WO2018010150A1 - Authentication method and authentication system - Google Patents

Authentication method and authentication system Download PDF

Info

Publication number
WO2018010150A1
WO2018010150A1 PCT/CN2016/090083 CN2016090083W WO2018010150A1 WO 2018010150 A1 WO2018010150 A1 WO 2018010150A1 CN 2016090083 W CN2016090083 W CN 2016090083W WO 2018010150 A1 WO2018010150 A1 WO 2018010150A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
authentication
scef
request
application
Prior art date
Application number
PCT/CN2016/090083
Other languages
French (fr)
Chinese (zh)
Inventor
陈佳佳
汪淑华
谢翔
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to CN201680063779.9A priority Critical patent/CN108353279B/en
Priority to PCT/CN2016/090083 priority patent/WO2018010150A1/en
Publication of WO2018010150A1 publication Critical patent/WO2018010150A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Definitions

  • the operator interacts with the MME and the HSS through the SCEF entity to obtain an application layer key negotiated by the core network and the UE, and allocates the application layer key through the secure channel when the AS requests.
  • the GBA-based authentication framework must perform two AKA authentications.
  • the authentication method provided by the embodiment of the present invention can perform only one AKA authentication, thereby improving the network access speed and reducing terminal consumption.
  • the UE sends a user authentication response to the MME, where the user authentication response carries the RES.
  • the sending, by the SCEF, the key response to the AS in step 47 may include: the SCEF determining the IMSI and the foregoing, where the binding relationship between the IMSI of the UE and the application identifier AppID is set in the SCEF. Whether the application identifier carried in the key request has a binding relationship, and when there is a binding relationship, the key response is sent to the AS. Certainly, if the IMSI and the application identifier carried in the key request do not have a binding relationship, the SCEF may return an authentication failure to the AS, for example, by using a key response.
  • the authentication system 600 further includes an MME 604.
  • the present invention binds the network layer identifier and the application layer identifier to the SCEF, and the binding between the network layer and the application layer is unified through the binding relationship.
  • the application server inherits the network authentication result of the UE. If the network authentication is passed, the authentication of the corresponding corresponding WU at the application layer is also passed.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Embodiments of the present invention relate to the field of communications. Provided are an authentication method and an authentication system. The method comprises: when network login authentication is successful for a user equipment, same generates a key Ks_AS for use in an application service and transmits an application request to an application server (AS), the application request carrying a global unique temporary identity (GUTI); when the application request is received by the AS, same transmits a key request to a service capability exposure function (SCEF), the key request carrying the GUTI and an identity of the AS; the SCEF acquires the network login authentication result of the UE, when the network login authentication result is authentication successful, generates a key Ks_AS for use in the application service, and transmits a key response to the AS on the basis of the identity of the AS, the key response carrying the key Ks_AS. The present invention is for use in authentication of an IoT device.

