WO2017091959A1

WO2017091959A1 - Data transmission method, user equipment and network side device

Info

Publication number: WO2017091959A1
Application number: PCT/CN2015/096035
Authority: WO
Inventors: 刘菁; 黄敏; 舒兵
Original assignee: 华为技术有限公司
Priority date: 2015-11-30
Filing date: 2015-11-30
Publication date: 2017-06-08
Also published as: CN108293223A; CN108293223B

Abstract

Provided in the present invention are a data transmission method, user equipment and network side device. The method comprises: a user equipment (UE) employs an encryption key and an integrity protection key to perform encryption and integrity protection on a data packet, wherein the encryption key and the integrity protection key are generated by the UE according to a first random number generated by the UE or a second random number received from the network side device, and the data packet comprises an identifier of the UE and user data; and if a radio resource control (RRC) connection to a base station is not established, the UE transmits the encrypted and integrity-protected data packet to the network side device. Implementing the present invention can realize secure data transmission if an RRC connection is not established between a UE and a base station, thereby reducing the signaling overhead.

Description

Data transmission method, user equipment and network side equipment

Technical field

The present invention relates to the field of communications technologies, and in particular, to a data transmission method, a user equipment, and a network side device.

Background technique

For the third generation mobile communication system (3rd generation, 3G) and its Long Term Evolution (LTE) system, in order to ensure the security of data transmission, the user equipment (User Equipment, UE) transmits data to the network side. The security authentication and key agreement process between the UE and the network side must be performed. Currently, an Evolved Packet System (EPS) authentication and an Authentication and Key Agreement (AKA) protocol are used in the LTE system. The security authentication and key agreement process between the UE and the network side is completed. Before the security authentication and the key agreement process between the UE and the network, the connection establishment process of the radio resource control (RRC) between the UE and the base station is required, that is, the control between the UE and the base station needs to be established. Face connection/bearing, and after establishing the RRC connection process, it is also necessary to establish a control plane connection and a user plane bearer between the base station and the core network, and a user plane bearer between the UE and the base station, after establishing these connections/bearers The UE can send user data to the network side through the user plane bearer.

In recent years, Machine-to-Machine (M2M), as a new communication concept, has received extensive attention and a large number of applications in daily life. M2M technology is the integration of wireless communication and information technology for two-way. Communication for safety monitoring, vending machines, cargo tracking, payment systems (automated teller machines, support terminals and parking metering meters, etc.) and vehicle remote control (eg fleet management, toll collection, vehicle recovery and payment of premiums based on driving conditions) Etc) and other fields. According to the communication object, the M2M can be divided into three communication modes: machine-to-machine, machine-to-mobile terminal (such as user remote monitoring), and mobile terminal-to-machine (such as user remote control). In M2M communication, an M2M device that accesses a network is also referred to as a Machine Type Communication (MTC) device. MTC requires no human intervention and can communicate directly between the machine and the machine. In recent years As a new communication concept, MTC is becoming more and more abundant, and MTC is also a trend of intelligent development in the future. Therefore, MTC functions need to be supported in LTE systems. For the MTC service, the data sent by the MTC device to the network side is usually packet data (usually tens to hundreds of bytes). If the data transmission mode is used in the prior art, the UE needs to establish a control plane connection between the UE and the eNB, a control plane connection between the eNB and the core network, and a user plane before sending the packet data to the network side. The bearer and the user plane bearer process between the UE and the eNB have a large number of signaling interactions when establishing these connection/bearing processes, and thus a large signaling overhead is generated, resulting in low system efficiency.

Summary of the invention

The embodiments of the present invention provide a data transmission method, a user equipment, and a network side device, so that signaling resources required for establishing a control plane connection and a user plane bearer can be reduced, and system efficiency is improved.

In a first aspect, an embodiment of the present invention provides a user equipment, including a processor, a receiver, and a transmitter. The processor is configured to invoke the data storage program code stored in the memory to perform the following operations: using an encryption key. Encrypting and integrity protection of the data packet with the integrity protection key, wherein the encryption key and the integrity protection key are first random numbers generated by the user equipment UE according to the UE or from the network side device Generated by the received second random number, the data packet includes the identifier of the UE and user data; when the UE does not establish an RRC connection with the radio resource control of the base station, the encryption and integrity are performed by the transmitter The protected data packet is sent to the network side device. If the UE does not establish an RRC connection with the base station, the UE may generate an encryption key and an integrity protection key according to the first random number generated by the UE or the second random number received by the network side device, and further, the data packet to be transmitted. The security processing is performed, and the securely processed data packet is sent to the network side device, which ensures the security of the data transmission, and can reduce the signaling resources required for establishing the control plane connection and the user plane bearer, thereby improving system efficiency.

With reference to the first aspect, in a first possible implementation manner of the first aspect, the data packet further includes the first random number, where the first random number is used by the network side device to determine the data The decryption key and integrity verification key used by the packet for decryption and integrity verification. When the user has the user data to be sent, the UE does not rely on the random number of the home subscriber HSS to generate and deliver the derivative key, but instead generates the first random number of the derived key by the UE, and First random number The encryption key and integrity protection key for generating encryption and integrity protection of the data packet to be transmitted are processed to securely process the data packet, thereby ensuring the security of data transmission and improving data transmission efficiency.

With reference to the first aspect, or the first possible implementation manner of the first aspect, in a second possible implementation manner of the first aspect, the data packet further includes the security algorithm indication information selected by the UE, The security algorithm indication information is used by the network side device to determine a decryption algorithm and an integrity verification algorithm used for decrypting and integrity verification of the data packet. When the UE has user data to be sent, it does not rely on the security algorithm selected and delivered by the network side device (including the encryption algorithm and the integrity protection algorithm), but the UE selects the data packet to be transmitted for security. The security algorithm is processed to securely process the data packet, thereby ensuring the security of the data transmission and improving the data transmission efficiency.

With reference to the first aspect, in a third possible implementation manner of the first aspect, before the encrypting and integrity protection of the data packet by using the encryption key and the integrity protection key, the processor is further configured to perform the following The operation is: when the UE does not establish the RRC connection with the base station, the network side device sends an authentication request to the home subscription user server HSS, where the authentication request includes the identifier of the UE, The authentication request is used to trigger the HSS to generate the second random number and determine, according to the identifier of the UE and the second random number, that the network side device uses the data packet to perform decryption and integrity verification. a decryption key and an integrity verification key; receiving, by the receiver, a response message sent by the HSS through the network side device, the response message including the second random number; using the integrity protection secret The key performs integrity verification on the response message. The UE requests authentication from the network side device when the RRC connection is not established, and generates an encryption key and an integrity protection key for performing security processing on the data packet to be transmitted by using the second random number received from the network side device, thereby ensuring no RRC. The security of the data transmission during the connection reduces the signaling overhead of establishing the control plane connection and the user plane bearer, improves the system efficiency, and the UE can implement the network side device by performing integrity verification on the response message sent by the network side device. The security authentication does not depend on the authentication vector generated and delivered by the HSS, which simplifies the security authentication process of the UE to the network side device.

With reference to the first aspect, or any one of the possible implementation manners of the first aspect, in a fourth possible implementation manner of the first aspect, the processor is further configured to: receive the network by using the receiver A confirmation message sent by the side device after the integrity verification of the data packet is successful; The integrity protection key performs integrity verification on the acknowledgment message. The UE can perform the security verification on the network side device by performing the integrity verification on the acknowledgment message sent by the network side device, and no longer relies on the HSS to generate and send the authentication vector, which simplifies the security authentication process of the UE to the network side device.

With reference to the fourth possible implementation of the first aspect, in a fifth possible implementation manner of the first aspect, the data packet further includes a third random number generated by the UE, where the third random number is used. After the integrity verification of the data packet is successful, the network side device updates the identifier of the UE; the processor is further configured to: after performing integrity verification on the acknowledgement message, according to The third random number updates an identifier of the UE. The UE and the network side device synchronously update the identifier of the UE, which can enhance the privacy of the UE, avoid exposing the UE's whereabouts during data transmission, and further improve the security of data transmission.

In conjunction with the first aspect, or any one of the possible implementation manners of the first aspect, in a sixth possible implementation manner of the first aspect, the network side device includes a base station or a serving gateway.

With reference to the sixth possible implementation of the first aspect, in a seventh possible implementation manner of the first aspect, the data packet further includes an identifier of the destination server, where the identifier of the destination server is used to serve the gateway and the The destination server establishes a Transmission Control Protocol TCP connection and sends the user data to the destination server through the TCP connection.

In conjunction with the sixth possible implementation of the first aspect, or the seventh possible implementation of the first aspect, in an eighth possible implementation manner of the first aspect, when the network side device includes the service And the identifier of the serving gateway is used by the base station to send the data packet to the serving gateway.

In conjunction with the sixth possible implementation of the first aspect, or the seventh possible implementation of the first aspect, or the eighth possible implementation of the first aspect, the ninth possible implementation of the first aspect In the manner, the sending, by the transmitter, the encrypted and integrity-protected data packet to the network side device, includes: performing, by the transmitter, the encrypted and integrity-protected data packet by using a random connection The incoming preamble message or the RRC connection setup request message is sent to the base station. The UE reduces the establishment of the control plane by carrying the data packet in the random access preamble message or the RRC connection setup request message or other resources allocated by the base station to the UE, and then sending the data packet to the network side device. The connection and user planes carry the required signaling resources, which improves system efficiency.

In a second aspect, an embodiment of the present invention provides a network side device, including a processor, a receiver, and a transmitter, wherein the data transmission program code used by the processor to invoke the memory performs an operation of: receiving, by the receiver, a data packet sent by a user equipment UE when a radio resource control RRC connection with a base station is not established, The data packet includes an identifier of the UE and user data, where the data packet is a data packet obtained by performing encryption and integrity protection on the UE, and determining, according to the identifier of the UE, a decryption key corresponding to the UE. An integrity verification key; decrypting and integrity verification of the data packet using the decryption key and the integrity verification key; passing the transmitter after successful verification of the integrity of the data packet The user data is sent to the destination server. The network side device receives a data packet sent by the UE when the RRC connection with the base station is not established, and determines a decryption key and an integrity verification key for decrypting and integrity verification of the data packet according to the identifier of the UE, and the data is verified by using the data. The integrity verification of the packet implements the security authentication of the UE, which simplifies the security authentication process of the network side device to the UE, and reduces the signaling overhead of establishing control plane connection and user plane bearer, and improves system efficiency.

With reference to the second aspect, in a first possible implementation manner of the second aspect, the data packet further includes a first random number generated by the UE, and determining, according to the identifier of the UE, the decryption corresponding to the UE And the key and integrity verification key, including: sending the identifier of the UE and the first random number to a home subscription subscriber server HSS, generating an intermediate key of the UE by using the HSS, and according to the HSS The generated intermediate key generates a decryption key and an integrity verification key corresponding to the UE, and stores a correspondence between the identifier of the UE and the decryption key and the integrity verification key.

With reference to the second aspect, or the first possible implementation manner of the second aspect, in a second possible implementation manner of the second aspect, the data packet further includes the security algorithm indication information selected by the UE, where The security algorithm indication information is used by the network side device to determine a decryption algorithm and an integrity verification algorithm used for decrypting and integrity verification of the data packet.

With reference to the second aspect, in a third possible implementation manner of the second aspect, the receiving, by the receiver, the data packet that is sent by the user equipment UE when the radio resource control RRC connection with the base station is not established is performed by the receiver, The processor is further configured to: receive, by the receiver, an authentication request sent by the UE when the RRC connection is not established with the base station, where the authentication request includes an identifier of the UE; Sending the authentication request to the home subscriber server HSS, the authentication request is used to trigger the HSS to generate a second random number and according to the identifier of the UE and the second Generating, by the random number, an intermediate key of the UE, the network side device generating a decryption key and an integrity verification key according to the intermediate key generated by the HSS, and storing the identifier of the UE and the decryption key Corresponding relationship between the key and the integrity verification key; sending, by the transmitter, a response message to the UE, the response message includes the second random number, and the second random number is used by the UE to generate The encryption key and integrity protection key used to encrypt and integrity protect the data packet. The network side device receives an authentication request sent by the UE when the RRC connection with the base station is not established, generates a second random number of the derived key by using the HSS, and determines to decrypt the data packet according to the intermediate key of the UE generated by the HSS. The integrity verification decryption key and the integrity verification key realize the security authentication of the UE by performing integrity verification on the data packet, simplifying the security authentication process of the network side device to the UE, and reducing the establishment of the control plane connection and the user. The signaling overhead carried by the plane improves the system efficiency.

In conjunction with the second aspect, or any one of the possible implementations of the second aspect, in a fourth possible implementation of the second aspect, the processor is further configured to: perform integrity on the data packet After the verification is successful, an acknowledgement message is sent to the UE by the transmitter, and the acknowledgement message is used by the UE to perform integrity verification on the acknowledgement message by using the integrity protection key of the UE.

With the fourth possible implementation of the second aspect, in a fifth possible implementation manner of the second aspect, the data packet further includes a third random number generated by the UE, where the third random number is used. After the integrity verification of the acknowledgment message by the UE is successful, the identifier of the UE is updated; the processor is further configured to: after performing integrity verification on the data packet, according to the The three random numbers update the identifier of the UE, and store the updated correspondence between the identifier of the UE and the decryption key and the integrity verification key. The network side device and the UE synchronously update the identifier of the UE, which can enhance the privacy of the UE, avoid exposing the UE's whereabouts during data transmission, and further improve the security of data transmission.

With reference to the second aspect, or any one of the possible implementation manners of the second aspect, in a sixth possible implementation manner of the second aspect, the network side device includes a base station or a serving gateway.

