WO2018076377A1

WO2018076377A1 - Data transmission method, terminal, node device and system

Info

Publication number: WO2018076377A1
Application number: PCT/CN2016/104139
Authority: WO
Inventors: 熊晓春; 黄正安; 付建军
Original assignee: 华为技术有限公司
Priority date: 2016-10-31
Filing date: 2016-10-31
Publication date: 2018-05-03
Also published as: CN109845185A; CN109845185B

Abstract

Disclosed in the embodiments of the present invention are a data transmission method, terminal, node device, and system, wherein the method comprises: receiving, by a first terminal, broadcast security information sent by a second terminal, the broadcast security information comprising a broadcast message, a second digital signature, a first digital signature, a first public key, and a system identification, the first digital signature being obtained by means of a key management system performing calculation on the first public key on the basis of a second private key, and the second digital signature being obtained by means of the second terminal performing calculation on the broadcast message on the basis of a first private key; obtaining a second public key on the basis of the system identification, and verifying the first digital signature on the basis of the second public key, when the verification is successful, identifying the second terminal as a valid terminal; verifying the second digital signature on the basis of the first public key, when the verification is successful, processing the broadcast message. By means of the embodiments of the present invention, on the basis of ensuring the legitimacy of a broadcast message source, the overhead cost and the amount of data to be transmitted may be reduced.

Description

Data transmission method, terminal, node device and system

Technical field

The present invention relates to the field of communications technologies, and in particular, to a data transmission method, a terminal, a node device, and a system.

Background technique

LTE-V is designed to achieve a vehicle-to-vehicle (V2V), a vehicle-to-Pedestrian (V2P) and even a vehicle-to-Everything (V2X). Continuous communication to exchange status information of current vehicles, surrounding vehicles, pedestrians or the environment, thereby reducing traffic accidents, ensuring traffic safety more effectively, alleviating traffic congestion, reducing energy consumption, and improving travel efficiency. But so far, 3GPP has not clearly proposed how to improve the security of LTE-V based data transmission.

The Institute of Electrical and Electronics Engineers (IEEE) adopts a digital certificate-based method to improve the security of V2V broadcast messages, that is, each broadcast message of a vehicle needs to carry and transmit in addition to the digital signature carrying the message. The party's digital certificate guarantees the legitimacy of the broadcast source through digital certificates and digital signatures. However, the vehicle needs to carry a digital certificate every time data is transmitted, and the amount of data transmitted is large. In addition, in combination with the security requirements of the anti-tracking of the vehicle network, the digital certificate of the vehicle needs to be periodically updated, that is, the certificate authority (CA) needs to periodically issue digital certificates to each vehicle, which is expensive.

Summary of the invention

Embodiments of the present invention provide a data transmission method, a terminal, a node device, and a system, which can reduce overhead and transmit data amount on the basis of ensuring the legitimacy of a broadcast message source.

The first aspect of the present invention provides a data transmission method. After receiving the broadcast security information sent by the second terminal, the first terminal may acquire the second public key of the key management system based on the system identifier, and based on the second public key pair. The first digital signature is verified. When the verification is successful, the second terminal is identified as a valid terminal, and the first terminal may perform verification on the second digital signature based on the first public key. Process broadcast messages.

The broadcast security information may include a broadcast message, a second digital signature of the broadcast message, a first digital signature of the second terminal, a first public key of the second terminal, and a system identifier of the key management system. The first digital signature is obtained by the key management system calculating the first public key based on the second private key of the key management system. The second digital signature is obtained by the second terminal calculating the broadcast message based on the first private key of the second terminal.

In the foregoing technical solution, the first terminal checks the first digital signature based on the second public key of the key management system, and can identify the identity of the second terminal, and avoid sending a broadcast message by using a fake identity, a fraudulent identity, or an expired identity. After the first terminal successfully verifies the first digital signature, the second digital signature may be verified based on the first public key, which ensures the legitimacy of the broadcast message source. In addition, in the conventional data transmission method, the CA needs to periodically issue a digital certificate to each vehicle, and each broadcast message of the vehicle needs to carry the digital certificate of the sender. In the technical solution, the first terminal can sign the first digital The manner of verifying identifies the validity and legitimacy of the temporary identity of the second terminal, which can reduce overhead and reduce the amount of transmitted data.

Optionally, the first digital signature is obtained by the key management system calculating the effective start time of the second private key, the first public key, and the first private key by using a preset signature algorithm.

Optionally, the broadcast security information further includes a valid start time and a generation time of the second digital signature, and the first terminal may obtain the second public key of the key management system based on the system identifier, and may be based on the preset time parameter and valid Determining a valid interval of the first private key. When the generation time is within the effective interval, the first terminal determines that the first private key is a valid private key; when the generation time is outside the valid interval, the first terminal determines the first private The key is an invalid private key.

Optionally, before the first terminal determines the effective interval of the first private key, the first terminal may obtain the receiving time of the broadcast security information, where the difference between the receiving time and the generating time is less than the pre-predetermined time parameter. When the time threshold is set, the first terminal is triggered to determine the effective interval of the first private key based on the preset time parameter and the effective start time; when the difference between the receiving time and the generating time is greater than or equal to the preset time threshold, A terminal may determine that the received broadcast security information is playback information, and then delete the broadcast security information.

Optionally, the first terminal checks the first digital signature based on the second public key, where the first terminal can use the preset verification algorithm to the second public key, the first public key, the effective start time, and the first One number The word signature is processed to obtain a verification result of the first digital signature. When the verification result of the first digital signature is equal to 1, the first terminal determines that the verification of the first digital signature is successful; when the verification result of the first digital signature is When it is equal to 0, the first terminal may determine that the second terminal is an invalid terminal, and then delete the received broadcast security information.

Optionally, before the first terminal acquires the second public key of the key management system, the first terminal may send a trusted credential obtaining request to the first node device, so that the first node device sends the trusted credential request information to the key management. And receiving, by the key management system, feedback information of the first terminal forwarded by the first node device, where the feedback information of the first terminal includes the system identifier and the updated second public key of the key management system.

Optionally, after receiving the feedback information of the first terminal forwarded by the first node device, the first terminal may generate a correspondence between the system identifier and the updated second public key, and store the system identifier and its corresponding After the updated second public key, when the original second public key corresponding to the system identifier exists in the local database of the first terminal, the first terminal deletes the original second public key after a preset duration.

Optionally, the first terminal obtains the second public key of the key management system based on the system identifier, and performs verification on the first digital signature based on the second public key, where the first terminal obtains the update corresponding to the system identifier. The second public key and the original second public key, and verifying the first digital signature based on the updated second public key, obtaining a first verification result of the first digital signature, based on the original second public key pair A digital signature is verified to obtain a second verification result of the first digital signature.

Optionally, the first terminal, when the verification is successful, identifies that the second terminal is a valid terminal, and specifically, when the first verification result is equal to 1 or the second verification result is equal to 1, the first terminal determines the second terminal. For an effective terminal.

Optionally, the first terminal obtains the second public key of the key management system based on the system identifier, where the first terminal may be based on the preset trusted address when the local database of the first terminal does not have the second public key. The second public key is downloaded from the designated node device, wherein the second public key of all the key management systems is stored in the designated node device.

Optionally, the first terminal checks the second digital signature based on the first public key, and when the verification succeeds, the broadcast message is processed, where the first terminal uses the preset verification algorithm to the first public key. And processing the second digital signature and the broadcast security information to obtain a check result of the broadcast message. When the check result of the broadcast message is equal to 1, the first terminal determines that the broadcast message is a valid broadcast message, and broadcasts The message is processed; when the verification result of the broadcast message is equal to 0, the first terminal determines that the broadcast message is an invalid broadcast message, and deletes the broadcast security information.

A second aspect of the present invention provides a data transmission method. After receiving the feedback information of the second terminal sent by the key management system, the second terminal may calculate the broadcast message based on the first private key to obtain a second digital signature of the broadcast message. And sending broadcast security information to the first terminal.

The feedback information includes a trust credential of the second terminal and a first digital signature of the second terminal. The trust credential includes a first private key and a first public key. The first digital signature is obtained by the key management system calculating the first public key based on the second private key of the key management system. The broadcast security information includes a broadcast message, a second digital signature, a first digital signature, a first public key, and a system identification of the key management system.

Optionally, the second terminal receives the feedback information of the second terminal sent by the key management system, where the second terminal sends the trusted credential obtaining request to the first node device, so that the first node device sends the trusted credential request information. The second terminal can also receive the feedback information forwarded by the key management system through the first node device.

Optionally, the second terminal sends a trust credential acquisition request to the first node device, so that the first node device sends the trust credential request information to the key management system, where the second terminal sends the trust to the first node device. a credential obtaining request, so that the first node device sends an authentication request to the second node device, and when the local database of the second node device includes the broadcast service authorization information for the second terminal, the second node device sends the broadcast service authorization information To the first node device, the first node device sends the trusted credential request information to the key management system.

Optionally, the second terminal sends a trust credential acquisition request to the first node device, so that the first node device sends the trust credential request information to the key management system, where the second terminal sends the trust to the first node device. a credential obtaining request, so that the first node device sends an authentication request to the second node device, and when the local database of the second node device includes the broadcast service authorization information for the second terminal, the second node device sends the broadcast service authorization information The first node device sends the broadcast service authorization information to the base station of the cell where the second terminal is located, and the first node device sends the trust credential request information to the key management system.

Optionally, before the second terminal calculates the broadcast message to obtain the second digital signature of the broadcast message, the time-frequency resource acquisition request may be sent to the base station, so that the base station detects whether the local database of the base station is stored. The broadcast service authorization information of the second terminal, when the broadcast service authorization information of the second terminal exists in the local database of the base station, the base station allocates time-frequency resources to the second terminal, and the second terminal can use the time-frequency resource allocated by the base station The broadcast security information is sent to the first terminal.

Optionally, before the second terminal calculates the broadcast message to obtain the second digital signature of the broadcast message, the second terminal may send a time-frequency resource acquisition request to the base station of the cell where the second terminal is located, so that the base station sends the second node device to the second node device. The authorization information acquisition request of the terminal, when the base station receives the broadcast service authorization information sent by the second node device to the second terminal, the base station allocates the time-frequency resource to the second terminal, and the second terminal uses the time-frequency resource allocated by the base station The broadcast security information is sent to the first terminal.

Optionally, the second terminal sends a time-frequency resource acquisition request to the base station of the cell where the second terminal is located, so that the base station sends a request for obtaining the authorization information to the second terminal to the second node device, which may be: The base station of the cell in which the second terminal is located sends a time-frequency resource acquisition request, so that the base station detects whether the broadcast service authorization information of the second terminal exists in the local database of the base station, and when the broadcast service authorization information of the second terminal exists in the local database of the base station, The base station allocates time-frequency resources to the second terminal. When the broadcast service authorization information of the second terminal does not exist in the local database of the base station, the base station sends an authorization information acquisition request to the second terminal to the second node device.

