element identifier according to the first network element Exchange the public key and verify the signature certificate of the first network element;
信息发送模块,用于生成携带第一网元的签名证书及验证结果、终端标识和所述终端的交换公钥的消息,对第一网元后向问候消息和生成的所述消息进行签名,将所述签名、所述第一网元的交换公钥和所述第一网元标识发送给所述第二网元。The information sending module is configured to generate a message carrying the first network element's signature certificate and the verification result, the terminal identifier, and the exchanged public key of the terminal, and sign the first network element back greeting message and the generated message, Transmitting the signature, the exchange public key of the first network element, and the first network element identifier to the second network element.
本申请实施例提供的方法、系统及设备,网络中传递的发送给终端的其所需的鉴权向量经过签名私钥签名,以便终端验证信息来源是否合法;鉴权双方使用一致性检查密钥进行消息完整性计算,进而通过对消息完整性计算结果进行验证实现鉴权,保证了鉴权信息在传递过程中的安全性以及鉴权的可靠性。The method, system and device provided by the embodiment of the present application, the authentication vector required by the network to be sent to the terminal is signed by the signature private key, so that the terminal verifies whether the information source is legal; the authentication party uses the consistency check key. The message integrity calculation is carried out, and then the authentication is implemented by verifying the result of the message integrity calculation, thereby ensuring the security of the authentication information in the transmission process and the reliability of the authentication.
附图说明DRAWINGS
图1为本申请一个实施例提供的方法流程图;FIG. 1 is a flowchart of a method provided by an embodiment of the present application;
图2为本申请另一个实施例提供的方法信令图;2 is a signaling diagram of a method according to another embodiment of the present application;
图3为本申请又一个实施例提供的方法信令图;FIG. 3 is a signaling diagram of a method according to still another embodiment of the present application;
图4为本申请实施例提供的系统结构示意图;4 is a schematic structural diagram of a system according to an embodiment of the present application;
图5为本申请实施例提供的终端结构示意图;FIG. 5 is a schematic structural diagram of a terminal according to an embodiment of the present application;
图6为本申请实施例提供的第一网元结构示意图;FIG. 6 is a schematic structural diagram of a first network element according to an embodiment of the present application;
图7为本申请实施例提供的第二网元结构示意图;FIG. 7 is a schematic structural diagram of a second network element according to an embodiment of the present application;
图8为本申请实施例提供的查询中心结构示意图。FIG. 8 is a schematic structural diagram of a query center according to an embodiment of the present application.
具体实施方式detailed description
为了提高LTE网络鉴权认证过程的安全性,避免鉴权参数在网元之间传递的过程中被窃取或篡改,本申请实施例提供了一种网络鉴权认证的方法,该方法中,网络中传递的发送给终端的其所需的鉴权向量经过签名私钥签名,以便终端验证信息来源是否合法;鉴权双方使用一致性检查密钥进行消息完整性计算,进而通过对消息完整性计算结果进行验证实现鉴权,保证了鉴权信息在传递过程中的安全性以及鉴权的可靠性。In order to improve the security of the LTE network authentication process and avoid the theft or tampering of the authentication parameters in the process of the transmission between the network elements, the embodiment of the present application provides a network authentication authentication method, where the network The required authentication vector transmitted to the terminal is signed by the signature private key, so that the terminal verifies whether the information source is legal; the authentication parties use the consistency check key for message integrity calculation, and then calculate the message integrity. The result is verified to achieve authentication, which ensures the security of the authentication information in the process of transmission and the reliability of authentication.
下面将结合附图,对本申请实施例提供的技术方案进行详细说明。 The technical solutions provided by the embodiments of the present application are described in detail below with reference to the accompanying drawings.
本申请实施例提供的一种网络鉴权认证方法如图1所示,具体包括如下操作:A network authentication and authentication method provided by the embodiment of the present application is as shown in FIG. 1 , and specifically includes the following operations:
步骤100、终端生成第二临时公私钥对,向第一网元发送包含终端标识和终端随机数的终端问候(Hello)消息、和包含第二临时公钥的密钥交换消息。Step 100: The terminal generates a second temporary public-private key pair, and sends a terminal hello message including a terminal identifier and a terminal random number to the first network element, and a key exchange message including the second temporary public key.
步骤110、第一网元向第二网元发送终端问候消息、和包含第一网元后向随机数和第一网元签名证书的第一网元后向问候消息。Step 110: The first network element sends a terminal greeting message to the second network element, and a first network element backward greeting message including the first network element and the first network element and the first network element signature certificate.
步骤120、第二网元向第一网元发送鉴权向量信息,所述鉴权向量信息中需要发送给终端的信息使用第二网元签名私钥进行签名。Step 120: The second network element sends the authentication vector information to the first network element, where the information that needs to be sent to the terminal in the authentication vector information is signed by using the second network element signature private key.
步骤130、所述第一网元获取所述鉴权向量信息。Step 130: The first network element acquires the authentication vector information.
步骤140、所述第一网元生成第一临时公私钥对和包含第一网元前向随机数的第一网元前向问候消息,利用获取的鉴权向量信息、所述第二临时公钥、所述第一网元交换私钥和所述第一临时私钥生成第一一致性检查密钥,使用所述第一一致性检查密钥对所述终端问候消息和第一网元前向问候消息进行消息完整性计算产生第一消息完整性计算结果,并向终端发送所述鉴权向量信息、包含第一临时公钥的密钥交换消息和第一网元前向问候消息,以及第一消息完整性计算结果。Step 140: The first network element generates a first temporary public-private key pair and a first network element forward greeting message that includes a first network element forward random number, and uses the obtained authentication vector information, the second temporary public The first consistency check key is generated by the key, the first network element exchange private key, and the first temporary private key, and the terminal greeting message and the first network are used by using the first consistency check key. Performing a message integrity calculation on the message to the hello message to generate a first message integrity calculation result, and transmitting the authentication vector information, the key exchange message including the first temporary public key, and the first network element forward greeting message to the terminal And the result of the first message integrity calculation.
步骤150、所述终端使用保存的第二网元的签名证书对接收到的所述鉴权向量信息中的签名进行验证。Step 150: The terminal verifies the signature in the received authentication vector information by using the saved signature certificate of the second network element.
步骤160、验证成功后,所述终端利用所述鉴权向量信息、所述终端标识、所述第一临时公钥、终端交换私钥、和所述第二临时私钥生成第二一致性检查密钥。Step 160: After the verification succeeds, the terminal generates a second consistency by using the authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key. Check the key.
步骤170、所述终端使用所述第二一致性检查密钥对终端问候消息和第一网元前向问候消息进行消息完整性计算产生第二消息完整性计算结果,将所述第二消息完整性计算结果与第一网元发送的所述第一消息完整性计算结果比对,比对正确后,使用生成的所述第二一致性检查密钥对第一网元前向问候消息和终端问候消息进行第二次消息完整性计算产生第三消息完整性计算结果,将所述第三消息完整性计算结果发送给所述第一网元。Step 170: The terminal uses the second consistency check key to perform a message integrity calculation on the terminal hello message and the first network element forward greeting message to generate a second message integrity calculation result, where the second message is sent. The integrity calculation result is compared with the first message integrity calculation result sent by the first network element, and after the comparison is correct, the generated second consistency check key is used to forward the first network element forward greeting message. Performing a second message integrity calculation with the terminal hello message to generate a third message integrity calculation result, and sending the third message integrity calculation result to the first network element.
步骤180、所述第一网元使用上述生成的第一一致性检查密钥对第一网元前向问候消息和终端问候消息进行消息完整性计算产生第四消息完整性计算结果,使用生成的所述第四消息完整性计算结果验证终端发送过来的所述第三消息完整性计算结果。Step 180: The first network element performs a message integrity calculation on the first network element forward greeting message and the terminal greeting message by using the generated first consistency check key to generate a fourth message integrity calculation result, which is generated by using The fourth message integrity calculation result verifies the third message integrity calculation result sent by the terminal.
步骤190、验证成功后,所述第一网元向终端发送鉴权成功消息。Step 190: After the verification succeeds, the first network element sends an authentication success message to the terminal.
如果上述鉴权认证过程应用于LTE网络中的终端初始认证阶段,则所述的第一网元为移动性管理实体(MME),所述的第二网元为归属用户服务器(HSS,Home Subscriber Server)。If the authentication process is applied to the terminal initial authentication phase in the LTE network, the first network element is a mobility management entity (MME), and the second network element is a home subscriber server (HSS, Home Subscriber). Server).
如果上述鉴权认证过程应用于LTE网络中跟踪区域更新(TAU,Tracking Area Update)阶段的鉴权认证,则所述的第一网元为目标MME,第二网元为服务MME。If the authentication process is applied to the authentication of the tracking area update (TAU) in the LTE network, the first network element is the target MME, and the second network element is the serving MME.
下面以LTE网络的鉴权认证为例,对本申请实施例提供的方法进行详细说明。 The method provided by the embodiment of the present application is described in detail below by taking the authentication of the LTE network as an example.
为实施本申请提供的技术方案,需要在现网中进行如下部署:To implement the technical solution provided by this application, you need to deploy the following in the live network:
部署证书管理机构(CA)和查询中心(QueC)。Deploy a Certificate Authority (CA) and a Query Center (QueC).
运营商根据组网需求可以针对每个PLMN部署一个QueC,也可以针对各省部署一个或多个QueC。QueC用于保存所辖管理域内的MME的交换公钥hMME和MME的签名证书,并根据其他网元的请求查询所辖的指定管理域的MME的交换公钥hMME和MME的签名证书,或与其他管理域的查询中心交互,获得其他管理域的MME的交换公钥hMME和签名证书。The operator can deploy one QueC for each PLMN according to networking requirements, or deploy one or more QueCs for each province. QueC exchange for saving the public key h MME MME MME and signed certificate under the jurisdiction of the administrative domain, and query the MME exchange public keys h MME and MME signing certificate under the jurisdiction of the designated management domain at the request of other network elements, Or interact with the query center of other management domains to obtain the exchange public key h MME and the signing certificate of the MME of the other management domain.