In conjunction with the sixth possible implementation of the second aspect, in a seventh possible implementation manner of the second aspect, the data packet further includes an identifier of the destination server, where the user data is sent by the transmitter The sending to the destination server includes: establishing a transmission control protocol TCP connection with the destination server according to the identifier of the destination server, and sending the user data to the destination server by using the TCP connection. Therefore, the DNS domain name resolution process is no longer triggered by the UE, that is, the UE does not need to pass. The TCP connection process with the destination server is established by occupying a large number of air interface resources, but the DNS process is triggered by the service gateway instead of the UE, and the service gateway establishes a TCP connection with the destination server, thereby connecting the decrypted user data through the TCP connection. Sent to the destination server, thus reducing the signaling resources for establishing a TCP connection.

With reference to the sixth possible implementation of the second aspect, or the seventh possible implementation of the second aspect, in an eighth possible implementation manner of the second aspect, when the network side device includes the service And the identifier of the serving gateway is used by the base station to send the data packet to the serving gateway.

In conjunction with the sixth possible implementation of the second aspect, or the seventh possible implementation of the second aspect, or the eighth possible implementation of the second aspect, the ninth possible implementation of the second aspect In the mode, the receiving, by the receiver, the data packet that is sent by the user equipment UE when the RRC connection with the radio resource control of the base station is not established, includes: receiving, by the receiver, the user equipment, the UE, does not establish radio resource control with the base station. A data packet transmitted by a random access preamble message or an RRC connection setup request message when the RRC is connected.

In a third aspect, an embodiment of the present invention provides a data transmission method, where a user equipment UE implements secure transmission of data when a radio resource control RRC connection with a base station is not established, and the method includes: the UE uses an encryption key. The key and the integrity protection key perform encryption and integrity protection on the data packet, where the encryption key and the integrity protection key are the first random number generated by the UE according to the UE or from the network side And generating, by the second random number received by the device, the data packet includes the identifier of the UE and user data; and the UE encrypts and integrity protects the data packet when the RRC connection with the base station is not established. Send to the network side device.

With reference to the third aspect, in a first possible implementation manner of the third aspect, the data packet further includes the first random number, where the first random number is used by the network side device to determine the data The decryption key and integrity verification key used by the packet for decryption and integrity verification.

With reference to the third aspect, or the first possible implementation manner of the third aspect, in a second possible implementation manner of the third aspect, the data packet further includes the security algorithm indication information selected by the UE, where The security algorithm indication information is used by the network side device to determine a decryption algorithm and an integrity verification algorithm used for decrypting and integrity verification of the data packet.

In conjunction with the third aspect, in a third possible implementation manner of the third aspect, the UE uses Before the encryption and integrity protection of the data packet by the secret key and the integrity protection key, the method further includes: when the UE does not establish the RRC connection with the base station, using the network side device to the home subscription user server The HSS sends an authentication request, where the authentication request includes an identifier of the UE, where the authentication request is used to trigger the HSS to generate the second random number, and determine the identifier according to the identifier of the UE and the second random number. a decryption key and an integrity verification key used by the network side device to perform decryption and integrity verification on the data packet; the UE receives a response message sent by the HSS by using the network side device, where the response message includes The second random number; the UE performs integrity verification on the response message by using the integrity protection key.

With reference to the third aspect, or any one of the foregoing possible implementation manners of the foregoing third aspect, the fourth possible implementation manner of the third aspect, An acknowledgement message sent after the packet is successfully verified by the integrity; the UE uses the integrity protection key to perform integrity verification on the acknowledgement message.

With the fourth possible implementation of the third aspect, in a fifth possible implementation manner of the third aspect, the data packet further includes a third random number generated by the UE, where the third random number is used. After the integrity verification of the data packet is successful, the network side device updates the identifier of the UE; the method further includes: after the UE successfully performs integrity verification on the acknowledgement message, according to the The third random number updates the identity of the UE.

With reference to the third aspect, or any one of the foregoing possible implementation manners of the third aspect, in a sixth possible implementation manner of the third aspect, the network side device includes a base station or a serving gateway.

In conjunction with the sixth possible implementation of the third aspect, in a seventh possible implementation manner of the third aspect, the data packet further includes an identifier of the destination server, where the identifier of the destination server is used to serve the gateway and the The destination server establishes a Transmission Control Protocol TCP connection and sends the user data to the destination server through the TCP connection.

With reference to the sixth possible implementation of the third aspect, or the seventh possible implementation manner of the third aspect, in an eighth possible implementation manner of the third aspect, when the network side device includes the service And the identifier of the serving gateway is used by the base station to send the data packet to the serving gateway.

In conjunction with the sixth possible implementation of the third aspect, or the seventh possible implementation of the third aspect, or the eighth possible implementation of the third aspect, the ninth possible implementation of the third aspect In the manner, the sending, by the encryption and integrity protection, the data packet to the network side device includes: sending, by using the random access preamble message or the RRC connection setup request message, the encrypted and integrity protected data packet. To the base station.

In a fourth aspect, the embodiment of the present invention provides a data transmission method, including: a network side device receiving a data packet sent by a user equipment UE when a radio resource control RRC connection with a base station is not established, the data packet including the UE And the user data, the data packet is obtained by performing encryption and integrity protection on the UE, and the network side device determines, according to the identifier of the UE, a decryption key and integrity verification corresponding to the UE. Key; the network side device decrypts and integrity verifies the data packet by using the decryption key and the integrity verification key; the network side device successfully performs integrity verification on the data packet The user data is then sent to the destination server.

With reference to the fourth aspect, in a first possible implementation manner of the fourth aspect, the data packet further includes a first random number generated by the UE, and the network side device determines the UE according to the identifier of the UE. Corresponding decryption key and integrity verification key, comprising: the network side device sending the identifier of the UE and the first random number to a home subscription subscriber server HSS, and generating, by the HSS, the middle of the UE Generating a decryption key and an integrity verification key corresponding to the UE according to the intermediate key generated by the HSS, and storing the identifier of the UE and the decryption key and the integrity verification The correspondence of the keys.

With reference to the fourth aspect, or the first possible implementation manner of the fourth aspect, in a second possible implementation manner of the fourth aspect, the data packet further includes the security algorithm indication information selected by the UE, where The security algorithm indication information is used by the network side device to determine a decryption algorithm and an integrity verification algorithm used for decrypting and integrity verification of the data packet.

With reference to the fourth aspect, in a third possible implementation manner of the fourth aspect, the network side device, before receiving the data packet sent by the user equipment UE when the radio resource control RRC connection with the base station is not established, further includes: The network side device receives an authentication request sent by the UE when the RRC connection is not established with the base station, where the authentication request includes an identifier of the UE, and the network side device sends the authentication request to a home subscription. a user server HSS, the authentication request is used to trigger the HSS to generate a second random number, and generate an intermediate key of the UE according to the identifier of the UE and the second random number, where the network side device is configured according to the The intermediate key generated by the HSS generates a decryption key and an integrity verification key, and stores the identifier of the UE and the decryption key and the integrity verification Corresponding relationship of the key; the network side device sends a response message to the UE, the response message includes the second random number, and the second random number is used by the UE to generate and encrypt the data packet And the encryption key and integrity protection key used for integrity protection.

With reference to the fourth aspect, or any one of the foregoing possible implementation manners, the fourth possible implementation manner of the fourth aspect, the method further includes: the network side device performing integrity on the data packet After the verification succeeds, an acknowledgment message is sent to the UE, and the acknowledgment message is used by the UE to perform integrity verification on the acknowledgment message by using the integrity protection key of the UE.

With reference to the fourth possible implementation manner of the fourth aspect, in a fifth possible implementation manner of the fourth aspect, the data packet further includes a third random number generated by the UE, where the third random number is used After the integrity verification of the acknowledgment message by the UE is successful, the identifier of the UE is updated; the method further includes: after the network side device successfully performs integrity verification on the data packet, according to the The third random number updates the identifier of the UE, and stores the updated correspondence between the identifier of the UE and the decryption key and the integrity verification key.

With reference to the fourth aspect, or any one of the possible implementation manners of the foregoing fourth aspect, in a sixth possible implementation manner of the fourth aspect, the network side device includes a base station or a serving gateway.

With reference to the sixth possible implementation manner of the fourth aspect, in a seventh possible implementation manner of the fourth aspect, the data packet further includes an identifier of the destination server, where the user data is sent to the destination server, The method includes: the serving gateway establishes a transmission control protocol TCP connection with the destination server according to the identifier of the destination server, and sends the user data to the destination server by using the TCP connection.

With reference to the sixth possible implementation manner of the fourth aspect, or the seventh possible implementation manner of the fourth aspect, in an eighth possible implementation manner of the fourth aspect, when the network side device includes the serving gateway And the data packet further includes an identifier of the serving gateway, where the identifier of the serving gateway is used by the base station to send the data packet to the serving gateway.

With reference to the sixth possible implementation manner of the fourth aspect, or the seventh possible implementation manner of the fourth aspect, or the eighth possible implementation manner of the fourth aspect, in a ninth possible implementation manner of the fourth aspect, The network side device receives a data packet that is sent by the user equipment UE when the RRC connection with the radio resource control of the base station is not established, and includes: receiving, by the base station, the random access by the user equipment UE when establishing the radio resource control RRC connection with the base station Sending a preamble message or an RRC connection setup request message Packet.

In a fifth aspect, the embodiment of the present invention provides a user equipment, where the user equipment is used to perform the foregoing third aspect, or the data transmission method in any one of the possible implementation manners of the third aspect, where the user equipment includes A module or unit for performing the above third aspect, or any one of the data transmission methods of the third aspect.

In a sixth aspect, the embodiment of the present invention provides a network side device, where the network side device is configured to perform the foregoing fourth aspect, or the data transmission method in any one possible implementation manner of the fourth aspect, where the network The side device includes a module or unit for performing the above fourth aspect, or any one of the data transmission methods of the fourth aspect.

In a seventh aspect, the embodiment of the present invention provides a data transmission system, including a user equipment and a network side device, where the user equipment is in the foregoing first aspect, or in any possible implementation manner of the first aspect. User equipment

The network side device is the network side device in the foregoing second aspect, or any possible implementation manner of the second aspect.

In an eighth aspect, an embodiment of the present invention provides a computer program, where the computer program includes program code, when the user equipment UE runs the computer program, the program code performs the third aspect, or the third aspect. Any data transmission method.

According to a ninth aspect, an embodiment of the present invention provides a computer program, where the computer program includes program code, and when the network side device runs the computer program, the program code performs the fourth aspect, or the fourth aspect. Any data transmission method.

The above aspects of the invention will be more apparent and understood in the following description of the various embodiments.

DRAWINGS

In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings used in the embodiments or the prior art description will be briefly described below. Obviously, the drawings in the following description are some implementations of the present invention. example.

1A is a schematic diagram of a network architecture of an LTE system;

FIG. 1B is a schematic diagram of a signaling process of an AKA security authentication and key agreement process;

2 is a schematic diagram of a signaling flow of a connection/bearer establishment process before data transmission;

3 is a schematic diagram of a network architecture of an LTE system according to an embodiment of the present invention;

4A is a schematic flowchart of a data transmission method according to an embodiment of the present invention;

4B is a schematic flowchart of another data transmission method according to an embodiment of the present invention;

4C is a schematic flowchart of another data transmission method according to an embodiment of the present invention;

4D is a schematic flowchart of another data transmission method according to an embodiment of the present invention;

4E is a schematic flowchart of another data transmission method according to an embodiment of the present invention;

4F is a schematic flowchart of another data transmission method according to an embodiment of the present invention;

4G is a schematic flowchart of another data transmission method according to an embodiment of the present invention;

FIG. 5 is a schematic structural diagram of a user equipment according to an embodiment of the present disclosure;

FIG. 6 is a schematic structural diagram of a network side device according to an embodiment of the present disclosure;

FIG. 7 is a schematic structural diagram of another user equipment according to an embodiment of the present disclosure;

FIG. 7B is a schematic structural diagram of another user equipment according to an embodiment of the present disclosure;

FIG. 7C is a schematic structural diagram of another user equipment according to an embodiment of the present disclosure;

7D is a schematic structural diagram of another user equipment according to an embodiment of the present invention;

FIG. 8 is a schematic structural diagram of another network side device according to an embodiment of the present disclosure;

FIG. 8B is a schematic structural diagram of another network side device according to an embodiment of the present disclosure;

FIG. 8C is a schematic structural diagram of another network side device according to an embodiment of the present disclosure;

FIG. 8E is a schematic structural diagram of another network side device according to an embodiment of the present invention.

detailed description

In order to better understand a data transmission method, user equipment, and network side equipment provided by the embodiments of the present invention, the following describes the network architecture, AKA security authentication, and key agreement process of the LTE system, and connection/bearer establishment before data transmission. The process is described.

Referring to FIG. 1A, FIG. 1A is a schematic diagram of a network architecture of an LTE system. The LTE system network architecture mainly includes a UE, an EUTRAN Node B (eNB), a Mobility Management Entity (MME), a Serving Gateway (S-GW), and a Packet Data Network Gateway. , P-GW) and Home Subscriber Server (HSS), where the eNB is an evolved universal radio access network (Evolved) The network elements in the Universal Terrestrial Radio Access Network (EUTRAN), the MME, the S-GW, the P-GW, and the HSS are network elements in an Evolved Packet Core (EPC). The UE and the eNB implement wireless communication through the Uu interface. The communication interface between the eNB and the MME is S1-MME, and the communication interface between the eNB and the S-GW is S1-U. In order to facilitate the development of new services, the LTE system adopts a design method in which the user plane and the control plane are separated. The control plane signaling and the user plane bearer in the core network corresponding to the LTE system are respectively responsible by the independent network element MME and the S-GW.

Specifically, the main functions of the MME include non-access stratum (NAS) signaling establishment, NAS signaling security, signaling establishment across the core network, tracking service (when the UE is in IDLE mode), roaming service, Authorization and bearer management, etc.