Optionally, the trusted credential request information may carry a valid start time of the credential credential, and the first digital signature is a second private key, a first public key, and a valid key management system of the key management system by using a preset signature algorithm. The starting time is calculated.

Optionally, the feedback information may further include the system identifier and the updated second public key of the key management system, and after the second terminal receives the feedback information of the second terminal sent by the key management system, the system identifier and the update may be generated. Corresponding relationship of the second public key, and storing the system identifier and the corresponding updated second public key. When the original second public key corresponding to the system identifier exists in the local database of the second terminal, the second terminal The original second public key can be deleted after a preset duration.

Optionally, the second terminal calculates the broadcast message to obtain the second digital signature of the broadcast message, where the second terminal may use the preset signature algorithm to use the preset private key, the broadcast message, the first public key, and the trusted certificate. The effective start time, the first digital signature, the system identifier, and the generation time of the second digital signature are calculated to obtain second digital signature information.

A third aspect of the present invention provides a data transmission method, where a first node device receives a second terminal After the trusted credential obtaining request is sent, the trusted credential request information may be sent to the key management system according to the trusted credential obtaining request, and the feedback information of the second terminal sent by the key management system is received, and the feedback information is sent to the second terminal.

The feedback information may include a trust credential of the second terminal and a first digital signature of the second terminal, the trust credential may include a first private key and a first public key, and the first digital signature is a key management system based on the key management system The second private key is calculated from the first public key.

Optionally, before the first node device sends the trusted credential request information to the key management system according to the trusted credential obtaining request, the first node device may send an authentication request to the second node device, so that the second node device detects the local database of the second node device. Whether the broadcast service authorization information for the second terminal is included, and when the local database of the second node device includes the broadcast service authorization information for the second terminal, the second node device sends the broadcast service authorization information of the second terminal to the first A node device, the first node device receives broadcast service authorization information sent by the second node device to the second terminal.

Optionally, the first node device sends the trusted credential request information to the key management system according to the trusted credential obtaining request, where the first node device generates a valid start time of the trusted credential, and sends the trusted credential request information to the secret. The key management system, the trusted credential request information carries a valid start time.

Optionally, the first digital signature is obtained by the key management system calculating the second private key, the first public key, and the effective start time of the key management system by using a preset signature algorithm, where the feedback information may include a trusted credential, The first digital signature, the effective start time, and the second public key of the key management system.

Optionally, after receiving the feedback information sent by the key management system, the first node device may generate a correspondence between the terminal identifier of the second terminal and the feedback information, and store the terminal identifier and the corresponding feedback information.

A fourth aspect of the present invention provides a computer storage medium, wherein the computer storage medium stores a program, and the program includes all or part of the steps of the data transmission method provided by the first aspect of the embodiment of the present invention.

A fifth aspect of the present invention provides a computer storage medium, wherein the computer storage medium stores a program, and the program includes all or part of the steps of the data transmission method provided by the second aspect of the embodiment of the present invention.

A sixth aspect of the present invention provides a computer storage medium, wherein the computer storage medium stores a program, and the program includes all or part of the steps of the data transmission method provided by the third aspect of the embodiment of the present invention.

A seventh aspect of the present invention provides a terminal, where the terminal includes:

The broadcast security information receiving module is configured to receive broadcast security information sent by the second terminal, where the broadcast security information includes a broadcast message, a second digital signature of the broadcast message, a first digital signature of the second terminal, and a first public key of the second terminal. And a system identifier of the key management system, wherein the first digital signature is obtained by the key management system calculating the first public key based on the second private key of the key management system, and the second digital signature is that the second terminal is based on the second terminal The first private key is calculated for the broadcast message.

The verification module is configured to obtain the second public key of the key management system based on the system identifier, and verify the first digital signature based on the second public key. When the verification succeeds, the second terminal is identified as a valid terminal.

The verification module is further configured to perform verification on the second digital signature based on the first public key, and process the broadcast message when the verification is successful.

Optionally, the broadcast security information further includes a valid start time and a generation time of the second digital signature, and the terminal may further include:

a determining module, configured to determine a valid interval of the first private key based on the preset time parameter and the effective start time before the verification module obtains the second public key of the key management system based on the system identifier, when the generating time is within the effective interval When the first private key is determined to be a valid private key.

Optionally, the terminal may further include:

The receiving time obtaining module is configured to determine, according to the preset time parameter and the effective starting time, the module to obtain the receiving time of the broadcast security information before determining the effective interval of the first private key.

The determining module is further configured to determine an effective interval of the first private key based on the preset time parameter and the effective start time when a difference between the receiving time and the generating time is less than a preset time threshold.

Optionally, the verification module verifies the first digital signature based on the second public key, specifically:

Passing the verification algorithm to the second public key, the first public key, the effective start time, and the first digital signature The name is processed to obtain a verification result of the first digital signature; when the verification result of the first digital signature is equal to 1, it is determined that the verification of the first digital signature is successful.

Optionally, the terminal may further include:

a request sending module, configured to send, by the verification module, a trust credential acquisition request to the first node device, before the second public key of the key management system is obtained, so that the first node device sends the trusted credential request information to the key Management system.

The feedback information receiving module is configured to receive feedback information of the first terminal forwarded by the key management system by the first node device, where the feedback information of the first terminal includes the system identifier and the updated second public key of the key management system.

Optionally, the terminal may further include:

a storage module, configured to: after receiving the feedback information of the first terminal forwarded by the first node device by the key management system, generate a correspondence between the system identifier and the updated second public key, and store the system identifier and Corresponding updated second public key.

The deleting module is configured to delete the original second public key after a preset duration, when the original second public key corresponding to the system identifier exists in the local database of the terminal.

Optionally, the verification module obtains the second public key of the key management system based on the system identifier, and performs verification on the first digital signature based on the second public key, specifically:

Obtaining the updated second public key and the original second public key corresponding to the system identifier.

The first digital signature is verified based on the updated second public key to obtain a first verification result of the first digital signature.

The first digital signature is verified based on the original second public key to obtain a second verification result of the first digital signature.

Optionally, when the verification module is successful, the verification module identifies the second terminal as a valid terminal, specifically for:

When the first check result is equal to 1 or the second check result is equal to 1, it is determined that the second terminal is a valid terminal.

An eighth aspect of the present invention provides a terminal, the terminal comprising a processor, an input device, an output device, and a memory, and the processor, the input device, and the output device can be used to implement some or all of the steps in conjunction with the first aspect.

A ninth aspect of the present invention provides a terminal, the terminal comprising a processor, an input device, an output device, and a memory, and the processor, the input device, and the output device can be used to implement some or all of the steps in conjunction with the second aspect.

A tenth aspect of the present invention provides a node device, where the node device may include:

The request receiving module is configured to receive a trusted credential obtaining request sent by the second terminal.

The request information sending module is configured to send the trust credential request information to the key management system according to the trust credential obtaining request.

a feedback information receiving module, configured to receive feedback information of the second terminal sent by the key management system, where the feedback information includes a trusted credential of the second terminal and a first digital signature of the second terminal, where the trusted credential includes the first private key and the first The public key, the first digital signature is obtained by the key management system calculating the first public key based on the second private key of the key management system.

The feedback information sending module is configured to send the feedback information to the second terminal.

Optionally, the node device may further include:

a request sending module, configured to: before requesting the information sending module to send the trusted credential request information to the key management system according to the trusted credential obtaining request, sending an authentication request to the second node device, so that the second node device detects the locality of the second node device Whether the broadcast service authorization information for the second terminal is included in the database, and when the local database of the second node device includes the broadcast service authorization information for the second terminal, the second node device sends the broadcast service authorization information of the second terminal. Give the node device.

The authorization information receiving module is configured to receive broadcast service authorization information sent by the second node device to the second terminal.

Optionally, the request information sending module is specifically configured to:

The effective start time for generating a trust credential.

The trust credential request information is sent to the key management system, and the trust credential request information carries a valid start time.

Optionally, the first digital signature is obtained by the key management system by using a preset signature algorithm to calculate a second private key, a first public key, and a valid start time of the key management system. The feedback information includes a trust credential, a first digital signature, a valid start time, and a second public key of the key management system.

Optionally, the node device may further include:

The storage module is configured to: after receiving the feedback information sent by the key management system, the feedback information receiving module generates a correspondence between the terminal identifier and the feedback information of the second terminal, and stores the terminal identifier and the corresponding feedback information.

An eleventh aspect of the present invention provides a node device, which includes a processor, an input device, an output device, and a memory, and the processor, the input device, and the output device may be used to implement some or all of the steps in combination with the third aspect. .

A twelfth aspect of the present invention provides a data transmission system, comprising the terminal according to the eighth aspect, the terminal according to the ninth aspect, and the node device according to the eleventh aspect.

DRAWINGS

In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings to be used in the embodiments will be briefly described below. Obviously, the drawings in the following description are only some of the present invention. For the embodiments, those skilled in the art can obtain other drawings according to the drawings without any creative work.

1 is a schematic structural diagram of a data transmission system according to an embodiment of the present invention;

2 is a schematic flowchart of a data transmission method according to an embodiment of the present invention;

3 is a schematic flowchart of a data transmission method according to another embodiment of the present invention;

4 is a schematic structural diagram of a terminal according to an embodiment of the present invention;

FIG. 5 is a schematic structural diagram of a terminal according to another embodiment of the present invention;

FIG. 6 is a schematic structural diagram of a terminal according to another embodiment of the present invention;

FIG. 7 is a schematic structural diagram of a terminal according to another embodiment of the present invention;

FIG. 8 is a schematic structural diagram of a node device according to an embodiment of the present disclosure;

FIG. 9 is a schematic structural diagram of a node device according to another embodiment of the present invention;

FIG. 10 is a schematic structural diagram of a data transmission system according to an embodiment of the present invention.

detailed description

The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is obvious that the described embodiments are only a part of the embodiments of the present invention, but not all embodiments. All other embodiments obtained by those skilled in the art based on the embodiments of the present invention without creative efforts are within the scope of the present invention.

In the traditional data transmission method, in addition to the digital signature carrying the message, each broadcast message of the vehicle needs to carry the digital certificate of the sender, and the amount of data transmitted is large, and the CA needs to periodically send numbers to each vehicle. Certificate, the cost is large.

The embodiment of the present invention provides a data transmission method, where the first terminal receives the broadcast security information sent by the second terminal, and obtains the second public key of the key management system according to the system identifier of the key management system included in the broadcast security information, based on The second public key checks the first digital signature of the second terminal. When the verification succeeds, the second terminal is identified as a valid terminal, and the second digital signature of the broadcast message is performed based on the first public key of the second terminal. Verification, when the verification is successful, the broadcast message is processed, and the overhead and the amount of data transmitted can be reduced on the basis of ensuring the legitimacy of the broadcast message source. The broadcast security information includes a broadcast message, a second digital signature, a first digital signature, a first public key, and a system identifier of the key management system. The first digital signature is a second private key management system based on the key management system. The key is calculated by calculating the first public key, and the second digital signature is obtained by the second terminal calculating the broadcast message based on the first private key of the second terminal.