各个运营商通过其部署的CA向其部署的LTE网络中的网元颁发证书:Each operator issues a certificate to the network element in its deployed LTE network through its deployed CA:
CA为LTE网络中的网元HSS颁发两张证书,一张为签名证书,签名证书中存放HSS的签名公钥,另一张为加密证书,加密证书存放HSS的加密公钥。在鉴权认证阶段,由HSS中的鉴权中心(AuC)参与鉴权认证处理,可以理解的是,本申请所描述的HSS的签名证书实际为AuC的签名证书,HSS的签名公钥实际为AuC的签名公钥,HSS的加密证书实际为AuC的加密证书,HSS的加密公钥实际为AuC的加密公钥。The CA issues two certificates for the HSS in the LTE network. One is the signature certificate, the signature certificate contains the signature public key of the HSS, and the other is the encryption certificate. The encryption certificate stores the encrypted public key of the HSS. In the authentication and authentication phase, the authentication center (AuC) in the HSS participates in the authentication and authentication process. It can be understood that the signature certificate of the HSS described in this application is actually the signature certificate of the AuC, and the signature public key of the HSS is actually The signature public key of AuC, the encryption certificate of HSS is actually the encryption certificate of AuC, and the encryption public key of HSS is actually the encryption public key of AuC.
CA为MME颁发一张签名证书,签名证书中存放MME的签名公钥。The CA issues a signature certificate to the MME, and the signature certificate stores the signature public key of the MME.
CA为QueC颁发一张签名证书,签名证书中存放QueC的签名公钥。The CA issues a signed certificate to the QueC, and the signed certificate stores the signature public key of the QueC.
LTE网络中的网元MME中存放用于密钥交换的公、私钥对(hMME,PMME),自身的签名证书、签名私钥,并存放QueC的签名证书。The network element MME in the LTE network stores public and private key pairs (h MME , P MME ) for key exchange, its own signature certificate, signature private key, and stores the signature certificate of QueC.
终端的全球用户识别单元(USIM,Universal Subscriber Identity Module)卡中存放一个用于密钥交换的公、私钥对(hU,PU)、HSS的加密证书和签名证书。The US Subscriber Identity Unit (USIM) card stores a public and private key pair (h U , P U ), HSS encryption certificate and signature certificate for key exchange.
HSS中存放自身的签名证书、签名私钥,自身的加密证书、加密私钥,并存放QueC的签名证书、和终端的交换公钥hUThe HSS stores its own signature certificate, signature private key, its own encryption certificate, and encryption private key, and stores the signature certificate of QueC and the exchange public key h U of the terminal.
基于上述网络部署,应用本申请实施例提供的方法的初始认证阶段如图2所示,包括如下操作:Based on the foregoing network deployment, the initial authentication phase of applying the method provided by the embodiment of the present application is as shown in FIG. 2, and includes the following operations:
步骤200、终端(UE)生成第二临时公私钥对,向网络侧发送消息Msg1。Step 200: The terminal (UE) generates a second temporary public-private key pair, and sends a message Msg1 to the network side.
该消息Msg1包括终端问候(UE Hello)消息和密钥交换(UE Key)消息,其消息格式可以是:The message Msg1 includes a UE Hello message and a Key Exchange (UE Key) message, and the message format can be:
UE HelloUE Hello
UE.Nounce   //终端随机数UE.Nounce // terminal random number
UE.ID          //终端标识UE.ID // terminal identification
UE KeyUE Key
UE.Keyinfo          //第二临时公钥UE.Keyinfo // second temporary public key
在初始认证阶段,终端标识可以但不仅限于为终端的国际移动用户识别码(IMSI,International Mobile Subscriber Identification Number)。 In the initial authentication phase, the terminal identity may be, but is not limited to, the International Mobile Subscriber Identification Number (IMSI) of the terminal.
可选的,终端可以使用HSS的加密公钥(PKHSS)对终端的IMSI和UE.Nounce进行加密,相应的,UE.ID=(IMSI&0x7FF0,EnC(PKHSS,IMSI,UENounce)),EnC(PKHSS,IMSI,UE.Nounce)表示使用HSS的加密公钥对终端的IMSI和UE.Nounce进行加密。Alternatively, the terminal may use the public key encryption HSS (HSS the PK) and UE.Nounce terminal IMSI is encrypted, corresponding, UE.ID = (IMSI & 0x7FF0, EnC (PK HSS, IMSI, UENounce)), EnC ( PK HSS , IMSI, UE.Nounce) indicates that the IMSI and UE.Nounce of the terminal are encrypted using the encrypted public key of the HSS.
步骤210、MME收到上述Msg1后确定所述终端的HSS。Step 210: After receiving the foregoing Msg1, the MME determines the HSS of the terminal.
如果Msg1中的信息没有使用HSS的加密公钥进行加密,则MME可以根据终端的IMSI确定HSS。如果Msg1中的信息使用HSS的加密公钥进行加密,则MME可以根据IMSI&0x7FF0确定HSS。If the information in Msg1 is not encrypted using the encrypted public key of the HSS, the MME may determine the HSS based on the IMSI of the terminal. If the information in Msg1 is encrypted using the encrypted public key of the HSS, the MME may determine the HSS based on IMSI&0x7FF0.
步骤220、MME向终端的HSS发送消息Msg2。Step 220: The MME sends a message Msg2 to the HSS of the terminal.
该消息Msg2包括所述UE Hello消息和第一网元后向问候(MME Hello)消息,其消息格式可以是:The message Msg2 includes the UE Hello message and a first MME Hello message, and the message format may be:
UE HelloUE Hello
MME HelloMME Hello
MME.Nounce          //第一网元后向随机数MME.Nounce // first network element backward random number
MME.Cert      //第一网元签名证书MME.Cert // first network element signing certificate
步骤230、HSS收到Msg2后,查找IMSI对应的hUStep 230: After receiving the Msg2, the HSS searches for the h U corresponding to the IMSI.
具体的,HSS查询其数据库中保存的IMSI与终端的交换公钥的对应关系,获得IMSI对应的hUSpecifically, the HSS queries the correspondence between the IMSI stored in the database and the exchanged public key of the terminal, and obtains the h U corresponding to the IMSI.
如果终端标识是加密的,则HSS在查询数据库之前,使用HSS加密私钥对EnC(PKHSS,IMSI,UE.Nounce)解密,获得终端的IMSI,然后查询得到终端交换公钥hUIf the terminal identifier is encrypted, then the HSS queries the database prior to using private key encryption HSS EnC (PK HSS, IMSI, UE.Nounce ) decrypts the IMSI of the terminal, the terminal then exchange public keys obtained query h U.
步骤240、HSS将上述MME Hello消息发送给查询中心,并将终端IMSI明文和终端交换公钥hU发送给查询中心。Step 240: The HSS sends the MME Hello message to the query center, and sends the terminal IMSI plaintext and the terminal exchange public key h U to the query center.
步骤250、查询中心根据MME的签名证书获得MME的标识信息(MME.ID),查询到对应的MME的交换公钥(hMME)并验证MME的签名证书(MME.Cert),生成查询响应信息(QUE-MMEResp),所述QUE-MMEResp包含MME.CertResult和AS-UE-MME.Keyinfo,MME.CertResult中携带MME的签名证书及验证结果,AS-UE-MME.Keyinfo中携带终端IMSI明文和终端交换公钥,然后查询中心对MME Hello消息和QUE-MMEResp进行签名,将该签名和MME的交换公钥、第一网元标识(MME.ID)一起发给HSS。Step 250: The query center obtains the MME identity information (MME.ID) according to the MME's signature certificate, queries the corresponding MME's exchange public key (h MME ), and verifies the MME's signature certificate (MME.Cert) to generate query response information. (QUE-MMEResp), the QUE-MMEResp includes the MME.CertResult and the AS-UE-MME.Keyinfo, the MME.CertResult carries the signature certificate and the verification result of the MME, and the AS-UE-MME.Keyinfo carries the plaintext of the terminal IMSI and The terminal exchanges the public key, and then the query center signs the MME Hello message and the QUE-MMEResp, and sends the signature to the HSS together with the exchange public key of the MME and the first network element identifier (MME.ID).
可选的,查询中心可以对MME的交换公钥、MME.ID也进行签名,将该签名也发送给HSS。Optionally, the query center may also sign the exchange public key and the MME.ID of the MME, and send the signature to the HSS.
具体的,如果MME在该查询中心所辖管理域,则该查询中心在其数据库中查找MME的交换公钥和签名证书。如果MME不在该查询中心所辖管理域,则该查询中心通过和其他查询中心的交互获得MME的交换公钥hMME和签名证书。 Specifically, if the MME is in the management domain of the query center, the query center searches the database for the exchange public key and the signing certificate of the MME. If the MME is not in the management domain of the query center, the query center obtains the exchange public key h MME and the signing certificate of the MME through interaction with other query centers.
步骤260、HSS使用查询中心的签名证书验证签名正确后,向MME发送消息Msg3。Step 260: After verifying that the signature is correct by using the signature certificate of the query center, the HSS sends a message Msg3 to the MME.
Msg3中携带鉴权向量信息,其消息格式可以是:Msg3 carries authentication vector information, and its message format can be:
HSS-UEResp                      //HSS给UE的响应信息HSS-UEResp //HSS response message to the UE
MME.CertResult                //MME证书及验证结果MME.CertResult // MME certificate and verification result
AS-MME-UE.Keyinfo    //MME的交换公钥AS-MME-UE.Keyinfo // exchange public key of MME
QUE-MMEResp                  //查询响应信息(查询中心给MME的响应信息)QUE-MMEResp //Query response information (response information sent by the query center to the MME)
AS-UE-MME.Keyinfo    //终端的IMSI明文和终端的交换公钥AS-UE-MME.Keyinfo //IMI plaintext of the terminal and exchange public key of the terminal
HSS-UE.Sig(UE Hello,HSS-UEResp) //使用HSS的签名私钥进行签名的UE Hello消息和HSS-UERespHSS-UE.Sig (UE Hello, HSS-UEResp) // UE Hello message and HSS-UEResp signed using the HSS signature private key
QUE-MME.Sig(MME Hello,QUE-MMEResp)  //使用查询中心的签名私钥进行签名的MMEHello消息和QUE-MMERespQUE-MME.Sig(MME Hello, QUE-MMEResp) // MMEHello message signed with the signature private key of the query center and QUE-MMEResp
步骤270、MME收到Msg3,使用查询中心的签名证书验证QUE-MME.Sig的签名正确后,表示数据有效。Step 270: After receiving the Msg3, the MME uses the signature certificate of the query center to verify that the signature of the QUE-MME.Sig is correct, indicating that the data is valid.
本申请实施例中,使用查询中心的签名证书验证基于查询中心的签名私钥的签名,具体是指,使用查询中心的签名证书中保存的签名公钥验证基于查询中心的签名私钥的签名。In the embodiment of the present application, the signature of the signature private key of the query center is verified by using the signature certificate of the query center. Specifically, the signature of the signature private key based on the query center is verified by using the signature public key saved in the signature certificate of the query center.
步骤280、MME生成用于密钥交换的第一临时公私钥对(x,xP)和包含第一网元前向随机数的第一网元前向问候消息,利用IMSI、MME.ID、MME交换私钥、第一临时私钥(x)、终端交换公钥和第二临时公钥(zP)生成第一一致性检查密钥,使用该第一一致性检查密钥对UE_Hello和第一网元前向问候消息进行消息完整性计算产生第一消息完整性计算结果,并向终端发送消息Msg4。Step 280: The MME generates a first temporary public-private key pair (x, xP) for key exchange and a first network element forward greeting message including a first network element forward random number, using IMSI, MME.ID, and MME. The exchange private key, the first temporary private key (x), the terminal exchange public key, and the second temporary public key (zP) generate a first consistency check key, and use the first consistency check key pair UE_Hello and the first A network element forward message integrity calculation generates a first message integrity calculation result, and sends a message Msg4 to the terminal.