The S-GW is the gateway point for eNB handover, forwarding 2G/3G and other system service gateway points, completing buffering of downlink packets, some initialization work, prescribed interception interception, packet routing and forwarding, and the like. In addition, the P-GW is used for policy enforcement, packet filtering, prescribed interception, allocation of IP addresses of UEs, charging functions, packet reproduction, and the like.

It should be noted that the control signaling between the UE, the eNB and the core network is processed by the MME; the user data is transmitted to the P-GW through the S-GW, and then transmitted to the outside by the P-GW (relative to the operator) Access point name (APN) nodes, such as Public Data Network (PDN).

Referring to FIG. 1B, FIG. 1B is a schematic diagram of a signaling flow of an AKA security authentication and key agreement process. Entities participating in the security authentication and key agreement process in the LTE system include: UE, MME, and HSS. The security authentication and the key agreement process are performed based on the symmetry key, that is, a root key K is pre-shared between the UE and the HSS, specifically, the Universal Subscriber Identity Module (USIM) of the UE/ A Permanent Symmetric Root Key K is shared on the Subscriber Identity Module (SIM) and the HSS maintained by the operator. This K is written once during the manufacture of the USIM/SIM and is protected by the USIM/SIM. The mechanism is protected and cannot be read. The security authentication and key agreement process includes the following steps.

S101. The UE sends an authentication request to the MME, where the message carries the International Mobile Subscriber Identity (IMSI) of the UE, the capability of the UE (the encryption algorithm and the integrity protection algorithm supported by the UE), and the IDHSS of the HSS. Identification and other information.

S102: The MME forwards the authentication request of the UE to the HSS, where the message carries the IMSI, the network identifier (Serving Network ID, SNID), and the service network type (Network Type) of the service network. After receiving the authentication request, the HSS looks up the IMSI and the SNID in the local database to verify the legality of the two entities. If the verification succeeds, the root key K corresponding to the UE is found according to the IMSI, and a random number RAND is randomly generated, and then the authentication corresponding to the UE is generated according to the RAND, the authentication sequence number SQN, the key K and other information currently saved by itself. Authentication Vector (AV), where AV includes RAND, Authentication Token (AUTN), Expected Response (XRES), and Shared Key K _ASME (used to generate non-access stratum and access) The base key of the layer key).

S103: The HSS returns an authentication response to the MME, where the message carries the authentication vector AV of the UE, and the MME saves the received authentication vector of the UE.

S104, MME sends an authentication request to the UE, where the message carries the authentication vector of the UE corresponding to the RAND and AUTN, and the MME is the key K _ASME is assigned a key identifier KSI _ASME.

S105. After receiving the authentication request, the UE performs verification according to the received RAND and AUTN, including: calculating an AUTN′ according to the SQN in the RAND, the AUTN, and the root key K shared with the network side, and comparing the Whether the AUTN' is consistent with the received AUTN. If the UE passes the security authentication on the network side, the RAND and the root key K jointly calculate a response (Response, RES) and send it to the MME. The UE further generates an air interface key K _eNB according to K _ASME .

S106: The MME compares the received RES with the XRES in the authentication vector AV. If they are the same, the MME passes the security authentication of the UE, and further generates an air interface key K _eNB based on the K _ASME key, and K _eNB And the capabilities of the UE are sent to the eNB.

S107. The eNB determines an encryption algorithm and an integrity protection algorithm for the air interface user plane data and the control plane signaling according to the capability of the UE and the encryption algorithm and the integrity protection algorithm supported by the eNB, and adopts a security mode command (Security Mode Command, SMC). The message sends the selected encryption algorithm and integrity protection algorithm to the UE. At this time, the UE and the eNB can respectively generate the secret for air interface encryption and integrity protection by using the air interface key K _eNB and the agreed key algorithm. Keys KUP _enc , KRRC _enc, and KRRC _int , where KUP _enc is a user data encryption key for securing uplink data between the UE and the eNB, and KRRC _enc is an access layer RRC signaling encryption key for guarantee The confidentiality of the RRC signaling between the UE and the eNB, and the KRRC _int is the access layer RRC signaling integrity protection key, which is used to ensure the integrity of the RRC signaling between the UE and the eNB.

In the existing LTE system, before the UE and the network side perform the foregoing security authentication and key agreement process, the connection establishment process of the radio resource control (RRC) between the UE and the eNB needs to be established, that is, the connection establishment process needs to be established. The control plane is connected/beared between the UE and the eNB, and after the RRC connection is established, the control plane connection and the user plane bearer between the eNB and the core network, and the user plane bearer between the UE and the eNB are also required to be established. After these connections/bearers are established, the UE can send user data to the network side through the user plane bearer.

Please refer to FIG. 2 together. FIG. 2 is a schematic diagram of a signaling flow of a connection/bearer setup process before data transmission. In the LTE system, there is no signaling connection between the UE in the idle (IDLE) state and the network side, no radio resources are allocated to the UE in the network, and the UE context is not established on the network side, and the RRC connection between the UE and the network side and the eNB The S1 connection with the core network is released. Therefore, if the UE in the IDLE state needs to transmit data, the signaling flow in the connection/bearer establishment process before data transmission is as follows.

S201: When the UE has data to be sent, it waits for a physical random access channel (PRACH) scheduling period according to the random access resource information configured by the system, and sends a random access preamble (Random Access Preamble) to the eNB. Preamble message, the Preamble message includes a random access preamble sequence preamble selected by the UE.

S202. After receiving the preamble sent by the UE, the eNB sends a random access response to the UE in a random access response window. The random access response message may respond to a random access request (preamble) of multiple UEs.

The random access response is scheduled by the Downlink Control Information (DCI) carried in the Physical Downlink Control Channel (PDCCH) that is scrambled by the Radio Network Temporary Identity (RA-RNTI). And the RA-RNTI is determined by the PRACH time-frequency resource location of the preamble. The content of the random access response includes: a backoff parameter, a preamble identifier corresponding to the Preamble message, a Timing Advance (TA), an uplink resource allocated for the UE to send a third message, and a cell radio. Cell Radio Network Temporary Identity (C-RNTI), etc. The backoff parameter is used to indicate the average delay of the next time the UE initiates random access if the random access fails.

Further, the UE may be determined by the preamble identifier in the RA-RNTI and the random access response. The random access response sent by the eNB to the eNB, if the preamble corresponding to the preamble identifier in the random access response includes the preamble when the random access is initiated by itself, the user considers that the user successfully receives the random access response message, and then proceeds to the network. The third message is sent by the side. If the UE does not correctly receive the random access response, the delay of the next random access is determined according to the delay limit of the backoff parameter, and the random access resource is additionally selected to initiate the next random access. After the maximum number of random accesses is reached, the UE media access control layer (MAC) reports a random access problem to the RRC layer, triggering a radio link failure process.

S203. After receiving the random access response, the UE sends a third message on the uplink resource allocated by the eNB. Among them, the third message contains different contents for different scenarios. For example, when the UE initially accesses, the third message carries an RRC connection setup request message generated by the RRC layer.

S204. The eNB and the UE complete the final contention resolution by using the fourth message.

The fourth message content corresponds to the content of the third message. In the initial access, the fourth message carries the UE Contention Resolution Identity (MAC), and after the UE receives the MAC CE, the user identifier and the third message carried by the MAC CE are received. The user IDs carried in the comparison are compared. If they are completely consistent, the UE can know that the competition is successful.

In addition, the fourth message may further include an RRC connection setup message, configured to establish a signaling radio bearer 1 (SRB1) of the UE.

S205. After completing the contention resolution, the UE establishes a signaling radio bearer 1 (SRB1) according to the information in the RRC connection setup message, and sends an RRC connection setup complete message to the network.

The NAS service request message may be sent to the network side when the RRC connection setup complete message is sent.

S206. After receiving the RRC connection setup complete message, the eNB sends the piggybacked NAS service request message to the MME, where the MME is configured to request the MME to establish a related connection between the eNB corresponding to the UE and the core network element (ie, the control plane of the MME is connected. And S1 bearer with S-GW).

S207. The MME notifies the eNB of the information corresponding to the UE connection.

S208. The eNB sends a Security Mode Command (SMC) and an RRC Connection Reconfiguration message to the UE, which is used to activate the security of the UE and establish a Data Radio Bearer (DRB) and other Signaling Radio Bearers (SRB2) for the UE.

It should be noted that the security mode command (SMC) needs to perform integrity protection processing before sending, and the RRC connection reconfiguration message needs to be encrypted and integrity protected before being sent.

S209. After the security activation and the DRB and SRB2 configuration are completed, the UE sends a security mode complete message and an RRC connection reconfiguration complete message to the network side.

S210. After the foregoing process, the user plane data of the UE is sent to the PGW by the DRB between the UE and the eNB, and the S1 bearer between the eNB and the SGW; the control signaling of the UE and the core network is between the UE and the eNB. The SRB, and the S1AP between the eNB and the MME are sent to the MME.

In many application scenarios of the MTC service, the MTC device only sends small data volume data to the network side, and usually the data transmission period is also long, which may be a second-level unit, or in units of days, or even months. . For example, data reporting of smart metering devices (such as smart meters, smart water meters, smart gas meters, etc.), and wireless point of sale (POS) machines to send consumer information. If the existing data transmission mode is adopted, a large signaling overhead (for example, related signaling overhead in the signaling flow before the foregoing data transmission) is generated, resulting in low system efficiency.

With the above problem, the embodiment of the present invention provides a data transmission method, a user equipment, and a network side device, so that when the UE does not establish an RRC connection with the base station, that is, the control plane connection and the user plane bearer are not established, The UE can transmit data to the network side, and can ensure the security of the data transmission, thereby reducing the signaling required to establish the control plane and the user plane connection, reducing the signaling overhead, and improving the system efficiency.

The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is obvious that the described embodiments are only a part of the embodiments of the present invention, but not all embodiments. It is to be understood that the terminology used in the embodiments of the present invention is for the purpose of describing the particular embodiments, and is not intended to limit the invention. The singular forms "a", "the" and "the" It should also be understood that the term "and/or" as used herein refers to and encompasses any and all possible combinations of one or more of the associated listed items.

The user equipment UE in the following embodiments of the present invention includes, but is not limited to, an MTC device and a Mobile Broadband (MBB) device, where the user data for the MTC service (small packet data transmission service is usually not more than one kilobyte). The terminal is called an MTC device, and the MTC device may be a UE having MTC characteristics, such as a meter reading terminal, a mobile phone, a tablet computer, a notebook computer, and a palm. A computer, a mobile Internet device (MID), a wearable device (such as a smart watch, a smart bracelet, smart glasses, etc.) or other terminal device or communication module in which a USIM/SIM card is deployed. MTC devices can access Global System for Mobile Communication (GSM), General Packet Radio Service (GPRS), Universal Mobile Telecommunications System (UMTS), Evolved Universal Land A network such as a UMTS Terrestrial Radio Access Network (UTRAN) or EUTRAN communicates with an MTC server or other MTC device to implement an MTC application. Terminals for MBB services (such as the transmission of packet data such as WeChat) are called MBB devices, such as mobile phones, tablets, laptops, PDAs, MIDs, wearable devices (such as smart watches, smart bracelets, smart glasses, etc.) ) or other installation of a terminal device or communication module with a USIM/SIM card installed.

Referring to FIG. 3, FIG. 3 is a schematic diagram of a network architecture of an LTE system according to an embodiment of the present invention. The LTE system network architecture mainly includes a UE, a base station eNB, and a core network, where the core network mainly includes: an S-GW (for example, an MTC-GW in an MTC service), an HSS, and a P-GW, where P- The GW can exist independently, and the functions of the P-GW can be integrated into the S-GW to implement all functions of the existing S-GW and the P-GW through a separate S-GW, and the Uu interface is adopted between the UE and the eNB. To achieve wireless communication, the eNB and the S-GW realize data transmission through the S1-U interface, and the S-GW and the HSS implement data transmission through the newly added S-HSS interface, and the S-HSS is S-GW and HSS. The newly added interface name, the newly added interface name between the S-GW and the HSS may be other names, which are not specifically limited in the embodiment of the present invention, and the eNB may perform data transmission through the S-GW and the HSS. The user data is transmitted to the P-GW through the S-GW, and then transmitted by the P-GW to the destination server Server, or the S-GW directly transmits the user data to the server.

Referring to FIG. 4A, FIG. 4A is a schematic flowchart of a data transmission method according to an embodiment of the present invention, where the method includes but is not limited to the following steps.

S401. The user equipment UE encrypts and integrity protects the data packet by using an encryption key and an integrity protection key.

Specifically, when the user equipment UE in the IDEL state needs to send the user data to the network side device, the UE performs security processing (including encryption processing and integrity) on the data packet to be transmitted according to the encryption key and the integrity protection key. Protection processing). Wherein the UE includes but is not limited to MTC The device or the MBB device includes, but is not limited to, an identifier of the UE and user data to be transmitted by the UE. The user data is packet data, that is, small data volume user data. For example, for the MTC service, the user data transmitted by the MTC device to the network side device is packet data (usually several tens to several hundred words). In the case of the smart meter reading service, the UE can report the meter/water meter information to the network side device every month, and upload the meter/water meter information to the destination server (for example, the cell meter reading server) through the network side device. Statistical processing, wherein the reported meter/water meter information corresponds to a small amount of data, usually several tens of bytes. For another example, for the WeChat service in the MBB service, one WeChat user data transmitted by the MBB device to the network side device usually does not exceed one kilobyte.