Description

一种认证方法和认证系统Authentication method and authentication system 技术领域Technical field
本发明实施例涉及通信领域,特别涉及一种认证方法和认证系统。The embodiments of the present invention relate to the field of communications, and in particular, to an authentication method and an authentication system.
背景技术Background technique
随着物联网时代的到来,人们生活变得更加方便智能,同时也带来新的挑战和机遇。物联网连接所有智能设备,网络边界进一步被削弱,网络技术种类繁多和业务范围上无限扩展,大到国家电网小到个人病例,物联网承载信息对国家基础、社会和个人构成新的安全威胁。因此物联网安全必然成为制约网络全面发展的重要因素。With the advent of the Internet of Things era, people's lives have become more convenient and intelligent, but also bring new challenges and opportunities. The Internet of Things connects all smart devices, the network boundary is further weakened, the network technology is numerous and the business scope is infinitely expanded. As the national power grid is small to individual cases, the Internet of Things carries information posing a new security threat to the national foundation, society and individuals. Therefore, the security of the Internet of Things will inevitably become an important factor restricting the overall development of the network.
为保证物联网安全,目前已经存在可以应用于物联网的认证技术有通用引导架构(Generic Bootstrapping Architecture,GBA)。基于GBA的认证框架必须进行两次认证密钥协商(Authentication and KeyAgreement,AKA)认证,这样会导致用户设备(User Equipment,UE)的开销较大,且导致UE接入网络的速度降低。In order to ensure the security of the Internet of Things, there are already existing authentication technologies that can be applied to the Internet of Things, such as the Generic Bootstrapping Architecture (GBA). The GBA-based authentication framework must perform two authentication and key agreement (AKA) authentications. This can result in a large overhead of the user equipment (User Equipment, UE) and a decrease in the speed at which the UE accesses the network.
发明内容Summary of the invention
本发明实施例提供一种认证方法和认证系统,以降低UE的开销,同时提高入网速度。The embodiment of the invention provides an authentication method and an authentication system to reduce the overhead of the UE and improve the network access speed.
第一方面,提供一种认证方法,所述方法包括:In a first aspect, an authentication method is provided, the method comprising:
UE在入网认证成功后,生成用于应用服务的密钥Ks_AS,并向应用服务器(Application Server,AS)发送应用请求,所述应用请求携带全局唯一的临时标识(Globally Unique Temporary Identity,GUTI);After the network authentication is successful, the UE generates a key Ks_AS for the application service, and sends an application request to the application server (AS), where the application request carries a Globally Unique Temporary Identity (GUTI);
所述AS在接收到所述应用请求后,向服务能力开放功能(Service Capability Exposure Function,SCEF)发送密钥请求,所述密钥请求携带所述GUTI和所述AS的标识;After receiving the application request, the AS sends a key request to a Service Capability Exposure Function (SCEF), where the key request carries the identifier of the GUTI and the AS;
所述SCEF获取所述UE的入网认证结果,并在所述入网认证结果为认证成功时,生成用于应用服务的密钥Ks_AS,并根据所述AS的标识向所述AS 发送密钥响应,所述密钥响应中携带所述密钥Ks_AS。The SCEF obtains the network access authentication result of the UE, and when the network access authentication result is successful, generates a key Ks_AS for the application service, and sends the key to the AS according to the identifier of the AS. Sending a key response, the key response carrying the key Ks_AS.
GBA认证框架在UE入网时会进行一次3GPP-AKA认证,并在分配密钥时还需要进行一次GBA-AKA认证,这对UE终端会带来大的开销。利用本发明实施例的认证方法,直接利用UE的入网认证结果,而无需进行GBA-AKA认证,如此,通过减少认证次数,可以降低UE的开销,同时提高入网速度。The GBA authentication framework performs a 3GPP-AKA authentication when the UE accesses the network, and also needs to perform GBA-AKA authentication when assigning a key, which brings great overhead to the UE terminal. The authentication method of the embodiment of the present invention directly utilizes the network access authentication result of the UE without performing GBA-AKA authentication. Thus, by reducing the number of authentications, the UE overhead can be reduced and the network access speed can be improved.
结合第一方面,在第一种可能的实现方式中,所述SCEF获取所述UE的入网认证结果包括:With reference to the first aspect, in a first possible implementation manner, the acquiring, by the SCEF, the network access authentication result of the UE includes:
所述SCEF向移动性管理实体MME发送认证结果请求,所述认证结果请求携带GUTI;Sending, by the SCEF, an authentication result request to the mobility management entity MME, where the authentication result request carries a GUTI;
所述SCEF接收所述MME返回的认证结果响应,所述认证结果响应中携带入网认证结果和GUTI。The SCEF receives the authentication result response returned by the MME, and the authentication result response carries the network access authentication result and the GUTI.
这种获取入网认证结果的方式由SCEF主动获取UE的入网认证结果,可由SCEF根据自身需要来获取,可以方便SCEF的操作。The method for obtaining the network access authentication result is obtained by the SCEF actively obtaining the network access authentication result of the UE, and can be obtained by the SCEF according to its own needs, which can facilitate the operation of the SCEF.
结合第一方面的第一种实现方式,在第二种可能的实现方式中,所述方法还包括:在入网认证的过程中,所述SCEF接收归属用户服务器HSS发送的密钥材料集合,所述密钥材料集合包括所述UE的国际移动用户识别码IMSI、认证随机数RAND和主密钥Ks;With reference to the first implementation manner of the first aspect, in a second possible implementation manner, the method further includes: in a process of network access authentication, the SCEF receives a key material set sent by a home subscriber server HSS, where The set of key materials includes an International Mobile Subscriber Identity (IMSI) of the UE, an authentication random number RAND, and a master key Ks;
所述认证结果响应中还携带RAND、IMSI,在所述SCEF接收所述MME返回的认证结果响应之后,所述生成用于应用服务的密钥Ks_AS包括:根据所述认证结果响应中的IMSI、RAND检索数据库得到主密钥Ks,根据主密钥Ks生成用于应用服务的密钥Ks_AS。The authentication result response further includes a RAND, an IMSI, and after the SCEF receives the authentication result response returned by the MME, the generating a key Ks_AS for the application service includes: according to the IMSI in the response result response, The RAND retrieves the database to obtain the master key Ks, and generates a key Ks_AS for the application service based on the master key Ks.
结合第一方面,在第三种可能的实现方式中,所述SCEF获取所述UE的入网认证结果包括:With reference to the first aspect, in a third possible implementation, the acquiring, by the SCEF, the network access authentication result of the UE includes:
所述SCEF接收MME在对所述UE认证成功时发送的携带入网认证结果和GUTI的通知消息;The SCEF receives a notification message that is sent by the MME to carry the network authentication result and the GUTI when the UE is successfully authenticated by the MME;
所述SCEF根据所述通知消息,获知所述UE的入网认证结果。The SCEF learns the network access authentication result of the UE according to the notification message.
这种获取入网认证结果的方式由MME主动向SCEF发送UE的入网认证结果,可减少通信环节,节省网络开销。In this manner, the MME actively sends the UE's network access authentication result to the SCEF, which can reduce the communication link and save network overhead.
结合第一方面的第三种实现方式,在第四种可能的实现方式中,在所述SCEF接收所述MME的通知消息之前,所述方法还包括:所述MME接收来自HSS的指示标识,所述指示标识指示所述MME向所述SCEF发送所述通知 消息;With reference to the third implementation manner of the first aspect, in a fourth possible implementation, before the SCEF receives the notification message of the MME, the method further includes: the MME receiving an indication identifier from the HSS, The indication identifier instructs the MME to send the notification to the SCEF Message
所述方法还包括:在入网认证的过程中,所述SCEF接收所述HSS发送的密钥材料集合,所述密钥材料集合包括所述UE的IMSI、RAND和主密钥Ks;The method further includes: in the process of network access authentication, the SCEF receives a key material set sent by the HSS, where the key material set includes an IMSI, a RAND, and a master key Ks of the UE;
所述通知消息中还携带RAND、IMSI,在所述SCEF接收所述通知消息之后,所述生成用于应用服务的密钥Ks_AS包括:根据所述通知消息中的IMSI、RAND检索数据库得到主密钥Ks,根据主密钥Ks生成用于应用服务的密钥Ks_AS。The notification message further includes a RAND and an IMSI. After the SCEF receives the notification message, the generating a key Ks_AS for the application service includes: obtaining a primary key according to the IMSI and RAND search databases in the notification message. The key Ks generates a key Ks_AS for the application service based on the master key Ks.
结合第一方面,在第五种可能的实现方式中,所述应用请求和所述密钥请求中还携带应用标识AppID,所述应用标识为所述UE要访问的应用的标识,所述SCEF上预先设置有IMSI和应用标识AppID的绑定关系;With reference to the first aspect, in a fifth possible implementation, the application request and the key request further carry an application identifier AppID, where the application identifier is an identifier of an application to be accessed by the UE, the SCEF The binding relationship between the IMSI and the application identifier AppID is preset in advance;
所述SCEF向所述AS发送密钥响应包括:所述SCEF确定所述UE的IMSI和所述密钥请求中携带的应用标识存在绑定关系,向所述AS发送密钥响应。The sending, by the SCEF, the key response to the AS includes: determining, by the SCEF, that the IMSI of the UE and the application identifier carried in the key request have a binding relationship, and sending a key response to the AS.
通过将网络层标识和应用层标识绑定在SCEF中,通过这种绑定关系实现网络层和应用层认证的统一。这样一来,应用服务器可继承对UE的网络认证结果,如果UE网络认证通过,则默认UE在应用层的认证也通过。如此,可节省UE在应用层的认证流程,降低UE的开销。By binding the network layer identifier and the application layer identifier to the SCEF, the binding between the network layer and the application layer is unified through this binding relationship. In this way, the application server can inherit the network authentication result for the UE. If the UE network authentication passes, the authentication of the default UE at the application layer also passes. In this way, the UE's authentication process at the application layer can be saved, and the overhead of the UE can be reduced.
结合第一方面,在第六种可能的实现方式中,在所述UE向AS发送应用请求之前,所述方法还包括:With reference to the first aspect, in a sixth possible implementation, before the UE sends an application request to the AS, the method further includes:
所述UE生成会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc和应用层完整性密钥Ks_AS_int;根据所述会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc,生成会话密钥K_app;根据所述会话密钥随机数RAND_AS和所述应用层完整性密钥Ks_AS_int,生成第一消息认证码;The UE generates a session key random number RAND_AS, an application layer encryption key Ks_AS_enc, and an application layer integrity key Ks_AS_int; and generates a session key K_app according to the session key random number RAND_AS and the application layer encryption key Ks_AS_enc; The session key random number RAND_AS and the application layer integrity key Ks_AS_int generate a first message authentication code;
所述UE向AS发送应用请求包括:所述UE向AS发送携带所述会话密钥随机数RAND_AS和所述第一消息认证码的应用请求;The sending, by the UE, an application request to the AS includes: sending, by the UE, an application request that carries the session key random number RAND_AS and the first message authentication code to the AS;
在所述SCEF向所述AS发送密钥响应之后,所述方法还包括:所述AS生成应用层加密密钥Ks_AS_enc和应用层完整性密钥Ks_AS_int,并利用所述应用层完整性密钥Ks_AS_int验证所述第一消息认证码,在所述第一消息认证码验证通过时,根据所述会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc,生成会话密钥K_app。After the SCEF sends a key response to the AS, the method further includes: the AS generating an application layer encryption key Ks_AS_enc and an application layer integrity key Ks_AS_int, and utilizing the application layer integrity key Ks_AS_int The first message authentication code is verified, and when the first message authentication code is verified, the session key K_app is generated according to the session key random number RAND_AS and the application layer encryption key Ks_AS_enc.
结合第一方面,在第七种可能的实现方式中,所述方法还包括:With reference to the first aspect, in a seventh possible implementation, the method further includes:
所述UE生成会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc和 应用层完整性密钥Ks_AS_int;根据所述会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc,生成会话密钥K_app;;The UE generates a session key random number RAND_AS, an application layer encryption key Ks_AS_enc, and Applying the layer integrity key Ks_AS_int; generating a session key K_app according to the session key random number RAND_AS, the application layer encryption key Ks_AS_enc;
所述UE利用公钥加密所述会话密钥随机数RAND_AS生成经加密随机数C,并根据所述经加密随机数C和所述应用层完整性密钥Ks_AS_int,生成第二消息认证码;The UE generates the encrypted random number C by using the public key to encrypt the session key random number RAND_AS, and generates a second message authentication code according to the encrypted random number C and the application layer integrity key Ks_AS_int;
所述UE向AS发送应用请求包括:所述UE向AS发送携带所述第二消息认证码和经加密随机数C的应用请求;The sending, by the UE, an application request to the AS includes: sending, by the UE, an application request that carries the second message authentication code and the encrypted random number C to the AS;
在所述SCEF向所述AS发送密钥响应之后,所述方法还包括:所述AS生成加密密钥Ks_AS_enc和完整性密钥Ks_AS_int,并利用所述完整性密钥Ks_AS_int验证所述第二消息认证码,在所述第二消息认证码验证通过时,所述AS用私钥解密经加密随机数C,以得到会话密钥随机数RAND_AS,并根据所述会话密钥随机数RAND_AS、加密密钥Ks_AS_enc,生成会话密钥K_app。After the SCEF sends a key response to the AS, the method further includes: the AS generating an encryption key Ks_AS_enc and an integrity key Ks_AS_int, and verifying the second message by using the integrity key Ks_AS_int An authentication code, when the second message authentication code is verified, the AS decrypts the encrypted random number C with a private key to obtain a session key random number RAND_AS, and according to the session key random number RAND_AS, encryption secret The key Ks_AS_enc generates a session key K_app.
这种基于证书的会话密钥生成方式可以在UE和AS之间形成端到端的安全通道,保证了UE和AS之间通信的安全性。This certificate-based session key generation method can form an end-to-end secure channel between the UE and the AS, ensuring the security of communication between the UE and the AS.
结合第一方面,在第八种可能的实现方式中,所述方法还包括:With reference to the first aspect, in an eighth possible implementation, the method further includes:
所述UE向所述AS发送密钥更新请求;Sending, by the UE, a key update request to the AS;
所述AS向所述SCEF转发所述密钥更新请求;The AS forwards the key update request to the SCEF;
所述SCEF向MME发送引导重协商请求;Sending, by the SCEF, a bootstrap renegotiation request to the MME;
所述MME向所述UE发送重新认证请求。The MME sends a re-authentication request to the UE.
其中,所述密钥更新请求是对主密钥的更新请求。如此一来,可以实现对主密钥的更新。The key update request is an update request for the master key. In this way, the update of the master key can be implemented.
结合第一方面,在第九种可能的实现方式中,所述方法还包括:In conjunction with the first aspect, in a ninth possible implementation, the method further includes:
所述AS向所述SCEF发送密钥更新请求;Sending, by the AS, a key update request to the SCEF;
所述SCEF向MME发送引导重协商请求;Sending, by the SCEF, a bootstrap renegotiation request to the MME;
所述MME向所述UE发送重新认证请求。The MME sends a re-authentication request to the UE.
其中,所述密钥更新请求是对主密钥的更新请求。如此一来,可以实现对主密钥的更新。The key update request is an update request for the master key. In this way, the update of the master key can be implemented.
第二方面,提供一种认证系统,所述系统包括用户设备UE、应用服务器AS和服务能力开放功能SCEF;A second aspect provides an authentication system, where the system includes a user equipment UE, an application server AS, and a service capability open function SCEF;
所述UE,用于在入网认证成功后,生成用于应用服务的密钥Ks_AS,并 向所述AS发送应用请求,所述应用请求携带全局唯一的临时标识GUTI;The UE is configured to generate a key Ks_AS for the application service after the network access authentication succeeds, and Sending an application request to the AS, where the application request carries a globally unique temporary identifier GUTI;
所述AS,用于在接收到所述应用请求后,向所述SCEF发送密钥请求,所述密钥请求携带所述GUTI和所述AS的标识;The AS is configured to send a key request to the SCEF after receiving the application request, where the key request carries the identifier of the GUTI and the AS;
所述SCEF,用于获取所述UE的入网认证结果,并在所述入网认证结果为认证成功时,生成用于应用服务的密钥Ks_AS,并根据所述AS的标识向所述AS发送密钥响应,所述密钥响应中携带所述密钥Ks_AS。The SCEF is configured to obtain the network access authentication result of the UE, and when the network access authentication result is successful, generate a key Ks_AS for the application service, and send the key to the AS according to the identifier of the AS. Key response, the key response carrying the key Ks_AS.