该消息Msg4包括使用第二网元签名私钥进行签名的鉴权向量信息、包含第一临时公钥的密钥交换(MME-UEKey)消息和第一网元前向问候消息(MME-UEHello),以及第一消息完整性计算结果(MMEFinish)。The message Msg4 includes authentication vector information signed using the second network element signature private key, a key exchange (MME-UEKey) message including the first temporary public key, and a first network element forward greeting message (MME-UEHello) And the first message integrity calculation result (MMEFinish).
其消息格式如下:The message format is as follows:
MME-UEHelloMME-UEHello
MME-UE.Nounce           //MME前向随机数MME-UE.Nounce // MME forward random number
MME-UEKey                //MME和UE交互的密钥信息MME-UEKey //Key information of MME and UE interaction
MME-UE.keyinfo   //MME的临时公钥,也就是第一临时公钥MME-UE.keyinfo // Temporary public key of the MME, which is the first temporary public key
MMEFinishMMEFinish
MME-UE.Mic(MME-UEHello,UE_Hello)   //携带第一消息完整性计算结果,括号中字段顺序不能变MME-UE.Mic(MME-UEHello, UE_Hello) // carries the first message integrity calculation result, and the field order in parentheses cannot be changed.
QUE-MMEResp        //消息3中HSS发送的 QUE-MMEResp //Message 3 sent by HSS
HSS-UE.Sig         //消息3中HSS发送的HSS-UE.Sig //Message 3 sent by HSS
其中,MME生成第一一致性检查密钥的具体实现方式可以但不仅限于采用以下技术手段实现:The specific implementation manner of the MME to generate the first consistency check key may be, but is not limited to, the following technical means:
将hU与x进行点乘计算出第三密钥种子,将PMME与zP进行点乘计算出第四密钥种子,对所述第三密钥种子和第四密钥种子进行单向运算得到密钥Key;所述MME利用所述Key,IMSI、MME.ID,终端随机数UE.Nounce1,MME前向随机数MME-UE.Nounce,生成第一一致性检查密钥IKASME,使用IKASME对Msg1的UEHello和MME生成的MME前向问候消息MME-UE-Hello进行消息完整性计算得到第一消息完整性计算结果(MME-UE.Mic),该完整性算法可采用公知的HMAC函数或密码函数实现,后面描述的消息完整性计算应采用与该步骤相同的消息完整性算法。Calculating a third key seed by multiplying h U and x, multiplying P MME and zP to calculate a fourth key seed, and performing one-way operation on the third key seed and the fourth key seed Obtaining a key Key; the MME generates the first consistency check key IK ASME by using the Key, the IMSI, the MME.ID, the terminal random number UE.Nounce1, and the MME forward random number MME-UE.Nounce. The IK ASME performs message integrity calculation on the MME forward message MME-UE-Hello generated by the UEHello of the Msg1 and the MME to obtain a first message integrity calculation result (MME-UE.Mic), and the integrity algorithm may adopt a well-known HMAC. The function or cryptographic function implementation, the message integrity calculation described later should use the same message integrity algorithm as this step.
即采用DH密钥交换算法,对终端和MME的交换公私钥和临时公私钥进行点乘后哈希运算获得密钥Key,Key=Hash(hUx||PMMEzP),再使用密钥导出函数KDF(Key,IMSI、MME标识MME.ID,终端随机数UE.Nounce1,MME随机数MME-UE.Nounce)分别产生3GPP规范定义的第一一致性检查密钥(IKASME)、KASME,然后按照3GPP定义的密钥扩展方法进行扩展。That is, the DH key exchange algorithm is used, and the exchange public key and the temporary public private key of the terminal and the MME are subjected to dot multiplication and then hashed to obtain the key Key, Key=Hash(h U x||P MME zP), and then the key is used. derivation function KDF (key, IMSI, MME identifier MME.ID, the terminal random number UE.Nounce1, MME nonce MME-UE.Nounce) respectively generate 3GPP specification defines first consistency check key (IK ASME), K ASME is then extended according to the key extension method defined by 3GPP.
步骤290、终端收到消息Msg4,使用HSS的签名证书验证HSS-UE.Sig,验证成功后利用Msg4中的信息、IMSI、第一临时公钥(xP)、终端交换私钥和第二临时私钥(z)生成第二一致性检查密钥,使用该第二一致性检查密钥对UE_Hello和第一网元前向问候消息进行消息完整性计算生成第二消息完整性计算结果,将第二消息完整性计算结果与MME发送的第一消息完整性计算结果进行比对,比对正确后,使用生成的第二一致性检查密钥对UE_Hello和第一网元前向问候消息进行第二次消息完整性计算产生第三消息完整性计算结果,向MME发送Msg5。Step 290: The terminal receives the message Msg4, and uses the HSS signature certificate to verify the HSS-UE.Sig. After the verification succeeds, the information in the Msg4, the IMSI, the first temporary public key (xP), the terminal exchange private key, and the second temporary private are utilized. The key (z) generates a second consistency check key, and uses the second consistency check key to perform a message integrity calculation on the UE_Hello and the first network element forward greeting message to generate a second message integrity calculation result, The second message integrity calculation result is compared with the first message integrity calculation result sent by the MME. After the comparison is correct, the generated second consistency check key is used to perform UE_Hello and the first network element forward greeting message. The second message integrity calculation generates a third message integrity calculation result, and sends Msg5 to the MME.
其中,终端两次进行消息完整性计算时输入字段的顺序不同。例如,第一次进行消息完整性计算时,首先输入第一网元前向问候消息,然后输入UE_Hello;第二次进行消息完整性计算时,首先输入UE_Hello,然后输入第一网元前向问候消息。The order of input fields is different when the terminal performs message integrity calculation twice. For example, when performing the message integrity calculation for the first time, first input the first NE forward greeting message and then enter UE_Hello; when performing the second message integrity calculation, first input UE_Hello, and then input the first NE forward greeting. Message.
该消息Msg5的消息格式如下:The message format of the message Msg5 is as follows:
UEFinish                                  //UE的结束信息UEFinish // UE end information
UE-MME.Mic(UEHello,MME-REQHello) //使用第二一致性检查密钥对UE_Hello和第一网元前向问候消息进行消息完整性计算的第三消息完整性计算结果UE-MME.Mic (UEHello, MME-REQHello) // third message integrity calculation result of message integrity calculation for UE_Hello and first network element forward greeting message using the second consistency check key
其中,终端利用Msg4中的信息、IMSI、xP、终端交换私钥和z生成第二一致性检查密钥的具体实现方式可以但不仅限于采用以下技术手段实现:The specific implementation manner in which the terminal uses the information in the Msg4, the IMSI, the xP, the terminal exchange private key, and the z to generate the second consistency check key may be, but is not limited to, the following technical means:
将PU与xP进行点乘计算出第一密钥种子,将hMME与z进行点乘计算出第二密钥种子,对所述第一密钥种子和第二密钥种子进行单向运算得到密钥Key;所述终端利用所述Key, IMSI、MME标识MME.ID,终端随机数UE.Nounce,MME前向随机数MME-UE.Nounce,生成第二一致性检查密钥IKASMECalculating the first key seed by multiplying P U and xP, multiplying h MME and z to calculate a second key seed, and performing one-way operation on the first key seed and the second key seed Obtaining a key Key; the terminal uses the Key, the IMSI, the MME to identify the MME.ID, the terminal random number UE.Nounce, and the MME forward random number MME-UE.Nounce to generate a second consistency check key IK ASME .
进一步的,终端还保存CertMME。Further, the terminal also saves CertMME.
步骤2100、MME收到Msg5后,使用IKASME对第一网元前向问候消息和UE_Hello进行消息完整性计算产生第四消息完整性计算结果,与Msg5的UE-MME.Mic进行比对验证。Step 2100: After receiving the Msg5, the MME uses the IK ASME to perform a message integrity calculation on the first NE forward greeting message and the UE_Hello to generate a fourth message integrity calculation result, and performs comparison verification with the UE-MME.Mic of the Msg5.
步骤2110、MME向终端发送Msg6。Step 2110: The MME sends the Msg6 to the terminal.
如果Msg5验证正确,Msg6是鉴权成功消息,否则是失败消息。If Msg5 is verified correctly, Msg6 is an authentication success message, otherwise it is a failure message.
基于上述网络部署,应用本申请实施例提供的方法的TAU阶段如图3所示,包括如下操作:Based on the foregoing network deployment, the TAU stage of the method provided by the embodiment of the present application is as shown in FIG. 3, and includes the following operations:
步骤300、UE生成第二临时公私钥对,向网络传送Msg1。Step 300: The UE generates a second temporary public-private key pair, and transmits Msg1 to the network.
该Msg1的消息格式如下:The message format of the Msg1 is as follows:
UE_HelloUE_Hello
UE.Nounce         //终端随机数UE.Nounce // terminal random number
UE.ID     //终端标识UE.ID // terminal identification
UE_KeyUE_Key
UE.Keyinfo    //第二临时公钥UE.Keyinfo // second temporary public key
TAU阶段,全球唯一临时标识(GUTI,Globally Unique Temporary Identity)即UE.ID。In the TAU phase, the Globally Unique Temporary Identity (GUTI) is the UE.ID.
步骤310、目标MME(MMEn)收到Msg1后,根据GUTI确定当前服务的MME(MMEo),并向MMEo发送Msg2。Step 310: After receiving the Msg1, the target MME (MMEn) determines the currently served MME (MMEo) according to the GUTI, and sends the Msg2 to the MMEo.
该Msg2的消息格式如下:The message format of the Msg2 is as follows:
UE_Hello                         //终端发来的问候消息UE_Hello // greeting message sent by the terminal
MMEn_Hello                  //MMEn的后向问候信息MMEn_Hello // MMEn's backward greeting message
MMEn.Nounce     //第一网元MMEn后向随机数MMEn.Nounce // first network element MMEn backward random number
MMEn.Cert        //第一网元MMEn证书MMEn.Cert // first network element MMEn certificate
MMEn.key              //第一网元MMEn交换公钥hMMEnMMEn.key // The first network element MMEn exchanges the public key hMMEn
步骤320、MMEo接收Msg2,向MMEn返回Msg3。In step 320, MMEo receives Msg2 and returns Msg3 to MMEn.
该Msg3的消息格式如下:The message format of the Msg3 is as follows:
MMEo-UEResp                //MMEo给UE的响应信息MMEo-UEResp // MMEo response message to the UE
MMEn.CertResult                //MMEn证书验证结果MMEn.CertResult // MMEn certificate verification result
AS-MMEn-UE.Keyinfo    //MMEn的交换公钥AS-MMEn-UE.Keyinfo // exchange public key of MMEn
MMEo-MMEnResp                //MMEo给MMEn的响应信息MMEo-MMEnResp // MMEo response message to MMEn
AS-UE-MMEn.Keyinfo    //终端的身份和终端的交换公钥 AS-UE-MMEn.Keyinfo //The identity of the terminal and the exchange public key of the terminal
MMEo-UE.Sig(UEHello,MMEo-UEResp) //使用MMEo的签名私钥进行签名的UEHello和MMEo-UERespMMEo-UE.Sig(UEHello, MMEo-UEResp) // UEHello and MMEo-UEResp signed using MMEo's signature private key
MMEo-MMEn.Sig(MMEnHello,MMEo-MMEnResp)//使用MMEo的签名私钥进行签名的MMEnHello,MMEo-MMEnRespMMEo-MMEn.Sig (MMEnHello, MMEo-MMEnResp) // MMEnHello, MMEo-MMEnResp, signed using the signed private key of MMEo
其中MMEn.CertResult包含CertMMEn及其验证结果,AS-MME-UE.Keyinfo包含MMEn交换公钥hMMEn,AS-UE-MME包含终端交换公钥hu和终端标识。The MMEn.CertResult includes the CertMMEn and the verification result thereof, and the AS-MME-UE.Keyinfo includes the MMEn exchange public key h MMEn , and the AS-UE-MME includes the terminal exchange public key hu and the terminal identifier.