As an optional implementation manner, the UE generates a first random number of the derived key, and generates key information of the UE step by step according to the first random number (including encrypting the transmitted data packet and The cryptographic key and the integrity protection key used by the integrity protection; as an alternative implementation, the HSS generates a second random number of the derived key, and sends the same to the And the UE generates the key information of the UE step by step according to the second random number sent by the network side device. The UE may generate the key information, where the UE may use the first random number (or the second random number) and the root key K of the UE as input parameters, according to the UE and the UE. The network side device negotiates a good key algorithm for processing to generate the key information step by step. Therefore, it can be understood that the network side device may also process the first random number (or the second random number) and the root key of the UE as an input parameter, and process according to the key algorithm. The key information corresponding to the UE (including the decryption key and the integrity verification key used for decrypting and integrity verification of the transmitted data packet) is generated step by step. The encryption key generated by the UE is the same as the decryption key generated by the network side device, and the integrity protection key generated by the UE and the complete The authentication keys are the same, and the network side devices include, but are not limited to, a base station (for example, an eNB) and a serving gateway (for example, an S-GW, and the service gateway is an MTC-GW for MTC services). It should be noted that the key algorithm may be negotiated in advance between the UE and the network side device. For example, the UE may select a key algorithm, and then send the key algorithm to the network side device. Or, the network side device selects a key algorithm, and then sends the key algorithm to the UE, which is not specifically limited in the embodiment of the present invention. In the process of generating the key information of the UE, the UE and the network side device may further add other key generation parameters to generate key information of the UE. For example, the identity of the UE, and the like.

Specifically, the UE encrypts user data in the data packet according to the encryption key to obtain encrypted user data, and the UE compares parameter information in the data packet according to the integrity protection key ( The integrity protection is included, including but not limited to the identity of the UE, to obtain integrity protection information, ie, Message Authentication Code for Inter-Massage (MAC-I). The UE transmits the encrypted user data, the parameter information, and the MAC-I obtained by the encryption and integrity protection processing as the data packet to be transmitted. For example, the UE takes the user data and the encryption key as input parameters, and then processes the encryption data (which can be considered as a hash function) to obtain encrypted user data, and the UE will use the UE. The identity and the integrity protection key are used as input parameters, and then processed by an integrity protection algorithm (a hash function) to obtain the complete message authentication code MAC-I.

For example, the identifier of the UE is A, the user data is B, and the encrypted user data obtained by encrypting the user data B by using the encryption key is B′, and the UE uses the integrity. After the protection key A performs integrity protection, the MAC-I obtained is a, and the content carried in the data packet is: A, B', and a.

Optionally, the user data may also participate in the integrity protection process, that is, the UE performs integrity protection on the parameter information and the user data according to the integrity protection key corresponding to the UE, and obtains a MAC. -I. Similarly, other parameter parameters other than the identifier of the UE in the parameter information (for example, parameters that the network side device does not need to directly use before decrypting the received data packet) may also participate in the encryption process and obtain encryption. Parameters, such that the data packet includes encrypted user data, encryption parameters, unencrypted parameters, and the MAC-I.

It should be noted that, if the user data in the data packet only participates in the encryption process and does not participate in the integrity protection process, and the parameter information only participates in the integrity protection process and does not participate in the encryption process, the UE is to the user. The two processes of encrypting data and performing integrity protection on the parameter information may be performed simultaneously, or may be performed in a time-sharing manner, and when the time-sharing is performed, the embodiment of the present invention does not limit the sequence. If the user data in the data packet participates in the encryption process and participates in the integrity protection process, the parameter information participates in the integrity protection process, and some parameters in the parameter information participate in the encryption process, The UE first performs integrity protection processing on the user data and the parameter information, obtains the MAC-I, performs encryption processing on the user data, and performs the encryption process on the user data. The encryption process is performed on the sub-parameters, wherein the encryption process of the user data and the encryption of the partial parameters may be performed simultaneously, or may be performed in a time-sharing manner, and when the time-sharing is performed, the embodiment of the present invention The order is not limited.

Optionally, for the implementation manner that the UE generates the first random number, the parameter information in the data packet further includes security algorithm indication information selected by the UE, where the security algorithm indication information includes The encryption algorithm identifier corresponding to the encryption algorithm used by the UE (for example, EEA0 (empty algorithm) in the Encryption Algority (EEA), EEA1 (standard algorithm based on 3G network), EEA2 (enhanced encryption algorithm) or EEA3 (Zhu Chongzhi algorithm), etc.) integrity protection algorithm identifier corresponding to the integrity protection algorithm used by the UE (eg EIA0 (empty algorithm), EIA1 (3G network-based standard) in EPS Integrity Algorym (EIA) Algorithm), EIA2 (Enhanced Encryption Algorithm) or EIA3 (Augmented Algorithm), etc., the encryption algorithm is used by the UE to encrypt the data packet, and the integrity protection algorithm is used by the UE to The data packet is integrity protected, and the security algorithm indicates that the information participates in the integrity protection process and does not participate in the encryption process. Specifically, the encryption algorithm is an algorithm used by the UE to encrypt the user data and encrypt some parameters in the parameter information, where the integrity protection algorithm is The algorithm used by the parameter information for integrity protection processing. It should be noted that the security algorithm indication information is only carried in the first data packet sent by the UE to the network side device, and the network side device obtains the security algorithm indication information after receiving the data packet. When the subsequent UE sends the data packet to the network side device, the security algorithm indication information may or may not be carried, and is not specifically limited in this embodiment of the present invention.

Optionally, the parameter information in the data packet further includes an identifier of the destination server.

Specifically, the identifier of the destination server includes, but is not limited to, a Uniform Resource Locator (URL). The identifier of the destination server participates in an integrity protection process, and the identifier of the destination server may also participate in an encryption process.

Optionally, if the network side device is a serving gateway, the parameter information in the data packet further includes an identifier of the serving gateway.

Specifically, after the UE sends the data packet to the serving gateway, the serving gateway sends the identifier to the UE, and the next time the UE sends the data packet to the serving gateway. The parameter information in the data packet further includes an identifier of the serving gateway. The service gateway Identifies participation in the integrity protection process and does not participate in the encryption process.

Specifically, if the network side device is a base station, the UE performs encryption and integrity protection on the data packet, and the packet data convergence protocol in the second layer (data link layer) of the wireless interface (Packet Data) Implemented in the layer of the Convergence Protocol (PDCP); if the network side device is a serving gateway, the UE and the serving gateway need to have a peer protocol sublayer, so the UE performs the data packet The encryption and integrity protection process is implemented in the peer-to-peer protocol sublayer. The protocol sublayer may be a new protocol sublayer or an extension of an existing protocol sublayer function.

S403. The UE sends the encrypted and integrity-protected data packet to the network side device when the RRC connection with the radio resource control of the base station is not established.

Specifically, the UE sends the data packet obtained by the encryption and integrity protection processing to the network side device, and the network side device receives the UE and the base station is not established, if the RRC connection with the base station is not established. The RRC connection is sent with packets that are encrypted and integrity protected. The network side device includes, but is not limited to, a base station and a serving gateway, that is, the network side device may be a base station, a service gateway, or a base station and a serving gateway. If the network side device is a base station, the UE sends the data packet to the base station, the base station receives the data packet, and performs step S405, and the message or data transmitted between the base station and the serving gateway passes the Internet protocol security. (Internet Protocol Security, IPsec) and other protocols perform security protection; if the network side device is a serving gateway, the UE sends the data packet to a base station, the base station receives the data packet, and the data is The packet is transparently transmitted to the serving gateway, and the serving gateway receives the data packet sent by the base station and performs step S405.

Optionally, the UE sends the encrypted and integrity-protected data packet to the network side device, including:

The UE sends the encrypted and integrity-protected data packet to the base station by using a random access preamble message (ie, a Preamble message) or an RRC connection setup request message or other resources allocated by the base station to the UE.

Specifically, if the network side device is the base station, the UE is in a resource in a preamble sequence in a Preamble message or in a resource in an RRC connection setup request message or in resources allocated by the other base station to the UE. Carrying the data packet, and sending the data packet to the base station, Receiving, by the base station, a data packet sent by the user equipment UE through a preamble sequence in a Preamble message or a resource in an RRC connection setup request message or other resources allocated by the base station to the UE when the RRC connection is not established; The network side device is a serving gateway, and the UE carries the data packet in a preamble sequence in a Preamble message or in a resource in an RRC connection setup request message or in a resource allocated by the other base station to the UE. The data packet is sent to the base station, and the base station receives the data packet and transparently transmits the data packet to the serving gateway. Since the two messages of the Preamble message and the RRC connection setup request message are sent to the base station before the UE establishes the RRC connection, the UE has not established the control plane connection and the user plane bearer with the network side device, so the establishment can be reduced. These bear the required signaling resources.

S405. The network side device determines, according to the identifier of the UE, a decryption key and an integrity verification key corresponding to the UE.

Specifically, after receiving the data packet sent by the UE, the network side device determines a decryption key and an integrity verification key corresponding to the UE according to the identifier of the UE carried in the data packet. The decryption key generated by the network side device is the same as the encryption key generated by the UE, and the integrity verification key generated by the network side device and the complete The sex protection key is the same. For the embodiment that the UE generates the first random number, the network side device determines, according to the identifier of the UE, that the decryption key and the integrity verification key corresponding to the UE are: The network side device searches, according to the identifier of the UE, whether the key information corresponding to the identifier of the UE is stored in the local end, and if yes, indicating that the network side device has previously received the data packet sent by the UE. And the key information corresponding to the UE is also obtained in the process. Therefore, the network side device can obtain the key information of the UE directly at the local end after receiving the data packet. If the network side device receives the data packet sent by the UE for the first time, the data packet carries the first random number generated by the UE, and the network side device needs to receive the received data. The identifier of the UE and the first random number are further sent to the HSS, and the HSS generates an intermediate key of the UE according to the identifier of the UE and the first random number, and the HSS further furtherifies the intermediate key Sent to the network side device Further generated by the network-side apparatus of the key information of the UE, and stores the correspondence between the identifier and the key information of the UE. It should be noted that, after the UE sends the data packet to the network side device, the network side device may store the key information of the UE, so the UE subsequently sends the UE to the network side device. hair When the data packet is sent, the network side device can directly search for the key information of the UE at the local end.

For the embodiment in which the HSS generates the second random number and sends the second random number to the UE by using the network side device, the network side device is configured according to the identifier of the UE. Determining the decryption key and the integrity verification key corresponding to the UE, where the HSS generates a second random number in advance, and generates an intermediate key of the UE according to the identifier of the UE and the second random number. And then the HSS sends the intermediate key to the network side device, where the network side device further generates key information of the UE, and stores a correspondence between the identifier of the UE and the key information. The relationship between the UE and the network side device may, after receiving the data packet sent by the UE, directly find the key information of the UE according to the identifier of the UE.

S407. The network side device decrypts and completes the data packet by using the decryption key and the integrity verification key.

Specifically, the network side device uses the key information of the UE to perform decryption and integrity verification on the received data packet. In a specific implementation, the network side device decrypts the encrypted user data by using the obtained decryption key, and uses the obtained integrity verification key and parameter information carried in the data packet. The integrity protection information (ie, the MAC-I) carried in the data packet performs integrity verification to implement security authentication for the UE. For example, the network side device takes the encrypted user data and the decryption key in the data packet as input parameters, and then processes the decryption algorithm (a hash function for the inverse algorithm of the encryption algorithm used by the UE). The encrypted user data can be decrypted to obtain the user data of the plaintext, and the network side device takes the identifier of the UE and the integrity verification key as input parameters, and then passes the integrity verification algorithm (a hash function) And processing, the same as the integrity protection algorithm used by the UE, to obtain a complete message authentication code MAC-I', by determining whether the MAC-I' is consistent with the MAC-I carried in the data packet. The integrity verification of the data packet is completed. If the data is consistent, the network side device successfully verifies the integrity of the data packet. If the network side device successfully verifies the integrity of the MAC-I, it indicates that the data and/or parameters in the data packet are complete, that is, the data packet is not tampered by a third party during transmission. Or inserting, and may also indicate that the network side device can successfully obtain the key information of the UE according to the identifier of the UE, and therefore the UE is authenticated as a legitimate user.

For example, the data packet sent by the UE includes: A, B', and a, and the network side device decrypts the encrypted user data B' according to the obtained decryption key to obtain user data B. The network side device verifies the integrity of a according to the obtained integrity verification key and the identifier A of the UE.

It should be noted that, if the UE performs only the encryption processing on the user data, the integrity protection process is not performed, and only the integrity protection process is performed on the parameter information, and the network side device is The process of decrypting the encrypted user data and performing the integrity verification on the parameter information by the network side device may be performed at the same time, or may be performed in a time-sharing manner, and the time interval is not performed in the embodiment of the present invention. limited. If the UE performs both encryption and integrity protection processing on the user data, and the UE performs encryption processing on some parameters in the parameter information, the network side device needs to use the first The decryption key decrypts the encrypted user data and the encryption parameter, and performs integrity verification on the MAC-I according to the integrity verification key, the decrypted user data, and the decrypted parameter. It should be noted that the data and parameters participating in the encryption process and the data or parameters participating in the integrity protection process may be negotiated between the UE and the network side device to ensure the encrypted object and the location of the UE. The decryption objects of the network side device are in one-to-one correspondence, and the integrity protection object of the UE is in one-to-one correspondence with the integrity verification object of the network side device.

Optionally, for the implementation that the UE generates the first random number, the parameter information in the data packet further includes security algorithm indication information selected by the UE, where the security algorithm indicates that the information is used. Determining, by the network side device, a decryption algorithm and an integrity verification algorithm used for decrypting and integrity verification of the data packet, where the security algorithm indication information includes an encryption algorithm identifier and integrity corresponding to an encryption algorithm used by the UE The security protection algorithm is associated with the integrity protection algorithm identifier. Generally, the security algorithm supported by the network side device covers the security algorithm supported by each UE. Therefore, the network side device may determine the UE usage according to the encryption algorithm identifier. Which encryption algorithm is used, and then an inverse operation of the encryption algorithm used by the UE to obtain a decryption algorithm for decrypting the data packet, and determining an integrity verification algorithm according to the integrity protection algorithm used by the UE, the complete The authentication algorithm is the same as the integrity protection algorithm used by the UE. The decryption algorithm is used by the network side device to decrypt a data packet, where the integrity verification algorithm is used by the network side device to perform integrity verification on the data packet, and after receiving the data packet, the network side device receives the data packet. Decrypting the data packet according to the obtained decryption key of the UE, the decryption algorithm, and the data according to the obtained integrity verification key of the UE and the integrity verification algorithm. Package integrity verification.