结合第二方面,在第一种可能的实现方式中,所述认证系统还包括移动性管理实体MME,With reference to the second aspect, in a first possible implementation manner, the authentication system further includes a mobility management entity MME,
所述SCEF具体用于:向MME发送认证结果请求,所述认证结果请求携带GUTI;接收所述MME返回的认证结果响应,所述认证结果响应中携带入网认证结果和GUTI。The SCEF is specifically configured to: send an authentication result request to the MME, where the authentication result request carries the GUTI; and receive an authentication result response returned by the MME, where the authentication result response carries the network access authentication result and the GUTI.
结合第二方面的第一种实现方式,在第二种可能的实现方式中,所述认证系统还包括归属用户服务器HSS,With reference to the first implementation manner of the second aspect, in a second possible implementation manner, the authentication system further includes a home subscriber server HSS,
所述SCEF还用于:在入网认证的过程中,接收HSS发送的密钥材料集合,所述密钥材料集合包括所述UE的国际移动用户识别码IMSI、认证随机数RAND和主密钥Ks;The SCEF is further configured to receive, in the process of network access authentication, a set of key materials sent by the HSS, where the set of key materials includes an International Mobile Subscriber Identity (IMSI), an authentication random number RAND, and a master key Ks of the UE. ;
所述认证结果响应中还携带RAND、IMSI,在所述SCEF接收所述MME返回的认证结果响应之后,所述SCEF具体用于:根据所述认证结果响应中的IMSI、RAND检索数据库得到主密钥Ks,根据主密钥Ks生成用于应用服务的密钥Ks_AS。The authentication result response further includes a RAND and an IMSI. After the SCEF receives the authentication result response returned by the MME, the SCEF is specifically configured to: obtain a primary key according to the IMSI and RAND search databases in the authentication result response. The key Ks generates a key Ks_AS for the application service based on the master key Ks.
结合第二方面,在第三种可能的实现方式中,所述认证系统还包括移动性管理实体MME,With reference to the second aspect, in a third possible implementation manner, the authentication system further includes a mobility management entity MME,
所述SCEF具体用于:The SCEF is specifically used to:
接收MME在对所述UE认证成功时发送的携带入网认证结果和GUTI的通知消息;Receiving a notification message carrying the network access authentication result and the GUTI sent by the MME when the UE is successfully authenticated;
根据所述通知消息,获知所述UE的入网认证结果。Obtaining the network access authentication result of the UE according to the notification message.
结合第二方面的第三种实现方式,在第四种可能的实现方式中,所述认证系统还包括归属用户服务器HSS,With reference to the third implementation manner of the second aspect, in a fourth possible implementation manner, the authentication system further includes a home subscriber server (HSS),
在所述SCEF接收所述MME的通知消息之前,所述MME用于接收来自HSS的指示标识,所述指示标识指示所述MME向所述SCEF发送所述通知消息; Before the SCEF receives the notification message of the MME, the MME is configured to receive an indication identifier from the HSS, where the indication identifier indicates that the MME sends the notification message to the SCEF;
在入网认证的过程中,所述SCEF还用于:接收所述HSS发送的密钥材料集合,所述密钥材料集合包括所述UE的IMSI、RAND和主密钥Ks;In the process of network access authentication, the SCEF is further configured to: receive a key material set sent by the HSS, where the key material set includes an IMSI, a RAND, and a master key Ks of the UE;
所述通知消息中还携带RAND、IMSI,在所述SCEF接收所述通知消息之后,所述SCEF具体用于:根据所述通知消息中的IMSI、RAND检索数据库得到主密钥Ks,根据主密钥Ks生成用于应用服务的密钥Ks_ASThe notification message further includes a RAND and an IMSI. After the SCEF receives the notification message, the SCEF is specifically configured to: obtain a master key Ks according to the IMSI and RAND search databases in the notification message, according to the primary key. Key Ks generates key Ks_AS for application service
结合第二方面,在第五种可能的实现方式中,所述应用请求和所述密钥请求中还携带应用标识AppID,所述应用标识为所述UE要访问的应用的标识,所述SCEF上预先设置有IMSI和应用标识AppID的绑定关系;With reference to the second aspect, in a fifth possible implementation, the application request and the key request further carry an application identifier AppID, where the application identifier is an identifier of an application to be accessed by the UE, the SCEF The binding relationship between the IMSI and the application identifier AppID is preset in advance;
所述SCEF具体用于:确定所述UE的IMSI和所述密钥请求中携带的应用标识存在绑定关系,向所述AS发送密钥响应。The SCEF is specifically configured to determine that a binding relationship exists between the IMSI of the UE and the application identifier carried in the key request, and send a key response to the AS.
结合第二方面,在第六种可能的实现方式中,在所述UE向AS发送应用请求之前,所述UE还用于:With reference to the second aspect, in a sixth possible implementation, before the UE sends an application request to the AS, the UE is further configured to:
生成会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc和应用层完整性密钥Ks_AS_int;根据所述随机数RAND_AS、应用层加密密钥Ks_AS_enc,生成会话密钥K_app;根据所述会话密钥随机数RAND_AS和所述应用层完整性密钥Ks_AS_int,生成第一消息认证码;Generating a session key random number RAND_AS, an application layer encryption key Ks_AS_enc, and an application layer integrity key Ks_AS_int; generating a session key K_app according to the random number RAND_AS, the application layer encryption key Ks_AS_enc; randomly according to the session key a number RAND_AS and the application layer integrity key Ks_AS_int, generating a first message authentication code;
向AS发送携带所述会话密钥随机数RAND_AS和所述第一消息认证码的应用请求;Sending, to the AS, an application request that carries the session key random number RAND_AS and the first message authentication code;
在所述SCEF向所述AS发送密钥响应之后,所述AS还用于:生成应用层加密密钥Ks_AS_enc和应用层完整性密钥Ks_AS_int,并利用所述完整性密钥Ks_AS_int验证所述第一消息认证码,在所述第一消息认证码验证通过时,根据所述会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc,生成会话密钥K_app。After the SCEF sends a key response to the AS, the AS is further configured to: generate an application layer encryption key Ks_AS_enc and an application layer integrity key Ks_AS_int, and verify the number by using the integrity key Ks_AS_int a message authentication code, when the first message authentication code is verified, generates a session key K_app according to the session key random number RAND_AS and the application layer encryption key Ks_AS_enc.
结合第二方面,在第七种可能的实现方式中,在所述UE向AS发送应用请求之前,所述UE还用于:With reference to the second aspect, in a seventh possible implementation, before the UE sends an application request to the AS, the UE is further configured to:
生成会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc和应用层完整性密钥Ks_AS_int;根据所述会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc,生成会话密钥K_app;Generating a session key random number RAND_AS, an application layer encryption key Ks_AS_enc and an application layer integrity key Ks_AS_int; generating a session key K_app according to the session key random number RAND_AS, the application layer encryption key Ks_AS_enc;
利用公钥加密所述会话密钥随机数RAND_AS生成经加密随机数C,并根据所述经加密随机数C和所述应用层完整性密钥Ks_AS_int,生成第二消息认证码; Encrypting the session key random number RAND_AS with a public key to generate an encrypted random number C, and generating a second message authentication code according to the encrypted random number C and the application layer integrity key Ks_AS_int;
向AS发送携带所述第二消息认证码和经加密随机数C的应用请求;Sending, to the AS, an application request that carries the second message authentication code and the encrypted random number C;
在所述SCEF向所述AS发送密钥响应之后,所述AS还用于:生成应用层加密密钥Ks_AS_enc和应用层完整性密钥Ks_AS_int,并利用所述完整性密钥Ks_AS_int验证所述第二消息认证码,在所述第二消息认证码验证通过时,所述AS用私钥解密经加密随机数C,以得到会话密钥随机数RAND_AS,并根据所述会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc,生成会话密钥K_app。After the SCEF sends a key response to the AS, the AS is further configured to: generate an application layer encryption key Ks_AS_enc and an application layer integrity key Ks_AS_int, and verify the number by using the integrity key Ks_AS_int a message authentication code, when the second message authentication code is verified, the AS decrypts the encrypted random number C with a private key to obtain a session key random number RAND_AS, and according to the session key random number RAND_AS, The session key K_app is generated by applying the layer encryption key Ks_AS_enc.
结合第二方面,在第八种可能的实现方式中,所述认证系统还包括MME,With reference to the second aspect, in an eighth possible implementation, the authentication system further includes an MME,
所述UE还用于,向所述AS发送密钥更新请求;The UE is further configured to send a key update request to the AS;
所述AS还用于,向所述SCEF转发所述密钥更新请求;The AS is further configured to forward the key update request to the SCEF;
所述SCEF还用于,向MME发送引导重协商请求;The SCEF is further configured to send a bootstrap renegotiation request to the MME;
所述MME用于,向所述UE发送重新认证请求。The MME is configured to send a re-authentication request to the UE.
结合第二方面,在第九种可能的实现方式中,所述认证系统还包括MME,With reference to the second aspect, in a ninth possible implementation manner, the authentication system further includes an MME,
所述AS还用于,向所述SCEF发送密钥更新请求;The AS is further configured to send a key update request to the SCEF;
所述SCEF还用于,向MME发送引导重协商请求;The SCEF is further configured to send a bootstrap renegotiation request to the MME;
所述MME还用于,向所述UE发送重新认证请求。The MME is further configured to send a re-authentication request to the UE.
本发明实施例提供的认证方法和认证系统,在UE入网认证成功的情况下,该UE需要访问AS时,无需进行GBA-AKA认证,可以直接通过SCEF获取所述UE的入网认证结果,并在确认所述UE入网认证通过时,直接生成用于应用服务的密钥Ks_AS。如此一来,通过减少认证次数,可以降低UE的开销,同时提高入网速度。The authentication method and the authentication system provided by the embodiment of the present invention, when the UE is successfully authenticated by the network, the UE needs to access the AS, and does not need to perform the GBA-AKA authentication, and can directly obtain the network access authentication result of the UE through the SCEF, and When it is confirmed that the UE enters the network authentication, the key Ks_AS for the application service is directly generated. In this way, by reducing the number of authentications, the overhead of the UE can be reduced, and the network access speed can be improved.
附图说明DRAWINGS
为了更清楚地说明本发明实施例中的技术方案,下面将对实施例描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings used in the description of the embodiments will be briefly described below. It is obvious that the drawings in the following description are only some embodiments of the present invention. Other drawings may also be obtained from those of ordinary skill in the art in light of the inventive work.
图1是本发明实施例提供的认证框架的示意图;1 is a schematic diagram of an authentication framework provided by an embodiment of the present invention;
图2示出本发明实施例提供的认证框架中各个网元之间的接口;2 shows an interface between each network element in an authentication framework provided by an embodiment of the present invention;
图3是本发明实施例提供的一种IOT引导认证方法的流程图;3 is a flowchart of an IOT boot authentication method according to an embodiment of the present invention;
图4A是本发明实施例提供的一种密钥更新方法的流程图; 4A is a flowchart of a method for updating a key according to an embodiment of the present invention;
图4B是本发明实施例提供的另一种密钥更新方法的流程图;4B is a flowchart of another method for updating a key according to an embodiment of the present invention;
图5是本发明实施例提供的另一种IOT引导认证方法的流程图;FIG. 5 is a flowchart of another IOT boot authentication method according to an embodiment of the present invention; FIG.
图6是本发明实施例提供的认证系统的示意图。FIG. 6 is a schematic diagram of an authentication system according to an embodiment of the present invention.
具体实施方式detailed description
为使本发明的目的、技术方案和优点更加清楚,下面将结合附图对本发明实施方式作进一步地详细描述。The embodiments of the present invention will be further described in detail below with reference to the accompanying drawings.
下面首先对本发明中提到的一些术语进行简单介绍。The following briefly introduces some of the terms mentioned in the present invention.
移动性管理实体(Mobility management entity,MME):是3GPP协议LTE接入网络的关键控制节点,通过与HSS交互完成对接入用户的认证。The Mobility Management Entity (MME) is a key control node of the 3GPP protocol LTE access network. The authentication of the access user is completed by interacting with the HSS.
归属用户服务器(Home Subscriber Server,HSS):存储用户信息的核心数据库,包括用户标识,用户安全上下文,及用户的签约信息。在MME认证用户时,为MME提供认证向量。Home Subscriber Server (HSS): A core database that stores user information, including user identification, user security context, and user subscription information. When the MME authenticates the user, the MME is provided with an authentication vector.
服务能力开放功能(Service Capability Exposure Function,SCEF):SCEF是3GPP标准组织在TS23.682中为IOT场景引进的实体,目的是为了为应用服务器提供服务能力开放。SCEF能将运营商的某些服务或者功能开放给第三方,比如应用服务器(Application Server,AS)。Service Capability Exposure Function (SCEF): SCEF is an entity introduced by the 3GPP standards organization for the IOT scenario in TS23.682. The purpose is to provide service capabilities for application servers. SCEF can open certain services or functions of operators to third parties, such as Application Server (AS).
全局唯一的临时标识(Globally Unique Temporary Identity,GUTI):包括两部分,一部分用来标识分配该GUTI的MME,另一部分用来标识UE。GUTI可以用来表示当前UE与当前MME的连接。GUTI由MME分配给UE,用来保护UE的永久标识符IMSI(International Mobile Subscriber Identity,国际移动用户识别码)。Globally Unique Temporary Identity (GUTI): It consists of two parts, one part is used to identify the MME that allocates the GUTI, and the other part is used to identify the UE. The GUTI can be used to indicate the connection between the current UE and the current MME. The GUTI is allocated to the UE by the MME to protect the UE's permanent identifier IMSI (International Mobile Subscriber Identity).
图1是本发明实施例提供的一种认证框架的示意图。该认证框架可应用于IOT场景。参照图1,该认证框架中涉及到的网元包括UE、MME、HSS、SCEF和AS。UE在访问AS上的应用服务之前,需要先进行入网认证。在进行入网认证的过程中,UE、MME以及HSS三者会进行相互通信。具体的入网认证过程会在后文中进一步描述。FIG. 1 is a schematic diagram of an authentication framework according to an embodiment of the present invention. This authentication framework can be applied to IOT scenarios. Referring to FIG. 1, the network elements involved in the authentication framework include a UE, an MME, an HSS, an SCEF, and an AS. Before accessing the application service on the AS, the UE needs to perform network access authentication. In the process of network access authentication, the UE, the MME, and the HSS communicate with each other. The specific network access authentication process will be further described later.
SCEF是3GPP标准组织在TS23.682中为物联网(Internet ofThings,IOT)场景引进的实体,目的是为了为应用服务器提供服务能力开放。本发明实施例中引入了SCEF,且在本发明实施例的应用场景中,SCEF和AS之间已经进行了相互认证,并通过例如传输层安全(Transport Layer Security,TLS)或者安全协 议(Internet Protocol Security,IPSec)建立了安全通道。SCEF is an entity introduced by the 3GPP standards organization for the Internet of Things (IOT) scenario in TS23.682, in order to provide service capabilities for application servers. The SCEF is introduced in the embodiment of the present invention, and in the application scenario of the embodiment of the present invention, mutual authentication has been performed between the SCEF and the AS, and through, for example, Transport Layer Security (TLS) or security association. Internet Protocol Security (IPSec) establishes a secure channel.
参照图1,本发明实施例提供的认证方法可以包括:Referring to FIG. 1, the authentication method provided by the embodiment of the present invention may include:
UE在入网认证成功后,生成用于应用服务的密钥Ks_AS,并向AS发送应用请求,所述应用请求携带GUTI;After the network authentication is successful, the UE generates a key Ks_AS for the application service, and sends an application request to the AS, where the application requests to carry the GUTI;
所述AS在接收到所述应用请求后,向SCEF发送密钥请求,所述密钥请求携带GUTI和所述AS的标识;After receiving the application request, the AS sends a key request to the SCEF, where the key request carries the GUTI and the identifier of the AS;
所述SCEF获取所述UE的入网认证结果,并在所述入网认证结果为认证成功时,生成用于应用服务的密钥Ks_AS,并根据所述AS的标识向所述AS发送密钥响应,所述密钥响应中携带所述密钥Ks_AS。The SCEF obtains the network access authentication result of the UE, and generates a key Ks_AS for the application service when the network access authentication result is successful, and sends a key response to the AS according to the identifier of the AS. The key response carries the key Ks_AS.