步骤330、MMEn收到Msg3,得到hUIn step 330, the MMEn receives the Msg3 and obtains h U .
由于MMEn信任MMEo,它们之间的通信信道是受保护的,因此不需要对MMEo发送的信息进行签名验证即可使用。Since the MMEn trusts the MMEo, the communication channel between them is protected, so that it is not necessary to perform signature verification on the information sent by the MMEo.
步骤340、MMEn生成用于密钥交换的第一临时公私钥对(x,xP)和包含第一网元前向随机数的第一网元前向问候消息,利用UE.ID、MMEn.ID、MMEn交换私钥、第一临时私钥、终端交换公钥和第二临时公钥生成第一一致性检查密钥,使用该第一一致性检查密钥对UE_Hello和第一网元前向问候消息进行消息完整性计算产生第一消息完整性计算结果,并向UE发送Msg4。Step 340: The MMEn generates a first temporary public-private key pair (x, xP) for key exchange and a first network element forward greeting message including a first network element forward random number, using UE.ID, MMEn.ID The MMEn exchange private key, the first temporary private key, the terminal exchange public key, and the second temporary public key generate a first consistency check key, and use the first consistency check key pair UE_Hello and the first network element before Performing a message integrity calculation on the hello message generates a first message integrity calculation result and sends Msg4 to the UE.
该Msg4的消息结构如下:The message structure of the Msg4 is as follows:
MMEn-UEHello           //MMEn的前向问候信息MMEn-UEHello // MMEn forward greeting message
MMEn-UE.Nounce     //MMEn前向随机数MMEn-UE.Nounce // MMEn forward random number
MMEn-UEKey           //MMEn和UE交互的密钥信息MMEn-UEKey //Key information of MMEn and UE interaction
MMEn-UE.keyinfo     //MMEn的临时公钥,即第一临时公钥MMEn-UE.keyinfo // Temporary public key of MMEn, ie the first temporary public key
MMEnFinish            //完整性计算结果MMEnFinish //Integrity calculation result
MMEn-UE.Mic(MMEn-UEHello,UE_Hello)   //携带第一消息完整性计算结果,括号中字段顺序不能变MMEn-UE.Mic(MMEn-UEHello, UE_Hello) // carries the first message integrity calculation result, and the field order in parentheses cannot be changed.
MMEo-MMEnRsep        //消息3中MMEo发送的MMEo-MMEnRsep //Message 3 sent by MMEo
MMEo-UE.Sig           //消息3中MMEo发送的MMEo-UE.Sig //Message 3 sent by MMEo
其中,第一一致性检查密钥及消息完整性计算的具体实现方式可以参照上述实施例的描述,这里不再赘述。For a specific implementation manner of the first consistency check key and the message integrity calculation, refer to the description of the foregoing embodiment, and details are not described herein again.
步骤350、UE收到消息Msg4,使用保存的MMEo的签名证书验证MMEo-UE.Sig,验证成功后,利用Msg4中的信息、GUTI、第一临时公钥(xP)、终端交换私钥和第二临时私钥(z)生成第二一致性检查密钥。Step 350: The UE receives the message Msg4, and verifies the MMEo-UE.Sig by using the saved MMEo's signature certificate. After the verification succeeds, the information in the Msg4, the GUTI, the first temporary public key (xP), the terminal exchange private key, and the first The second temporary private key (z) generates a second consistency check key.
生成第二一致性密钥的具体实现方式可以参照上述实施例的描述,这里不再赘述。For a specific implementation manner of generating the second consistency key, refer to the description of the foregoing embodiment, and details are not described herein again.
进一步的,终端将保存CertMMEn。Further, the terminal will save CertMMEn.
步骤360、UE使用该第二一致性检查密钥对UE_Hello和第一网元前向问候消息进行消息完整性计算产生第二消息完整性计算结果,将第二消息完整性计算结果与MMEn发送 的第一消息完整性计算结果进行比对,比对正确后,使用生成的第二一致性检查密钥对UE_Hello和第一网元前向问候消息进行第二次消息完整性计算产生第三消息完整性计算结果,向MMEn发送Msg5。Step 360: The UE uses the second consistency check key to perform message integrity calculation on the UE_Hello and the first network element forward greeting message to generate a second message integrity calculation result, and send the second message integrity calculation result to the MMEn. The first message integrity calculation result is compared, and after the comparison is correct, the second message integrity calculation is performed on the UE_Hello and the first network element forward greeting message using the generated second consistency check key to generate a third As a result of the message integrity calculation, Msg5 is sent to MMEn.
该Msg5的消息格式如下:The message format of the Msg5 is as follows:
UEFinish                   //UE结束信息UEFinish // UE end message
UE-MMEn.Mic(UEHello,MMEn-REQHello) //使用第二一致性检查密钥对UE_Hello和第一网元前向问候消息进行消息完整性计算的第三消息完整性计算结果UE-MMEn.Mic (UEHello, MMEn-REQHello) // Third message integrity calculation result of message integrity calculation for UE_Hello and first network element forward greeting message using the second consistency check key
消息完整性计算的具体实现方式可以参照上述实施例的描述,这里不再赘述。For a specific implementation manner of the message integrity calculation, reference may be made to the description of the foregoing embodiment, and details are not described herein again.
步骤370、MMEn收到Msg5后,使用IKASME对第一网元前向问候消息和UE-Hello进行消息完整性计算产生第四消息完整性计算结果,与Msg5的UE-MMEn.Mic进行比对验证。Step 370: After receiving the Msg5, the MME uses the IK ASME to perform the fourth message integrity calculation result on the first network element forward greeting message and the UE-Hello message integrity calculation, and compares with the UE-MMEn.Mic of the Msg5. verification.
步骤370的具体实现方式可以但不仅限于:计算Key=Hash(hUx||PMMEnzP),使用密钥导出函数KDF(Key,GUTI、MMEn标识MMEn.ID,终端随机数UE-MMEn.Nounce,MMEn随机数MMEn-UE.Nounce)产生IKASME、KASME,根据MIC(IKASME)验证Msg5的UE-MMEn.Mic值正确后,使用3GPP定义的密钥体系进行扩展。The specific implementation of the step 370 may be: but not limited to: calculating Key=Hash(h U x||P MMEn zP), using a key derivation function KDF (Key, GUTI, MMEn identifier MMEn.ID, terminal random number UE-MMEn. Nounce, MMEn random number MMEn-UE.Nounce) generates IK ASME , K ASME , and verifies that the UE-MMEn.Mic value of Msg5 is correct according to MIC (IK ASME ), and then uses the key system defined by 3GPP to expand.
步骤380、MMEn向终端发送Msg6。Step 380: The MMEn sends the Msg6 to the terminal.
如果Msg5验证正确,Msg6是鉴权成功消息,否则是失败消息。If Msg5 is verified correctly, Msg6 is an authentication success message, otherwise it is a failure message.
基于与方法同样的发明构思,本申请实施例还提供一种网络鉴权认证的系统,其结构如图4所示,具体包括:第一网元401、第二网元402、和终端403。其中:Based on the same inventive concept as the method, the embodiment of the present application further provides a system for network authentication and authentication, and the structure thereof is as shown in FIG. 4, which specifically includes: a first network element 401, a second network element 402, and a terminal 403. among them:
所述终端403,用于生成第二临时公私钥对,向第一网元401发送包含终端标识和终端随机数的终端问候消息和包含第二临时公钥的密钥交换消息;The terminal 403 is configured to generate a second temporary public-private key pair, and send, to the first network element 401, a terminal hello message including a terminal identifier and a terminal random number, and a key exchange message including the second temporary public key;
所述第一网元401,用于第二网元402发送终端问候消息、包含第一网元后向随机数和第一网元签名证书的第一网元后向问候消息;The first network element 401 is configured to send, by the second network element 402, a terminal greeting message, a first network element backward greeting message including a first network element backward random number and a first network element signature certificate;
所述第二网元402,用于向第一网元401发送鉴权向量信息,所述鉴权向量信息中需要发送给终端的信息使用第二网元签名私钥进行签名;The second network element 402 is configured to send the authentication vector information to the first network element 401, where the information to be sent to the terminal in the authentication vector information is signed by using the second network element signature private key;
所述第一网元401,还用于获取所述鉴权向量信息;生成第一临时公私钥对和包含第一网元前向随机数的第一网元前向问候消息,利用获取的鉴权向量信息、第二临时公钥、第一网元交换私钥和第一临时私钥生成第一一致性检查密钥,使用所述第一一致性检查密钥对所述终端问候消息和第一网元前向问候消息进行消息完整性计算产生第一消息完整性计算结果,并向终端403发送所述鉴权向量信息、包含第一临时公钥的密钥交换消息、第一网元前向问候消息和第一消息完整性计算结果;The first network element 401 is further configured to obtain the authentication vector information, and generate a first temporary public-private key pair and a first network element forward greeting message that includes a first network element forward random number, and use the acquired information. The weight vector information, the second temporary public key, the first network element exchange private key, and the first temporary private key generate a first consistency check key, and use the first consistency check key to greet the terminal Performing a message integrity calculation with the first network element forward greeting message to generate a first message integrity calculation result, and transmitting the authentication vector information, the key exchange message including the first temporary public key, and the first network to the terminal 403 The meta-forward greeting message and the first message integrity calculation result;
所述终端403,还用于使用保存的第二网元的签名证书对接收到的鉴权向量信息的签名进行验证;验证成功后,利用接收到的鉴权向量信息、终端标识、所述第一临时公钥、 终端交换私钥、和所述第二临时私钥生成第二一致性检查密钥;使用所述第二一致性检查密钥对终端问候消息和第一网元前向问候消息进行消息完整性计算产生第二消息完整性计算结果,将第二消息完整性计算结果与第一网元发送的第一消息完整性计算结果比对,比对正确后,使用生成的第二一致性检查密钥对第一网元前向问候消息和终端问候消息进行第二次消息完整性计算产生第三消息完整性计算结果,将第三消息完整性计算结果发送给所述第一网元401;The terminal 403 is further configured to: use the saved signature of the second network element to verify the signature of the received authentication vector information; after the verification succeeds, use the received authentication vector information, the terminal identifier, and the a temporary public key, The terminal exchanges the private key and the second temporary private key to generate a second consistency check key; and uses the second consistency check key to complete the message to the terminal greeting message and the first network element forward greeting message. The second calculation completes the result of the second message integrity calculation, and compares the second message integrity calculation result with the first message integrity calculation result sent by the first network element. After the comparison is correct, the generated second consistency check is used. The second message integrity calculation result is generated by the key to the first network element forward greeting message and the terminal greeting message to generate a third message integrity calculation result, and the third message integrity calculation result is sent to the first network element 401;