Specifically, if the network side device is a base station, the base station decrypts the data packet and performs an integrity verification process in a PDCP layer in a second layer of the wireless interface; if the network side device is a service The gateway, the UE and the serving gateway need to have a peer protocol sublayer, and the service gateway decrypts the data packet and the integrity verification process is implemented in the peer protocol sublayer. The peer protocol sublayer may be a new protocol sublayer or an extension of an existing protocol sublayer function.

S409. After the network side device successfully performs integrity verification on the data packet, send the user data to the destination server.

For example, FIG. 4B is a schematic flowchart of another data transmission method according to an embodiment of the present invention. In FIG. 4B, the network side device in the embodiment of the present invention uses a base station as an example for description. FIG. For the steps S401-S407, please refer to the related description in the embodiment shown in FIG. 4A, and details are not described herein again. 4B is compared with FIG. 4A, the network side device described in step S409 sends the user data to the destination server, specifically:

After the integrity verification of the data packet is successful, the base station sends the decrypted user data and the identifier of the destination server to the service gateway, and the service gateway is configured according to the identifier of the destination server. The destination server establishes a Transmission Control Protocol (TCP) connection, and sends the user data to the destination server by using the TCP connection.

Specifically, after successfully verifying the integrity of the data packet, the base station sends the decrypted user data and an identifier (for example, a URL) of the destination server to the serving gateway, where the serving gateway receives the user data and The URL, the service gateway triggers a DNS (Domain Name System) resolution process, and the DNS server (the domain name server stores the domain name of all hosts in the network and the corresponding Internet Protocol (IP) address, and The server having the function of converting the domain name into an IP address obtains an IP address corresponding to the URL of the destination server, and establishes a TCP connection with the destination server according to the IP address of the destination server.

For example, FIG. 4C is a schematic flowchart of another data transmission method according to an embodiment of the present invention. In FIG. 4C, the network side device in the embodiment of the present invention uses a service gateway as an example for description. Steps S401-S407 in FIG. 4C, please refer to the related description in the embodiment shown in FIG. 4A. I will not repeat them here. 4C is compared with FIG. 4A, the network side device described in step S409 sends the user data to the destination server, specifically:

After successfully verifying the integrity of the data packet, the serving gateway establishes a TCP connection with the destination server according to the identifier of the destination server, and sends the decrypted user data to the destination through the TCP connection. server.

Specifically, after the service gateway performs the integrity verification on the data packet, the DNS domain name resolution process is triggered, and the IP address corresponding to the URL of the destination server is obtained from the DNS server, and according to the IP address of the destination server. Establishing a TCP connection with the destination server.

In the embodiment of the present invention, the DNS domain name resolution process is not triggered by the UE, that is, the UE does not need to occupy a large number of air interface resources to establish a TCP connection process with the destination server, but the service gateway replaces the UE to trigger a DNS process, and the service gateway Establishing a TCP connection with the destination server, and then transmitting the decrypted user data to the destination server through a TCP connection, thereby reducing signaling resources for establishing a TCP connection.

By performing the above steps S401-S409, the UE performs encryption and integrity protection on the data packet to be transmitted according to the key information thereof, and then sends the data packet to the network side device, and the network side device can obtain the data according to the acquisition. The key information to the UE is further decrypted and integrity verified, thereby ensuring the security of the data transmission, reducing the signaling overhead of establishing the control plane connection and the user plane bearer, and improving the system efficiency.

Further, please refer to FIG. 4D. FIG. 4D is a schematic flowchart of another data transmission method according to an embodiment of the present invention. Before performing step S401 in the embodiment shown in FIG. 4A or FIG. 4B or FIG. 4C, The first random number generated by the UE itself to generate a derived key is implemented by performing step S4001, and then the encryption key and the integrity protection key of the UE are generated according to the first random number. The embodiment of the present invention is described by taking the step S4001 before the step S401 in FIG. 4A as an example. For the steps S401-S409 in FIG. 4D, please refer to the related description in the embodiment shown in FIG. 4A, and details are not described herein again. Here, a detailed description of step S4001 in FIG. 4D is as follows.

S4001: The UE generates the first random number, and generates the encryption key and the integrity protection key according to the first random number.

Specifically, the UE itself generates a first random number, and according to the first random number and the The root key of the UE generates the key information of the UE step by step. When the UE in the IDEL state needs to send data, the data packet to be transmitted may be encrypted and integrity-protected according to the key information. And the parameter information in the data packet further includes the first random number, where the first random number participates in an integrity protection process and does not participate in an encryption process.

It should be noted that, when the UE sends the data packet to the network side device for the first time, the first random number needs to be carried, and the UE sends a data packet to the network side device, and then When the data packet is sent to the network side device, the first random number may or may not be carried, and the specific random key is generated, and the UE randomly generates a new first random number and uses the new one. The generated first random number is used to derive the key information, and then the key information is used to perform the security processing of the sent data. In this case, the UE needs to carry the newly generated first random number when transmitting the data packet. Specifically limited.

4D or FIG. 4B or FIG. 4C, the network side device described in step S405 determines that the decryption key and the integrity verification key corresponding to the UE are specifically determined according to the identifier of the UE:

The network side device sends the identifier of the UE and the first random number to the home subscription subscriber server HSS, generates an intermediate key of the UE by using the HSS, and generates the intermediate density according to the HSS. The key generates a decryption key and an integrity verification key corresponding to the UE, and stores a correspondence between the identifier of the UE and the decryption key and the integrity verification key.

Specifically, the HSS stores a root key of the UE, and after receiving the identifier of the UE and the first random number sent by the network side device, the HSS searches for the identifier according to the identifier of the UE. Generating a root key of the UE, and generating an intermediate key corresponding to the UE according to the root key of the UE and the first random number, where the HSS sends an intermediate key of the UE to the network side And the network side device receives the intermediate key of the UE, and further generates a decryption key and an integrity verification key corresponding to the UE.

Optionally, after the UE transmits a preset number of data packets to the network side device, the key information of the UE may be updated once, and the key update may be triggered by the UE. It can be triggered by the network side device. After the key update is triggered by one party, the key update indication needs to be sent to the other party, so that both parties complete the update of the key. For the implementation manner that the UE itself generates the first random number, when the key update is needed, the UE regenerates the first random number, and according to the new The generated first random number generates the key information of the UE step by step, and the UE sends the newly generated first random number to the network side device, and the network side device receives the newly generated After the first random number, the identifier of the UE and the newly generated first random number are sent to the HSS, and the HSS searches for the root key of the UE according to the identifier of the UE, and according to the UE The root key and the first random number newly generated by the UE regenerate the intermediate key of the UE, and send the intermediate key of the UE to the network side device, where the network side device according to the The intermediate key of the UE regenerates the key information of the UE to update the key information of the UE, and stores a correspondence between the identifier of the UE and the updated key information. For the embodiment in which the HSS generates a first random number and sends the second random number to the UE by using the network side device, when the key update is required, the HSS regenerates the second random number. And generating an intermediate key of the UE according to the newly generated second random number, and sending the newly generated second random number and the newly generated intermediate key to the network side device, where the network side device And further generating key information of the UE according to the newly generated intermediate key, and storing a correspondence between the identifier of the UE and the updated key information, and sending the second random number to the UE, where The UE generates key information of the UE step by step according to the newly generated second random number. The preset number may be 2, 5, 10, or the like. The key update can prevent the third party from cracking the key negotiated between the UE and the network side device, further improving the security of data transmission and ensuring information security of both parties.

By performing the above step S4001, when the UE has data to be transmitted, the UE does not rely on the HSS to generate and deliver the random number of the derived key, but instead generates a random number by the UE, and then derives the key information of the UE according to the generated random number. Therefore, the data packet to be transmitted is processed securely, thereby ensuring the security of the data transmission and improving the data transmission efficiency, and the network side device can implement the security authentication of the UE according to the data packet transmitted by the UE, without relying on the HSS generation and the next. The authentication vector is sent, which simplifies the security authentication process of the network side device to the UE.

Further, please refer to FIG. 4E, which is a schematic flowchart of another data transmission method according to an embodiment of the present invention. Before performing step S401 in the embodiment shown in FIG. 4A or FIG. 4B or FIG. 4C, Obtaining, by performing steps S4003-S4009, the UE requests authentication from the network side device, so as to acquire a second random number of the derived key sent by the network side device, and further generates an encryption key and completeness of the UE according to the second random number. Sexual protection key. The embodiment of the present invention takes the step S4001 in the figure. The execution of the step S401 in FIG. 4A is described as an example. For the steps S401-S409 in FIG. 4E, please refer to the related description in the embodiment shown in FIG. 4A, and details are not described herein again. Here, a detailed description of steps S4003-S4009 in FIG. 4E is as follows.

S4003: When the UE does not establish the RRC connection with the base station, the UE sends an authentication request to the home subscription subscriber server HSS by using the network side device.

Specifically, when the UE in the IDLE state has data to be sent, the UE sends an authentication request to the home subscriber server HSS through the network side device, and the network side device receives the An authentication request sent by the UE when the RRC connection is not established with the base station, where the authentication request includes an identifier of the UE, and the authentication request may further include the capability of the UE.

Optionally, if the network side device is a base station, the UE may be in a preamble sequence in a Preamble message or a resource in an RRC connection setup request message or other resources allocated by the base station to the UE. Carrying the authentication request, and then sending to the base station; if the network side device is a serving gateway, the UE may pass the resource in the preamble sequence in the Preamble message or the RRC connection establishment request message or other The base station carries the authentication request in the resource allocated by the UE, and then sends the authentication request to the base station, where the base station sends the authentication request to the serving gateway.

S4005: The network side device sends the authentication request to the home subscription subscriber server HSS, where the authentication request is used to trigger the HSS to generate a second random number and generate according to the identifier of the UE and the second random number. An intermediate key of the UE, the network side device generates a decryption key and an integrity verification key according to the intermediate key generated by the HSS, and stores the identifier of the UE and the decryption key and the The correspondence between the integrity verification keys.

Specifically, the network side device sends the authentication request to the HSS, the HSS receives the authentication request, generates a second random number according to the authentication request, and searches for the UE according to the identifier of the UE. a root key, and generating an intermediate key of the UE according to the root key of the UE and the second random number, where the HSS sends the second random number and an intermediate key of the UE to the The network side device receives the second random number and an intermediate key of the UE, and further generates the decryption key and an integrity verification key.

It should be noted that, if the network side device receives the UE sent by the HSS The inter-key indicates that the HSS stores the root key corresponding to the identifier of the UE, and thus indicates that the UE is a valid user, so as to implement security authentication of the UE by the network-side device.

It should be noted that the UE sends an authentication request to the network side device only when the data is sent for the first time. Once the network side device generates and stores the key information of the UE according to the authentication request, the subsequent UE is The security processed data can be directly sent to the network side device.

S4007. The network side device sends a response message to the UE.

Specifically, after generating the key information of the UE according to the identifier of the UE, the network side device sends a response message to the UE, where the response message includes the second random number, and the response message is The network side device obtains the integrity protection according to the integrity verification key. The UE receives a response message sent by the HSS by using the network side device.

Optionally, the network side device is a serving gateway, and the response message may include an identifier of the serving gateway, where the UE saves the identifier of the serving gateway after receiving the identifier of the serving gateway, and next time When the data packet is sent to the serving gateway, the parameter information in the data packet further includes an identifier of the serving gateway, where the UE sends the data packet to a base station, and the base station receives the data packet. Sending, according to the identifier of the serving gateway carried in the data packet, the data packet to a serving gateway corresponding to the identifier of the serving gateway (that is, when the UE sends a data packet last time, the base station is a serving gateway allocated by the UE, after receiving the data packet sent by the UE, the serving gateway generates and stores key information of the UE, so that the base station does not change to the UE The serving gateway that provides the service, that is, the base station does not select a new serving gateway for the UE, continues to use the old serving gateway, thus reducing the resources occupied by the serving gateway at the time of handover, and reducing the delay.

Optionally, the response message may include the security algorithm indication information selected by the network side device. Specifically, the network side device crosses the encryption priority list of the encryption algorithm and the capability of the UE, and selects The highest-priority encryption algorithm, and the integrity list of its integrity protection algorithm and the capability of the UE are intersected, and the highest-priority plus integrity protection algorithm is selected. The security algorithm indication information includes an encryption algorithm identifier (eg, EEA0, EEA1, EEA2, or EEA3, etc.) and an integrity protection algorithm identifier (eg, EIA0, EIA1, EIA2, or EIA3, etc.). After the network side device determines the decryption key and the integrity verification key according to the authentication request, determining, according to the capability of the UE and a security algorithm supported by the network side device, that the UE and the network side device share Security calculation And sending, by the response message, the selected security algorithm indication information to the UE, where the UE uses the encryption key of the UE and an encryption algorithm corresponding to the security algorithm sent by the network side device to The data packet is encrypted, and the UE performs integrity protection on the data packet by using an integrity protection key of the UE and an integrity protection algorithm corresponding to the security algorithm sent by the network side device. After receiving the data packet, the network side device decrypts the data packet according to the decryption key and a decryption algorithm corresponding to the security algorithm, and according to the integrity verification key of the UE, the The integrity verification algorithm corresponding to the security algorithm performs integrity verification on the data packet.

S4009. The UE generates the encryption key and the integrity protection key according to the second random number, and performs integrity verification on the response message by using the integrity protection key.