Based on the foregoing principles, an embodiment of the present invention provides a schematic diagram of a data transmission system. The system architecture may be deployed in a 3GPP cellular network or a future 5G network. The 3GPP cellular network may include an LTE-V, a device-to-device (device). To device, D2D) or one-to-all communication system, the future 5G network may include an evolved car to the eV2X system. Referring to FIG. 1, the architecture of the data transmission system may include at least: a first terminal 101, a second terminal 102, and a Key Management System (KMS) 103.

In a specific implementation, the second terminal 102 may receive the feedback information of the second terminal 102 sent by the KMS 103, where the feedback information may include the trust credential of the second terminal 102 and the first digital signature of the second terminal 102, and the trust credential may include the first The private key and the first public key are obtained by the KMS 103 calculating the first public key based on the second private key of the KMS 103; when the second terminal 102 needs to send the broadcast message to the first terminal 101, the broadcast may be The message is calculated and processed to get the a second digital signature of the broadcast message, wherein the second digital signature is obtained by the second terminal 102 calculating the broadcast message based on the first private key, and the second terminal 102 may generate broadcast security information, where the broadcast security information may include a broadcast message, The second digital signature of the broadcast message, the first digital signature, the first public key, and the system identifier of the KMS 103, and the second terminal 102 transmits the broadcast security information to the first terminal 101; the first terminal 101 receives the second terminal 102 and transmits After the security information is broadcast, the second public key of the KMS 103 can be obtained based on the system identifier, and the first digital signature is verified based on the second public key. When the verification is successful, the first terminal 101 can identify the second terminal 102 as The first terminal 101 can also check the second digital signature based on the first public key. When the verification is successful, the first terminal 101 can process the broadcast message.

Optionally, the architecture of the data transmission system may further include the first node device 104. Before the second terminal 102 receives the feedback information of the second terminal 102 sent by the KMS 103, the second terminal 102 may send a trust credential acquisition request to the first node device 104, and the first node device 104 sends a trust credential request to the KMS 103 according to the trust credential acquisition request. The KMS 103 can generate a trust credential according to the credential credential request information, the trust credential can include the first public key of the second terminal 102 and the first private key thereof, and the KMS 103 can calculate the first public key based on the second private key of the KMS 103. The first digital signature transmits the trust credential and the first digital signature to the first node device 104, and the first node device 104 can transmit the trust credential and the first digital signature to the second terminal 102.

Optionally, the architecture of the data transmission system may further include the second node device 105. Before the first node device 104 sends the trust credential request information to the KMS 103 according to the trust credential acquisition request sent by the second terminal 102, the first node device 104 may send an authentication request to the second node device 105, when the local database of the second node device 105 includes the second When the terminal 102 broadcasts the service authorization information, the second node device 105 may transmit the broadcast service authorization information of the second terminal 102 to the first node device 104, and the first node device 104 transmits the trust credential request information to the KMS 103.

Optionally, the architecture of the data transmission system may further include a Home Subscriber Server (HSS) 107. After the first node device 104 transmits the authentication request to the second terminal 102 to the second node device 105, when the local database of the second node device 105 does not include the broadcast service authorization information for the second terminal 102, the second node device 105 may send authentication request information to the second terminal 102 to the HSS 107. When the second terminal 102 activates the V2X service, the HSS 107 may generate broadcast service authorization information for the second terminal 102, and may serve the broadcast of the second terminal 102. The authorization information is forwarded to the first node device 104 by the second node device 105.

Optionally, the architecture of the data transmission system may further include the base station 106 of the cell where the second terminal 102 is located. After the second terminal 102 generates the broadcast message, the base station 106 may send a time-frequency resource acquisition request to the base station 106, and the base station 106 detects whether the broadcast service authorization information of the second terminal 102 exists in the local database of the base station 106, and the local database exists in the base station 106. When the second terminal 102 broadcasts the service authorization information, the base station 106 may allocate the time-frequency resource to the second terminal 102; when the broadcast service authorization information of the second terminal 102 does not exist in the local database of the base station 106, the base station 106 may go to the second node. The device 105 sends an authentication request to the second terminal 102. When the local database of the second node device 105 includes broadcast service authorization information for the second terminal 102, the second node device 105 can provide a broadcast service to the second terminal 102. When the authorization information is sent to the base station 106, the base station 106 can allocate the time-frequency resource to the second terminal 102, and the second terminal 102 transmits the broadcast security information to the first terminal 101 by using the time-frequency resource allocated by the base station 106.

The first terminal 101 and the second terminal 102 may be referred to as user equipment (UE, User Equipment), mobile station, access terminal, subscriber unit, subscriber station, mobile station, remote station, remote terminal, mobile device, terminal, A wireless communication device, a user agent, or a user device, etc., may specifically be a station (ST, Station) in a WLAN, a cellular phone, a cordless phone, a Session Initiation Protocol (SIP), a wireless local loop (WLL, Wireless Local Loop), personal digital processing (PDA, Personal Digital Assistant), handheld devices with wireless communication capabilities, computing devices, other processing devices connected to wireless modems, in-vehicle devices, wearable devices, mobile in future 5G networks Any one of stations and terminal devices in a future evolved PLMN network. It should be noted that, in the embodiment of the present invention, the first terminal 101 may be configured to receive data. Optionally, the first terminal 101 may also be used to send data to other terminals, where the number of the first terminals 101 may be at least one; In the embodiment of the present invention, the second terminal 102 may be configured to send data. Optionally, the second terminal 102 may also be configured to receive data sent by other terminals. The number of the second terminals 102 may be at least one, which is not specifically implemented by the present invention. The limitations of the example.

The KMS 103 may specifically be a V2X KMS, which is mentioned in 3GPP TR 33.885 V0.3.0. Its function is to generate a temporary public-private key pair of the user and digitally sign the temporary public key to provide proof of legality of the temporary public key. It should be noted that the data transmission system in the embodiment of the present invention may include at least one KMS 103.

The first node device 104 may specifically be a Temporary ID Management Function, which is mentioned in 3GPP TR 33.885 V0.4.0. Its function is as follows:

1 as an intermediate node between the terminal and the KMS 103, the direct communication between the terminal and the KMS 103 can be avoided to expose the connection location of the KMS 103, thereby leaking sensitive information stored in the KMS 103, such as the second public key and the second private key of the KMS 103. The temporary public-private key pair generated by KMS103 and the first digital signature calculated by calculating the temporary public key can improve the security of the feedback information.

2 Associate the temporary public-private key pair of the terminal with the terminal identifier and store it in the local database for auditing the sender.

3 Maintaining the independence of the KMS 103 function, that is, the KMS 103 only communicates directly with the first node device 104. The KMS 103 is only used to generate the temporary public-private key pair of the user, and digitally sign the temporary public key without the temporary public-private of the terminal. The key pair is associated with the terminal identifier and stored.

The second node device 105 may specifically be a vehicle to a V2X Control Function (V2X Control Function), which is mentioned in 3GPP TR 23.785v1.1.0. The V2X Control function is a logic unit that provides network related functions required by the V2X. The logic unit provides V2X service authorization information of the terminal.

The base station 106 may be a base station (NB, NodeB) in Wideband Code Division Multiple Access (WCDMA) or an evolved base station (eNB) in an LTE system.

The user profile of the HSS 107 stores the user profile and performs user authentication and authorization. The information that the HSS can process includes: user identification; user security information, that is, network access control information for authentication and authorization.

Before introducing a specific embodiment of the present invention, a brief description of concepts such as digital signatures that may be involved in the present invention is first made. Digital signature refers to a string of digits generated only by the sender and not forged by others. This digit string is also a valid proof of the authenticity of the data sent by the sender. The digital signature can provide integrity, identity authentication and non-repudiation. Sexual protection. The digital signature consists of three algorithms: the key generation algorithm Gen, the signature algorithm Sign, and the verification algorithm Verf. The key generation algorithm Gen is used to generate a digitally signed public-private key pair (PK, SK), which is denoted as (PK, SK) ← Gen. The signature algorithm Sign generates a signature Sig by inputting the signature private key SK and the message msg, which is denoted as Sig←Sign(SK, msg). The verification algorithm Verf outputs a bit value by inputting the verification public key PK, the message msg, and the signature Sig. σ, denoted as σ←Verf(PK, msg, Sig). For (PK, SK)←Gen, if the illegal user does not acquire the SK, the message & signature pair (msg, Sig) cannot be generated such that Verf(PK, msg, Sig)=1.

Before introducing a specific embodiment of the present invention, some simple descriptions of feedback information or broadcast security information that may be involved in the present invention are first made.

Msg: broadcast message, that is, the content of the message that the second terminal 102 needs to broadcast at the application layer, such as the speed of the vehicle or the current location. Optionally, the data length of the broadcast message may be less than 300 bytes.

SKA: The first private key of the second terminal 102 is used to generate a second digital signature. (PKA, SKA) is a temporary public-private key pair generated by KMS103. The update frequency of the temporary public-private key pair is determined by the anti-tracking demand parameter in the operator policy and standard, that is, KMS103 generates different temporary public and private keys based on the preset update frequency. Correct.

PKA: The first public key of the second terminal 102, which is also the temporary identity of the second terminal 102, is used to verify the second digital signature.

Time: The effective start time of the temporary public-private key pair. The validity period of the temporary public-private key pair is determined by the anti-tracking requirement parameter in the operator's policy and standard. For example, if the validity period specified by the operator is the time parameter duration (for example, 5 minutes), the temporary public-private key pair is The valid range is [Time, Time+Duration].

It should be noted that, in the embodiment of the present invention, the valid interval for verifying the PKA is not explicitly given, because the second terminal 102 calculates the broadcast message based on the first private key to obtain the second digital signature, and sends the broadcast security information to the first. The terminal 101 first detects whether the broadcast message is valid based on the generation time of the broadcast security information, generates a timestamp, and then detects whether the SKA is expired based on the effective start time, because the configured timestamp is small, for example 100ms, the detection time of the SKA is compared with the time of the SKA, up to 100ms later. This length of time is negligible in the key validity period, which ensures that the detection time of the verification SKA is not too late than the SKA usage time. If the first terminal 101 detects that the SKA has expired, it is not necessary to further detect whether the PKA is expired. When the first terminal 101 determines that the SKA is valid, it can also determine that the PKA is valid; when the first terminal 101 determines that the SKA expires, the PKA can also be determined. Expired.

Duration: A time parameter used to indicate the validity period of the first public key, which is specified by the operator (or uniformly specified by the 3GPP standard).

The first digital signature, the first digital signature is that the KMS 103 uses the second private key KSAK of the KMS 103, the first public key PKA, and the valid start time Time as input, and invokes the digital signature generated by the signature algorithm Sign. The purpose of the first digital signature is to enable the first terminal 101 to verify the validity and legitimacy of the temporary identity PKA of the second terminal 102.