本发明实施例中,运营商通过SCEF实体与MME和HSS交互,获取核心网与UE协商的应用层密钥,并在AS请求时通过安全通道为其分配该应用层密钥。与相关技术基于GBA的认证框架必须进行两次AKA认证不同,本发明实施例提供的认证方法可以只进行一次AKA认证,从而提高入网速度、降低终端消耗。In the embodiment of the present invention, the operator interacts with the MME and the HSS through the SCEF entity to obtain an application layer key negotiated by the core network and the UE, and allocates the application layer key through the secure channel when the AS requests. Different from the related art, the GBA-based authentication framework must perform two AKA authentications. The authentication method provided by the embodiment of the present invention can perform only one AKA authentication, thereby improving the network access speed and reducing terminal consumption.
图2是示出本发明实施例提供的认证框架中各个网元之间的接口。参照图2,各个网元之间的主要接口及其功能如下:Figure 2 is a diagram showing the interfaces between the network elements in the authentication framework provided by the embodiment of the present invention. Referring to Figure 2, the main interfaces between the various network elements and their functions are as follows:
-T6a接口:SCEF与MME之间的接口,用于SCEF从MME获取UE的网络认证结果,以及将相应反馈传递给MME。-T6a interface: an interface between the SCEF and the MME, the SCEF obtains the network authentication result of the UE from the MME, and delivers the corresponding feedback to the MME.
-S6t接口:SCEF与HSS之间的接口,用于SCEF获取用于应用层的密钥以及用户的相关信息。- S6t interface: An interface between the SCEF and the HSS, used by the SCEF to obtain a key for the application layer and related information of the user.
-S6a接口:HSS与MME之间的接口,HSS利用该存量接口指示MME将入网认证结果和相关用户信息推送给SCEF。- S6a interface: an interface between the HSS and the MME. The HSS uses the inventory interface to instruct the MME to push the network access authentication result and related user information to the SCEF.
-Ua接口:UE与应用服务器之间的接口,用于传输用户面数据。-Ua interface: An interface between the UE and the application server for transmitting user plane data.
下面结合图3描述本发明实施例提供的IOT引导认证方法。需指出的是,本发明虽然针对IOT场景来描述,但是也可以应用于传统终端与应用服务器之间的认证,扩展运营商开放安全能力的范围。在本发明中,UE预置3GPP的凭证,即与HSS共享根密钥K。The IOT boot authentication method provided by the embodiment of the present invention is described below with reference to FIG. It should be noted that although the present invention is described for an IOT scenario, it can also be applied to authentication between a legacy terminal and an application server, and expands the scope of the operator's open security capability. In the present invention, the UE presets the 3GPP credentials, that is, shares the root key K with the HSS.
图3是本发明实施例提供的一种IOT引导认证方法的流程图。参照图3,本发明实施例提供一种认证方法,该认证方法在UE访问AS上的应用服务之前实施。所述认证方法可包括:FIG. 3 is a flowchart of an IOT boot authentication method according to an embodiment of the present invention. Referring to FIG. 3, an embodiment of the present invention provides an authentication method, which is implemented before a UE accesses an application service on an AS. The authentication method may include:
31.MME发起网络认证,向UE发送身份标识请求。 31. The MME initiates network authentication and sends an identity identification request to the UE.
32.UE在接收到所述身份标识请求之后,向MME发送用户标识响应,所述用户标识响应中携带用来标识所述UE身份的IMSI。After receiving the identity identification request, the UE sends a user identity response to the MME, where the user identity response carries an IMSI for identifying the identity of the UE.
33.MME向HSS发送认证数据请求,以请求HSS返回与UE相互认证的材料。所述认证数据请求中携带所述UE的IMSI。其中,认证数据请求的内容与TS 33.102/33.401中定义的一致。33. The MME sends an authentication data request to the HSS to request the HSS to return material that is mutually authenticated with the UE. The IMSI of the UE is carried in the authentication data request. The content of the authentication data request is consistent with that defined in TS 33.102/33.401.
34.HSS接收到认证数据请求后,根据所述认证数据请求中的IMSI在数据库中搜索共享的根密钥K。然后,HSS按照TS 33.401/33.102中的定义生成认证随机数RAND、响应值XRES、认证值AUTH、网络层加密密钥CK、网络层完整性密钥IK、接入安全管理实体密钥KASME。此外,HSS将会基于CK,IK生成用于应用层服务的应用层主密钥Ks。应用层主密钥Ks生成方式为Ks=KDF(CK||IK,“End-to-End_IOT”)。34. After receiving the authentication data request, the HSS searches the database for the shared root key K according to the IMSI in the authentication data request. The HSS then generates an authentication random number RAND, a response value XRES, an authentication value AUTH, a network layer encryption key CK, a network layer integrity key IK, and an access security management entity key KASME as defined in TS 33.401/33.102. In addition, the HSS will generate an application layer master key Ks for the application layer service based on CK, IK. The application layer master key Ks is generated in the manner of Ks=KDF(CK||IK, "End-to-End_IOT").
35.HSS向MME发送认证数据响应,所述认证数据响应中携带认证向量(Authentication Vector,AV)。其中,认证向量的组成方式为AV=(RAND,AUTH,XRES,KASME),与标准TS 33.401定义的一致。35. The HSS sends an authentication data response to the MME, where the authentication data response carries an Authentication Vector (AV). The authentication vector is composed of AV=(RAND, AUTH, XRES, K ASME ), which is consistent with the definition of the standard TS 33.401.
35.1HSS通过S6t接口向SCEF发送密钥材料(KeySet),所述密钥材料含有认证向量中的RAND、用户标识IMSI和密钥Ks。SCEF接收到所述密钥材料后,将在一段时间内保存该密钥材料。所述密钥材料后续将会用于AS。35.1 The HSS sends a key material (KeySet) to the SCEF through the S6t interface, where the key material contains the RAND, the user identifier IMSI, and the key Ks in the authentication vector. After receiving the key material, the SCEF will save the key material for a period of time. The key material will be used later for the AS.
36.MME向UE发送用户认证请求,该用户认证请求中携带RAND和AUTH。36. The MME sends a user authentication request to the UE, where the user authentication request carries RAND and AUTH.
37.UE按照标准TS33.401中定义利用根密钥K生成接入安全管理实体密钥KASME,并检查AUTH来认证网络,同时计算RES作为给MME的回应。其中,接入安全管理实体密钥KASME用于加密UE和MME之间的通信,检查AUTH是为了确认当前网络是否为可靠网络。37. The UE generates the access security management entity key KASME using the root key K as defined in the standard TS 33.401, and checks the AUTH to authenticate the network, and calculates the RES as a response to the MME. The access security management entity key KASME is used to encrypt communication between the UE and the MME, and the AUTH is checked to confirm whether the current network is a reliable network.
38.UE向MME发送用户认证响应,所述用户认证响应中携带RES。38. The UE sends a user authentication response to the MME, where the user authentication response carries the RES.
39.MME接收到所述用户认证响应后,检查所述用户认证响应当中的RES是否正确,以认证UE。即,MME将所述用户认证响应当中的RES与之前来自HSS的认证数据响应中携带的XRES进行比较,若二者相等,则UE认证成功,若二者不相等,则认证失败。After receiving the user authentication response, the MME checks whether the RES in the user authentication response is correct to authenticate the UE. That is, the MME compares the RES in the user authentication response with the XRES carried in the previous authentication data response from the HSS. If the two are equal, the UE authentication succeeds. If the two are not equal, the authentication fails.
40.如果认证成功,MME生成GUTI,并向UE发送认证成功(Authentication Successful)消息,所述认证成功消息中携带生成的所述GUTI。40. If the authentication is successful, the MME generates a GUTI, and sends an authentication success (Authentication Successful) message to the UE, where the authentication success message carries the generated GUTI.
41.UE生成主密钥Ks,然后生成用于应用服务的密钥Ks_AS,即UE-AS 主密钥。其中,Ks_AS的生成方式为Ks_AS=KDF(Ks,AS_ID),其中AS_ID表示AS的标识。41. The UE generates a master key Ks and then generates a key Ks_AS for the application service, ie UE-AS Master key. The Ks_AS is generated in the manner of Ks_AS=KDF(Ks, AS_ID), where AS_ID represents the identifier of the AS.
42.UE通过Ua接口向AS发送应用请求。该应用请求包含从步骤40中接收到的GUTI以及msg消息,其中,msg消息的内容与具体的协议相关。42. The UE sends an application request to the AS through the Ua interface. The application request contains the GUTI and msg messages received from step 40, wherein the content of the msg message is associated with a particular protocol.
43.AS接收到来自所述UE的应用请求后,向SCEF发送密钥请求,该密钥请求中携带GUTI和AS_ID。其中,AS_ID标识应用服务器的标识。43. After receiving the application request from the UE, the AS sends a key request to the SCEF, where the key request carries the GUTI and the AS_ID. The AS_ID identifies the identifier of the application server.
44.所述SCEF接收到所述密钥请求之后,向MME发送认证结果请求,以向MME询问相应UE的认证结果。其中,所述认证结果请求中携带GUTI。由于GUTI中包含MME和UE的标识,因而SCEF能找到对应的MME,且MME能找到对应的UE。After receiving the key request, the SCEF sends an authentication result request to the MME to query the MME for the authentication result of the corresponding UE. The request for the authentication result carries the GUTI. Since the GUTI includes the identifiers of the MME and the UE, the SCEF can find the corresponding MME, and the MME can find the corresponding UE.
45.MME接收到所述认证结果请求之后,根据所述认证结果请求中携带的GUTI找到相应的UE,并搜索该UE对应的认证结果。MME向SCEF返回认证结果响应,所述认证结果响应中携带认证结果、RAND、IMSI和GUTI。After receiving the authentication result request, the MME finds the corresponding UE according to the GUTI carried in the authentication result request, and searches for the authentication result corresponding to the UE. The MME returns an authentication result response to the SCEF, where the authentication result response carries the authentication result, RAND, IMSI, and GUTI.
46.SCEF在接收到来自MME的认证结果响应之后,如果认证结果为认证成功,则在数据库中根据认证结果响应中的RAND、IMSI检索得到相应的密钥Ks,并同时生成用于应用层的密钥Ks_AS,其中Ks_AS=KDF(Ks,AS_ID)。如果认证结果为认证失败,则SCEF不会在数据库中检索Ks,并可例如通过密钥响应向AS返回认证失败。After the SCEF receives the authentication result response from the MME, if the authentication result is successful, the corresponding key Ks is retrieved in the database according to the RAND and IMSI in the authentication result response, and simultaneously generated for the application layer. Key Ks_AS, where Ks_AS=KDF(Ks, AS_ID). If the authentication result is an authentication failure, the SCEF does not retrieve the Ks in the database and may return an authentication failure to the AS, for example, through a key response.
47.SCEF向AS发送密钥响应,所述密钥响应中携带用于应用层的密钥Ks_AS或认证失败。47. The SCEF sends a key response to the AS, where the key response carries a key Ks_AS for the application layer or an authentication failure.
48.AS在接收到所述密钥响应之后,向UE返回应用响应。48. After receiving the key response, the AS returns an application response to the UE.
本发明实施例提供的认证方法,在UE入网认证成功的情况下,该UE需要访问AS时,无需进行GBA-AKA认证,可以直接通过SCEF获取所述UE的入网认证结果,并在确认所述UE入网认证通过时,直接生成用于应用服务的密钥Ks_AS。如此一来,通过减少认证次数,可以降低UE的开销,同时提高入网速度。The authentication method provided by the embodiment of the present invention, if the UE is required to access the AS, if the UE needs to access the AS, the UE does not need to perform the GBA-AKA authentication, and the UE may obtain the network access authentication result of the UE directly through the SCEF, and confirm the When the UE enters the network authentication, the key Ks_AS for the application service is directly generated. In this way, by reducing the number of authentications, the overhead of the UE can be reduced, and the network access speed can be improved.
在本发明实施例中,UE可以有两种标识:一种是网络层标识,由IMSI表示;另一种是应用层标识,由AppID表示。为达到统一认证的目的,运营商与企业签订协议,将终端用户的网络层标识与应用层标识绑定。In the embodiment of the present invention, the UE may have two types of identifiers: one is a network layer identifier, which is represented by an IMSI; and the other is an application layer identifier, which is represented by an AppID. To achieve the purpose of unified authentication, the operator and the enterprise sign an agreement to bind the network layer identifier of the end user to the application layer identifier.
在本发明的一个实施例中,本发明实施例中UE的网络层标识IMSI和应用层标识AppID绑定在SCEF处。即,所述SCEF上可预先设置有所述UE的 IMSI和所述应用标识AppID的绑定关系。步骤42中的所述应用请求和步骤43中的所述密钥请求中还可携带应用标识AppID,所述应用标识为所述UE要访问的应用的标识。In an embodiment of the present invention, the network layer identifier IMSI and the application layer identifier AppID of the UE are bound to the SCEF in the embodiment of the present invention. That is, the SCEF may be preset with the UE. The binding relationship between the IMSI and the application identifier AppID. The application request in the step 42 and the key request in the step 43 may further carry an application identifier AppID, where the application identifier is an identifier of an application to be accessed by the UE.
在SCEF设置有的所述UE的IMSI和所述应用标识AppID的绑定关系情况下,步骤47中所述SCEF向所述AS发送密钥响应可包括:所述SCEF确定所述IMSI和所述密钥请求中携带的应用标识是否存在绑定关系,在存在绑定关系时,向所述AS发送密钥响应。当然,如果所述IMSI和所述密钥请求中携带的应用标识不存在绑定关系,则所述SCEF可例如通过密钥响应向所述AS返回认证失败。The sending, by the SCEF, the key response to the AS in step 47 may include: the SCEF determining the IMSI and the foregoing, where the binding relationship between the IMSI of the UE and the application identifier AppID is set in the SCEF. Whether the application identifier carried in the key request has a binding relationship, and when there is a binding relationship, the key response is sent to the AS. Certainly, if the IMSI and the application identifier carried in the key request do not have a binding relationship, the SCEF may return an authentication failure to the AS, for example, by using a key response.
在本发明实施例中,AS可继承UE的网络认证结果,如果UE入网认证通过,则默认对应的终端在应用层的认证也通过。基于图3所示的IOT引导认证流程,本发明实施例可以统一应用层和网络层认证。In the embodiment of the present invention, the AS may inherit the network authentication result of the UE. If the UE enters the network authentication, the authentication of the terminal corresponding to the default is also passed. Based on the IOT boot authentication process shown in FIG. 3, the embodiment of the present invention can unify the application layer and network layer authentication.
同时,可选地,在本步骤41中,所述UE还可生成会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc和应用层完整性密钥Ks_AS_int;根据所述会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc,生成会话密钥K_app;根据所述应用层完整性密钥Ks_AS_int,生成消息认证码t1(即,第一消息验证码)。In addition, optionally, in this step 41, the UE may further generate a session key random number RAND_AS, an application layer encryption key Ks_AS_enc, and an application layer integrity key Ks_AS_int; according to the session key random number RAND_AS, The session encryption key Ks_AS_enc is used to generate a session key K_app; and the message authentication code t 1 (ie, the first message verification code) is generated according to the application layer integrity key Ks_AS_int.
其中,应用层加密密钥Ks_AS_enc和应用层完整性密钥Ks_AS_int的生成方式可以为Ks_AS_enc=KDF(Ks_AS,“enc”)和Ks_AS_int=KDF(Ks_AS,“int”)。UE根据所述会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc,生成会话密钥K_app的方式可以为,K_app=KDF(Ks_AS_enc,RAND_AS)。同时,为保证GUTI和RAND_AS的完整性,UE利用应用层完整性密钥Ks_AS_int生成消息认证码t1,t1=MACKs_AS_int(GUTI,RAND_AS)。The application layer encryption key Ks_AS_enc and the application layer integrity key Ks_AS_int may be generated in the manner of Ks_AS_enc=KDF(Ks_AS, "enc") and Ks_AS_int=KDF(Ks_AS, "int"). The manner in which the UE generates the session key K_app according to the session key random number RAND_AS and the application layer encryption key Ks_AS_enc may be K_app=KDF(Ks_AS_enc, RAND_AS). Meanwhile, to ensure the integrity of GUTI and RAND_AS, the UE generates a message authentication code t 1 , t 1 =MAC Ks_AS_int (GUTI, RAND_AS) using the application layer integrity key Ks_AS_int.
可选地,在步骤42中,UE可以将RAND_AS和t1置于msg消息中,并通过应用请求(Application Request)发送给AS。Optionally, in step 42, the UE may place RAND_AS and t 1 in the msg message and send to the AS through an application request (Application Request).
可选地,在步骤48中,AS接收到Ks_AS后,生成Ks_AS_enc和Ks_AS_int,并且利用Ks_AS_int验证消息认证码t1。如果消息认证码t1验证通过,AS利用RAND_AS和Ks_AS_enc生成会话密钥K_app。如果消息认证码t1验证失败,则不生成会话密钥K_app,在步骤48中的应用响应中携带认证失败。Optionally, in step 48, after receiving the Ks_AS, the AS generates Ks_AS_enc and Ks_AS_int, and uses Ks_AS_int to verify the message authentication code t 1 . If the message authentication code t 1 is verified, the AS generates the session key K_app using RAND_AS and Ks_AS_enc. T 1 If the message authentication code verification fails, the session key is not generated K_app, carry the authentication failure response to the application in step 48.