Specifically, the UE generates the encryption key and the integrity protection key according to the second random number carried in the response message, and pairs the response message according to the integrity protection key. The integrity is verified to implement the security authentication of the network side device by the UE. If the UE successfully verifies the integrity of the response message, it indicates that the response message is complete, that is, the response message. The network side device is authenticated as legal without the tampering or insertion by the third party and indicating that the network side device correctly receives the authentication request. So far, mutual authentication is completed between the UE and the network side device. After the UE successfully verifies the integrity of the response message sent by the network side device, the UE may send the data packet to the network side device.

By performing the above steps S4003-S4009, the UE requests authentication from the network side device when the RRC connection is not established, and acquires a random number of the derived key that is generated and delivered by the HSS, and derives the key information of the UE according to the random number, and the UE passes the pair. The integrity verification of the response message sent by the network side device can implement the security authentication of the network side device, and no longer depends on the HSS generation and the issued authentication vector, which reduces the signaling overhead of establishing the control plane connection and the user plane bearer. System efficiency.

Further, please refer to FIG. 4F, which is a schematic flowchart of another data transmission method according to an embodiment of the present invention. Step S401 in FIG. 4A, FIG. 4B, FIG. 4C, FIG. 4D or FIG. After the data transmission method described in S409, the UE performs security authentication on the network side device by performing steps S411 and S413. The embodiment of the present invention is described by taking the steps S411 and S413 after the step S409 in FIG. 4A as an example. For the steps S411 and S413 in FIG. 4F, please refer to the related description in the embodiment shown in FIG. 4A, and details are not described herein again. Wherein, steps S411 and S413 The detailed description is as follows.

S411. The UE receives an acknowledgement message sent by the network side device after performing integrity verification on the data packet.

Specifically, the acknowledgment message includes, but is not limited to, an acknowledgment (ACK) message, and the acknowledgment message is obtained after the network side device performs integrity protection according to the integrity protection key.

Optionally, the network side device is a serving gateway, and the acknowledgment message sent by the serving gateway to the UE includes an identifier of the serving gateway, and the UE saves the identifier after receiving the identifier of the serving gateway. The identifier of the serving gateway, when the data packet is sent to the serving gateway next time, the identifier of the serving gateway is also required to be carried, the UE sends the data packet to the base station, and the base station receives the data packet, according to the The identifier of the serving gateway carried in the data packet, the data packet is sent to a serving gateway corresponding to the identifier of the serving gateway, so that the base station does not change the serving gateway serving the UE, That is, the base station does not select a new serving gateway for the UE, and continues to use the old serving gateway, thereby reducing resources occupied by the serving gateway at the time of handover, and reducing delay.

It should be noted that, after the network side device successfully verifies the integrity of the data packet, the two processes of sending the user data to the destination server and sending the acknowledgement message to the UE may be performed simultaneously. The embodiment of the present invention does not limit the sequence in the time when the time division is performed.

S413. The UE performs integrity verification on the acknowledgement message by using the integrity protection key.

Specifically, after the network side device successfully verifies the integrity of the data packet according to the integrity verification key, the network side device sends an acknowledgement message to the UE, where the UE receives the data from the network side device. An acknowledgment message sent after the integrity verification of the packet is successfully performed, and the integrity verification key is used to perform integrity verification on the acknowledgment message to implement security authentication of the network side device by the UE, if the UE is If the integrity verification of the acknowledgment message is successful, it indicates that the acknowledgment message is complete, that is, the acknowledgment message is not tampering or inserted by a third party, and indicates that the network side device correctly receives the data packet, and therefore The network side device is legal.

By performing the above steps S411 and S413, the UE can implement the security authentication of the network side device according to the acknowledgement message sent by the network side device, and no longer relies on the HSS to generate and send the authentication vector, simplifying The security authentication process of the UE to the network side device.

Further, please refer to FIG. 4G. FIG. 4G is a schematic flowchart of another data transmission method according to an embodiment of the present invention. After performing step S413 in FIG. 4F, the method may further implement steps S415 and S417. The identity of the UE is updated. For the steps S401-S409 in FIG. 4G, please refer to the related description in the embodiment shown in FIG. 4A. Steps S411 and S413 in FIG. 4G refer to the related description in the embodiment shown in FIG. 4F, and details are not described herein again. Here, the detailed description of steps S415 and S417 is as follows.

S415. After the UE performs the integrity verification on the acknowledgment message, the UE updates the identifier of the UE according to the third random number generated by the UE.

Specifically, when the UE sends the data packet to the network side device for the first time, the identifier of the UE is an IMSI of the UE, and the IMSI is a unique identifier of the UE, and is called a permanent identifier, if the UE The permanent identification is used each time data is sent to the network side device, which may expose the UE's whereabouts. A "bad" third party can track the same IMSI, that is, the same UE, by intercepting the data of the air interface, thereby tracking the UE's actions. In order to avoid exposing the user's whereabouts, it is necessary to hide the permanent identifier of the user, that is, the identifier of the UE needs to be updated, and the UE does not have to send the permanent identifier every time, but replaces it with the updated temporary identifier (Temp ID). The Temp ID plays a role in hiding the UE's whereabouts. The Temp ID is only valid for the network side device that provides services for the UE. The network side device maintains the mapping of the Temp ID to the permanent identifier. Receiving, by the UE, an acknowledgment message sent by the network side device after performing integrity verification on the data packet, and verifying the integrity of the acknowledgment message, the UE according to the identifier of the UE The third random number is used to update the identifier of the UE. Therefore, when the UE sends the user data to the network side device, the identifier of the UE carried in the data packet is the identifier of the updated UE. And updating, by the UE, the identifier of the UE according to the identifier of the UE and the third random number, where the UE is updated according to the old identifier of the UE, the third random number, and a preset identifier. Generating a new identifier of the UE, where the preset identifier update algorithm is pre-negotiated between the UE and the network side device. Therefore, it can be understood that the network side device may also be according to the UE. The old identity, the third random number, and the preset identity update algorithm generate a new identity of the UE. Specifically, the third random number participates in an integrity protection process, and the third random number may also participate in an encryption process.

S417. After the integrity verification of the data packet is successful, the network side device updates the identifier of the UE according to the third random number, and stores the updated identifier of the UE and the decryption. The correspondence between the key and the integrity verification key.

Specifically, the network side device updates the identifier of the UE according to the identifier of the UE and the third random number, where the network side device saves the identifier of the updated UE and the decryption key of the UE. Corresponding relationship with the integrity verification key, and the network side device further stores a mapping relationship between the IMSI of the UE and the updated identifier. So far, both the UE and the network side device complete the update of the UE identity.

It should be noted that the update of the identifier of the UE may be performed once after the UE sends the data packet once, or may be performed once after the UE sends the data packet of the preset number of times, which is not specifically implemented in the embodiment of the present invention. The predetermined number of times may be 1 time, 2 times, 5 times, or the like. When the UE needs to update the identifier, the UE sends the identifier of the current UE and the third random number generated by the UE to the network side device, where the network side device receives the location sent by the UE The third random number is updated, after the integrity verification of the data packet is successful, the identifier of the UE is updated, and the network side device sends an acknowledgement message to the UE, where the UE After the integrity verification of the acknowledgment message is successful, the identifier of the UE is updated, and the sequence in which the network side device updates the identifier of the UE and sends the acknowledgment message to the UE is not limited.

By performing the above steps S415 and S417, the UE and the network side device synchronously update the identifier of the UE, which can enhance the privacy of the UE, avoid exposing the UE's whereabouts during data transmission, and further improve the security of data transmission.

Referring to FIG. 5, FIG. 5 is a schematic structural diagram of a user equipment 50 according to an embodiment of the present invention. The user equipment 50 includes a modem 501. The modem 501 includes a processor 5011 (the processor may be a Digital Signal Processing (DSP) chip, the DSP chip includes encryption and integrity protection for the transmitted data packet, and the received message. A PDCP entity that performs integrity verification or another entity corresponding to the newly added protocol sublayer, a memory 5012, a receiver 5013, and a transmitter 5014, wherein the receiver 5013 is a receiving circuit and the transmitter 5014 is a transmitting circuit. The receiver 5013 may specifically be an antenna and can receive through an antenna. For the radio frequency signal, the transmitter 5014 may specifically be an antenna, and the radio frequency signal is transmitted through the antenna. In some embodiments of the present invention, the processor 5011, the memory 5012, the receiver 5013, and the transmitter 5014 may be connected by a bus or other means, wherein the connection through the bus 5015 is taken as an example in FIG. It will be understood by those skilled in the art that the structure of the user equipment 50 shown in FIG. 5 does not constitute a limitation on the user equipment, and may include more or less components than those illustrated, or combine some components, or different component arrangements. Although not shown, the user equipment 50 may further include: at least one amplifier, a tuner, one or more oscillators, a SIM card, etc., and details are not described herein again.

The memory 5012 is configured to store data transmission program code, and the processor 5011 is configured to invoke the data transmission program code stored by the memory 5012 to implement data security of the user equipment UE without establishing an RRC connection with the base station. transmission.

The processor 5011 performs encryption and integrity protection on the data packet by using an encryption key and an integrity protection key, where the encryption key and the integrity protection key are generated by the user equipment UE according to the UE. Generating the first random number or the second random number received from the network side device, the data packet includes the identifier of the UE and user data; wherein the encryption key and the integrity protection password may be stored in In the memory 5012, the processor 5011 encrypts and completes the data packet by using the encryption key and the integrity protection key by using an entity corresponding to the PDCP entity or another newly added protocol sublayer. Sexual protection.

The encrypted and integrity-protected data packet is sent to the network side device by the transmitter 5014 when the UE does not establish a radio resource control RRC connection with the base station. Optionally, the data packet further includes the first random number, where the first random number is used by the network side device to determine a decryption key and complete used for decrypting and integrity verification of the data packet. Sexual verification key.

Optionally, the data packet further includes the first random number, where the first random number is used by the network side device to determine a decryption key and complete used for decrypting and integrity verification of the data packet. Sexual verification key.

Optionally, the data packet further includes security algorithm indication information selected by the UE, where the security algorithm indication information is used by the network side device to determine decryption used for decrypting and integrity verification of the data packet. Algorithm and integrity verification algorithm.

Optionally, before the processor 5011 encrypts and integrity protects the data packet by using the encryption key and the integrity protection key, the processor 5011 is further configured to perform the following operations:

When the UE does not establish the RRC connection with the base station by using the transmitter 5014, the network side device sends an authentication request to the home subscription subscriber server HSS, where the authentication request includes the identifier of the UE. The authentication request is used to trigger the HSS to generate the second random number and determine, according to the identifier of the UE and the second random number, the network side device used to decrypt and verify the data packet. Decryption key and integrity verification key;

Receiving, by the receiver 5013, a response message sent by the HSS by using the network side device, where the response message includes the second random number;

The response message is integrity verified using the integrity protection key. Specifically, the processor 5011 performs integrity verification on the response message by using the integrity protection key by the PDCP entity or another entity corresponding to the newly added protocol sublayer.

Optionally, the processor 5011 is further configured to:

Receiving, by the receiver 5013, the acknowledgement message sent by the network side device after the integrity verification of the data packet is successful;

The acknowledgment message is integrity verified using the integrity protection key. Specifically, the processor 5011 performs integrity verification on the acknowledgement message by using the integrity protection key by the PDCP entity or another entity corresponding to the newly added protocol sublayer.

Optionally, the data packet further includes a third random number generated by the UE, where the third random number is used by the network side device to the UE after performing integrity verification on the data packet. The identifier is updated; the processor 5011 is further configured to execute:

After the integrity verification of the acknowledgment message is successful, the identifier of the UE is updated according to the third random number.

Optionally, the network side device includes a base station or a serving gateway.

Optionally, the data packet further includes an identifier of the destination server, where the identifier of the destination server is used by the serving gateway to establish a transmission control protocol TCP connection with the destination server, and send the user data to the TCP connection by using the TCP connection. The destination server.

Optionally, when the network side device includes the serving gateway, the data packet further includes an identifier of the serving gateway, where the identifier of the serving gateway is used by the base station to send the data packet to the serving gateway. .

Optionally, the data packet after the encryption and integrity protection is performed by the transmitter 5014 Send to network side devices, including:

The encrypted and integrity-protected data packet is transmitted to the base station by the transmitter 5014 through a random access preamble message or an RRC connection setup request message. Specifically, the processor 5011 adds the encrypted and integrity-protected data packet to a random access preamble message or an RRC connection setup request message, and passes the random access preamble message to the physical device through the transmitter 5014. The random access channel is sent to the base station, or the RRC connection setup request message is sent to the base station by the base station for the uplink resource allocated by the base station by the transmitter 5014.

It should be noted that the functions of the functional modules in the user equipment 50 described in the embodiment of the present invention may be specifically implemented according to the method corresponding to the user equipment UE in the foregoing method embodiment, and details are not described herein again.

Referring to FIG. 6, FIG. 6 is a schematic structural diagram of a network side device 60 according to an embodiment of the present invention. The network side device 60 includes a modem 601. The modem 601 includes a processor 6011 (which may be a Digital Signal Processing (DSP) chip. For the base station, the DSP chip includes decryption and integrity verification of the received data packet. And a PDCP entity that performs integrity protection on the sent message; for the service gateway, the DSP includes a new protocol for decrypting and integrity verification of the received data packet, and integrity protection of the sent message. The sub-layer corresponds to the entity), the memory 6012, the receiver 6013, and the transmitter 6014, wherein the receiver 6013 is a receiving circuit and the transmitter 6014 is a transmitting circuit. The receiver 6013 may be an antenna, and receives an RF signal through an antenna. The transmitter 6014 may be an antenna, and the RF signal is sent through the antenna. In some embodiments of the present invention, the processor 6011, the memory 6012, the receiver 6013, and the transmitter 6014 may be connected by a bus or other means, wherein the connection through the bus 6015 is taken as an example in FIG. It will be understood by those skilled in the art that the structure of the user equipment 60 shown in FIG. 6 does not constitute a limitation on the user equipment, and may include more or less components than those illustrated, or combine some components, or different component arrangements. .