所述第一网元401,还用于使用所述第一一致性检查密钥对第一网元前向问候消息和终端问候消息进行消息完整性计算产生第四消息完整性计算结果,使用生成的第四消息完整性计算结果验证终端发送的第三消息完整性计算结果,验证成功后,所述第一网元向所述终端发送鉴权成功消息。The first network element 401 is further configured to generate a fourth message integrity calculation result by using the first consistency check key to perform message integrity calculation on the first network element forward greeting message and the terminal greeting message, and use The generated fourth message integrity calculation result verifies the third message integrity calculation result sent by the terminal. After the verification succeeds, the first network element sends an authentication success message to the terminal.
本申请实施例提供的系统,网络中传递的鉴权向量经过签名私钥签名,鉴权双方使用一致性检查密钥进行消息完整性计算,进而通过对消息完整性计算结果进行验证实现鉴权,保证了鉴权信息在传递过程中的安全性以及鉴权的可靠性。In the system provided by the embodiment of the present application, the authentication vector transmitted in the network is signed by the signature private key, and the authentication parties use the consistency check key to perform message integrity calculation, and then perform authentication by verifying the message integrity calculation result. The security of the authentication information in the delivery process and the reliability of the authentication are guaranteed.
基于与方法同样的发明构思,本申请实施例还提供一种终端,其结构如图5所示,具体包括:鉴权消息发送模块501、鉴权模块502、密钥生成模块503、和消息完整性检验模块504。其中:Based on the same inventive concept as the method, the embodiment of the present application further provides a terminal, and the structure thereof is as shown in FIG. 5, which specifically includes: an authentication message sending module 501, an authentication module 502, a key generation module 503, and a message complete. Sex test module 504. among them:
鉴权消息发送模块501,用于生成第二临时公私钥对,向第一网元发送包含终端标识和终端随机数的终端问候消息和包含第二临时公钥的密钥交换消息;The authentication message sending module 501 is configured to generate a second temporary public-private key pair, and send, to the first network element, a terminal greeting message including a terminal identifier and a terminal random number, and a key exchange message including the second temporary public key;
鉴权模块502,用于使用保存的第二网元的签名证书对接收到的鉴权向量信息的签名进行验证;The authentication module 502 is configured to verify the signature of the received authentication vector information by using the saved signature certificate of the second network element.
密钥生成模块503,用于所述鉴权模块验证成功后利用所述鉴权向量信息、所述终端标识、所述第一临时公钥、终端交换私钥、和所述第二临时私钥生成第二一致性检查密钥;The key generation module 503 is configured to use the authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key after the authentication module successfully succeeds Generating a second consistency check key;
消息完整性检验模块504,用于使用所述第二一致性检查密钥对终端问候消息和第一网元前向问候消息进行消息完整性计算产生第二消息完整性计算结果,将第二消息完整性计算结果与第一网元发送的第一消息完整性计算结果比对,比对正确后,使用生成的第二一致性检查密钥对第一网元前向问候消息和终端问候消息进行第二次消息完整性计算产生第三消息完整性计算结果,将第三消息完整性计算结果发送给所述第一网元。The message integrity check module 504 is configured to generate a second message integrity calculation result by using the second consistency check key to perform a message integrity calculation on the terminal hello message and the first network element forward greeting message, and the second The result of the message integrity calculation is compared with the first message integrity calculation result sent by the first network element. After the comparison is correct, the first network element forward greeting message and the terminal greeting are used by using the generated second consistency check key. The second message integrity calculation is performed by the message to generate a third message integrity calculation result, and the third message integrity calculation result is sent to the first network element.
基于与方法同样的发明构思,本申请实施例还提供一种第一网元,其结构如图6所示,具体包括:鉴权消息发送模块601、鉴权向量信息获取模块602、和鉴权模块603。其中:Based on the same inventive concept as the method, the embodiment of the present application further provides a first network element, and the structure thereof is as shown in FIG. 6, which specifically includes: an authentication message sending module 601, an authentication vector information acquiring module 602, and an authentication. Module 603. among them:
鉴权消息发送模块601,用于向第二网元发送终端问候消息、包含第一网元后向随机数和第一网元签名证书的第一网元后向问候消息;The authentication message sending module 601 is configured to send, to the second network element, a terminal greeting message, a first network element backward greeting message including a first network element, a random number, and a first network element signature certificate;
鉴权向量信息获取模块602,用于获取所述鉴权向量信息,所述鉴权向量信息中需要发送给终端的信息使用第二网元签名私钥进行签名; The authentication vector information obtaining module 602 is configured to obtain the authentication vector information, where the information that needs to be sent to the terminal in the authentication vector information is signed by using the second network element signature private key;
鉴权模块603,用于生成第一临时公私钥对和包含第一网元前向随机数的第一网元前向问候消息,利用获取的鉴权向量信息、第二临时公钥、第一网元交换私钥和第一临时私钥生成第一一致性检查密钥,使用所述第一一致性检查密钥对所述终端问候消息和第一网元前向问候消息进行消息完整性计算产生第一消息完整性计算结果,并向终端发送所述鉴权向量信息、包含第一临时公钥的密钥交换消息、第一网元前向问候消息和第一消息完整性计算结果。The authentication module 603 is configured to generate a first temporary public-private key pair and a first network element forward greeting message including a first network element forward random number, and use the acquired authentication vector information, the second temporary public key, and the first Generating a first consistency check key by using the network exchange private key and the first temporary private key, and using the first consistency check key to complete the message to the terminal greeting message and the first network element forward greeting message. The performance calculation generates a first message integrity calculation result, and sends the authentication vector information, the key exchange message including the first temporary public key, the first network element forward greeting message, and the first message integrity calculation result to the terminal. .
基于与方法同样的发明构思,本申请实施例还提供一种第二网元,其结构如图7所示,具体包括:鉴权向量信息发送模块701,用于向第一网元发送鉴权向量信息,所述鉴权向量信息中需要发送给终端的信息使用第二网元签名私钥进行签名。Based on the same inventive concept as the method, the embodiment of the present application further provides a second network element, and the structure thereof is as shown in FIG. 7 , which specifically includes: an authentication vector information sending module 701, configured to send an authentication to the first network element. The vector information, the information that needs to be sent to the terminal in the authentication vector information is signed by using the second network element signature private key.
基于与方法同样的发明构思,本申请实施例还提供一种查询中心,其结构如图8所示,具体包括:Based on the same inventive concept as the method, the embodiment of the present application further provides a query center, and the structure thereof is as shown in FIG. 8 , which specifically includes:
信息获取模块801,用于根据所述第一网元后向问候消息中携带的第一网元的签名证书获取所述第一网元标识,查询所述第一网元标识对应的第一网元的交换公钥并验证第一网元的签名证书;The information obtaining module 801 is configured to obtain the first network element identifier according to the first network element, and the first network element corresponding to the first network element identifier, and the first network element corresponding to the first network element identifier. Exchange the public key and verify the signature certificate of the first network element;
信息发送模块802,用于生成携带第一网元的签名证书及验证结果、终端标识和所述终端的交换公钥的消息,对第一网元后向问候消息和生成的所述消息进行签名,将所述签名、所述第一网元的交换公钥和所述第一网元标识发送给所述第二网元。The information sending module 802 is configured to generate a message carrying the first network element's signature certificate and the verification result, the terminal identifier, and the exchanged public key of the terminal, and sign the first network element to the hello message and the generated message. And sending the signature, the exchange public key of the first network element, and the first network element identifier to the second network element.
本领域内的技术人员应明白,本申请的实施例可提供为方法、系统、或计算机程序产品。因此,本申请可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本申请可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art will appreciate that embodiments of the present application can be provided as a method, system, or computer program product. Thus, the present application can take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment in combination of software and hardware. Moreover, the application can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) including computer usable program code.
本申请是参照根据本申请实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (system), and computer program products according to embodiments of the present application. It will be understood that each flow and/or block of the flowchart illustrations and/or FIG. These computer program instructions can be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing device to produce a machine for the execution of instructions for execution by a processor of a computer or other programmable data processing device. Means for implementing the functions specified in one or more of the flow or in a block or blocks of the flow chart.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。 The computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device. The apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device. The instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
尽管已描述了本申请的优选实施例,但本领域内的技术人员一旦得知了基本创造性概念,则可对这些实施例作出另外的变更和修改。所以,所附权利要求意欲解释为包括优选实施例以及落入本申请范围的所有变更和修改。While the preferred embodiment of the present application has been described, it will be apparent that those skilled in the art can make further changes and modifications to the embodiments. Therefore, the appended claims are intended to be interpreted as including the preferred embodiments and the modifications and
显然,本领域的技术人员可以对本申请实施例进行各种改动和变型而不脱离本申请实施例的精神和范围。这样,倘若本申请实施例的这些修改和变型属于本申请权利要求及其等同技术的范围之内,则本申请也意图包含这些改动和变型在内。 It is apparent that those skilled in the art can make various changes and modifications to the embodiments of the present application without departing from the spirit and scope of the embodiments of the present application. Thus, it is intended that the present invention cover the modifications and variations of the embodiments of the present invention.