在UE和AS之间生成了会话密钥K_app后,UE和AP即可利用所述会话密钥K_app对二者间的会话进行加密,进而进行会话通信,保证会话的安全性。 本发明实施例中的会话密钥生成方式能够保证会话密钥的新鲜性,并确保同样UE和应用服务器之间不同会话的会话密钥不相同。After the session key K_app is generated between the UE and the AS, the UE and the AP can use the session key K_app to encrypt the session between the two, and then perform session communication to ensure the security of the session. The session key generation mode in the embodiment of the present invention can ensure the freshness of the session key and ensure that the session keys of different sessions between the same UE and the application server are different.
上面生成会话密钥K_app是一种无证书的会话密钥生成方式,在本发明实施例中,为了能够在UE和AS之间提供端到端的安全,使得无线运营商无法推演得出会话密钥K_app,进而无法访问UE和应用服务器之间的加密数据流,本发明实施例还提供另一种会话密钥生成方式,该会话密钥生成方式是基于证书来生成会话密钥。The above-mentioned generated session key K_app is a certificateless session key generation mode. In the embodiment of the present invention, in order to provide end-to-end security between the UE and the AS, the wireless carrier cannot derive the session key. The K_app, and thus the encrypted data stream between the UE and the application server, is not accessible. The embodiment of the present invention further provides another session key generation mode, which is based on the certificate to generate a session key.
在基于证书的会话密钥生成方式下,UE配备AS的证书,该证书包含AS的公钥PK_AS。In the certificate-based session key generation mode, the UE is equipped with an AS certificate, which contains the public key PK_AS of the AS.
具体地,基于证书的会话密钥生成方式可如下:Specifically, the certificate-based session key generation method can be as follows:
UE基于Ks生成会话密钥随机数RAND_AS。The UE generates a session key random number RAND_AS based on Ks.
UE基于Ks计算应用层加密密钥Ks_AS_enc和应用层完整性密钥Ks_AS_int。这两个密钥的生成方式为Ks_AS_enc=KDF(Ks_AS,“enc”)和Ks_AS_int=KDF(Ks_AS,“int”)。UE计算会话密钥K_app=KDF(Ks_AS_enc,RAND_AS)。The UE calculates the application layer encryption key Ks_AS_enc and the application layer integrity key Ks_AS_int based on Ks. These two keys are generated in the form of Ks_AS_enc=KDF(Ks_AS, "enc") and Ks_AS_int=KDF(Ks_AS, "int"). The UE calculates the session key K_app=KDF(Ks_AS_enc, RAND_AS).
为保护GUTI和RAND_AS,UE利用公钥PK_AS加密RAND_AS生成经加密随机数C,C=EncPK_AS(RAND_AS),并利用Ks_AS_int来保护完整性生成t2(即,第二消息验证码),t2=MACKs_AS_int(GUTI,C)。这里RAND_AS经过了加密,并不以明文传送。To protect GUTI and RAND_AS, the UE encrypts the RAND_AS with the public key PK_AS to generate an encrypted random number C, C=Enc PK_AS (RAND_AS), and uses Ks_AS_int to protect the integrity generation t 2 (ie, the second message verification code), t 2 =MAC Ks_AS_int (GUTI, C). Here RAND_AS is encrypted and not transmitted in clear text.
UE将C和t2置于msg消息中,并通过应用请求(Application Request)发送给AS。The UE places C and t 2 in the msg message and sends it to the AS through an Application Request.
AS接收到Ks_AS之后,生成Ks_AS_enc和Ks_AS_int,并验证消息认证码t2。如果消息认证码t2验证通过,AS用自身的私钥(与PK_AS对应)解密C得到随机数RAND_AS,最后利用RAND_AS和Ks_AS_enc生成会话密钥K_app。如果消息认证码t2验证失败,则不生成会话密钥K_app,可在步骤48中的应用响应中携带认证失败。After receiving the Ks_AS, the AS generates Ks_AS_enc and Ks_AS_int and verifies the message authentication code t 2 . If the message authentication code t 2 is verified, the AS decrypts C with its own private key (corresponding to PK_AS) to obtain the random number RAND_AS, and finally generates the session key K_app using RAND_AS and Ks_AS_enc. If the authentication of the message authentication code t 2 fails, the session key K_app is not generated, and the authentication failure may be carried in the application response in step 48.
这种基于证书的会话密钥生成方式,由于用公钥对RAND_AS进行了加密,核心网中的网元无法推导出此RAND_AS,而只有AS能够用自身的私钥解密来获得RAND_AS,如此一来,保证了UE和AS之间端到端的安全性。In this certificate-based session key generation method, since the RAND_AS is encrypted with the public key, the network element in the core network cannot derive the RAND_AS, and only the AS can decrypt it with its own private key to obtain the RAND_AS. To ensure end-to-end security between the UE and the AS.
在本发明实施例中,UE和AS可根据实际需要触发密钥更新流程。可参照图4A和图4B,它们分别示出了由UE触发密钥Ks更新流程,和由AS触 发密钥Ks更新流程。In the embodiment of the present invention, the UE and the AS may trigger a key update process according to actual needs. 4A and 4B, which respectively show the process of triggering the key Ks update by the UE, and touched by the AS Send the key Ks update process.
参照图4A,由UE触发密钥Ks更新的流程可如下:Referring to FIG. 4A, the flow of triggering the key Ks update by the UE may be as follows:
401.UE向应用服务器发送更新请求(Refresh Request),以触发密钥更新流程。其中,所述更新请求中包含GUTI。401. The UE sends an update request (Refresh Request) to the application server to trigger a key update process. Wherein, the update request includes a GUTI.
402.应用服务器在接收到所述更新请求之后,根据GUTI向SCEF转发更新请求(Refresh Request),所述更新请求中包含GUTI。402. After receiving the update request, the application server forwards an update request (Refresh Request) to the SCEF according to the GUTI, where the update request includes a GUTI.
403.SCEF在接收到来自AS的更新请求后,根据GUTI向MME发送引导重协商请求(Bootstrapping Renegotiation Request)。其中,所述引导重协商请求中包含GUTI。403. After receiving the update request from the AS, the SCEF sends a Bootstrapping Renegotiation Request to the MME according to the GUTI. The guide renegotiation request includes a GUTI.
404.MME接收到来自SCEF的引导重协商请求后,向所述UE发送重认证请求,以触发3GPP-AKA过程,重认证UE。重认证UE的过程可如图3所示。404. After receiving the bootstrap renegotiation request from the SCEF, the MME sends a re-authentication request to the UE to trigger a 3GPP-AKA procedure to re-authenticate the UE. The process of re-authenticating the UE can be as shown in FIG.
参照图4B,由AS触发密钥Ks更新的流程可如下:Referring to FIG. 4B, the flow of updating the AS trigger key Ks can be as follows:
411.AS向所述SCEF发送密钥更新请求。其中,所述更新请求中包含GUTI。411. The AS sends a key update request to the SCEF. Wherein, the update request includes a GUTI.
412.所述SCEF在接收到来自AS的密钥更新请求之后,根据GUTI向MME发送引导重协商请求。其中,所述引导重协商请求中包含GUTI。412. After receiving the key update request from the AS, the SCEF sends a bootstrap renegotiation request to the MME according to the GUTI. The guide renegotiation request includes a GUTI.
413.所述MME接收到来自SCEF的引导重协商请求后,向所述UE发送重新认证请求,以触发3GPP-AKA过程,重认证UE。重认证UE的过程可如图3所示。413. After receiving the bootstrap renegotiation request from the SCEF, the MME sends a re-authentication request to the UE to trigger a 3GPP-AKA procedure to re-authenticate the UE. The process of re-authenticating the UE can be as shown in FIG.
图5是本发明实施例提供的另一种IOT引导认证方法的流程图。下面参照图5,本实施例提供的认证方法可包括:FIG. 5 is a flowchart of another IOT boot authentication method according to an embodiment of the present invention. Referring to FIG. 5, the authentication method provided in this embodiment may include:
51.MME发起网络认证,向UE发送身份标识请求。51. The MME initiates network authentication and sends an identity identification request to the UE.
52.UE在接收到所述身份标识请求之后,向MME发送用户标识响应,所述用户标识响应中携带用来标识所述UE身份的IMSI。After receiving the identity identification request, the UE sends a user identity response to the MME, where the user identity response carries an IMSI used to identify the identity of the UE.
53.MME向HSS发送认证数据请求,以请求HSS返回与UE相互认证的材料。所述认证数据请求中携带所述UE的IMSI。其中,认证数据请求的内容与TS 33.102/33.401中定义的一致。53. The MME sends an authentication data request to the HSS to request the HSS to return material that is mutually authenticated with the UE. The IMSI of the UE is carried in the authentication data request. The content of the authentication data request is consistent with that defined in TS 33.102/33.401.
54.HSS接收到认证数据请求后,根据所述认证数据请求中的IMSI在数据库中搜索共享的根密钥K。然后,HSS按照TS33.401/33.102中的定义生成RAND,XRES,AUTH,CK,IK,KASME。此外,HSS将会基于CK,IK生成用于应 用层服务的主密钥Ks。主密钥Ks生成方式为Ks=KDF(CK||IK,“End-to-End_IOT”)。54. After receiving the authentication data request, the HSS searches the database for the shared root key K according to the IMSI in the authentication data request. The HSS then generates RAND, XRES, AUTH, CK, IK, K ASME as defined in TS33.401/33.102. In addition, the HSS will generate a master key Ks for the application layer service based on CK, IK. The master key Ks is generated in the manner of Ks=KDF(CK||IK, "End-to-End_IOT").
55.HSS向MME发送认证数据响应,所述认证数据响应中携带认证向量(Authentication Vector,AV)。其中,认证向量的组成方式为AV=(RAND,AUTH,XRES,KASME),与标准TS33.401定义的一致。HSS返回MME认证向量AV的同时,也发送指示标识(indication)。55. The HSS sends an authentication data response to the MME, where the authentication data response carries an Authentication Vector (AV). The authentication vector is composed of AV=(RAND, AUTH, XRES, KASME), which is consistent with the definition of the standard TS33.401. The HSS also sends an indication indication while returning the MME authentication vector AV.
所述指示标识的形式例如为indication=1,indication=1表明MME需要将认证结果发送给SCEF,当然在本发明的范围内还可以使用其他指示标识,只要能指示所述MME向所述SCEF发送携带入网认证结果、RAND、IMSI和GUTI的通知消息即可。The indication identifier is in the form of indication=1, and the indication=1 indicates that the MME needs to send the authentication result to the SCEF. Of course, other indication identifiers may be used in the scope of the present invention, as long as the MME can be instructed to send to the SCEF. You can carry the notification message of the network authentication result, RAND, IMSI and GUTI.
55.1HSS通过S6t接口向SCEF发送密钥材料(KeySet),所述密钥材料含有认证向量中的RAND、用户标识IMSI和密钥Ks。SCEF接收到所述密钥材料后,将在一段时间内保存该密钥材料。所述密钥材料后续将会用于AS。55.1 The HSS sends a key material (KeySet) to the SCEF through the S6t interface, where the key material contains the RAND in the authentication vector, the user identity IMSI, and the key Ks. After receiving the key material, the SCEF will save the key material for a period of time. The key material will be used later for the AS.
56.MME向UE发送用户认证请求,该用户认证请求中携带RAND和AUTH。56. The MME sends a user authentication request to the UE, where the user authentication request carries RAND and AUTH.
57.UE按照标准TS33.401中定义利用根密钥K生成接入安全管理实体密钥KASME,并检查AUTH来认证网络,同时计算RES作为给MME的回应。其中,接入安全管理实体密钥KASME用于加密UE和MME之间的通信,检查AUTH是为了确认当前网络是否为可靠网络。57. The UE generates the access security management entity key KASME using the root key K as defined in the standard TS33.401, and checks the AUTH to authenticate the network, and calculates the RES as a response to the MME. The access security management entity key K ASME is used to encrypt communication between the UE and the MME, and the AUTH is checked to confirm whether the current network is a reliable network.
58.UE向MME发送用户认证响应,所述用户认证响应中携带RES。58. The UE sends a user authentication response to the MME, where the user authentication response carries the RES.
59.MME接收到所述用户认证响应后,检查所述用户认证响应当中的RES是否正确,以认证UE。即,MME将所述用户认证响应当中的RES与之前来自HSS的认证数据响应中携带的XRES进行比较,若二者相等,则UE认证成功,若二者不相等,则认证失败。After receiving the user authentication response, the MME checks whether the RES in the user authentication response is correct to authenticate the UE. That is, the MME compares the RES in the user authentication response with the XRES carried in the previous authentication data response from the HSS. If the two are equal, the UE authentication succeeds. If the two are not equal, the authentication fails.
60.如果认证成功,MME生成GUTI,并向UE发送认证成功(Authentication Successful)消息,所述认证成功消息中携带生成的所述GUTI。60. If the authentication is successful, the MME generates a GUTI, and sends an authentication success (Authentication Successful) message to the UE, where the authentication success message carries the generated GUTI.
60.1MME通过通知消息将认证结果、RAND、IMSI、GUTI推送给SCEF,以便SCEF储存。The 60.1 MME pushes the authentication result, RAND, IMSI, and GUTI to the SCEF through the notification message, so that the SCEF stores.
61.UE生成主密钥Ks,然后生成用于应用服务的密钥Ks_AS,即UE-AS主密钥。其中,Ks_AS的生成方式为Ks_AS=KDF(Ks,AS_ID),其中AS_ID表示AS的标识。 61. The UE generates a master key Ks and then generates a key Ks_AS for the application service, ie a UE-AS master key. The Ks_AS is generated in the manner of Ks_AS=KDF(Ks, AS_ID), where AS_ID represents the identifier of the AS.
62.UE通过Ua接口向AS发送应用请求。该应用请求包含从步骤60中接收到的GUTI,以及msg消息,其中,msg消息的内容与具体的协议相关。62. The UE sends an application request to the AS through the Ua interface. The application request includes the GUTI received from step 60, and the msg message, wherein the content of the msg message is associated with a particular protocol.
63.AS接收到来自所述UE的应用请求后,向SCEF发送密钥请求,该密钥请求中携带GUTI和AS_ID。其中,AS_ID标识应用服务器的标识。63. After receiving the application request from the UE, the AS sends a key request to the SCEF, where the key request carries the GUTI and the AS_ID. The AS_ID identifies the identifier of the application server.
64.所述SCEF接收到所述密钥请求之后,直接在自身的数据库中搜索相应的GUTI,并检查对应的IMSI的认证结果。如果认证成功,则提取相应的Ks,生成Ks_AS=KDF(Ks,AS_ID)。64. After receiving the key request, the SCEF searches for a corresponding GUTI in its own database and checks the authentication result of the corresponding IMSI. If the authentication is successful, the corresponding Ks is extracted, and Ks_AS=KDF(Ks, AS_ID) is generated.
65.SCEF向AS发送密钥响应,所述密钥响应中携带用于应用层的密钥Ks_AS或认证失败。65. The SCEF sends a key response to the AS, where the key response carries a key Ks_AS for the application layer or an authentication failure.
66.AS在接收到所述密钥响应之后,向UE返回应用响应。66. The AS returns an application response to the UE after receiving the key response.
图5所示流程图与图3所示流程图的不同之处在于:通过步骤55中HSS向MME发送指示所述MME向所述SCEF发送入网认证结果,UE的网络认证结果由MME直接推送给SCEF,而不用SCEF向MME获取。The flow chart shown in FIG. 5 is different from the flow chart shown in FIG. 3 in that the HSS sends an inbound network authentication result to the SCEF by the HSS in step 55, and the network authentication result of the UE is directly sent by the MME. SCEF is obtained from the MME without SCEF.
本发明实施例提供的认证方法,在UE入网认证成功的情况下,该UE需要访问AS时,无需进行GBA-AKA认证,可以直接通过SCEF获取所述UE的入网认证结果,并在确认所述UE入网认证通过时,直接生成用于应用服务的密钥Ks_AS。如此一来,通过减少认证次数,可以降低UE的开销,同时提高入网速度。The authentication method provided by the embodiment of the present invention, if the UE is required to access the AS, if the UE needs to access the AS, the UE does not need to perform the GBA-AKA authentication, and the UE may obtain the network access authentication result of the UE directly through the SCEF, and confirm the When the UE enters the network authentication, the key Ks_AS for the application service is directly generated. In this way, by reducing the number of authentications, the overhead of the UE can be reduced, and the network access speed can be improved.
需要指出的是,在本发明实施例中,就图3描述的一些相关内容也可同样应用于图5中。例如,针对图3描述的会话密钥生成方式也可以应用于图5中。也就是说,在图5所示流程中,也可以应用就图3所描述的无证书的会话密钥生成方式和基于证书的会话密钥生成方式来生成会话密钥。同时,图3和图5所示的认证流程均可应用上面描述的密钥更新方式(例如,UE触发密钥更新和AS触发密钥更新)来触发重认证UE。It should be noted that in the embodiment of the present invention, some related contents described with respect to FIG. 3 can also be applied to FIG. 5. For example, the session key generation method described with respect to FIG. 3 can also be applied to FIG. That is to say, in the flow shown in FIG. 5, the session key can also be generated by applying the certificateless session key generation method and the certificate-based session key generation method described in FIG. Meanwhile, the authentication process shown in FIG. 3 and FIG. 5 can apply the key update manner described above (for example, UE trigger key update and AS trigger key update) to trigger re-authentication of the UE.
在图5中,步骤62中的所述应用请求和步骤63中的所述密钥请求中也可携带应用标识(AppID),所述应用标识为所述UE要访问的应用的标识。In FIG. 5, the application request in step 62 and the key request in step 63 may also carry an application identifier (AppID), where the application identifier is an identifier of an application to be accessed by the UE.
在SCEF设置有所述UE的IMSI和所述应用标识(AppID)的绑定关系情况下,步骤55中所述SCEF向所述AS发送密钥响应可包括:所述SCEF确定所述IMSI和所述密钥请求中携带的应用标识是否存在绑定关系,在存在绑定关系时,向所述AS发送密钥响应。当然,如果所述IMSI和所述密钥请求中携带的应用标识不存在绑定关系,则所述SCEF可例如通过密钥响应向所述AS 返回认证失败。In the case that the SCEF is configured with the binding relationship between the IMSI of the UE and the application identifier (AppID), the sending, by the SCEF, the key response to the AS in step 55 may include: determining, by the SCEF, the IMSI and the Whether the application identifier carried in the key request has a binding relationship, and when there is a binding relationship, sends a key response to the AS. Of course, if there is no binding relationship between the IMSI and the application identifier carried in the key request, the SCEF may respond to the AS by, for example, a key response. Return authentication failed.