KMS _ID : KMS _ID is the identity of KMS103. A KMS103 has only one KMS _ID and a unique pair of digital signature key pairs (KPAK, KSAK), the KMS _ID remains fixed, (KPAK, KSAK) can remain fixed, optional, (KPAK, KSAK) ) can be updated periodically. The first terminal 101 determines the second public key KPAK of the corresponding KMS 103 based on the KMS _ID , and verifies the first digital signature based on the KPAK.

KSKA: The second private key of KMS 103 for generating the first digital signature.

KPKA: The second public key of KMS 103 for verifying the first digital signature.

Timestamp: The timestamp of the broadcast message. In general, the time stamp is the generation time when the second terminal 102 generates the second digital signature. After receiving the broadcast security information, the first terminal 101 first detects the timestamp timestamp, that is, subtracts the timestamp from the receiving time of receiving the broadcast security information, and if the obtained value is greater than the preset time threshold, determines that the broadcast security information is replayed. Information, refuse to process the broadcast security information; otherwise, detect whether the first public key expires. The preset time threshold may be a preset duration, such as 200 ms or 1 s.

Sig: a second digital signature, the second digital signature is the second terminal 102 with the first private key SKA and (msg, PKA, Time,

The KMS _ID , timestamp) is used as an input to call the digital signature generated by the signature algorithm Sign. The role of the second digital signature is to enable the first terminal 101 to verify (msg, PKA, Time,

The legality of the source of KMS _ID , timestamp). It should be noted that if the broadcast message that the second terminal 102 needs to send is msg, the broadcast security information may be (msg, PKA, Time,

KMS _ID, timestamp, Sig).

FIG. 2 is a schematic flowchart of a data transmission method according to an embodiment of the present invention, and the data transmission method in the embodiment of the present invention is shown in FIG. Can include:

S201. The second terminal sends an authentication request to the second node device, where the authentication request carries the terminal identifier of the second terminal.

In a specific implementation, after the second terminal (for example, UEA) performs the EPS-AKA protocol and negotiates the network attached storage (NAS) layer key and the application server (AS) layer key, the second terminal may The two-node device (for example, the V2X Control Function) sends an authentication request, and the authentication request carries the terminal identifier (for example, IDA) of the UEA.

Optionally, the first terminal (for example, the UEB) performs the EPS-AKA protocol, and after negotiating the NAS layer key and the AS layer key, may send an authentication request to the V2X Control Function, where the authentication request carries the terminal identifier of the UEB ( For example IDB). The terminal identifier may be used to uniquely identify the terminal. For example, the terminal identifier may include an Internet Protocol Address (IP) of the terminal or an International Mobile Equipment Identity (IMEI). It should be noted that the specific steps of the terminal performing the EPS-AKA protocol and negotiating the NAS layer key and the AS layer key can be seen in 3GPP 33.401 and 3GPP 33.102, and details are not described herein again.

Optionally, before sending the authentication request to the V2X Control Function, the UEA may configure a Subscriber Identity Module (SIM) related information and a required parameter for secure communication with the first node device (eg, Temporary ID Management Function). . In addition, the UEA may establish a {(KMS _ID , KPAK)} list, initially an empty table, for storing the system identifier (eg, KMS _ID ) of the Key Management System (KMS) sent by the Temporary ID Management Function and its corresponding Two public keys (such as KPAK). In addition, the trusted address can be configured for the UEA. The trusted address can be the access path of the KPAK of any KMS. For example, each KMS can send the current KPAK of the KMS to the designated node device, and then specify the node device to store. The KMS _{ID of} each KMS and its corresponding KPAK, when the UEA needs to acquire the KPAK of the specified KMS, the UEA can access the designated node device based on the preset trusted address, and download the KPAK corresponding to the KMSID of the specified KMS from the designated node device. In addition, the UEA can also configure necessary security parameters, such as an anti-replay requirement parameter (ie, a preset time threshold), and a validity period of the first public key (ie, a time parameter Duration).

Optionally, before sending the authentication request to the V2X Control Function, the UEB may configure the SIM card related information and the necessary parameters for secure communication with the Temporary ID Management Function. In addition, the UEB may establish a {(KMS _ID , KPAK)} list, initially an empty table, for storing the system identifier (eg, KMS _ID ) of the Key Management System (KMS) sent by the Temporary ID Management Function and its corresponding Two public keys (such as KPAK). In addition, the UEB can also be configured with a trusted address, which can be an access path for obtaining KPAK of any KMS. In addition, the UEB may also be configured with necessary security parameters, such as an anti-replay requirement parameter (ie, a preset time threshold), and a validity period of the first public key (ie, a time parameter Duration).

Optionally, the base station (for example, an eNB) may be configured to process related parameters of the time-frequency resource acquisition request. Optionally, the parameter configured for the eNB may include a shortest time interval for the user to request time-frequency resources. The shortest time interval is determined by the operator based on operational strategy and standard requirements.

Optionally, the home subscriber server (for example, HSS) may be configured with the subscription authorization information of the LTE-V user and related parameters of communication between the HSS and the V2X Control Function. Specifically, the HSS may store the terminal identifier of the terminal that has opened the V2X service.

Optionally, the V2X Control Function can be configured with related information, including parameters related to communication between the terminal, the HSS or the Temporary ID Management Function, and the broadcast service authorization information of the terminal that has opened the V2X service.

Optionally, the Temporary ID Management Function can be configured with related parameters, including related parameters for communication with the terminal, the V2X Control Function, or the KMS. The local database of the Temporary ID Management Function can store the terminal identifier and its corresponding feedback information.

Optionally, KMS can be configured with relevant information, including parameters related to its communication with the Temporary ID Management Function, and the KMS _ID and key information (KPAK, KSAK) of the KMS.

S202. When the local database of the second node device includes the broadcast service authorization information of the second terminal, the second node device sends the terminal identifier of the second terminal and the broadcast service grant information to the base station of the cell where the second terminal is located.

In a specific implementation, after receiving the authentication request sent by the UEA, the V2X Control Function may search for the broadcast service authorization information of the UEA in the local database of the V2X Control Function according to the terminal identifier of the UEA, and the local database of the V2X Control Function includes the broadcast of the UEA. When the service authorization information is used, the V2X Control Function may send the terminal identifier of the UEA and its broadcast service grant information to the base station (eg, eNB) of the cell where the UEA is located; and when the local database of the V2X Control Function does not include the broadcast service grant information of the UEA, the V2X The control function may send an authentication request to the HSS, and the authentication request carries the terminal identifier of the UEA. The HSS may detect the V2X service provisioning of the UEA according to the authentication request. When the UEA activates the V2X service, the HSS may generate The broadcast service authorization information of the UEA is sent to the V2X Control Function, and the V2X Control Function can store the broadcast service authorization information of the UEA, and send the broadcast service authorization information of the UEA to the eNB; when the UEA does not open the V2X service The HSS sends the V2X service to the V2X service. The V2X Control Function stores the V2X service of the UEA. The V2X Control Function sends the V2X service to the eNB. The eNB determines that the UEA does not receive the broadcast service. Authorization.

Optionally, after receiving the authentication request sent by the UEB, the V2X Control Function may search for the broadcast service authorization information of the UEB in the local database of the V2X Control Function according to the terminal identifier of the UEB, where the local database of the V2X Control Function includes the broadcast of the UEB. When the authorization information is served, the V2X Control Function may send the terminal identifier of the UEB and its broadcast service grant information to the base station (eg, eNB) of the cell where the UEB is located; when the local database of the V2X Control Function does not include the broadcast service grant information of the UEB, the V2X The control function may send an authentication request to the HSS, and the authentication request carries the terminal identifier of the UEB. The HSS may detect the V2X service provisioning of the UEB according to the authentication request. When the UE2 activates the V2X service, the HSS may generate the broadcast service authorization information of the UEB. And transmitting the broadcast service authorization information to the V2X Control Function, where the V2X Control Function can store the broadcast service authorization information of the UEB, and send the broadcast service authorization information of the UEB to the eNB; when the UEB does not enable the V2X service, the HSS does not Send V2X service to V2X Control F The V2X Control Function stores the V2X service provisioning of the UEB. The V2X Control Function sends the UE2 to the eNB without the V2X service being enabled. The eNB determines that the UEB is not authorized by the broadcast service.

Optionally, when the UEA moves to another cell, the V2X Control Function may determine the base station of the cell where the UEA is currently located, and send the broadcast service authorization information of the UEA to the determined base station.

Optionally, when the UEB moves to another cell, the V2X Control Function may determine the base station of the cell where the UEB is currently located, and send the broadcast service authorization information of the UEB to the determined base station.

S203. The second terminal sends a trusted credential obtaining request to the first node device, where the trusted credential obtaining request carries the terminal identifier of the second terminal.

Specifically, the UEA may send a trusted credential obtaining request to the Temporary ID Management Function through the secure channel every preset time interval, and the trusted credential obtaining request carries the terminal identifier of the UEA.

Optionally, the UEB may send a trusted credential obtaining request to the Temporary ID Management Function through the secure channel, where the trusted credential obtaining request may carry the terminal identifier of the UEB. Specifically, the UEB may send a trusted credential obtaining request to the Temporary ID Management Function through the secure channel every preset time interval, and the trusted credential obtaining request carries the terminal identifier of the UEB. For example, the preset duration may be less than or equal to the update frequency of the temporary public-private key pair, which is not limited by the embodiment of the present invention.

S204. The first node device sends an authentication request to the second node device, where the authentication request carries the terminal identifier of the second terminal.

Specifically, after receiving the trust credential acquisition request sent by the UEA, the Temporary ID Management Function may send an authentication request to the V2X Control Function to determine whether the UEA has broadcast authority, and the authentication request may carry the terminal identifier of the UEA.

Optionally, after receiving the trust credential obtaining request sent by the UEB, the Temporary ID Management Function may send an authentication request to the V2X Control Function to determine whether the UEB has the broadcast right, and the authentication request may carry the terminal identifier of the UEB.

S205. When the local database of the second node device includes the broadcast service authorization information of the second terminal, the second node device sends the terminal identifier of the second terminal and the broadcast service authorization information to the first node device.