Claims (17)

  1. 一种网络鉴权认证的方法,其特征在于,包括:A method for network authentication and authentication, comprising:
    终端生成第二临时公私钥对,向第一网元发送包含终端标识和终端随机数的终端问候消息和包含第二临时公钥的密钥交换消息;The terminal generates a second temporary public-private key pair, and sends a terminal hello message including the terminal identifier and the terminal random number and a key exchange message including the second temporary public key to the first network element;
    第一网元向第二网元发送终端问候消息、包含第一网元后向随机数和第一网元签名证书的第一网元后向问候消息;Transmitting, by the first network element, a terminal greeting message to the second network element, and the first network element backward greeting message including the first network element, the random number, and the first network element signature certificate;
    第二网元向第一网元发送鉴权向量信息,所述鉴权向量信息中需要发送给终端的信息使用第二网元签名私钥进行签名;The second network element sends the authentication vector information to the first network element, where the information that needs to be sent to the terminal in the authentication vector information is signed by using the second network element signature private key;
    所述第一网元获取所述鉴权向量信息;The first network element acquires the authentication vector information;
    所述第一网元生成第一临时公私钥对和包含第一网元前向随机数的第一网元前向问候消息,利用获取的鉴权向量信息、第二临时公钥、第一网元交换私钥和第一临时私钥生成第一一致性检查密钥,使用所述第一一致性检查密钥对所述终端问候消息和第一网元前向问候消息进行消息完整性计算产生第一消息完整性计算结果,并向终端发送所述鉴权向量信息、包含第一临时公钥的密钥交换消息、第一网元前向问候消息和第一消息完整性计算结果;The first network element generates a first temporary public-private key pair and a first network element forward greeting message including a first network element forward random number, and uses the obtained authentication vector information, the second temporary public key, and the first network. Generating a first consistency check key by using the first exchange private key and the first temporary private key, and performing message integrity on the terminal greeting message and the first network element forward greeting message by using the first consistency check key Calculating a first message integrity calculation result, and sending the authentication vector information, the key exchange message including the first temporary public key, the first network element forward greeting message, and the first message integrity calculation result to the terminal;
    所述终端使用保存的第二网元的签名证书对接收到的鉴权向量信息的签名进行验证;The terminal verifies the signature of the received authentication vector information by using the saved signature certificate of the second network element;
    验证成功后,所述终端利用所述鉴权向量信息、所述终端标识、所述第一临时公钥、终端交换私钥、和所述第二临时私钥生成第二一致性检查密钥;After the verification is successful, the terminal generates a second consistency check key by using the authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key. ;
    所述终端使用所述第二一致性检查密钥对终端问候消息和第一网元前向问候消息进行消息完整性计算产生第二消息完整性计算结果,将所述第二消息完整性计算结果与第一网元发送的所述第一消息完整性计算结果比对,比对正确后,使用生成的所述第二一致性检查密钥对第一网元前向问候消息和终端问候消息进行第二次消息完整性计算产生第三消息完整性计算结果,将所述第三消息完整性计算结果发送给所述第一网元;The terminal uses the second consistency check key to perform a message integrity calculation on the terminal hello message and the first network element forward greeting message to generate a second message integrity calculation result, where the second message integrity calculation is performed. The result is compared with the first message integrity calculation result sent by the first network element, and after the comparison is correct, the first network element forward greeting message and the terminal greeting are used by using the generated second consistency check key. The second message integrity calculation is performed by the message to generate a third message integrity calculation result, and the third message integrity calculation result is sent to the first network element.
    所述第一网元使用所述第一一致性检查密钥对第一网元前向问候消息和终端问候消息进行消息完整性计算产生第四消息完整性计算结果,使用所述第四消息完整性计算结果验证终端发送的所述第三消息完整性计算结果,验证成功后,所述第一网元向所述终端发送鉴权成功消息。The first network element uses the first consistency check key to perform a message integrity calculation on the first network element forward greeting message and the terminal greeting message to generate a fourth message integrity calculation result, using the fourth message. The integrity calculation result verifies the third message integrity calculation result sent by the terminal. After the verification succeeds, the first network element sends an authentication success message to the terminal.
  2. 根据权利要求1所述的方法,其特征在于,在所述终端的初始认证阶段,所述第二网元向第一网元发送鉴权向量信息,具体包括:The method according to claim 1, wherein in the initial authentication phase of the terminal, the second network element sends the authentication vector information to the first network element, which specifically includes:
    所述第二网元查找所述终端标识对应的所述终端的交换公钥;The second network element searches for an exchange public key of the terminal corresponding to the terminal identifier;
    所述第二网元向查询中心发送所述第一网元前向问候消息、终端标识和终端的交换公 钥;Sending, by the second network element, the first network element forward greeting message, the terminal identifier, and the terminal exchange to the query center key;
    根据所述第一网元前向问候消息中携带的第一网元的签名证书获取所述第一网元标识,查询所述第一网元标识对应的第一网元的交换公钥并验证所述第一网元的签名证书,生成携带第一网元的签名证书及验证结果、终端标识和所述终端的交换公钥的消息,对第一网元前向问候消息和生成的所述消息进行签名,将所述签名、所述第一网元的交换公钥和所述第一网元标识发送给所述第二网元;Acquiring the first network element identifier according to the signature of the first network element carried in the first network element forward greeting message, and querying the exchange public key of the first network element corresponding to the first network element identifier and verifying a signature certificate of the first network element, generating a signature certificate carrying the first network element and a verification result, a terminal identifier, and a message for exchanging the public key of the terminal, and the first network element forward greeting message and the generated message The message is signed, and the signature, the exchange public key of the first network element, and the first network element identifier are sent to the second network element.
    所述第二网元使用所述查询中心的签名证书验证签名正确后,向所述第一网元发送鉴权向量信息,所述鉴权向量信息包括:第一网元的签名证书及验证结果、第一网元的交换公钥、终端标识和终端的交换公钥、使用所述第二网元的签名私钥进行签名的终端问候消息和第一网元的签名证书及验证结果、使用所述查询中心的签名私钥进行签名的第一网元前向问候消息、终端标识和终端的交换公钥。After the second network element uses the signature certificate of the query center to verify that the signature is correct, the second network element sends the authentication vector information to the first network element, where the authentication vector information includes: a first network element's signature certificate and a verification result. The exchange public key of the first network element, the terminal identifier, and the exchange public key of the terminal, the terminal greeting message signed by the signature private key of the second network element, the signature certificate of the first network element, the verification result, and the use The first network element forward greeting message, the terminal identifier, and the exchange public key of the terminal signed by the signature private key of the query center.
  3. 根据权利要求2所述的方法,其特征在于,所述使用所述第二网元签名私钥进行签名的信息中还包括所述第一网元的签名证书,所述终端使用保存的第二网元的签名证书对接收到的鉴权向量信息的签名进行验证成功后,该方法还包括:The method according to claim 2, wherein the information that is signed by using the second network element signature private key further includes a signature certificate of the first network element, and the terminal uses the saved second After the signature of the network element is verified by the signature of the received authentication vector information, the method further includes:
    所述终端获取并保存所述第一网元的签名证书。The terminal acquires and saves a signature certificate of the first network element.
  4. 根据权利要求2或3所述的方法,其特征在于,所述终端利用接收到的鉴权向量信息、终端标识、所述第一临时公钥、终端交换私钥、和所述第二临时私钥生成第二一致性检查密钥,具体包括:The method according to claim 2 or 3, wherein the terminal utilizes the received authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private The key generates a second consistency check key, which specifically includes:
    所述终端对所述接收到的鉴权向量信息中的终端随机数进行验证,当验证成功后,将终端交换私钥与所述第一临时公钥进行点乘计算出第一密钥种子,将第一网元交换公钥与所述第二临时私钥进行点乘计算出第二密钥种子,对所述第一密钥种子和第二密钥种子进行单向运算得到密钥;The terminal verifies the terminal random number in the received authentication vector information, and after the verification succeeds, multiply the terminal exchange private key and the first temporary public key to calculate the first key seed, Calculating a second key seed by performing a point multiplication on the first network element exchange public key and the second temporary private key, and performing a one-way operation on the first key seed and the second key seed to obtain a key;
    所述终端利用所述密钥、终端标识、第一网元标识、第一网元前向随机数、和终端随机数,生成第二一致性检查密钥;The terminal generates a second consistency check key by using the key, the terminal identifier, the first network element identifier, the first network element forward random number, and the terminal random number;
    所述第一网元利用获取的鉴权向量信息、所述第二临时公钥、所述第一网元交换私钥、和所述第一临时私钥生成第一一致性检查密钥,具体包括:The first network element generates a first consistency check key by using the obtained authentication vector information, the second temporary public key, the first network element exchange private key, and the first temporary private key. Specifically include:
    所述第一网元将终端交换公钥与所述第一临时私钥进行点乘计算出第三密钥种子,将第一网元交换私钥与所述第二临时公钥进行点乘计算出第四密钥种子,对所述第三密钥种子和第四密钥种子进行单向运算得到密钥;The first network element performs a point multiplication of the terminal exchange public key and the first temporary private key to calculate a third key seed, and performs point multiplication calculation on the first network element exchange private key and the second temporary public key. a fourth key seed, performing a one-way operation on the third key seed and the fourth key seed to obtain a key;
    所述第一网元利用所述密钥、终端标识、第一网元标识、第一网元前向随机数、和终端随机数,生成第一一致性检查密钥。The first network element generates a first consistency check key by using the key, the terminal identifier, the first network element identifier, the first network element forward random number, and the terminal random number.
  5. 根据权利要求1所述的方法,其特征在于,在跟踪区域更新阶段,所述第二网元向第一网元发送鉴权向量信息,具体包括: The method according to claim 1, wherein in the tracking area update phase, the second network element sends the authentication vector information to the first network element, which specifically includes:
    所述第二网元使用第二网元签名私钥对所述第一网元签名证书及验证结果和所述第一网元交换公钥、所述终端标识和保存的终端交换公钥进行签名后发送给所述第一网元。The second network element uses the second network element signature private key to sign the first network element signature certificate and the verification result, the first network element exchange public key, the terminal identifier, and the saved terminal exchange public key. Then sent to the first network element.
  6. 根据权利要求5所述的方法,其特征在于,所述终端利用接收到的鉴权向量信息、终端标识、所述第一临时公钥、终端交换私钥、和所述第二临时私钥生成第二一致性检查密钥,具体包括:The method according to claim 5, wherein the terminal generates the received authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key. The second consistency check key includes:
    所述终端对所述接收到的鉴权向量信息中的终端随机数进行验证,当验证成功后,将终端交换私钥与所述第一临时公钥进行点乘计算出第一密钥种子,将第一网元交换公钥与所述第二临时私钥进行点乘计算出第二密钥种子,对所述第一密钥种子和第二密钥种子进行单向运算得到密钥;The terminal verifies the terminal random number in the received authentication vector information, and after the verification succeeds, multiply the terminal exchange private key and the first temporary public key to calculate the first key seed, Calculating a second key seed by performing a point multiplication on the first network element exchange public key and the second temporary private key, and performing a one-way operation on the first key seed and the second key seed to obtain a key;
    所述终端利用所述密钥、终端标识、第一网元标识、第一网元后向随机数、和终端随机数,生成第二一致性检查密钥;The terminal generates a second consistency check key by using the key, the terminal identifier, the first network element identifier, the first network element backward random number, and the terminal random number;
    所述第一网元利用获取的鉴权向量信息、所述第二临时公钥、所述第一网元交换私钥、和所述第一临时私钥生成第一一致性检查密钥,具体包括:The first network element generates a first consistency check key by using the obtained authentication vector information, the second temporary public key, the first network element exchange private key, and the first temporary private key. Specifically include:
    所述第一网元将终端交换公钥与所述第一临时私钥进行点乘计算出第三密钥种子,将第一网元交换私钥与所述第二临时公钥进行点乘计算出第四密钥种子,对所述第三密钥种子和第四密钥种子进行单向运算得到密钥;The first network element performs a point multiplication of the terminal exchange public key and the first temporary private key to calculate a third key seed, and performs point multiplication calculation on the first network element exchange private key and the second temporary public key. a fourth key seed, performing a one-way operation on the third key seed and the fourth key seed to obtain a key;
    所述第一网元利用所述密钥、终端标识、第一网元标识、第一网元后向随机数、和终端随机数,生成第一一致性检查密钥。The first network element generates a first consistency check key by using the key, the terminal identifier, the first network element identifier, the first network element backward random number, and the terminal random number.