在本发明实施例中,AS可继承UE的网络认证结果,如果UE入网认证通过,则默认对应的终端在应用层的认证也通过。基于图5所示的IOT引导认证流程,本发明实施例也可以统一应用层和网络层认证。In the embodiment of the present invention, the AS may inherit the network authentication result of the UE. If the UE enters the network authentication, the authentication of the terminal corresponding to the default is also passed. Based on the IOT boot authentication process shown in FIG. 5, the embodiment of the present invention can also unify the application layer and network layer authentication.
图6是本发明实施例提供的一种认证系统的示意图。参照图6,所述系统600包括UE 601、AS 602和SCEF 603。其中:FIG. 6 is a schematic diagram of an authentication system according to an embodiment of the present invention. Referring to FIG. 6, the system 600 includes a UE 601, an AS 602, and an SCEF 603. among them:
UE 601,用于在入网认证成功后,生成用于应用服务的密钥Ks_AS,并向AS 602发送应用请求,所述应用请求携带GUTI;The UE 601 is configured to generate a key Ks_AS for the application service after the network authentication is successful, and send an application request to the AS 602, where the application requests to carry the GUTI;
所述AS 602,用于在接收到所述应用请求后,向SCEF 603发送密钥请求,所述密钥请求携带所述GUTI和所述AS的标识;The AS 602 is configured to send a key request to the SCEF 603 after receiving the application request, where the key request carries the identifier of the GUTI and the AS;
所述SCEF 603,用于获取所述UE 601的入网认证结果,并在所述入网认证结果为认证成功时,生成用于应用服务的密钥Ks_AS,并根据所述AS的标识向所述AS 602发送密钥响应,所述密钥响应中携带所述密钥Ks_AS。The SCEF 603 is configured to obtain the network access authentication result of the UE 601, and generate a key Ks_AS for the application service when the network authentication result is successful, and send the key to the AS according to the identifier of the AS. 602 sends a key response, and the key response carries the key Ks_AS.
本发明实施例提供的认证系统,在UE入网认证成功的情况下,该UE需要访问AS时,无需进行GBA-AKA认证,可以直接通过SCEF获取所述UE的入网认证结果,并在确认所述UE入网认证通过时,直接生成用于应用服务的密钥Ks_AS。如此一来,通过减少认证次数,可以降低UE的开销,同时提高入网速度。In the authentication system provided by the embodiment of the present invention, in the case that the UE is successfully authenticated by the network, the UE needs to access the AS, and does not need to perform the GBA-AKA authentication, and can directly obtain the network access authentication result of the UE through the SCEF, and confirm the When the UE enters the network authentication, the key Ks_AS for the application service is directly generated. In this way, by reducing the number of authentications, the overhead of the UE can be reduced, and the network access speed can be improved.
参照图6,可选地,在一个实施例中,所述认证系统600还包括MME 604。所述SCEF 603具体用于:Referring to FIG. 6, optionally, in one embodiment, the authentication system 600 further includes an MME 604. The SCEF 603 is specifically used to:
向MME 604发送认证结果请求,所述认证结果请求携带GUTI;Sending an authentication result request to the MME 604, where the authentication result request carries a GUTI;
接收所述MME 604返回的认证结果响应,所述认证结果响应中携带入网认证结果和GUTI。The authentication result response returned by the MME 604 is received, and the authentication result response carries the network access authentication result and the GUTI.
进一步地,参照图6,所述认证系统600还可包括HSS 605。所述SCEF 603还用于:在入网认证的过程中,接收HSS 605发送的密钥材料集合,所述密钥材料集合包括所述UE的IMSI、认证随机数RAND和主密钥Ks;Further, referring to FIG. 6, the authentication system 600 can also include an HSS 605. The SCEF 603 is further configured to receive, in the process of network access authentication, a key material set sent by the HSS 605, where the key material set includes an IMSI of the UE, an authentication random number RAND, and a master key Ks;
所述认证结果响应中还携带RAND、IMSI,在所述SCEF接收所述MME返回的认证结果响应之后,所述SCEF 603具体用于:根据所述认证结果响应中的IMSI、RAND检索数据库得到主密钥Ks,根据主密钥Ks生成用于应用服务的密钥Ks_AS。 The authentication result response further includes a RAND and an IMSI. After the SCEF receives the authentication result response returned by the MME, the SCEF 603 is specifically configured to: obtain a master according to the IMSI and RAND search databases in the authentication result response. The key Ks generates a key Ks_AS for the application service based on the master key Ks.
参照图6,可选地,在另一个实施例中,所述认证系统600还包括MME 604。Referring to FIG. 6, optionally, in another embodiment, the authentication system 600 further includes an MME 604.
所述SCEF 603具体用于:The SCEF 603 is specifically used to:
接收MME 604在对所述UE认证成功时发送的携带入网认证结果和GUTI的通知消息;Receiving a notification message carrying the network access authentication result and the GUTI sent by the MME 604 when the UE is successfully authenticated;
根据所述通知消息,获知所述UE 601的入网认证结果。According to the notification message, the network access authentication result of the UE 601 is obtained.
进一步地,所述认证系统600还包括HSS 605,Further, the authentication system 600 further includes an HSS 605,
在所述SCEF 603接收所述MME的通知消息之前,所述MME 604用于接收来自HSS的指示标识,所述指示标识指示所述MME 604向所述SCEF 603发送所述通知消息;Before the SCEF 603 receives the notification message of the MME, the MME 604 is configured to receive an indication identifier from the HSS, where the indication identifier indicates that the MME 604 sends the notification message to the SCEF 603;
在入网认证的过程中,所述SCEF 603还用于:接收所述HSS发送的密钥材料集合,所述密钥材料集合包括所述UE 601的IMSI、RAND和主密钥Ks;In the process of network access authentication, the SCEF 603 is further configured to: receive a key material set sent by the HSS, where the key material set includes an IMSI, a RAND, and a master key Ks of the UE 601;
所述通知消息中还携带RAND、IMSI,在所述SCEF接收所述通知消息之后,所述SCEF 603具体用于:根据所述通知消息中携带的IMSI、RAND检索数据库得到主密钥Ks,根据主密钥Ks生成用于应用服务的密钥Ks_AS。The notification message further includes a RAND and an IMSI. After the SCEF receives the notification message, the SCEF 603 is specifically configured to: obtain a master key Ks according to the IMSI and RAND search databases carried in the notification message, according to The master key Ks generates a key Ks_AS for the application service.
可选地,所述应用请求和所述密钥请求中还携带应用标识AppID,所述应用标识为所述UE要访问的应用的标识,所述SCEF 603上预先设置有IMSI和应用标识AppID的绑定关系;Optionally, the application request and the key request further carry an application identifier AppID, where the application identifier is an identifier of an application to be accessed by the UE, and the SCEF 603 is preset with an IMSI and an application identifier AppID. Binding relationship
所述SCEF 603具体用于:确定所述UE的IMSI和所述密钥请求中携带的应用标识存在绑定关系,向所述AS 602发送密钥响应。The SCEF 603 is specifically configured to determine that a binding relationship exists between the IMSI of the UE and the application identifier carried in the key request, and send a key response to the AS 602.
可选地,在所述UE 601向AS 602发送应用请求之前,所述UE 601还用于:Optionally, before the UE 601 sends an application request to the AS 602, the UE 601 is further configured to:
生成会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc和应用层完整性密钥Ks_AS_int;根据所述会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc,生成会话密钥K_app;根据所述会话密钥随机数RAND_AS和所述应用层完整性密钥Ks_AS_int,生成第一消息认证码;Generating a session key random number RAND_AS, an application layer encryption key Ks_AS_enc, and an application layer integrity key Ks_AS_int; generating a session key K_app according to the session key random number RAND_AS, an application layer encryption key Ks_AS_enc; Generating a first message authentication code by using a key random number RAND_AS and the application layer integrity key Ks_AS_int;
向AS发送携带所述会话密钥随机数RAND_AS和所述第一消息认证码的应用请求;Sending, to the AS, an application request that carries the session key random number RAND_AS and the first message authentication code;
在所述SCEF 603向所述AS 602发送密钥响应之后,所述AS 602还用于:生成应用层加密密钥Ks_AS_enc和应用层完整性密钥Ks_AS_int,并利用所述应用层完整性密钥Ks_AS_int验证所述第一消息认证码,在所述第一消息认证码验证通过时,根据所述会话密钥随机数RAND_AS、应用层加密密钥 Ks_AS_enc,生成会话密钥K_app。After the SCEF 603 sends a key response to the AS 602, the AS 602 is further configured to: generate an application layer encryption key Ks_AS_enc and an application layer integrity key Ks_AS_int, and utilize the application layer integrity key Ks_AS_int verifies the first message authentication code, according to the session key random number RAND_AS, application layer encryption key when the first message authentication code is verified Ks_AS_enc, generate session key K_app.
可选地,在所述UE 601向AS 602发送应用请求之前,所述UE 601还用于:Optionally, before the UE 601 sends an application request to the AS 602, the UE 601 is further configured to:
生成会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc和应用层完整性密钥Ks_AS_int;根据所述会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc,生成会话密钥K_app;Generating a session key random number RAND_AS, an application layer encryption key Ks_AS_enc and an application layer integrity key Ks_AS_int; generating a session key K_app according to the session key random number RAND_AS, the application layer encryption key Ks_AS_enc;
利用公钥加密所述会话密钥随机数RAND_AS生成经加密随机数C,并根据所述经加密随机数C和所述完整性密钥Ks_AS_int,生成第二消息认证码;Encrypting the session key random number RAND_AS with a public key to generate an encrypted random number C, and generating a second message authentication code according to the encrypted random number C and the integrity key Ks_AS_int;
向AS 602发送携带所述第二消息认证码和经加密随机数C的应用请求;Sending, to the AS 602, an application request that carries the second message authentication code and the encrypted random number C;
在所述SCEF 603向所述AS 602发送密钥响应之后,所述AS 602还用于:生成应用层加密密钥Ks_AS_enc和应用层完整性密钥Ks_AS_int,并利用所述应用层完整性密钥Ks_AS_int验证所述第二消息认证码,在所述第二消息认证码验证通过时,所述AS用私钥解密经加密随机数C,以得到会话密钥随机数RAND_AS,并根据所述会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc,生成会话密钥K_app。After the SCEF 603 sends a key response to the AS 602, the AS 602 is further configured to: generate an application layer encryption key Ks_AS_enc and an application layer integrity key Ks_AS_int, and utilize the application layer integrity key Ks_AS_int verifies the second message authentication code, and when the second message authentication code is verified, the AS decrypts the encrypted random number C with a private key to obtain a session key random number RAND_AS, and according to the session secret The key random number RAND_AS and the application layer encryption key Ks_AS_enc generate a session key K_app.
可选地,在一个实施例中,所述UE 601还用于,向所述AS 602发送密钥更新请求;所述AS 602还用于,向所述SCEF 603转发所述密钥更新请求;所述SCEF 603还用于,向MME 604发送引导重协商请求;所述MME 604用于,向所述UE 601发送重新认证请求。Optionally, in an embodiment, the UE 601 is further configured to send a key update request to the AS 602; the AS 602 is further configured to forward the key update request to the SCEF 603; The SCEF 603 is further configured to send a bootstrap renegotiation request to the MME 604; the MME 604 is configured to send a re-authentication request to the UE 601.
可选地,在另一个实施例中,所述AS 602还用于,向所述SCEF 603发送密钥更新请求;所述SCEF 603还用于,向MME 604发送引导重协商请求;所述MME 604还用于,向所述UE 601发送重新认证请求。Optionally, in another embodiment, the AS 602 is further configured to send a key update request to the SCEF 603; the SCEF 603 is further configured to send a bootstrap renegotiation request to the MME 604; the MME 604 is further configured to send a re-authentication request to the UE 601.
本发明实施例提供的认证方法和认证系统,采用统一网络层和应用层认证的方式,实现IOT场景下的快速入网,并实现端到端加密。利用此技术可带来以下有益效果:The authentication method and the authentication system provided by the embodiments of the present invention implement a fast network access in an IOT scenario and implement end-to-end encryption by adopting a unified network layer and application layer authentication. Using this technology can bring the following benefits:
1)提出针对IOT场景的引导认证流程,简化IOT终端入网流程。终端的网络认证结果通过两种方式传递到SCEF,一种(如图3所示)是SCEF通过GUTI向相应MME询问认证结果。另一种(如图5所示)是MME将认证结果推送到SCEF。这两种方式UE侧都只进行一次AKA,因而能够减少UE的开销,提高入网速度。 1) Propose a boot certification process for the IOT scenario to simplify the IOT terminal access process. The network authentication result of the terminal is delivered to the SCEF in two ways. One (as shown in FIG. 3) is that the SCEF queries the corresponding MME for the authentication result through the GUTI. The other (as shown in Figure 5) is that the MME pushes the authentication result to the SCEF. In both modes, the AKA is performed only once on the UE side, thereby reducing the overhead of the UE and increasing the network access speed.
2)本发明将网络层标识和应用层标识绑定在SCEF中,通过这种绑定关系实现网络层和应用层认证的统一。应用服务器继承UE的网络认证结果,如果网络认证通过,则默认对应的WU在应用层的认证也通过。2) The present invention binds the network layer identifier and the application layer identifier to the SCEF, and the binding between the network layer and the application layer is unified through the binding relationship. The application server inherits the network authentication result of the UE. If the network authentication is passed, the authentication of the corresponding corresponding WU at the application layer is also passed.
3)移动网络开放安全能力。移动网络核心网为应用服务器开放其安全能力。安全能力的开放包括两个方面,一个是开放网络层的认证结果,另一个是在3GPP共享凭证的基础上为UE和应用服务器建立会话密钥。3) Mobile network open security capabilities. The mobile network core network opens its security capabilities for application servers. The opening of security capabilities includes two aspects, one is the authentication result of the open network layer, and the other is to establish the session key for the UE and the application server based on the 3GPP shared credentials.
4)端到端安全通道。本发明的实施例中都可以为UE和应用服务器建立端到端的共享密钥,该密钥一部分由移动网络提供,另一部分由UE生成,并加密传输给应用服务器。该共享密钥不能被移动网络推演得出。4) End-to-end secure channel. In the embodiment of the present invention, an end-to-end shared key may be established for the UE and the application server. The key is partially provided by the mobile network, and the other part is generated by the UE and encrypted and transmitted to the application server. This shared key cannot be derived from the mobile network.
需要说明的是,本说明书中的各个实施例均采用递进的方式描述,每个实施例重点说明的都是与其他实施例的不同之处,各个实施例之间相同相似的部分互相参见即可。对于装置类实施例而言,由于其与方法实施例基本相似,所以描述的比较简单,相关之处参见方法实施例的部分说明即可。It should be noted that each embodiment in the specification is described in a progressive manner, and each embodiment focuses on differences from other embodiments, and the same similar parts between the embodiments are referred to each other. can. For the device type embodiment, since it is basically similar to the method embodiment, the description is relatively simple, and the relevant parts can be referred to the description of the method embodiment.
需要说明的是,在本文中,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者设备所固有的要素。在没有更多限制的情况下,由语句“包括一个......”限定的要素,并不排除在包括所述要素的过程、方法、物品或者设备中还存在另外的相同要素。It is to be understood that the term "comprises", "comprising" or any other variations thereof is intended to encompass a non-exclusive inclusion, such that a process, method, article, or device that comprises a It also includes other elements that are not explicitly listed, or elements that are inherent to such a process, method, item, or device. An element that is defined by the phrase "comprising a ..." does not exclude the presence of additional equivalent elements in the process, method, item, or device that comprises the element.
本领域普通技术人员可以理解实现上述实施例的全部或部分步骤可以通过硬件来完成,也可以通过程序来指令相关的硬件完成,所述的程序可以存储于一种计算机可读存储介质中,上述提到的存储介质可以是只读存储器,磁盘或光盘等。A person skilled in the art may understand that all or part of the steps of implementing the above embodiments may be completed by hardware, or may be instructed by a program to execute related hardware, and the program may be stored in a computer readable storage medium. The storage medium mentioned may be a read only memory, a magnetic disk or an optical disk or the like.
以上所述仅为本发明的较佳实施例,并不用以限制本发明,凡在本发明的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本发明的保护范围之内。 The above are only the preferred embodiments of the present invention, and are not intended to limit the present invention. Any modifications, equivalents, improvements, etc., which are within the spirit and scope of the present invention, should be included in the protection of the present invention. Within the scope.