Specifically, after receiving the authentication request sent by the Temporary ID Management Function, the V2X Control Function may search for the broadcast service authorization information of the UEA in the local database of the V2X Control Function according to the terminal identifier of the UEA carried in the authentication request. When the local database of the V2X Control Function includes the broadcast service authorization information of the UEA, the V2X Control Function sends the terminal identifier of the UEA and its broadcast service authorization information to the Temporary ID Management Function. Optionally, when the local database of the V2X Control Function does not include the broadcast service authorization information of the UEA, the V2X Control Function may send an authentication request to the HSS, where the authentication request carries the terminal identifier of the UEA, and the HSS may obtain the V2X service provisioning of the UEA. When the UEA activates the V2X service, the HSS may generate the broadcast service authorization information for the UEA, and send the broadcast service authorization information of the UEA to the V2X Control Function, where the V2X Control Function may store the terminal identifier of the UEA and its corresponding broadcast service authorization. Information and send the UEA's broadcast service authorization information to the Temporary ID Management Function. Optional, when When the UEA does not enable the V2X service, the HSS may generate indication information indicating that the UEA does not open the V2X service, and send the indication information to the V2X Control Function, and the V2X Control Function sends the indication information to the Temporary ID Management Function. Before obtaining the trust credential in the embodiment of the present invention, it is required to detect whether the terminal has the broadcast right, and when the terminal has the broadcast right, the obtained feedback information is sent to the terminal, so that the terminal sends a broadcast message to another terminal based on the feedback information. Users who do not have broadcast rights, steal broadcast rights, or use expired rights to send broadcast messages can improve the legitimacy of broadcast sources.

Optionally, after receiving the authentication request sent by the Temporary ID Management Function, the V2X Control Function may search for the broadcast service authorization information of the UEB in the local database of the V2X Control Function according to the terminal identifier of the UEB carried in the authentication request. When the local database of the V2X Control Function includes the broadcast service grant information of the UEB, the V2X Control Function sends the terminal identifier of the UEB and its broadcast service grant information to the Temporary ID Management Function.

S206. The first node device sends the trusted credential request information to the key management system according to the trust credential acquisition request.

Specifically, after receiving the broadcast service authorization information of the UEA sent by the V2X Control Function, the Temporary ID Management Function may determine that the UEA has the broadcast right, and then send the trusted credential request information to the KMS according to the trust credential acquisition request sent by the UEA. Optionally, the Temporary ID Management Function may select a KMS with the highest degree of idleness according to the service situation (such as the idleness of each KMS), and send the trusted credential request information to the selected KMS. Optionally, the trust credential request information sent by the Temporary ID Management Function to the KMS may carry a valid start time Time of the credential credential, and the trust credential request information may not carry the terminal identifier of the UEA.

Optionally, when receiving the indication information sent by the V2X Control Function to indicate that the UEA does not enable the V2X service, the Temporary ID Management Function may send a reject message to the UEA that refuses to process the trust credential acquisition request sent by the UEA, and the reject message may carry the rejection message. For the reason of the processing, for example, the reason for the rejection processing may be “UEA does not open V2X service, and does not have broadcast rights”.

Optionally, the Temporary ID Management Function receives the V2X Control Function. After the broadcast service authorization information of the UEB is sent, it may be determined that the UEB has the broadcast right, and then the trusted credential request information is sent to the KMS according to the trust credential acquisition request sent by the UEB.

S207. The key management system generates a trust credential according to the trust credential request information, where the trust credential includes the first public key of the second terminal and the first private key thereof.

Specifically, after the Temporary ID Management Function sends the trusted credential request information to the KMS according to the trusted credential obtaining request sent by the UEA, the KMS may invoke the preset key generating algorithm Gen to generate the trusted credential, and the trusted credential may include the first public key PKA of the UEA and Its first private key, SKA. The trust credential can be updated periodically, and the update frequency is determined by the anti-tracking demand parameter in the operator policy and standard. It should be noted that, when the Temporary ID Management Function sends the trust credential request information to the KMS without carrying the terminal identifier, the KMS does not know the specific terminal that receives the credential credential. In the embodiment of the present invention, the trusted credential is periodically updated, and the third party cannot identify the identity of the terminal by which the first public key is used to prevent the user from being tracked.

Optionally, after the Temporary ID Management Function sends the trusted credential request information to the KMS according to the trusted credential obtaining request sent by the UEB, the KMS may invoke the preset key generating algorithm Gen to generate the trusted credential of the UEB, where the trusted credential may include the first public of the UEB. The key and the first private key of the UEB.

S208. The key management system calculates the first public key based on the second private key of the key management system to obtain a first digital signature.

Specifically, any KMS is configured with a unique system identifier KMSID and a second private key KSAK of the KMS and a second public key KPAK. After the KMS generates the trust credential of the UEA, the PKA can be calculated based on the KSAK to obtain the first digital signature. . Optionally, the trusted credential request information may carry a valid start time of the credential credential, wherein the valid start time of the credential credential is a valid start time of the first public key or a valid start time of the first private key, and the KMS may invoke Pre-signature algorithm Sig, signing PKA and Time with KSAK to get the first digital signature

which is

(KSAK, (PKA, Time)).

Optionally, after the KMS generates the trust credential of the UEB, the first digital signature of the UEB may be obtained by calculating the first public key of the UEB based on the KSAK. Further, the trust credential request information sent by the Temporary ID Management Function to the KMS according to the trust credential acquisition request sent by the UEB may carry the valid start time of the trust credential of the UEB, where the credential credential has The effective start time is the effective start time of the first public key of the UEB or the effective start time of the first private key of the UEB. The KMS can invoke the preset signature algorithm to use the KSAK to trust the first public key of the UEB and the UEB. The valid start time of the voucher is signed to obtain the first digital signature of the UEB.

S209. The key management system sends the feedback information to the first node device, where the feedback information includes a trust credential, a first digital signature, a system identifier of the key management system, and a second public key.

Specifically, after the KMS generates the first digital signature of the UEA, the feedback information of the UEA may be generated, and the feedback information of the UEA is sent to the Temporary ID Management Function, where the feedback information may include the trust credential of the UEA and the first digital signature of the UEA. Optionally, when the first digital signature is calculated by the KMS based on the second private key, the feedback information may include: PKA, SKA, Time,

And KPAK. For example, the Temporary ID Management Function can be accessed via a secure channel (PKA, SKA, Time,

KMSID, KPAK) is sent to UEA.

Optionally, the Temporary ID Management Function receives the trust credential acquisition request sent by the UEA, sends the trust credential request information to the KMS according to the trust credential acquisition request, and after receiving the feedback information sent by the KMS, may send the feedback information to the UEA terminal. The identifiers are associated. For example, the Temporary ID Management Function may generate the correspondence between the terminal identifier of the UEA and the PKA, Time, KMSID, and KPAK, and store the terminal identifier of the UEA and its corresponding PKA, Time, KMSID, and KPAK, ie (IDA, PKA) , Time, KMSID, KPAK) are stored in the local database of the Temporary ID Management Function. When the audit validity period is reached, the Temporary ID Management Function can delete (IDA, PKA, Time, KMSID, KPAK) in the local database. In the embodiment of the present invention, when a malicious user sends a false broadcast message by using its own legal identity, the sender can be found according to the Temporary ID Management Function (IDA, PKA, Time, KMSID, KPAK), which can be used to implement broadcast message auditing. .

Optionally, after the KMS generates the first digital signature of the UEB, the feedback information of the UEB may be generated, and the feedback information of the UEB is sent to the Temporary ID Management Function, where the feedback information may include the trusted credential of the UEB and the first digital signature of the UEB. . Optionally, when the first digital signature is calculated by the KMS based on the second public key to the first public key of the UEB and the valid start time of the UEB's trusted credential, the feedback information of the UEB may include: the trusted credential of the UEB , UEB Valid start time of the trust credential, the first digital signature of the UEB, and KPAK.

Optionally, the Temporary ID Management Function receives the trust credential acquisition request sent by the UEB, sends the trust credential request information to the KMS according to the trust credential acquisition request, and after receiving the feedback information sent by the KMS, may send the feedback information of the UEB to the UEB. The terminal identifiers are associated with each other. For example, the Temporary ID Management Function may generate a terminal identifier of the UEB, a first public key of the UEB, a valid start time of the UEB's trusted credentials, a KMSID, and a KPAK, and store the terminal identifier of the UEB and Corresponding UEB's first public key, UEB's trusted credential effective start time, KMSID, and KPAK. When the audit validity period is reached, the Temporary ID Management Function may delete the terminal identifier of the UEB in the local database and the corresponding first public key of the UEB, the effective start time of the UEB's trust credential, the KMSID, and the KPAK.

S210. The first node device sends the feedback information to the second terminal.

Specifically, after the KMS sends the feedback information of the UEA to the Temporary ID Management Function, the Temporary ID Management Function may send the feedback information of the UEA to the UEA.

Optionally, after receiving the feedback information of the UEA sent by the Temporary ID Management Function, the UEA may obtain the KMSID and the KPAK in the feedback information, generate a correspondence between the KMSID and the KPAK, and store the KMSID in the local database of the UEA. Corresponding KPAK. Optionally, the KMS KKK and the KSAK that are pre-configured by the KMS may be periodically updated. The KPAK corresponding to the KMSID received by the UEA last time may not be the same as the KPAK corresponding to the currently received KMSID. Based on this, the UEA is local to the UEA. After the KMSID and its corresponding updated KPAK are stored in the database, the original KPAK corresponding to the KMSID may be detected in the local database of the UEA. When the original KPAK corresponding to the KMSID exists in the local database of the UEA, the UEA may pass the Delete the original KPAK after the preset duration. The preset duration may be a pre-configured time period, such as 1s or 2s.

Optionally, when the Temporary ID Management Function sends the feedback information of the UEA to the UEA, the feedback information may also carry the KMSID of other KMSs in the vicinity and the KPAK of each KMS. After receiving the KMSID and KPAK of other KMSs, the UEA may generate the KMSID and Correspondence of KPAK, and store the KMSID and its corresponding KPAK in the local database of UEA. Optionally, the UEA stores the KMSID and its corresponding one in the local database of the UEA. After the new KPAK, the original KPAK corresponding to the KMSID exists in the local database of the UEA. When the original KPAK corresponding to the KMSID exists in the local database of the UEA, the UEA may delete the original KPAK after the preset duration. In the embodiment of the present invention, the KPAK sent by the Temporary ID Management Function is the updated KPAK corresponding to the KMS, and the UEA may update the KPAK of each KMS to ensure the accuracy of the KPAK.

Optionally, after the KMS sends the feedback information of the UEB to the Temporary ID Management Function, the Temporary ID Management Function may send the feedback information of the UEB to the UEB.

Optionally, when the Temporary ID Management Function sends the feedback information of the UEB to the UEB, the feedback information may also carry the KMSID of other KMSs in the vicinity and the KPAK of each KMS. After receiving the KMSID and KPAK of other KMSs, the UEB may generate the KMSID and Correspondence of KPAK, and store the KMSID and its corresponding KPAK in the local database of the UEB. Optionally, after storing the KMSID and the corresponding updated KPAK in the local database of the UEB, the UEB may detect whether the original KPAK corresponding to the KMSID exists in the local database of the UEB, and the KMSID corresponding to the local database in the UEB exists. When the original KPAK is used, the UEB can delete the original KPAK after a preset duration. In the embodiment of the present invention, the KPAK sent by the Temporary ID Management Function is the updated KPAK corresponding to the KMS, and the UEB may update the KPAK of each KMS to ensure the accuracy of the KPAK.