  7. 一种终端,其特征在于,包括:A terminal, comprising:
    鉴权消息发送模块,用于生成第二临时公私钥对,向第一网元发送包含终端标识和终端随机数的终端问候消息和包含第二临时公钥的密钥交换消息;The authentication message sending module is configured to generate a second temporary public-private key pair, and send, to the first network element, a terminal greeting message including a terminal identifier and a terminal random number, and a key exchange message including the second temporary public key;
    鉴权模块,用于使用保存的第二网元的签名证书对接收到的鉴权向量信息的签名进行验证;An authentication module, configured to verify, by using a saved signature certificate of the second network element, the signature of the received authentication vector information;
    密钥生成模块,用于所述鉴权模块验证成功后,利用所述鉴权向量信息、所述终端标识、所述第一临时公钥、终端交换私钥、和所述第二临时私钥生成第二一致性检查密钥;a key generation module, configured to use the authentication vector information, the terminal identifier, the first temporary public key, the terminal exchange private key, and the second temporary private key after the authentication module succeeds Generating a second consistency check key;
    消息完整性检验模块,用于使用所述第二一致性检查密钥对终端问候消息和第一网元前向问候消息进行消息完整性计算产生第二消息完整性计算结果,将第二消息完整性计算结果与第一网元发送的第一消息完整性计算结果比对,比对正确后,使用生成的所述第二一致性检查密钥对第一网元前向问候消息和终端问候消息进行第二次消息完整性计算产生第三消息完整性计算结果,将所述第三消息完整性计算结果发送给所述第一网元。a message integrity checking module, configured to generate a second message integrity calculation result by using the second consistency check key to perform a message integrity calculation on the terminal hello message and the first network element forward greeting message, and send the second message The integrity calculation result is compared with the first message integrity calculation result sent by the first network element, and after the comparison is correct, the generated second consistency check key is used to forward the first network element forward greeting message and the terminal. The second message integrity calculation result is generated by the hello message, and the third message integrity calculation result is sent to the first network element.
  8. 根据权利要求7所述的终端,其特征在于,初始认证阶段,使用所述第二网元签名私钥进行签名的信息中包括所述第一网元的签名证书,所述终端还包括:The terminal according to claim 7, wherein in the initial authentication phase, the information that is signed by using the second network element signature private key includes the signature certificate of the first network element, and the terminal further includes:
    签名证书保存模块,用于在所述鉴权模块验证成功后,获取并保存所述第一网元的签 名证书。a signing certificate saving module, configured to acquire and save the sign of the first network element after the authentication module succeeds in verifying Certificate.
  9. 根据权利要求8所述的终端,其特征在于,所述密钥生成模块具体用于:The terminal according to claim 8, wherein the key generation module is specifically configured to:
    将终端交换私钥与所述第一临时公钥进行点乘计算出第一密钥种子,将第一网元交换公钥与所述第二临时私钥进行点乘计算出第二密钥种子,对所述第一密钥种子和第二密钥种子进行单向运算得到密钥;Calculating the first key seed by multiplying the terminal exchange private key and the first temporary public key, and multiplying the first network element exchange public key and the second temporary private key to calculate a second key seed Performing a one-way operation on the first key seed and the second key seed to obtain a key;
    利用所述密钥、终端标识、第一网元标识、第一网元前向随机数、和终端随机数,生成第二一致性检查密钥。And generating, by using the key, the terminal identifier, the first network element identifier, the first network element forward random number, and the terminal random number, a second consistency check key.
  10. 根据权利要求7所述的终端,其特征在于,在跟踪区更新阶段,所述密钥生成模块具体用于:The terminal according to claim 7, wherein in the tracking area update phase, the key generation module is specifically configured to:
    将终端交换私钥与所述第一临时公钥进行点乘计算出第一密钥种子,将第一网元交换公钥与所述第二临时私钥进行点乘计算出第二密钥种子,对所述第一密钥种子和第二密钥种子进行单向运算得到密钥;Calculating the first key seed by multiplying the terminal exchange private key and the first temporary public key, and multiplying the first network element exchange public key and the second temporary private key to calculate a second key seed Performing a one-way operation on the first key seed and the second key seed to obtain a key;
    利用所述密钥、终端标识、第一网元标识、第一网元后向随机数、和终端随机数,生成第二一致性检查密钥。And generating, by using the key, the terminal identifier, the first network element identifier, the first network element backward random number, and the terminal random number, a second consistency check key.
  11. 一种第一网元,其特征在于,包括:A first network element, comprising:
    鉴权消息发送模块,用于向第二网元发送终端问候消息、包含第一网元后向随机数和第一网元签名证书的第一网元后向问候消息;An authentication message sending module, configured to send, to the second network element, a terminal greeting message, a first network element backward greeting message including a first network element, a random number, and a first network element signature certificate;
    鉴权向量信息获取模块,用于获取所述鉴权向量信息,所述鉴权向量信息中需要发送给终端的信息使用第二网元签名私钥进行签名;An authentication vector information acquiring module, configured to acquire the authentication vector information, where the information that needs to be sent to the terminal in the authentication vector information is signed by using a second network element signature private key;
    鉴权模块,用于生成第一临时公私钥对和包含第一网元前向随机数的第一网元前向问候消息,利用获取的鉴权向量信息、第二临时公钥、第一网元交换私钥和第一临时私钥生成一致性检查密钥,使用所述一致性检查密钥对所述终端问候消息和第一网元前向问候消息进行消息完整性计算产生第一消息完整性计算结果,并向终端发送所述鉴权向量信息、包含第一临时公钥的密钥交换消息、第一网元前向问候消息和所述第一消息完整性计算结果。An authentication module, configured to generate a first temporary public-private key pair and a first network element forward greeting message including a first network element forward random number, using the obtained authentication vector information, the second temporary public key, and the first network Generating a consistency check key by using the meta-switch private key and the first temporary private key, and performing message integrity calculation on the terminal hello message and the first network element forward greeting message by using the consistency check key to generate a first message complete And calculating the result, and sending the authentication vector information, the key exchange message including the first temporary public key, the first network element forward greeting message, and the first message integrity calculation result to the terminal.
  12. 根据权利要求11所述的第一网元,其特征在于,在终端的初始认证阶段,所述鉴权向量信息获取模块获取的鉴权向量信息包括:使用第二网元签名私钥签名的终端问候消息和第一网元的签名证书及验证结果,和使用查询中心签名私钥签名的第一网元前向问候消息和终端标识和终端的交换公钥。The first network element according to claim 11, wherein in the initial authentication phase of the terminal, the authentication vector information acquired by the authentication vector information acquiring module includes: a terminal signed by using a second network element to sign a private key The greeting message and the signature certificate and the verification result of the first network element, and the first network element forward greeting message and the terminal identifier and the exchange public key of the terminal signed by the query center signature private key.
  13. 根据权利要求12所述的第一网元,其特征在于,所述鉴权模块利用获取的鉴权向量信息、所述第二临时公钥、所述第一网元交换私钥、和所述第一临时私钥生成第一一致性检查密钥时,具体用于:The first network element according to claim 12, wherein the authentication module uses the acquired authentication vector information, the second temporary public key, the first network element exchange private key, and the When the first temporary private key generates the first consistency check key, it is specifically used to:
    将终端交换公钥与所述第一临时私钥进行点乘计算出第三密钥种子,将第一网元交换 私钥与所述第二临时公钥进行点乘计算出第四密钥种子,对所述第三密钥种子和第四密钥种子进行单向运算得到密钥;Calculating a third key seed by performing point multiplication of the terminal exchange public key and the first temporary private key, and exchanging the first network element Calculating a fourth key seed by performing a dot multiplication with the second temporary public key, and performing a one-way operation on the third key seed and the fourth key seed to obtain a key;
    利用所述密钥、终端标识、第一网元标识、第一网元前向随机数、、和终端随机数,生成第一一致性检查密钥。The first consistency check key is generated by using the key, the terminal identifier, the first network element identifier, the first network element forward random number, and the terminal random number.
  14. 根据权利要求11所述的第一网元,其特征在于,在跟踪区更新阶段,所述鉴权模块利用获取的鉴权向量信息、所述第二临时公钥、所述第一网元交换私钥、和所述第一临时私钥生成第一一致性检查密钥,具体包括:The first network element according to claim 11, wherein in the tracking area update phase, the authentication module uses the acquired authentication vector information, the second temporary public key, and the first network element exchange The private key and the first temporary private key generate a first consistency check key, which specifically includes:
    将终端交换公钥与所述第一临时私钥进行点乘计算出第三密钥种子,将第一网元交换私钥与所述第二临时公钥进行点乘计算出第四密钥种子,对所述第三密钥种子和第四密钥种子进行单向运算得到密钥;Calculating a third key seed by multiplying the terminal exchange public key and the first temporary private key, and multiplying the first network element exchange private key and the second temporary public key to calculate a fourth key seed Performing a one-way operation on the third key seed and the fourth key seed to obtain a key;
    利用所述密钥、终端标识、第一网元标识、第一网元后向随机数、和终端随机数,生成第一一致性检查密钥。The first consistency check key is generated by using the key, the terminal identifier, the first network element identifier, the first network element backward random number, and the terminal random number.
  15. 一种第二网元,其特征在于,包括:A second network element, comprising:
    鉴权向量信息发送模块,用于向第一网元发送鉴权向量信息,所述鉴权向量信息中需要发送给终端的信息使用第二网元签名私钥进行签名。The authentication vector information sending module is configured to send the authentication vector information to the first network element, where the information to be sent to the terminal in the authentication vector information is signed by using the second network element signature private key.
  16. 根据权利要求15所述的第二网元,其特征在于,在终端初始认证阶段,所述鉴权向量信息发送模块具体用于:The second network element according to claim 15, wherein in the initial authentication stage of the terminal, the authentication vector information sending module is specifically configured to:
    查找所述终端标识对应的所述终端的交换公钥;Finding an exchange public key of the terminal corresponding to the terminal identifier;
    向查询中心发送后向问候消息、终端标识和终端的交换公钥;Sending a backward greeting message, a terminal identifier, and an exchange public key of the terminal to the query center;
    获取经过查询中心私钥签名的第一网元的签名证书及验证结果、所述终端标识、所述终端交换公钥、和所述第一网元后向随机数随机数,使用所述查询中心的签名证书验证签名正确后,向所述第一网元发送鉴权向量信息,所述鉴权向量信息包括:第一网元的签名证书及验证结果、第一网元的交换公钥、终端标识和终端的交换公钥、使用所述第二网元的签名私钥进行签名的终端问候消息和第一网元的签名证书及验证结果、使用所述查询中心的签名私钥进行签名的第一网元后向问候消息和终端标识和终端的交换公钥。Obtaining a signature certificate and a verification result of the first network element signed by the query center private key, the terminal identifier, the terminal exchange public key, and the first network element backward random number random number, using the query center After the signature certificate verification signature is correct, the authentication vector information is sent to the first network element, where the authentication vector information includes: a signature certificate and a verification result of the first network element, an exchange public key of the first network element, and a terminal And the exchange public key of the identifier and the terminal, the terminal greeting message signed by using the signature private key of the second network element, the signature certificate and the verification result of the first network element, and the signature of the signature private key of the query center A network element forwards the greeting message and the terminal identification and the exchange of the public key of the terminal.
  17. 一种查询中心,其特征在于,包括:An inquiry center, comprising:
    信息获取模块,用于根据所述第一网元后向问候消息中携带的第一网元的签名证书获取所述第一网元标识,查询所述第一网元标识对应的第一网元的交换公钥并验证第一网元的签名证书;The information acquiring module is configured to obtain the first network element identifier according to the first network element, and query the first network element corresponding to the first network element identifier according to the first network element Exchange the public key and verify the signature certificate of the first network element;
    信息发送模块,用于生成携带第一网元的签名证书及验证结果、终端标识和所述终端的交换公钥的消息,对第一网元后向问候消息和生成的所述消息进行签名,将所述签名、所述第一网元的交换公钥和所述第一网元标识发送给所述第二网元。 The information sending module is configured to generate a message carrying the first network element's signature certificate and the verification result, the terminal identifier, and the exchanged public key of the terminal, and sign the first network element back greeting message and the generated message, Transmitting the signature, the exchange public key of the first network element, and the first network element identifier to the second network element.
PCT/CN2015/074962 2014-03-27 2015-03-24 Method and device for network authentication certification WO2015144042A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410120427.5 2014-03-27
CN201410120427.5A CN104955040B (en) 2014-03-27 2014-03-27 Network authentication method and equipment