Claims (20)

  1. 一种认证方法,其特征在于,所述方法包括:An authentication method, the method comprising:
    用户设备UE在入网认证成功后,生成用于应用服务的密钥Ks_AS,并向应用服务器AS发送应用请求,所述应用请求携带全局唯一的临时标识GUTI;After the network access authentication succeeds, the user equipment UE generates a key Ks_AS for the application service, and sends an application request to the application server AS, where the application request carries a globally unique temporary identifier GUTI;
    所述AS在接收到所述应用请求后,向服务能力开放功能SCEF发送密钥请求,所述密钥请求携带所述GUTI和所述AS的标识;After receiving the application request, the AS sends a key request to the service capability opening function SCEF, where the key request carries the identifier of the GUTI and the AS;
    所述SCEF获取所述UE的入网认证结果,并在所述入网认证结果为认证成功时,生成用于应用服务的密钥Ks_AS,并根据所述AS的标识向所述AS发送密钥响应,所述密钥响应中携带所述密钥Ks_AS。The SCEF obtains the network access authentication result of the UE, and generates a key Ks_AS for the application service when the network access authentication result is successful, and sends a key response to the AS according to the identifier of the AS. The key response carries the key Ks_AS.
  2. 根据权利要求1所述的认证方法,其特征在于,所述SCEF获取所述UE的入网认证结果包括:The authentication method according to claim 1, wherein the obtaining, by the SCEF, the network access authentication result of the UE comprises:
    所述SCEF向移动性管理实体MME发送认证结果请求,所述认证结果请求携带GUTI;Sending, by the SCEF, an authentication result request to the mobility management entity MME, where the authentication result request carries a GUTI;
    所述SCEF接收所述MME返回的认证结果响应,所述认证结果响应中携带入网认证结果和GUTI。The SCEF receives the authentication result response returned by the MME, and the authentication result response carries the network access authentication result and the GUTI.
  3. 根据权利要求2所述的认证方法,其特征在于,The authentication method according to claim 2, characterized in that
    所述方法还包括:在入网认证的过程中,所述SCEF接收归属用户服务器HSS发送的密钥材料集合,所述密钥材料集合包括所述UE的国际移动用户识别码IMSI、认证随机数RAND和主密钥Ks;The method further includes: in the process of network access authentication, the SCEF receives a key material set sent by a home subscriber server HSS, where the key material set includes an international mobile subscriber identity IMSI of the UE, and an authentication random number RAND And the master key Ks;
    所述认证结果响应中还携带RAND、IMSI,在所述SCEF接收所述MME返回的认证结果响应之后,所述生成用于应用服务的密钥Ks_AS包括:根据所述认证结果响应中的IMSI、RAND检索数据库得到主密钥Ks,根据主密钥Ks生成用于应用服务的密钥Ks_AS。The authentication result response further includes a RAND, an IMSI, and after the SCEF receives the authentication result response returned by the MME, the generating a key Ks_AS for the application service includes: according to the IMSI in the response result response, The RAND retrieves the database to obtain the master key Ks, and generates a key Ks_AS for the application service based on the master key Ks.
  4. 根据权利要求1所述的认证方法,其特征在于,所述SCEF获取所述UE的入网认证结果包括:The authentication method according to claim 1, wherein the obtaining, by the SCEF, the network access authentication result of the UE comprises:
    所述SCEF接收MME在对所述UE认证成功时发送的携带入网认证结果和GUTI的通知消息;The SCEF receives a notification message that is sent by the MME to carry the network authentication result and the GUTI when the UE is successfully authenticated by the MME;
    所述SCEF根据所述通知消息,获知所述UE的入网认证结果。The SCEF learns the network access authentication result of the UE according to the notification message.
  5. 根据权利要求4所述的认证方法,其特征在于,在所述SCEF接收所述MME的通知消息之前,所述方法还包括:所述MME接收来自HSS的指示标识, 所述指示标识指示所述MME向所述SCEF发送所述通知消息;The authentication method according to claim 4, wherein before the SCEF receives the notification message of the MME, the method further includes: the MME receiving an indication identifier from the HSS, The indication identifier indicates that the MME sends the notification message to the SCEF;
    所述方法还包括:在入网认证的过程中,所述SCEF接收所述HSS发送的密钥材料集合,所述密钥材料集合包括所述UE的IMSI、RAND和主密钥Ks;The method further includes: in the process of network access authentication, the SCEF receives a key material set sent by the HSS, where the key material set includes an IMSI, a RAND, and a master key Ks of the UE;
    所述通知消息中还携带RAND、IMSI,在所述SCEF接收所述通知消息之后,所述生成用于应用服务的密钥Ks_AS包括:根据所述通知消息中的IMSI、RAND检索数据库得到主密钥Ks,根据主密钥Ks生成用于应用服务的密钥Ks_AS。The notification message further includes a RAND and an IMSI. After the SCEF receives the notification message, the generating a key Ks_AS for the application service includes: obtaining a primary key according to the IMSI and RAND search databases in the notification message. The key Ks generates a key Ks_AS for the application service based on the master key Ks.
  6. 根据权利要求1所述的认证方法,其特征在于,所述应用请求和所述密钥请求中还携带应用标识AppID,所述应用标识为所述UE要访问的应用的标识,所述SCEF上预先设置有IMSI和应用标识AppID的绑定关系;The authentication method according to claim 1, wherein the application request and the key request further carry an application identifier AppID, and the application identifier is an identifier of an application to be accessed by the UE, on the SCEF. The binding relationship between the IMSI and the application identifier AppID is preset;
    所述SCEF向所述AS发送密钥响应包括:所述SCEF确定所述UE的IMSI和所述密钥请求中携带的应用标识存在绑定关系,向所述AS发送密钥响应。The sending, by the SCEF, the key response to the AS includes: determining, by the SCEF, that the IMSI of the UE and the application identifier carried in the key request have a binding relationship, and sending a key response to the AS.
  7. 根据权利要求1所述的认证方法,其特征在于,在所述UE向AS发送应用请求之前,所述方法还包括:The authentication method according to claim 1, wherein before the UE sends an application request to the AS, the method further includes:
    所述UE生成会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc和应用层完整性密钥Ks_AS_int;根据所述会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc,生成会话密钥K_app;根据所述会话密钥随机数RAND_AS和所述应用层完整性密钥Ks_AS_int,生成第一消息认证码;The UE generates a session key random number RAND_AS, an application layer encryption key Ks_AS_enc, and an application layer integrity key Ks_AS_int; and generates a session key K_app according to the session key random number RAND_AS and the application layer encryption key Ks_AS_enc; The session key random number RAND_AS and the application layer integrity key Ks_AS_int generate a first message authentication code;
    所述UE向AS发送应用请求包括:所述UE向AS发送携带所述会话密钥随机数RAND_AS和所述第一消息认证码的应用请求;The sending, by the UE, an application request to the AS includes: sending, by the UE, an application request that carries the session key random number RAND_AS and the first message authentication code to the AS;
    在所述SCEF向所述AS发送密钥响应之后,所述方法还包括:所述AS生成应用层加密密钥Ks_AS_enc和应用层完整性密钥Ks_AS_int,并利用所述完整性密钥Ks_AS_int验证所述第一消息认证码,在所述第一消息认证码验证通过时,根据所述会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc,生成会话密钥K_app。After the SCEF sends a key response to the AS, the method further includes: the AS generating an application layer encryption key Ks_AS_enc and an application layer integrity key Ks_AS_int, and verifying the location by using the integrity key Ks_AS_int The first message authentication code generates a session key K_app according to the session key random number RAND_AS and the application layer encryption key Ks_AS_enc when the first message authentication code is verified.
  8. 根据权利要求1所述的认证方法,其特征在于,所述方法还包括:The authentication method according to claim 1, wherein the method further comprises:
    所述UE生成会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc和应用层完整性密钥Ks_AS_int;根据所述会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc,生成会话密钥K_app;The UE generates a session key random number RAND_AS, an application layer encryption key Ks_AS_enc, and an application layer integrity key Ks_AS_int; and generates a session key K_app according to the session key random number RAND_AS and the application layer encryption key Ks_AS_enc;
    所述UE利用公钥加密所述会话密钥随机数RAND_AS生成经加密随机数C,并根据所述经加密随机数C和所述应用层完整性密钥Ks_AS_int,生成第二 消息认证码;The UE generates the encrypted random number C by using the public key encryption session key random number RAND_AS, and generates a second according to the encrypted random number C and the application layer integrity key Ks_AS_int Message authentication code;
    所述UE向AS发送应用请求包括:所述UE向AS发送携带所述第二消息认证码和经加密随机数C的应用请求;The sending, by the UE, an application request to the AS includes: sending, by the UE, an application request that carries the second message authentication code and the encrypted random number C to the AS;
    在所述SCEF向所述AS发送密钥响应之后,所述方法还包括:所述AS生成应用层加密密钥Ks_AS_enc和应用层完整性密钥Ks_AS_int,并利用所述应用层完整性密钥Ks_AS_int验证所述第二消息认证码,在所述第二消息认证码验证通过时,所述AS用私钥解密经加密随机数C,以得到会话密钥随机数RAND_AS,并根据所述会话密钥随机数RAND_AS、应用层加密密钥Ks_AS_enc,生成会话密钥K_app。After the SCEF sends a key response to the AS, the method further includes: the AS generating an application layer encryption key Ks_AS_enc and an application layer integrity key Ks_AS_int, and utilizing the application layer integrity key Ks_AS_int Verifying the second message authentication code, when the second message authentication code is verified, the AS decrypts the encrypted random number C with a private key to obtain a session key random number RAND_AS, and according to the session key The session key K_app is generated by the random number RAND_AS and the application layer encryption key Ks_AS_enc.
  9. 根据权利要求1所述的认证方法,其特征在于,所述方法还包括:The authentication method according to claim 1, wherein the method further comprises:
    所述UE向所述AS发送密钥更新请求;Sending, by the UE, a key update request to the AS;
    所述AS向所述SCEF转发所述密钥更新请求;The AS forwards the key update request to the SCEF;
    所述SCEF向MME发送引导重协商请求;Sending, by the SCEF, a bootstrap renegotiation request to the MME;
    所述MME向所述UE发送重新认证请求。The MME sends a re-authentication request to the UE.
  10. 根据权利要求1所述的认证方法,其特征在于,所述方法还包括:The authentication method according to claim 1, wherein the method further comprises:
    所述AS向所述SCEF发送密钥更新请求;Sending, by the AS, a key update request to the SCEF;
    所述SCEF向MME发送引导重协商请求;Sending, by the SCEF, a bootstrap renegotiation request to the MME;
    所述MME向所述UE发送重新认证请求。The MME sends a re-authentication request to the UE.
  11. 一种认证系统,其特征在于,所述系统包括用户设备UE、应用服务器AS和服务能力开放功能SCEF;An authentication system, characterized in that the system includes a user equipment UE, an application server AS, and a service capability open function SCEF;
    所述UE,用于在入网认证成功后,生成用于应用服务的密钥Ks_AS,并向所述AS发送应用请求,所述应用请求携带全局唯一的临时标识GUTI;The UE is configured to generate a key Ks_AS for the application service after the network authentication is successful, and send an application request to the AS, where the application request carries a globally unique temporary identifier GUTI;
    所述AS,用于在接收到所述应用请求后,向所述SCEF发送密钥请求,所述密钥请求携带所述GUTI和所述AS的标识;The AS is configured to send a key request to the SCEF after receiving the application request, where the key request carries the identifier of the GUTI and the AS;
    所述SCEF,用于获取所述UE的入网认证结果,并在所述入网认证结果为认证成功时,生成用于应用服务的密钥Ks_AS,并根据所述AS的标识向所述AS发送密钥响应,所述密钥响应中携带所述密钥Ks_AS。The SCEF is configured to obtain the network access authentication result of the UE, and when the network access authentication result is successful, generate a key Ks_AS for the application service, and send the key to the AS according to the identifier of the AS. Key response, the key response carrying the key Ks_AS.
  12. 根据权利要求11所述的认证系统,其特征在于,所述认证系统还包括移动性管理实体MME,The authentication system according to claim 11, wherein said authentication system further comprises a mobility management entity MME,
    所述SCEF具体用于: The SCEF is specifically used to:
    向MME发送认证结果请求,所述认证结果请求携带GUTI;Sending an authentication result request to the MME, where the authentication result request carries a GUTI;
    接收所述MME返回的认证结果响应,所述认证结果响应中携带入网认证结果和GUTI。Receiving an authentication result response returned by the MME, where the authentication result response carries the network access authentication result and the GUTI.
  13. 根据权利要求12所述的认证系统,其特征在于,所述认证系统还包括归属用户服务器HSS,The authentication system according to claim 12, wherein said authentication system further comprises a home subscriber server HSS,
    所述SCEF还用于:在入网认证的过程中,接收HSS发送的密钥材料集合,所述密钥材料集合包括所述UE的国际移动用户识别码IMSI、认证随机数RAND和主密钥Ks;The SCEF is further configured to receive, in the process of network access authentication, a set of key materials sent by the HSS, where the set of key materials includes an International Mobile Subscriber Identity (IMSI), an authentication random number RAND, and a master key Ks of the UE. ;
    所述认证结果响应中还携带RAND、IMSI,在所述SCEF接收所述MME返回的认证结果响应之后,所述SCEF具体用于:根据所述认证结果响应中的IMSI、RAND检索数据库得到主密钥Ks,根据主密钥Ks生成用于应用服务的密钥Ks_AS。The authentication result response further includes a RAND and an IMSI. After the SCEF receives the authentication result response returned by the MME, the SCEF is specifically configured to: obtain a primary key according to the IMSI and RAND search databases in the authentication result response. The key Ks generates a key Ks_AS for the application service based on the master key Ks.
  14. 根据权利要求11所述的认证系统,其特征在于,所述认证系统还包括移动性管理实体MME,The authentication system according to claim 11, wherein said authentication system further comprises a mobility management entity MME,
    所述SCEF具体用于:The SCEF is specifically used to:
    接收MME在对所述UE认证成功时发送的携带入网认证结果和GUTI的通知消息;Receiving a notification message carrying the network access authentication result and the GUTI sent by the MME when the UE is successfully authenticated;
    根据所述通知消息,获知所述UE的入网认证结果。Obtaining the network access authentication result of the UE according to the notification message.
  15. 根据权利要求14所述的认证系统,其特征在于,所述认证系统还包括归属用户服务器HSS,The authentication system according to claim 14, wherein said authentication system further comprises a home subscriber server HSS,
    在所述SCEF接收所述MME的通知消息之前,所述MME用于接收来自HSS的指示标识,所述指示标识指示所述MME向所述SCEF发送所述通知消息;Before the SCEF receives the notification message of the MME, the MME is configured to receive an indication identifier from the HSS, where the indication identifier indicates that the MME sends the notification message to the SCEF;
    在入网认证的过程中,所述SCEF还用于:接收所述HSS发送的密钥材料集合,所述密钥材料集合包括所述UE的IMSI、RAND和主密钥Ks;In the process of network access authentication, the SCEF is further configured to: receive a key material set sent by the HSS, where the key material set includes an IMSI, a RAND, and a master key Ks of the UE;
    所述通知消息中还携带RAND、IMSI,在所述SCEF接收所述通知消息之后,所述SCEF具体用于:根据所述通知消息中携带的IMSI、RAND检索数据库得到主密钥Ks,根据主密钥Ks生成用于应用服务的密钥Ks_AS。The notification message further includes a RAND and an IMSI. After the SCEF receives the notification message, the SCEF is specifically configured to: obtain a master key Ks according to the IMSI and RAND search databases carried in the notification message, according to the master The key Ks generates a key Ks_AS for the application service.
  16. 根据权利要求11所述的认证系统,其特征在于,所述应用请求和所述密钥请求中还携带应用标识AppID,所述应用标识为所述UE要访问的应用的标识,所述SCEF上预先设置有IMSI和应用标识AppID的绑定关系;The authentication system according to claim 11, wherein the application request and the key request further carry an application identifier AppID, and the application identifier is an identifier of an application to be accessed by the UE, on the SCEF. The binding relationship between the IMSI and the application identifier AppID is preset;
    所述SCEF具体用于:确定所述UE的IMSI和所述密钥请求中携带的应用 标识存在绑定关系,向所述AS发送密钥响应。The SCEF is specifically configured to: determine an IMSI of the UE and an application carried in the key request The identifier has a binding relationship and sends a key response to the AS.
  17. 根据权利要求11所述的认证系统,其特征在于,在所述UE向AS发送应用请求之前,所述UE还用于:The authentication system according to claim 11, wherein before the UE sends an application request to the AS, the UE is further configured to:
    生成会话密钥随机数RAND_AS、加密密钥Ks_AS_enc和完整性密钥Ks_AS_int;根据所述随机数RAND_AS、加密密钥Ks_AS_enc,生成会话密钥K_app;根据所述会话密钥随机数RAND_AS和所述完整性密钥Ks_AS_int,生成第一消息认证码;Generating a session key random number RAND_AS, an encryption key Ks_AS_enc, and an integrity key Ks_AS_int; generating a session key K_app according to the random number RAND_AS, the encryption key Ks_AS_enc; according to the session key random number RAND_AS and the complete a sex key Ks_AS_int, generating a first message authentication code;
    向AS发送携带所述会话密钥随机数RAND_AS和所述第一消息认证码的应用请求;Sending, to the AS, an application request that carries the session key random number RAND_AS and the first message authentication code;
    在所述SCEF向所述AS发送密钥响应之后,所述AS还用于:生成加密密钥Ks_AS_enc和完整性密钥Ks_AS_int,并利用所述完整性密钥Ks_AS_int验证所述第一消息认证码,在所述第一消息认证码验证通过时,根据所述会话密钥随机数RAND_AS、加密密钥Ks_AS_enc,生成会话密钥K_app。After the SCEF sends a key response to the AS, the AS is further configured to: generate an encryption key Ks_AS_enc and an integrity key Ks_AS_int, and verify the first message authentication code by using the integrity key Ks_AS_int When the first message authentication code is verified, the session key K_app is generated according to the session key random number RAND_AS and the encryption key Ks_AS_enc.
  18. 根据权利要求11所述的认证系统,其特征在于,在所述UE向AS发送应用请求之前,所述UE还用于:The authentication system according to claim 11, wherein before the UE sends an application request to the AS, the UE is further configured to:
    生成会话密钥随机数RAND_AS、加密密钥Ks_AS_enc和完整性密钥Ks_AS_int;根据所述会话密钥随机数RAND_AS、加密密钥Ks_AS_enc,生成会话密钥K_app;Generating a session key random number RAND_AS, an encryption key Ks_AS_enc, and an integrity key Ks_AS_int; generating a session key K_app according to the session key random number RAND_AS, the encryption key Ks_AS_enc;
    利用公钥加密所述会话密钥随机数RAND_AS生成经加密随机数C,并根据所述经加密随机数C和所述完整性密钥Ks_AS_int,生成第二消息认证码;Encrypting the session key random number RAND_AS with a public key to generate an encrypted random number C, and generating a second message authentication code according to the encrypted random number C and the integrity key Ks_AS_int;
    向AS发送携带所述第二消息认证码和经加密随机数C的应用请求;Sending, to the AS, an application request that carries the second message authentication code and the encrypted random number C;
    在所述SCEF向所述AS发送密钥响应之后,所述AS还用于:生成加密密钥Ks_AS_enc和完整性密钥Ks_AS_int,并利用所述完整性密钥Ks_AS_int验证所述第二消息认证码,在所述第二消息认证码验证通过时,所述AS用私钥解密经加密随机数C,以得到会话密钥随机数RAND_AS,并根据所述会话密钥随机数RAND_AS、加密密钥Ks_AS_enc,生成会话密钥K_app。After the SCEF sends a key response to the AS, the AS is further configured to: generate an encryption key Ks_AS_enc and an integrity key Ks_AS_int, and verify the second message authentication code by using the integrity key Ks_AS_int And, when the second message authentication code is verified, the AS decrypts the encrypted random number C with a private key to obtain a session key random number RAND_AS, and according to the session key random number RAND_AS, an encryption key Ks_AS_enc , generate session key K_app.
  19. 根据权利要求11所述的认证系统,其特征在于,所述认证系统还包括移动性管理实体MME,The authentication system according to claim 11, wherein said authentication system further comprises a mobility management entity MME,
    所述UE还用于,向所述AS发送密钥更新请求;The UE is further configured to send a key update request to the AS;
    所述AS还用于,向所述SCEF转发所述密钥更新请求;The AS is further configured to forward the key update request to the SCEF;
    所述SCEF还用于,向MME发送引导重协商请求; The SCEF is further configured to send a bootstrap renegotiation request to the MME;
    所述MME用于,向所述UE发送重新认证请求。The MME is configured to send a re-authentication request to the UE.
  20. 根据权利要求11所述的认证系统,其特征在于,所述认证系统还包括移动性管理实体MME,The authentication system according to claim 11, wherein said authentication system further comprises a mobility management entity MME,
    所述AS还用于,向所述SCEF发送密钥更新请求;The AS is further configured to send a key update request to the SCEF;
    所述SCEF还用于,向MME发送引导重协商请求;The SCEF is further configured to send a bootstrap renegotiation request to the MME;
    所述MME还用于,向所述UE发送重新认证请求。 The MME is further configured to send a re-authentication request to the UE.
PCT/CN2016/090083 2016-07-14 2016-07-14 Authentication method and authentication system WO2018010150A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201680063779.9A CN108353279B (en) 2016-07-14 2016-07-14 Authentication method and authentication system
PCT/CN2016/090083 WO2018010150A1 (en) 2016-07-14 2016-07-14 Authentication method and authentication system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2016/090083 WO2018010150A1 (en) 2016-07-14 2016-07-14 Authentication method and authentication system