Optionally, after receiving the feedback information of the UEB sent by the Temporary ID Management Function, the UEB may obtain the KMSID and the KPAK in the feedback information, generate a correspondence between the KMSID and the KPAK, and store the KMSID in the local database of the UEB. Corresponding KPAK. Optionally, the KMS KKK and the KSAK that are pre-configured by the KMS may be periodically updated, and the KPAK corresponding to the KMSID received by the UEB and the KPAK corresponding to the currently received KMSID may be different. Based on this, the UEB is local to the UEB. After the KMSID and its corresponding updated KPAK are stored in the database, the original KPAK corresponding to the KMSID may be detected in the local database of the UEB. When the original KPAK corresponding to the KMSID exists in the local database of the UEB, the UEB may pass the Delete the original KPAK after the preset duration.

S211. The second terminal sends a time-frequency resource acquisition request to the base station, where the time-frequency resource acquisition request carries the terminal identifier of the second terminal.

Specifically, when the UEA needs to send a broadcast message to the UE, the UE may send a time-frequency resource acquisition request to the base station eNB of the cell where the UEA is located, where the time-frequency resource acquisition request carries the terminal identifier of the UEA.

S212. When the local database of the base station includes the broadcast service grant information of the second terminal, the base station allocates time-frequency resources to the second terminal.

Specifically, after receiving the time-frequency resource acquisition request sent by the UEA, the eNB may search for the broadcast service authorization information of the UEA in the local database of the eNB. When the local database of the eNB includes the broadcast service authorization information of the UEA, the eNB may The UEA allocates a time-frequency resource; when the local database of the eNB does not include the broadcast service grant information of the UEA, the eNB may send a reject message rejecting the allocation of the time-frequency resource to the UEA, and the reject message may carry the reject assignment reason, exemplary, rejecting the allocation The reason may be that "UEA does not have broadcast service rights and cannot allocate time-frequency resources to UEA." In the embodiment of the present invention, before the sending end uses the time-frequency resource to send the broadcast message, the base station needs to detect whether the sending end has the broadcast right, and allocates the time-frequency resource to the sending end when the sending end has the broadcast right, which can prevent the wireless resource from being abused by the malicious user. As a result, other legitimate users cannot use the wireless resources to send broadcast messages.

S213. The second terminal calculates the broadcast message based on the first private key to obtain a second digital signature.

Specifically, after the eNB allocates time-frequency resources to the UEA, the UEA may generate a broadcast message msg, and calculate the msg based on the SKA to obtain a second digital signature. Optionally, when the UEA starts to calculate the msg based on the SKA, the generation time timestamp of the second digital signature may be generated. For example, the system time for the UEA to start calculating the msg is 10:00 on October 25, 2016, and the UEA may determine The second digital signature is generated at 10:00 on October 25, 2016.

Optionally, the UEA can invoke the preset signature algorithm sig, using the SKA pair (msg, PKA, Time,

KMSID, KPAK, timestamp) is signed to obtain the second digital signature sig, ie Sig←Sign(SKA,(msg,PKA,Time,

KMSID, timestamp)).

S214. The second terminal sends the broadcast security information to the first terminal by using the time-frequency resource allocated by the base station, where the broadcast security information includes a broadcast message, a second digital signature, a first digital signature, a first public key, and a system identifier.

Specifically, after the UEA generates the second digital signature, the broadcast security information may be generated, where the broadcast security information may be (msg, PKA, Time,

The KMSID, timestamp, sig), the UEA may send the broadcast security information to the UEB by using the time-frequency resource allocated by the eNB.

S215. The first terminal acquires a second public key corresponding to the system identifier, and performs verification on the first digital signature based on the second public key. When the verification succeeds, the second terminal is identified as a valid terminal.

Specifically, after receiving the broadcast security information, the UEB may acquire the corresponding KPAK based on the KMSID, and invoke the preset verification algorithm Verf to use KPAK, PKA, Time, and

As an input, a bit value σ is output, ie σ←Verf(KPAK,(PKA,Time,

When σ=1, the UEB can identify that the UEA is a valid terminal; when σ=1, the UEB can identify that the UEA is an invalid terminal. In the embodiment of the present invention, the first digital signature is verified to detect whether the sending end is a false identity or a fraudulent identity, and the third party may be prevented from using a false identity or a fraudulent identity to send a broadcast message, thereby improving the legitimacy of the broadcast message source.

Optionally, after receiving the broadcast security information, the UEB may obtain the broadcast security information receiving time, and obtain the second digital signature generation time timestamp in the broadcast security information, where the difference between the receiving time and the timestamp is less than the preset. When the time threshold is greater than 0, the UEB may determine that the broadcast security information is not a playback message; when the difference between the receiving time and the timestamp is greater than or equal to a preset time threshold and is less than or equal to 0, the UEB may determine the broadcast. The security information is a replay message, which in turn deletes the broadcast security information. The embodiment of the present invention detects whether the value of the broadcast security information and the second digital signature is less than the preset time threshold, and can identify whether the broadcast security information is repeatedly sent by a third party, causing information confusion and preventing Broadcast messages are repeated attacks.

Optionally, after determining that the broadcast security information is not the replay message, the UEB may determine the valid interval of the trust credential based on the preset time parameters Duration and Time, that is, the valid interval of the trust credential is [Time, Time+Duration], when timestamp When located in the valid interval, the UEB may determine that the trust credential is a valid trust credential; when the timestamp is outside the valid interval, the UEB may determine that the trust credential expires, thereby deleting the broadcast security information. The embodiment of the invention can detect whether the trust credential is expired, prevent the third party from using the expired identity to send the broadcast message, and improve the legality of the broadcast message source.

Optionally, the UEB may search for the corresponding KPAK in the local database of the UEB according to the KMSID in the broadcast security information. When the KPAK corresponding to the KMSID exists in the local database of the UEB, the UEB may perform the first digital signature based on the KPAK corresponding to the KMSID. If the KPAK corresponding to the KMSID does not exist in the local database of the UEB, the UEB can refer to the trusted address according to the preset The KPAK is downloaded from the node device, where the second public key of all KMSs is stored in the designated node device.

Optionally, when the updated KPAK and the original KPAK corresponding to the KMSID exist in the local database of the UEB, the UEB may perform verification on the first digital signature based on the updated KPAK to obtain a first check of the first digital signature. As a result, the first digital signature is verified based on the original KPAK, and a second verification result of the first digital signature is obtained. When the first verification result is equal to 1 or the second verification result is equal to 1, the UEB may determine that the UEA is Effective terminal.

S216. The first terminal checks the second digital signature based on the first public key, and processes the broadcast message when the verification succeeds.

Specifically, after the UEB identifies that the UEA is a valid terminal, the UE may call the preset verification algorithm Verf to PKA, (msg, PKA, Time,

KMSID, timestamp) and sig are inputs, and output a bit value σ', ie σ'←Verf(PKA,(msg,PKA,Time,

KMSID, timestamp), sig), when σ' = 0, UEB can submit msg to the application layer for processing; when σ' = 1, UEB can identify that the msg is invalid, and then delete the broadcast security information.

The embodiment of the present invention utilizes the 3GPP-AKA authentication mechanism and introduces an asymmetric cryptosystem to protect the security of broadcast messages, which not only solves the security problem of vehicle broadcasting, but also directly relies on the cellular network, thereby greatly reducing the deployment cost of the infrastructure. At the same time, it can reduce transmission overhead and storage, and reduce management complexity.

In the data transmission method shown in FIG. 2, the second terminal sends a trust credential acquisition request to the first node device, and the first node device acquires the broadcast service authorization information of the second terminal by using the second node device, and obtains the trust credential according to the trust credential. Requesting to send trust credential request information to the key management system, the key management system calculates the first public key in the generated trust credential based on the second private key of the key management system, obtains the first digital signature, and includes the trust And sending, by the second terminal, the broadcast security information to the first terminal, where the first terminal performs the first digital signature based on the second public key. When the verification succeeds, the second terminal is identified as a valid terminal, and the first terminal checks the second digital signature based on the first public key. When the verification is successful, the broadcast message is processed, and the broadcast message can be ensured. Reduce the overhead and the amount of data transferred based on the legitimacy of the source.

Referring to FIG. 3, FIG. 3 is a flowchart of a data transmission method according to another embodiment of the present invention. The data transmission method in the embodiment of the present invention may include:

S301. The second terminal sends a trusted credential obtaining request to the first node device, where the trusted credential obtaining request carries the terminal identifier of the second terminal.

Optionally, before the UEA sends the trust credential acquisition request to the Temporary ID Management Function, the UEA performs the EPS-AKA protocol, and after negotiating the NAS layer key and the AS layer key, may send an authentication request to the V2X Control Function, and the authentication is performed. The request carries the terminal identifier of the UEA. When the local database of the V2X Control Function includes the broadcast service grant information of the UEA, the V2X Control Function may provide the UEA with relevant service parameters.

Optionally, before the UEB sends the trust credential acquisition request to the Temporary ID Management Function, the UEB performs the EPS-AKA protocol, and after negotiating the NAS layer key and the AS layer key, may send an authentication request to the V2X Control Function, and the authentication is performed. The request carries the terminal identifier of the UEB. When the local database of the V2X Control Function includes the broadcast service authorization information of the UEB, the V2X Control Function may provide the UEB with relevant service parameters.

S302. The first node device sends an authentication request to the second node device, where the authentication request carries the terminal identifier of the second terminal.

S303. When the local database of the second node device includes the broadcast service authorization information of the second terminal, the second node device sends the terminal identifier of the second terminal and the broadcast service authorization information to the first node device.

S304. The first node device sends the trusted credential request information to the key management system according to the trust credential obtaining request.

S305. The key management system generates a trust credential according to the trust credential request information, where the trust credential includes the first public key of the second terminal and the first private key thereof.

S306. The key management system calculates the first public key based on the second private key of the key management system to obtain a first digital signature.

S307. The key management system sends the feedback information to the first node device, where the feedback information includes a trust credential, a first digital signature, a system identifier of the key management system, and a second public key.

S308. The first node device sends the feedback information to the second terminal.

S309. The second terminal sends a time-frequency resource acquisition request to the base station of the cell where the second terminal is located, where the time-frequency resource acquisition request carries the terminal identifier of the second terminal.

S310. When the local database of the base station includes the broadcast service grant information of the second terminal, the base station allocates time-frequency resources to the second terminal.

After receiving the time-frequency resource acquisition request sent by the UEA, the base station checks the broadcast service authorization information of the UE A in the local database of the base station, and when the local database of the base station includes the broadcast service authorization information of the second terminal, the base station may allocate the information to the second terminal. The time-frequency resource; when the local database of the base station does not include the broadcast service grant information of the second terminal, the base station may further perform step S311.

S311: When the local database of the base station does not include the broadcast service authorization information of the second terminal, the base station sends an authentication request to the second node device, where the authentication request carries the terminal identifier of the second terminal.