The memory 6012 is configured to store a data transmission program code, and the processor 6011 is configured to invoke the data transmission program code stored by the memory 6012 to enable the network side device to receive the user equipment UE, if the RRC connection with the base station is not established. User data transmitted.

The processor 6011 receives, by the receiver 6013, a data packet that is sent by the user equipment UE when the RRC connection with the radio resource control of the base station is not established, and the data packet includes the identifier of the UE. And user data, the data packet obtained by the UE after encryption and integrity protection;

Determining, according to the identifier of the UE, a decryption key and an integrity verification key corresponding to the UE;

Decrypting and integrity verification of the data packet by using the decryption key and the integrity verification key; specifically, the processor 6011 passes the entity corresponding to the PDCP entity or other newly added protocol sublayer The data packet is decrypted and integrity verified using the decryption key and the integrity verification key.

After the integrity verification of the data packet is successful, the user data is sent to the destination server.

Optionally, the data packet further includes a first random number generated by the UE;

Determining, according to the identifier of the UE, the decryption key and the integrity verification key corresponding to the UE, including:

Sending the identifier of the UE and the first random number to the home subscriber server HSS, generating an intermediate key of the UE by using the HSS, and generating the UE according to the intermediate key generated by the HSS Corresponding decryption key and integrity verification key, and storing a correspondence between the identifier of the UE and the decryption key and the integrity verification key.

Optionally, the receiving, by the receiver 6013, before the user equipment UE sends a data packet that is sent when the radio resource control RRC connection with the base station is not established, the processor is further configured to:

Receiving, by the receiver 6013, an authentication request sent by the UE when the RRC connection is not established with the base station, where the authentication request includes an identifier of the UE;

Sending the authentication request to the home subscriber network (HSS), the authentication request is used to trigger the HSS to generate a second random number, and generate an intermediate key of the UE according to the identifier of the UE and the second random number. The network side device generates a decryption key and an integrity verification key according to the intermediate key generated by the HSS, and stores the identifier of the UE and the decryption key and the integrity verification key. Correspondence relationship

Sending, by the transmitter 6014, a response message to the UE, the response message includes the second random number, and the second random number is used by the UE to generate and encrypt the data packet. The encryption key and integrity protection key used for sexual protection.

Optionally, the processor 6011 is further configured to:

After the integrity verification of the data packet is successful, an acknowledgement message is sent to the UE by the transmitter 6014, and the acknowledgement message is used by the UE to use the integrity protection key pair of the UE to confirm the The message is integrity verified.

Optionally, the data packet further includes a third random number generated by the UE, where the third random number is used by the UE to update the identifier of the UE after performing integrity verification on the acknowledgement message. The processor is also used to execute:

After performing integrity verification on the data packet, updating the identifier of the UE according to the third random number, and storing the updated identifier of the UE and the decryption key and the integrity Verify the correspondence of the keys.

Optionally, the data packet further includes an identifier of the destination server;

The sending the user data to the destination server includes:

And establishing, by the identifier of the destination server, a transmission control protocol TCP connection with the destination server, and sending the user data to the destination server by using the TCP connection.

Optionally, the receiving, by the receiver 6013, the data packet that is sent by the user equipment UE when the RRC connection with the radio resource control of the base station is not established, includes:

And receiving, by the receiver 6013, a data packet that is sent by the user equipment UE by using a random access preamble message or an RRC connection setup request message when the radio resource control RRC connection is not established with the base station.

It should be noted that the functions of the function modules in the network side device 60 described in the embodiment of the present invention may be specifically implemented according to the method corresponding to the network side device in the foregoing method embodiment, and details are not described herein again.

Referring to FIG. 7A, FIG. 7A is a schematic structural diagram of a user equipment according to an embodiment of the present invention. As shown in FIG. 7A, the user equipment 70 may include a security processing unit 701 and a sending unit 703, where A detailed description of each unit is as follows.

The security processing unit 701 is configured to perform encryption and integrity protection on the data packet by using an encryption key and an integrity protection key of the user equipment UE, where the encryption key and the integrity protection key are the UE And generating, according to the first random number generated by the UE or the second random number received by the network side device, the data packet includes the identifier of the UE and user data;

The sending unit 703 is configured to send the encrypted and integrity-protected data packet to the network side device when the UE does not establish a radio resource control RRC connection with the base station.

Referring to FIG. 7B, FIG. 7B is a schematic structural diagram of another user equipment according to an embodiment of the present invention. The user equipment 70 shown in FIG. 7B is optimized by the user equipment 70 shown in FIG. 7A. Compared with FIG. 7A, the user equipment 70 shown in FIG. 7B may further include a first receiving unit 705 and a first verification unit 707, in addition to the security processing unit 701 and the sending unit 703.

The sending unit 703 is further configured to: before the security processing unit 701 encrypts and protects the data packet by using the encryption key and the integrity protection key of the user equipment UE, and before the UE is not established with the base station, When the RRC is connected, the network side device sends an authentication request to the home subscriber server HSS, where the authentication request includes an identifier of the UE, and the authentication request is used to trigger the HSS to generate the second random number. And determining, according to the identifier of the UE and the second random number, a decryption key and an integrity verification key used by the network side device to perform decryption and integrity verification on the data packet;

The first receiving unit 705 is configured to receive a response message sent by the HSS by using the network side device, where the response message includes the second random number;

The first verification unit 707 is configured to perform integrity verification on the response message by using the integrity protection key.

Referring to FIG. 7C, FIG. 7C is a schematic structural diagram of another user equipment according to an embodiment of the present invention. The user equipment 70 shown in FIG. 7C is optimized by the user equipment 70 shown in FIG. 7A. Compared with FIG. 7A, the user equipment 70 shown in FIG. 7C may further include a second receiving unit 709 and a second verifying unit 711, in addition to the foregoing security processing unit 701 and the sending unit 703, where

The second receiving unit 709 is configured to receive a confirmation message that is sent by the network side device after performing integrity verification on the data packet.

a second verification unit 711, configured to complete the confirmation message by using the integrity protection key Authenticity verification.

Optionally, the foregoing user equipment 70 may further include a security processing unit 701, a sending unit 703, a first receiving unit 705, a first verifying unit 707, a second receiving unit 709, and a second verifying unit 711. Reference may be made to the description of the same unit in the above scheme, and details are not described herein again.

Referring to FIG. 7D, FIG. 7D is a schematic structural diagram of another user equipment according to an embodiment of the present invention. The user equipment 70 shown in FIG. 7D is optimized by the user equipment 70 shown in FIG. 7C. Compared with FIG. 7C, the user equipment 70 shown in FIG. 7D may further include an update unit 713 in addition to the security processing unit 701, the sending unit 703, the second receiving unit 709, and the second verification unit 711.

The updating unit 713 is configured to update the identifier of the UE according to the third random number after successfully performing integrity verification on the acknowledgement message.

Optionally, the foregoing user equipment 70 may further include a security processing unit 701, a sending unit 703, a first receiving unit 705, a first verifying unit 707, a second receiving unit 709, a second verifying unit 711, and an updating unit 713. For the specific implementation of the unit, reference may be made to the description of the same unit in the above solution, and details are not described herein again.

It should be noted that the functions of the functional units in the user equipment 70 described in the foregoing embodiments may be specifically implemented according to the method corresponding to the user equipment UE in the foregoing method embodiment, and details are not described herein again.

Referring to FIG. 8A, FIG. 8A is a schematic structural diagram of a network side device according to an embodiment of the present invention. As shown in FIG. 8A, the network side device 80 may include a receiving unit 801, a key determining unit 803, a security processing unit 805, and a first transmitting unit 807, wherein the detailed description of each unit is as follows.

The receiving unit 801 is configured to receive a data packet that is sent by the user equipment UE when the RRC connection with the radio resource control of the base station is not established, where the data packet includes the identifier of the UE and user data, where the data packet is performed by the UE. a packet obtained after encryption and integrity protection;

The key determining unit 803 is configured to determine, according to the identifier of the UE, a decryption key and an integrity verification key corresponding to the UE;

a security processing unit 805, configured to perform decryption and integrity verification on the data packet by using the decryption key and the integrity verification key;

The first sending unit 807 is configured to send the user data to the destination server after the security processing unit successfully performs integrity verification on the data packet.

Referring to FIG. 8B, FIG. 8B is a schematic structural diagram of another network side device according to an embodiment of the present invention. The network side device 80 shown in FIG. 8B is optimized by the network side device 80 shown in FIG. 8A. Compared with FIG. 8A, the key determining unit 803 shown in FIG. 8B includes: a second transmitting unit 8031 and a first key generating unit 8033, wherein

a second sending unit 8031, configured to send the identifier of the UE and the first random number to a home subscriber server HSS, and generate an intermediate key of the UE by using the HSS;

a first key generating unit 8033, configured to generate, according to the intermediate key generated by the HSS, a decryption key and an integrity verification key corresponding to the UE, and store the identifier of the UE and the decryption key Correspondence relationship with the integrity verification key.

Referring to FIG. 8C, FIG. 8C is a schematic structural diagram of another network side device according to an embodiment of the present invention. The network side device 80 shown in FIG. 8C is optimized by the network side device 80 shown in FIG. 8A. Compared with FIG. 8A, the network side device 80 shown in FIG. 8C includes a receiving unit 801, a key determining unit 803, a security processing unit 805, and a first sending unit 807, and may further include a third sending unit 809. a second key generation unit 811 and a fourth transmission unit 813, wherein

The receiving unit 801 is further configured to: before receiving the data packet sent by the user equipment UE, receive an authentication request sent by the UE when the RRC connection is not established with the base station, where the authentication request includes an identifier of the UE;

The third sending unit 809 is configured to send the authentication request to the home subscription subscriber server HSS, where the authentication request is used to trigger the HSS to generate a second random number according to the identifier of the UE and the second random number. Generating an intermediate key of the UE;

a second key generating unit 811, configured to generate a decryption key and an integrity verification key according to the intermediate key generated by the HSS, and store the identifier of the UE and the decryption key and the integrity Verify the correspondence of the keys;

a fourth sending unit 813, configured to send a response message to the UE, where the response message includes the second random number, where the second random number is used by the UE to generate encryption and integrity of the data packet. Protect the encryption key and integrity protection key used.

Referring to FIG. 8D, FIG. 8D is a structural diagram of another network side device according to an embodiment of the present invention. intention. The network side device 80 shown in FIG. 8D is optimized by the network side device 80 shown in FIG. 8A. Compared with FIG. 8A, the network side device 80 shown in FIG. 8D includes a receiving unit 801, a key determining unit 803, a security processing unit 805, and a first sending unit 807, and may further include a fifth sending unit 815. among them,

The fifth sending unit 815 is configured to send an acknowledgment message to the UE after the security processing unit 805 successfully performs integrity verification on the data packet, where the acknowledgment message is used by the UE to use the completeness of the UE. The sexual protection key performs integrity verification on the acknowledgment message.

Optionally, the network side device 80 may further include a receiving unit 801, a second sending unit 8031, a first key generating unit 8033, a security processing unit 805, a first sending unit 807, and a fifth sending unit 815. For a specific implementation, refer to the description of the same unit in the above solution, and details are not described herein again.

Optionally, the network side device 80 may further include a receiving unit 801, a key determining unit 803, a security processing unit 805, a first sending unit 807, a third sending unit 809, a second key generating unit 811, and a fourth. The sending unit 813 and the fifth sending unit 815, the specific implementation of each unit may refer to the description of the same unit in the above solution, and details are not described herein again.

Referring to FIG. 8E, FIG. 8E is a schematic structural diagram of another network side device according to an embodiment of the present invention. The network side device 80 shown in FIG. 8E is optimized by the network side device 80 shown in FIG. 8D. Compared with FIG. 8D, the network side device 80 shown in FIG. 8E includes, in addition to the foregoing receiving unit 801, the key determining unit 803, the security processing unit 805, the first sending unit 807, and the fifth sending unit 815, Update unit 817, wherein

The updating unit 817 is configured to: after the security processing unit 805 successfully performs integrity verification on the data packet, update the identifier of the UE according to the third random number, and store the updated UE Corresponding to the decryption key and the integrity verification key.

Optionally, the network side device 80 may further include a receiving unit 801, a second sending unit 8031, a first key generating unit 8033, a security processing unit 805, a first sending unit 807, a fifth sending unit 815, and an updating unit. 817, the specific implementation of each unit can refer to the description of the same unit in the above solution, and details are not described herein again.

Optionally, the network side device 80 may further include a receiving unit 801, a key determining unit 803, a security processing unit 805, a first sending unit 807, a third sending unit 809, and a second key. The generating unit 811, the fourth sending unit 813, the fifth sending unit 815, and the updating unit 817, the specific implementation of each unit may refer to the description of the same unit in the above solution, and details are not described herein again.

It should be noted that the functions of the function modules in the network side device 80 described in the embodiment of the present invention may be specifically implemented according to the method corresponding to the network side device in the foregoing method embodiment, and details are not described herein again.

In summary, by implementing the embodiment of the present invention, the UE can transmit data to the network side without establishing an RRC connection with the base station, and can ensure the security of the data transmission, thereby reducing the establishment of the control plane connection and the user plane. Carry the required signaling resources to improve system efficiency. Further, the UE and the network side device implement the security authentication process for the peer end by using the transmitted data packet or the message, and no longer rely on the HSS generation and the issued authentication vector, which simplifies the security authentication process between the UE and the network side device. .

In the above embodiments, the descriptions of the various embodiments are different, and the details that are not detailed in a certain embodiment can be referred to the related descriptions of other embodiments.