Publications (1)

Publication Number Publication Date
WO2018010150A1 true WO2018010150A1 (en) 2018-01-18

Family

ID=60951642

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2016/090083 WO2018010150A1 (en) 2016-07-14 2016-07-14 Authentication method and authentication system

Country Status (2)

Country Link
CN (1) CN108353279B (en)
WO (1) WO2018010150A1 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108512862A (en) * 2018-05-30 2018-09-07 博潮科技(北京)有限公司 Internet-of-things terminal safety certification control platform based on no certificates identified authentication techniques
CN110602706A (en) * 2019-09-27 2019-12-20 中移物联网有限公司 Network access method, terminal and server
CN111327583A (en) * 2019-08-22 2020-06-23 刘高峰 Identity authentication method, intelligent equipment and authentication server
CN112640360A (en) * 2018-07-03 2021-04-09 株式会社宙连 Device and method for intermediating setting of authentication information
CN112640360B (en) * 2018-07-03 2024-04-26 株式会社宙连 Device and method for mediating setting of authentication information

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114449515A (en) * 2020-10-20 2022-05-06 中国电信股份有限公司 Verification method, system, application platform and terminal
CN117641339B (en) * 2024-01-18 2024-04-09 中国电子科技集团公司第三十研究所 System and method for fast application layer authentication and key agreement

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007104245A1 (en) * 2006-03-16 2007-09-20 Huawei Technologies Co., Ltd. An identity web service framework system and authentication method thereof
CN101426190A (en) * 2007-11-01 2009-05-06 华为技术有限公司 Service access authentication method and system
CN101888626A (en) * 2009-05-15 2010-11-17 中国移动通信集团公司 Method and terminal equipment for realizing GBA key
CN101895881A (en) * 2009-05-18 2010-11-24 中国移动通信集团公司 Method for realizing GBA secret key and pluggable equipment of terminal
CN102111759A (en) * 2009-12-28 2011-06-29 中国移动通信集团公司 Authentication method, system and device

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101771992B (en) * 2009-01-04 2012-06-27 中国移动通信集团公司 Method, equipment and system for protection of confidentiality of international mobile subscriber identifier IMSI

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007104245A1 (en) * 2006-03-16 2007-09-20 Huawei Technologies Co., Ltd. An identity web service framework system and authentication method thereof
CN101426190A (en) * 2007-11-01 2009-05-06 华为技术有限公司 Service access authentication method and system
CN101888626A (en) * 2009-05-15 2010-11-17 中国移动通信集团公司 Method and terminal equipment for realizing GBA key
CN101895881A (en) * 2009-05-18 2010-11-24 中国移动通信集团公司 Method for realizing GBA secret key and pluggable equipment of terminal
CN102111759A (en) * 2009-12-28 2011-06-29 中国移动通信集团公司 Authentication method, system and device

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108512862A (en) * 2018-05-30 2018-09-07 博潮科技(北京)有限公司 Internet-of-things terminal safety certification control platform based on no certificates identified authentication techniques
CN108512862B (en) * 2018-05-30 2023-12-05 博潮科技(北京)有限公司 Internet of things terminal security authentication management and control platform based on certificate-free identification authentication technology
CN112640360A (en) * 2018-07-03 2021-04-09 株式会社宙连 Device and method for intermediating setting of authentication information
CN112640360B (en) * 2018-07-03 2024-04-26 株式会社宙连 Device and method for mediating setting of authentication information
CN111327583A (en) * 2019-08-22 2020-06-23 刘高峰 Identity authentication method, intelligent equipment and authentication server
CN111327583B (en) * 2019-08-22 2022-03-04 刘高峰 Identity authentication method, intelligent equipment and authentication server
CN110602706A (en) * 2019-09-27 2019-12-20 中移物联网有限公司 Network access method, terminal and server
CN110602706B (en) * 2019-09-27 2023-02-10 中移物联网有限公司 Network access method, terminal and server

Also Published As

Publication number Publication date
CN108353279B (en) 2020-08-14
CN108353279A (en) 2018-07-31

Similar Documents

Publication Publication Date Title
JP6877524B2 (en) Devices and methods for wireless communication
US11824643B2 (en) Security lifecycle management of devices in a communications network
US10638321B2 (en) Wireless network connection method and apparatus, and storage medium
US11178125B2 (en) Wireless network connection method, wireless access point, server, and system
WO2017028593A1 (en) Method for making a network access device access a wireless network access point, network access device, application server, and non-volatile computer readable storage medium
CN107079023B (en) User plane security for next generation cellular networks
KR100704675B1 (en) authentication method and key generating method in wireless portable internet system
WO2018076365A1 (en) Key negotiation method and device
WO2018077232A1 (en) Network authentication method, and related device and system
KR101038064B1 (en) Authenticating an application
CN111050322B (en) GBA-based client registration and key sharing method, device and system
WO2018010150A1 (en) Authentication method and authentication system
WO2022057736A1 (en) Authorization method and device
JP2017535998A5 (en)
US20100161958A1 (en) Device for Realizing Security Function in Mac of Portable Internet System and Authentication Method Using the Device
CN104205891A (en) Virtual sim card cloud platform
TW201626832A (en) Client and server group SSO with local OpenID
JP2009500902A (en) Method and apparatus for authentication and privacy
US20230344626A1 (en) Network connection management method and apparatus, readable medium, program product, and electronic device
JP2010503319A (en) System and method for obtaining network credentials
WO2020216047A1 (en) Authentication information processing method, terminal, and network device
US10834063B2 (en) Facilitating provisioning of an out-of-band pseudonym over a secure communication channel
WO2018126791A1 (en) Authentication method and device, and computer storage medium
CN112995090B (en) Authentication method, device and system for terminal application and computer readable storage medium
WO2017206125A1 (en) Network connection method, and secure node determination method and device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16908476

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16908476

Country of ref document: EP

Kind code of ref document: A1