Specifically, if the local database of the base station does not store the broadcast service authorization information of the UEB, the base station initiates an authentication request of the UEB to the V2X Control Function. When the base station receives the broadcast service authorization information of the UEB sent by the V2X Control Function, the base station may The broadcast service grant information of the UEB is stored in a local database of the base station.

S312. The base station receives broadcast service authorization information of the second terminal that is sent by the second node device.

S313. The base station allocates time-frequency resources to the second terminal.

S314. The second terminal calculates the broadcast message based on the first private key to obtain a second digital signature.

S315. The second terminal sends the broadcast security information to the first terminal by using the time-frequency resource allocated by the base station, where the broadcast security information includes a broadcast message, a second digital signature, a first digital signature, a first public key, and a system identifier.

S316: The first terminal acquires a second public key corresponding to the system identifier, and performs verification on the first digital signature based on the second public key. When the verification succeeds, the second terminal is identified as a valid terminal.

S317. The first terminal checks the second digital signature based on the first public key, and processes the broadcast message when the verification succeeds.

In the data transmission method shown in FIG. 3, the second terminal sends the feedback information including the trust credential and the first digital signature to the second terminal, and the second terminal sends a time-frequency resource acquisition request to the base station, when the local database of the base station does not When the broadcast service authorization information of the second terminal is included, the base station sends an authentication request to the second node device, and when the base station receives the broadcast service authorization information of the second terminal sent by the second node device, the base station allocates a time frequency to the second terminal. The second terminal uses the time-frequency resource allocated by the base station to send the broadcast security information to the first terminal, and the first terminal checks the first digital signature based on the second public key, and when the verification succeeds, the second terminal is identified as An effective terminal, the first terminal is based on the first public key pair second number The signature is verified. When the verification is successful, the broadcast message is processed, and the overhead and the amount of data transmitted can be reduced on the basis of ensuring the legitimacy of the broadcast message source.

The embodiment of the present invention further provides a computer storage medium, wherein the computer storage medium can store a program, and the program includes some or all of the method embodiments shown in any one of FIG. 2 or FIG. 3 when executed. step.

Referring to FIG. 4, FIG. 4 is a schematic structural diagram of a terminal according to an embodiment of the present invention. The terminal may be used to implement some or all of the steps in the method embodiment shown in FIG. 2 or FIG. The terminal may include at least a broadcast security information receiving module 401 and a verification module 402, where:

The broadcast security information receiving module 401 is configured to receive broadcast security information sent by the second terminal, where the broadcast security information includes a broadcast message, a second digital signature of the broadcast message, and a first digital signature of the second terminal. Determining a first public key of the second terminal and a system identifier of the key management system, the first digital signature being that the key management system is based on the second private key of the key management system to the first public key Calculated, the second digital signature is obtained by the second terminal calculating the broadcast message based on the first private key of the second terminal.

The verification module 402 is configured to acquire a second public key of the key management system based on the system identifier, and verify the first digital signature based on the second public key. The second terminal is identified as a valid terminal.

The verification module 402 is further configured to perform verification on the second digital signature based on the first public key, and process the broadcast message when the verification is successful.

Optionally, the first digital signature is that the key management system calculates the effective start time of the second private key, the first public key, and the first private key by using a preset signature algorithm. owned.

Optionally, the broadcast security information further includes the valid start time and a generation time of the second digital signature.

Further, the terminal in the embodiment of the present invention may further include:

a determining module 403, configured to determine, by the verification module 402, the first public key based on the preset time parameter and the valid start time before acquiring the second public key of the key management system based on the system identifier The effective interval of the key.

The determining module 403 is further configured to: when the generating time is located in the valid interval, determine that the first private key is a valid private key.

Optionally, the terminal in the embodiment of the present invention may further include:

The receiving time obtaining module 404 is configured to obtain the receiving time of the broadcast security information before the determining module 403 determines the effective interval of the first private key based on the preset time parameter and the valid starting time.

The determining module 403 is further configured to determine, according to the preset time parameter and the effective start time, when a difference between the receiving time and the generating time is less than a preset time threshold, The effective range of a private key.

Optionally, the verification module 402 performs verification on the first digital signature based on the second public key, specifically, to:

The second public key, the first public key, the valid start time, and the first digital signature are processed by a preset verification algorithm to obtain a verification result of the first digital signature.

When the verification result of the first digital signature is equal to 1, it is determined that the verification of the first digital signature is successful.

a request sending module 405, configured to send, by the verification module 402, a trust credential acquisition request to the first node device before acquiring the second public key of the key management system based on the system identifier, so that the first node The device sends the trust credential request information to the key management system.

The feedback information receiving module 406 is configured to receive feedback information of the first terminal that is forwarded by the key management system by using the first node device, where the feedback information of the first terminal includes the system identifier and the secret The updated second public key of the key management system.

The storage module 407 is configured to: after the feedback information receiving module 405 receives the feedback information of the first terminal that is forwarded by the key management system by the first node device, generate the system identifier and the updated Corresponding relationship of the second public key, and storing the system identifier and its corresponding updated second public key.

The deleting module 408 is configured to delete the original second public key after a preset duration, when the original second public key corresponding to the system identifier exists in the local database of the terminal.

Optionally, the verification module 402 acquires a second public key of the key management system based on the system identifier, and performs verification on the first digital signature based on the second public key, specifically :

And verifying the first digital signature based on the updated second public key to obtain a first verification result of the first digital signature.

And verifying the first digital signature based on the original second public key to obtain a second verification result of the first digital signature.

Optionally, the verification module 402, when the verification is successful, identifies that the second terminal is a valid terminal, and is specifically configured to:

Optionally, the verification module 402 acquires the second public key of the key management system based on the system identifier, specifically for:

When the second public key does not exist in the local database of the terminal, downloading the second public key from the specified node device according to the preset trusted address, where the designated node device stores all the key management systems Two public keys.

Optionally, the verification module 402 performs verification on the second digital signature based on the first public key. When the verification is successful, the broadcast message is processed, specifically for:

The first public key, the second digital signature, and the broadcast security information are processed by a preset verification algorithm to obtain a verification result of the broadcast message.

When the verification result of the broadcast message is equal to 1, it is determined that the broadcast message is a valid broadcast message.

The broadcast message is processed.

In the terminal shown in FIG. 4, the broadcast security information receiving module 401 receives the broadcast security information sent by the second terminal, and the verification module 402 acquires the second public key of the key management system based on the system identifier, and based on the second public key pair. The first digital signature is verified. When the verification is successful, the second terminal is identified as a valid terminal, and the verification module 402 checks the second digital signature based on the first public key. When the verification is successful, the broadcast message is sent. Processing can reduce the overhead and the amount of data transferred while ensuring the legitimacy of the broadcast message source.

Referring to FIG. 5, FIG. 5 is a schematic structural diagram of a terminal according to another embodiment of the present invention. The terminal provided by the embodiment of the present invention may be used to implement the implementation of the embodiments of the present invention shown in FIG. 2 or FIG. For the convenience of description, only parts related to the embodiments of the present invention are shown. Without specific details, please refer to the embodiments of the present invention shown in FIG. 2 or FIG.

As shown in FIG. 5, the terminal includes at least one processor 501, such as a CPU, at least one input device 503, at least one output device 504, a memory 505, and at least one communication bus 502. Among them, the communication bus 502 is used to implement connection communication between these components. The input device 503 can optionally include a standard wired interface and a wireless interface (such as a WI-FI interface) for receiving broadcast security information sent by the second terminal. The output device 504 can optionally include a standard wired interface and a wireless interface for performing data interaction with the second terminal. The memory 505 may include a high speed RAM memory, and may also include a non-volatile memory such as at least one disk memory. A set of program codes is stored in the memory 505, and the processor 501 calls the program code stored in the memory 505 for performing the following operations:

The input device 503 receives the broadcast security information sent by the second terminal, where the broadcast security information includes a broadcast message, a second digital signature of the broadcast message, a first digital signature of the second terminal, and a second terminal a public key and a system identifier of the key management system, wherein the first digital signature is obtained by the key management system calculating the first public key based on a second private key of the key management system, The second digital signature is obtained by the second terminal calculating the broadcast message based on the first private key of the second terminal.

The processor 501 acquires a second public key of the key management system based on the system identifier, and performs verification on the first digital signature based on the second public key, and identifies the first when the verification is successful. The second terminal is a valid terminal.

The processor 501 checks the second digital signature based on the first public key, and processes the broadcast message when the verification is successful.

Optionally, the first digital signature is obtained by calculating, by the key management system, the effective start time of the second private key, the first public key, and the first private key by using a preset signature algorithm. .

Optionally, the broadcast security information further includes the valid start time and the generation time of the second digital signature, and the processor 501 obtains the second public key of the key management system based on the system identifier. , you can also do the following:

The processor 501 determines an effective interval of the first private key based on the preset time parameter and the valid start time.

When the generation time is within the valid interval, the processor 501 determines that the first private key is a valid private key.

Optionally, before the processor 501 determines the valid interval of the first private key based on the preset time parameter and the valid start time, the following operations may also be performed:

The processor 501 acquires the reception time of the broadcast security information.

When the difference between the receiving time and the generating time is less than the preset time threshold, the processor 501 determines the effective interval of the first private key based on the preset time parameter and the valid starting time. .

Optionally, the processor 501 performs verification on the first digital signature based on the second public key, which may be specifically:

The processor 501 processes the second public key, the first public key, the valid start time, and the first digital signature by using a preset verification algorithm to obtain a verification result of the first digital signature. .

When the verification result of the first digital signature is equal to 1, the processor 501 determines that the first digital signature verification is successful.

Optionally, before the processor 501 acquires the second public key of the key management system based on the system identifier, the following operations may also be performed:

The output device 504 transmits a trust credential acquisition request to the first node device to cause the first node device to transmit the trust credential request information to the key management system.

The input device 503 receives feedback information of the first terminal forwarded by the key management system by the first node device, where the feedback information of the first terminal includes the system identifier and an update of the key management system After the second public key.

Optionally, after receiving the feedback information of the first terminal that is forwarded by the key management system by the first node device, the input device 503 may further perform the following operations:

The processor 501 generates a correspondence between the system identifier and the updated second public key, and stores the system identifier and its corresponding updated second public key.

When the original second public key corresponding to the system identifier exists in the local database of the first terminal, the processor 501 deletes the original second public key after a preset duration.

Optionally, the processor 501 obtains the second public key of the key management system based on the system identifier, and performs verification on the first digital signature based on the second public key, which may be:

The processor 501 acquires the updated second public key and the original second public key corresponding to the system identifier.

The processor 501 checks the first digital signature based on the updated second public key to obtain a first verification result of the first digital signature.

The processor 501 checks the first digital signature based on the original second public key to obtain a second verification result of the first digital signature.

Optionally, the processor 501, when the verification is successful, identifies that the second terminal is a valid terminal, and specifically:

When the first check result is equal to 1 or the second check result is equal to 1, the processor 501 determines that the second terminal is a valid terminal.