A person skilled in the art can understand that all or part of the steps of implementing the foregoing method embodiments may be implemented by a program controlling terminal device related hardware, and the foregoing program may be stored in a computer readable storage medium, when executed, The foregoing steps include the steps of the foregoing method embodiments; and the foregoing storage medium includes: a magnetic disk, an optical disk, a flash disk, a read-only memory (ROM), a random access memory (RAM), and the like. The medium in which the program code is stored.

The data transmission method, the user equipment, and the network side device provided by the embodiments of the present invention are described in detail. The principles and implementation manners of the present invention are described in the specific examples. The description of the foregoing embodiments is only used for To help understand the method of the present invention and its core idea; at the same time, for those skilled in the art, according to the idea of the present invention, there will be changes in specific embodiments and application scopes. It should not be construed as limiting the invention.

Claims

A user equipment, comprising: a processor, a receiver, and a transmitter;

The processor is configured to invoke the data transfer program code stored in the memory to perform the following operations:

Encrypting and integrity protection of the data packet using an encryption key and an integrity protection key, wherein the encryption key and the integrity protection key are first random numbers generated by the user equipment UE according to the UE or Generated by the second random number received by the network side device, where the data packet includes the identifier of the UE and user data;

The encrypted and integrity-protected data packet is sent to the network side device by the transmitter when the UE does not establish a radio resource control RRC connection with the base station.
The user equipment according to claim 1, wherein the data packet further comprises the first random number, and the first random number is used by the network side device to determine to decrypt and complete the data packet. The decryption key and integrity verification key used for sexual verification.
The user equipment according to claim 1 or 2, wherein the data packet further includes security algorithm indication information selected by the UE, and the security algorithm indication information is used by the network side device to determine the The decryption algorithm and integrity verification algorithm used by the packet for decryption and integrity verification.
The user equipment according to claim 1, wherein the processor is further configured to perform the following operations before the encrypting and integrity protection of the data packet by using an encryption key and an integrity protection key:

When the RRC connection is not established by the UE with the base station, the network side device sends an authentication request to the home subscriber network server HSS, where the authentication request includes an identifier of the UE, And the authentication request is used to trigger the HSS to generate the second random number, and determine, according to the identifier of the UE and the second random number, the decryption used by the network side device to perform decryption and integrity verification on the data packet. Key and integrity verification key;

Receiving, by the receiver, a response message sent by the HSS by using the network side device, where the response message includes the second random number;

The response message is integrity verified using the integrity protection key.
The user equipment according to any one of claims 1 to 4, wherein the processor is further configured to:

Receiving, by the receiver, an acknowledgement message sent by the network side device after performing integrity verification on the data packet;

The acknowledgment message is integrity verified using the integrity protection key.
The user equipment according to claim 5, wherein the data packet further comprises a third random number generated by the UE, and the third random number is used by the network side device to perform the data packet After the integrity verification succeeds, the identifier of the UE is updated; the processor is further configured to:

After the integrity verification of the acknowledgment message is successful, the identifier of the UE is updated according to the third random number.
The user equipment according to any one of claims 1-6, wherein the network side device comprises a base station or a serving gateway.
The user equipment according to claim 7, wherein the data packet further comprises an identifier of the destination server, and the identifier of the destination server is used by the serving gateway to establish a transmission control protocol TCP connection with the destination server, and The TCP connection sends the user data to the destination server.
The user equipment according to claim 7 or 8, wherein when the network side device includes the serving gateway, the data packet further includes an identifier of the serving gateway, and the identifier of the serving gateway is used for The base station transmits the data packet to the serving gateway.
User equipment according to any one of claims 7-9, characterized in that The transmitter sends the encrypted and integrity protected data packet to the network side device, including:

The encrypted and integrity-protected data packet is transmitted to the base station by the transmitter through a random access preamble message or an RRC connection setup request message.
A network side device, comprising: a processor, a receiver and a transmitter;

The processor is configured to invoke the data transfer program code stored in the memory to perform the following operations:

Receiving, by the receiver, a data packet sent by the user equipment UE when the RRC connection with the radio resource control of the base station is not established, the data packet includes an identifier of the UE and user data, and the data packet is encrypted by the UE And data packets obtained after integrity protection;

Determining, according to the identifier of the UE, a decryption key and an integrity verification key corresponding to the UE;

Decrypting and integrity verification of the data packet using the decryption key and the integrity verification key;

After the integrity verification of the data packet is successful, the user data is sent to the destination server.
The network side device according to claim 11, wherein the data packet further comprises a first random number generated by the UE;

Determining, according to the identifier of the UE, the decryption key and the integrity verification key corresponding to the UE, including:

Sending the identifier of the UE and the first random number to the home subscriber server HSS, generating an intermediate key of the UE by using the HSS, and generating the UE according to the intermediate key generated by the HSS Corresponding decryption key and integrity verification key, and storing a correspondence between the identifier of the UE and the decryption key and the integrity verification key.
The network side device according to claim 11 or 12, wherein the data packet further includes security algorithm indication information selected by the UE, and the security algorithm indication information is used by the network side device to determine a location The decryption algorithm and integrity verification algorithm used by the packet for decryption and integrity verification.
The network side device according to claim 11, wherein the processor further receives, by the receiver, a data packet sent by the user equipment UE when the radio resource control RRC connection with the base station is not established, the processor further uses For execution:

Receiving, by the receiver, an authentication request sent by the UE when the RRC connection is not established with the base station, where the authentication request includes an identifier of the UE;

Sending the authentication request to the home subscriber network (HSS), the authentication request is used to trigger the HSS to generate a second random number, and generate an intermediate key of the UE according to the identifier of the UE and the second random number. The network side device generates a decryption key and an integrity verification key according to the intermediate key generated by the HSS, and stores the identifier of the UE and the decryption key and the integrity verification key. Correspondence relationship

Sending, by the transmitter, a response message to the UE, the response message includes the second random number, where the second random number is used by the UE to generate encryption and integrity protection for the data packet Encryption key and integrity protection key.
The network side device according to any one of claims 11 to 14, wherein the processor is further configured to:

After the integrity verification of the data packet is successful, sending, by the transmitter, an acknowledgement message to the UE, where the acknowledgement message is used by the UE to use the integrity protection key of the UE to the acknowledgement message. Perform integrity verification.
The network side device according to claim 15, wherein the data packet further comprises a third random number generated by the UE, and the third random number is used by the UE to perform integrity on the acknowledgement message. After the verification is successful, the identifier of the UE is updated; the processor is further configured to:

After performing integrity verification on the data packet, updating the identifier of the UE according to the third random number, and storing the updated identifier of the UE and the decryption key and the integrity Verify the correspondence of the keys.
The network side device according to any one of claims 11 to 16, wherein the network The network side device includes a base station or a serving gateway.
The network side device according to claim 17, wherein the data packet further includes an identifier of the destination server;

The sending the user data to the destination server includes:

And establishing, by the identifier of the destination server, a transmission control protocol TCP connection with the destination server, and sending the user data to the destination server by using the TCP connection.
The network side device according to claim 17 or 18, wherein when the network side device includes the service gateway, the data packet further includes an identifier of the service gateway, and the identifier of the service gateway is used. The data packet is sent to the serving gateway by the base station.
The network side device according to any one of claims 17 to 19, wherein the receiving, by the receiver, a data packet that is sent by the user equipment UE when the RRC connection with the radio resource control of the base station is not established, includes:

And receiving, by the receiver, a data packet that is sent by the user equipment UE by using a random access preamble message or an RRC connection setup request message when the radio resource control RRC connection is not established with the base station.
A data transmission method, comprising:

The user equipment UE performs encryption and integrity protection on the data packet by using an encryption key and an integrity protection key, where the encryption key and the integrity protection key are the first generated by the UE according to the UE. Generating the random number or the second random number received from the network side device, where the data packet includes the identifier of the UE and user data;

The UE sends the encrypted and integrity-protected data packet to the network side device when the RRC connection with the radio resource control of the base station is not established.
The method according to claim 21, wherein said data packet further comprises said first random number, said first random number being used by said network side device to determine decryption and integrity of said data packet Verify the decryption key and integrity verification key used.
The method according to claim 21 or 22, wherein the data packet further comprises security algorithm indication information selected by the UE, the security algorithm indication information is used by the network side device to determine the data. The decryption algorithm and integrity verification algorithm used by the packet for decryption and integrity verification.
The method according to claim 21, wherein before the user equipment UE encrypts and integrity protects the data packet by using the encryption key and the integrity protection key, the method further includes:

When the UE does not establish the RRC connection with the base station, the UE sends an authentication request to the home subscription subscriber server HSS by using the network side device, where the authentication request includes an identifier of the UE, and the authentication request is used to trigger Generating, by the HSS, the second random number and determining, according to the identifier of the UE and the second random number, a decryption key and integrity used by the network side device to decrypt and integrity verify the data packet Verification key

Receiving, by the UE, a response message sent by the HSS by using the network side device, where the response message includes the second random number;

The UE performs integrity verification on the response message using the integrity protection key.
The method according to any one of claims 21 to 24, further comprising:

Receiving, by the UE, an acknowledgement message sent by the network side device after performing integrity verification on the data packet;

The UE performs integrity verification on the acknowledgement message using the integrity protection key.
The method according to claim 25, wherein the data packet further comprises a third random number generated by the UE, where the third random number is used by the network side device to complete the data packet. After the verification is successful, the identifier of the UE is updated; the method further includes:

After the UE performs the integrity verification on the acknowledgment message, the UE updates the identifier of the UE according to the third random number.
Method according to any of claims 21-26, characterized in that said network side setting It includes a base station or a service gateway.
The method according to claim 27, wherein the data packet further comprises an identifier of the destination server, and the identifier of the destination server is used by the serving gateway to establish a transmission control protocol TCP connection with the destination server, and by using the The TCP connection sends the user data to the destination server.
The method according to claim 27 or 28, wherein when the network side device comprises the serving gateway, the data packet further comprises an identifier of the serving gateway, and the identifier of the serving gateway is used for a base station The data packet is sent to the serving gateway.
The method according to any one of claims 27 to 29, wherein the transmitting the encrypted and integrity-protected data packet to the network side device comprises:

The data packet after the encryption and integrity protection is sent to the base station through a random access preamble message or an RRC connection setup request message.
A data transmission method, comprising:

The network side device receives a data packet that is sent by the user equipment UE when the RRC connection with the radio resource control of the base station is not established, where the data packet includes the identifier of the UE and user data, and the data packet is encrypted and complete for the UE. Data packets obtained after sexual protection;

Determining, by the network side device, a decryption key and an integrity verification key corresponding to the UE according to the identifier of the UE;

The network side device decrypts and completes the data packet by using the decryption key and the integrity verification key;

After the network side device successfully performs integrity verification on the data packet, the network side device sends the user data to the destination server.
The method according to claim 31, wherein the data packet further comprises a first random number generated by the UE;

Determining, by the network side device, the decryption key and the integrity verification key corresponding to the UE according to the identifier of the UE, including:

The network side device sends the identifier of the UE and the first random number to the home subscription subscriber server HSS, generates an intermediate key of the UE by using the HSS, and generates the intermediate density according to the HSS. The key generates a decryption key and an integrity verification key corresponding to the UE, and stores a correspondence between the identifier of the UE and the decryption key and the integrity verification key.
The method according to claim 31 or 32, wherein the data packet further comprises security algorithm indication information selected by the UE, the security algorithm indication information is used by the network side device to determine the data. The decryption algorithm and integrity verification algorithm used by the packet for decryption and integrity verification.
The method according to claim 31, wherein the network side device, before receiving the data packet sent by the user equipment UE when the radio resource control RRC connection with the base station is not established, further includes:

The network side device receives an authentication request that is sent by the UE when the RRC connection is not established with the base station, where the authentication request includes an identifier of the UE;

The network side device sends the authentication request to the home subscription subscriber server HSS, where the authentication request is used to trigger the HSS to generate a second random number and generate the identifier according to the identifier of the UE and the second random number. An intermediate key of the UE, the network side device generates a decryption key and an integrity verification key according to the intermediate key generated by the HSS, and stores the identifier of the UE and the decryption key and the complete The correspondence between the verification keys;

Sending, by the network side device, a response message to the UE, where the response message includes the second random number, where the second random number is used by the UE to generate encryption and integrity protection for the data packet. Encryption key and integrity protection key.
The method of any of claims 31-34, further comprising:

After the network side device successfully performs integrity verification on the data packet, the network side device sends an acknowledgement message to the UE, where the acknowledgement message is used by the UE to use the integrity protection key pair of the UE. Confirm the message for integrity verification.
The method according to claim 35, wherein the data packet further comprises a third random number generated by the UE, and the third random number is used by the UE to successfully verify the integrity of the acknowledgement message. And updating the identifier of the UE; the method further includes:

After the integrity verification of the data packet is successful, the network side device updates the identifier of the UE according to the third random number, and stores the updated identifier of the UE and the decryption key. Correspondence relationship with the integrity verification key.
The method according to any one of claims 31 to 36, wherein the network side device comprises a base station or a serving gateway.
The method according to claim 37, wherein said data packet further comprises an identifier of a destination server;

The sending the user data to the destination server includes:

The serving gateway establishes a transmission control protocol TCP connection with the destination server according to the identifier of the destination server, and sends the user data to the destination server by using the TCP connection.
The method according to claim 37 or 38, wherein when the network side device comprises the serving gateway, the data packet further comprises an identifier of the serving gateway, and the identifier of the serving gateway is used for a base station The data packet is sent to the serving gateway.
The method according to any one of claims 37 to 39, wherein the network side device receives a data packet that is sent by the user equipment UE when the radio resource control RRC connection with the base station is not established, and includes:

The base station receives a data packet that is sent by the user equipment UE by using a random access preamble message or an RRC connection setup request message when the radio resource control RRC connection is not established with the base station.