Publications (1)

Publication Number Publication Date
WO2015144042A1 true WO2015144042A1 (en) 2015-10-01

Family

ID=54169315

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/074962 WO2015144042A1 (en) 2014-03-27 2015-03-24 Method and device for network authentication certification

Country Status (2)

Country Link
CN (1) CN104955040B (en)
WO (1) WO2015144042A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108810884A (en) * 2017-05-06 2018-11-13 华为技术有限公司 Cipher key configuration method, apparatus and system
WO2022199569A1 (en) * 2021-03-22 2022-09-29 中国移动通信有限公司研究院 Configuration method and apparatus for terminal device, and communication device

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108476131B (en) 2015-12-31 2021-02-12 华为技术有限公司 Data transmission method, device and equipment
CN108282780A (en) * 2017-01-05 2018-07-13 中兴通讯股份有限公司 A kind of key transmission method and device
CN110022320B (en) * 2019-04-08 2020-12-18 北京纬百科技有限公司 Communication pairing method and communication device
CN110572828B (en) * 2019-10-24 2020-09-08 山东省计算中心(国家超级计算济南中心) Internet of things security authentication method, system and terminal based on state cryptographic algorithm

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101640886A (en) * 2008-07-29 2010-02-03 上海华为技术有限公司 Authentication method, re-authentication method and communication device
CN102036238A (en) * 2010-12-27 2011-04-27 中国科学院软件研究所 Method for realizing user and network authentication and key distribution based on public key
CN102196436A (en) * 2010-03-11 2011-09-21 华为技术有限公司 Security authentication method, device and system

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080292105A1 (en) * 2007-05-22 2008-11-27 Chieh-Yih Wan Lightweight key distribution and management method for sensor networks
CN101557286A (en) * 2008-04-08 2009-10-14 鸿富锦精密工业(深圳)有限公司 Secure transmission system and method
CN101394412B (en) * 2008-09-28 2012-03-07 西安西电捷通无线网络通信股份有限公司 Method for preventing the first message of security protocol from being forged
CN102026178B (en) * 2010-12-31 2013-06-12 成都三零瑞通移动通信有限公司 User identity protection method based on public-key mechanism

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101640886A (en) * 2008-07-29 2010-02-03 上海华为技术有限公司 Authentication method, re-authentication method and communication device
CN102196436A (en) * 2010-03-11 2011-09-21 华为技术有限公司 Security authentication method, device and system
CN102036238A (en) * 2010-12-27 2011-04-27 中国科学院软件研究所 Method for realizing user and network authentication and key distribution based on public key

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108810884A (en) * 2017-05-06 2018-11-13 华为技术有限公司 Cipher key configuration method, apparatus and system
WO2018205394A1 (en) * 2017-05-06 2018-11-15 华为技术有限公司 Key configuration method, apparatus and system
CN110574406A (en) * 2017-05-06 2019-12-13 华为技术有限公司 Key configuration method, device and system
CN108810884B (en) * 2017-05-06 2020-05-08 华为技术有限公司 Key configuration method, device and system
CN110574406B (en) * 2017-05-06 2021-04-20 华为技术有限公司 Key configuration method, device and system
WO2022199569A1 (en) * 2021-03-22 2022-09-29 中国移动通信有限公司研究院 Configuration method and apparatus for terminal device, and communication device

Also Published As

Publication number Publication date
CN104955040A (en) 2015-09-30
CN104955040B (en) 2019-12-24

Similar Documents

Publication Publication Date Title
WO2015144041A1 (en) Network authentication method and device
US8559633B2 (en) Method and device for generating local interface key
US7715822B2 (en) Secure bootstrapping for wireless communications
EP3605942B1 (en) Key agreement for wireless communication
CN113099443B (en) Equipment authentication method, device, equipment and system
US9654284B2 (en) Group based bootstrapping in machine type communication
WO2015144042A1 (en) Method and device for network authentication certification
US20180199205A1 (en) Wireless network connection method and apparatus, and storage medium
JP2013165518A (en) Secure session key generation
WO2020216338A1 (en) Parameter sending method and apparatus
CN110536292A (en) The method and apparatus and authentication method and device of transmission terminal serial number
CN111641498A (en) Key determination method and device
KR101683286B1 (en) System and method for authenticating sink using mobile network
CN101547091A (en) Method and device for transmitting information
WO2018126783A1 (en) Key transmission method, device, and computer storage medium
Franklin et al. Enhanced authentication protocol for improving security in 3GPP LTE networks
CN104780537A (en) WLAN (wireless local area network) identity verification method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15769139

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15769139

Country of ref document: EP

Kind code of ref document: A1