Optionally, the processor 501 acquires the second public key of the key management system based on the system identifier, which may be specifically:

When the second public key of the first terminal does not exist, the output device 504 downloads the second public key from the specified node device according to the preset trusted address, and all the secrets are stored in the designated node device. The second public key of the key management system.

Optionally, the processor 501 performs the verification on the second digital signature based on the first public key, and when the verification is successful, processing the broadcast message, which may be:

The processor 501 processes the first public key, the second digital signature, and the broadcast security information by using a preset verification algorithm to obtain a verification result of the broadcast message.

When the check result of the broadcast message is equal to 1, the processor 501 determines that the broadcast message is a valid broadcast message.

The processor 501 processes the broadcast message.

Specifically, the terminal introduced in the embodiment of the present invention may be used to implement some or all of the processes in the method embodiment introduced in conjunction with FIG. 2 or FIG.

Referring to FIG. 6, FIG. 6 is a schematic structural diagram of a terminal according to another embodiment of the present invention. The terminal may be used to implement some or all of the steps in the method embodiment shown in FIG. 2 or FIG. The terminal may at least include a feedback information receiving module 601, a computing module 602, and a broadcast security information Sending module 603, wherein:

The feedback information receiving module 601 is configured to receive feedback information of the terminal sent by the key management system, where the feedback information includes a trusted credential of the terminal and a first digital signature of the terminal, where the trusted credential includes the first The private key and the first public key are obtained by the key management system calculating the first public key based on the second private key of the key management system.

The calculating module 602 is configured to calculate, according to the first private key, a broadcast message, to obtain a second digital signature of the broadcast message.

The broadcast security information sending module 603 is configured to send broadcast security information to the first terminal, where the broadcast security information includes the broadcast message, the second digital signature, the first digital signature, the first public key, and The system identification of the key management system.

Optionally, the feedback information receiving module 601 is specifically configured to:

Sending a trust credential acquisition request to the first node device to cause the first node device to transmit the trust credential request information to the key management system.

Receiving the feedback information that is forwarded by the key management system by the first node device.

Optionally, the feedback information receiving module 601 sends a trust credential obtaining request to the first node device, so that the first node device sends the trusted credential request information to the key management system, specifically for:

Sending the trust credential acquisition request to the first node device, so that the first node device sends an authentication request to the second node device, where the local database of the second node device includes a broadcast to the terminal When the authorization information is served, the second node device sends the broadcast service authorization information to the first node device, and the first node device sends the trust credential request information to the key management system.

Sending the trust credential acquisition request to the first node device, so that the first node device sends an authentication request to the second node device, where the local database of the second node device includes a broadcast to the terminal When the authorization information is served, the second node device sends the broadcast service authorization information to the first node device, and the second node device sends the broadcast service authorization information to the The base station of the cell in which the terminal is located, the first node device sends the trust credential request information to the key management system.

a request sending module 604, configured to send, by the calculating module 602, the time-frequency resource acquisition request to the base station, after the calculation of the broadcast message to obtain a second digital signature of the broadcast message, so that the base station detects the Whether the broadcast service authorization information of the terminal exists in the local database of the base station, and when the broadcast service authorization information of the terminal exists in the local database of the base station, the base station allocates time-frequency resources to the terminal.

The broadcast security information sending module 603 is specifically configured to send the broadcast security information to the first terminal by using a time-frequency resource allocated by the base station.

The request sending module 604 is configured to send, by the calculating module 602, the time-frequency resource acquisition request to the base station of the cell where the terminal is located, before the calculation of the broadcast message to obtain the second digital signature of the broadcast message, so that the The base station sends an authorization information acquisition request to the terminal to the second node device, and when the base station receives the broadcast service authorization information sent by the second node device to the terminal, the base station allocates the information to the terminal. Time-frequency resources.

Optionally, the request sending module 604 sends a time-frequency resource acquisition request to the base station of the cell where the terminal is located, so that the base station sends an authorization information acquisition request to the terminal to the second node device, specifically, to:

Sending a time-frequency resource acquisition request to the base station of the cell where the terminal is located, so that the base station detects whether the broadcast service authorization information of the terminal exists in the local database of the base station, where the local database exists in the base station When the terminal broadcasts the service authorization information, the base station allocates time-frequency resources to the terminal; when the broadcast service authorization information of the terminal does not exist in the local database of the base station, the base station sends a pair to the second node device. The authorization information acquisition request of the terminal.

Optionally, the trust credential request information carries a valid start time of the trust credential, and the first digital signature is a second private key of the key management system by the key management system by using a preset signature algorithm. The key, the first public key, and the valid start time are calculated.

Optionally, the feedback information further includes the system identifier and the updated second public key of the key management system.

The storage module 605 is configured to generate, after the feedback information receiving module 601 receives the feedback information of the terminal sent by the key management system, a correspondence between the system identifier and the updated second public key, and And storing the system identifier and its corresponding updated second public key.

The deleting module 606 is configured to delete the original second public key after a preset duration, when the original second public key corresponding to the system identifier exists in the local database of the terminal.

Optionally, the calculating module 602 is specifically configured to: use, by using a preset signature algorithm, the first private key, the broadcast message, the first public key, the effective start time of the trusted credential, The first digital signature, the system identifier, and the generation time of the second digital signature are calculated to obtain the second digital signature information.

In the terminal shown in FIG. 6, the feedback information receiving module 601 receives the feedback information of the terminal sent by the key management system, and the calculating module 602 calculates the second digital signature of the broadcast message by calculating the broadcast message based on the first private key. The broadcast security information sending module 603 sends the broadcast security information to the first terminal, which can reduce the overhead and the amount of transmitted data on the basis of ensuring the legitimacy of the broadcast message source.

Referring to FIG. 7, FIG. 7 is a schematic structural diagram of a terminal according to another embodiment of the present invention. The terminal provided by the embodiment of the present invention may be used to implement the implementation of the embodiments of the present invention shown in FIG. 2 or FIG. For the convenience of description, only parts related to the embodiments of the present invention are shown. Without specific details, please refer to the embodiments of the present invention shown in FIG. 2 or FIG.

As shown in FIG. 7, the terminal includes at least one processor 701, such as a CPU, at least one input device 703, at least one output device 704, a memory 705, and at least one communication bus 702. Among them, the communication bus 702 is used to implement connection communication between these components. The input device 703 can optionally include a standard wired interface and a wireless interface, and is configured to receive feedback information of the terminal sent by the key management system. The output device 504 can optionally include a standard wired interface and a wireless interface, for transmitting broadcast security information to the first terminal. Among them, the memory 705 may include a high speed RAM memory, and may also include a non-unstable memory such as at least one disk memory. The memory 705 can optionally include at least one storage device located remotely from the aforementioned processor 701. Stored in memory 705 A set of program code is stored, and the processor 701 calls the program code stored in the memory 705 for performing the following operations:

The input device 703 receives the feedback information of the second terminal sent by the key management system, where the feedback information includes a trusted credential of the second terminal and a first digital signature of the second terminal, where the trusted credential includes a private key and a first public key, the first digital signature being obtained by the key management system calculating the first public key based on a second private key of the key management system.

The processor 701 calculates a second digital signature of the broadcast message by calculating a broadcast message based on the first private key.

The output device 704 transmits broadcast security information to the first terminal, the broadcast security information including the broadcast message, the second digital signature, the first digital signature, the first public key, and the key management system System ID.

Optionally, the input device 703 receives the feedback information of the second terminal that is sent by the key management system, and specifically:

The output device 704 transmits a trust credential acquisition request to the first node device to cause the first node device to transmit the trust credential request information to the key management system.

The input device 703 receives the feedback information that the key management system forwards through the first node device.

Optionally, the output device 704 sends a trusted credential obtaining request to the first node device, so that the first node device sends the trusted credential request information to the key management system, which may be:

The output device 704 sends the trust credential acquisition request to the first node device, so that the first node device sends an authentication request to the second node device, when the local database of the second node device includes the When the second terminal broadcasts the service authorization information, the second node device sends the broadcast service authorization information to the first node device, and the first node device sends the trust credential request information to the secret Key management system.

The output device 704 sends the trust credential acquisition request to the first node device, so that the first node device sends an authentication request to the second node device, when the local database of the second node device includes the When the second terminal broadcasts the service authorization information, the second node device broadcasts the broadcast The service authorization information is sent to the first node device, and the second node device sends the broadcast service authorization information to a base station of a cell where the second terminal is located, where the first node device requests the trust credential Information is sent to the key management system.

Optionally, before the processor 701 calculates the broadcast message to obtain the second digital signature of the broadcast message, the following operations may also be performed:

The output device 704 sends a time-frequency resource acquisition request to the base station, so that the base station detects whether the broadcast service authorization information of the second terminal exists in the local database of the base station, and exists in the local database of the base station. When the broadcast service grant information of the second terminal is described, the base station allocates time-frequency resources to the second terminal.

The output device 704 sends the broadcast security information to the first terminal, which may be specifically:

The output device 704 transmits the broadcast security information to the first terminal by using a time-frequency resource allocated by the base station.

The output device 704 sends a time-frequency resource acquisition request to the base station of the cell where the second terminal is located, so that the base station sends an authorization information acquisition request to the second terminal to the second node device, when the base station receives the When the second node device sends the broadcast service grant information to the second terminal, the base station allocates time-frequency resources to the second terminal.

Optionally, the output device 704 sends a time-frequency resource acquisition request to the base station of the cell where the second terminal is located, so that the base station sends an authorization information acquisition request to the second terminal to the second node device, where :

The output device 704 sends a time-frequency resource acquisition request to the base station of the cell where the second terminal is located, so that the base station detects whether the broadcast service authorization information of the second terminal exists in the local database of the base station, when the base station When the broadcast service authorization information of the second terminal exists in the local database, the base station allocates time-frequency resources to the second terminal; when the local database of the base station does not have the broadcast service authorization of the second terminal The information is sent by the base station to the second node device The authorization information acquisition request of the second terminal.

Optionally, the feedback information further includes the system identifier and the updated second public key of the key management system, and the input device 703 receives the feedback information of the second terminal sent by the key management system. , you can also do the following:

The processor 701 generates a correspondence between the system identifier and the updated second public key, and stores the system identifier and its corresponding updated second public key.

When the original second public key corresponding to the system identifier exists in the local database of the second terminal, the processor 701 deletes the original second public key after a preset duration.

Optionally, the processor 701 calculates a broadcast message to obtain a second digital signature of the broadcast message, which may be specifically:

The processor 701, by using a preset signature algorithm, the first private key, the broadcast message, the first public key, an effective start time of the trusted credential, the first digital signature, the system identifier, and The generation time of the second digital signature is calculated to obtain the second digital signature information.

Referring to FIG. 8, FIG. 8 is a schematic structural diagram of a node device according to an embodiment of the present invention. The node device may be used to implement some or all of the steps in the method embodiment shown in FIG. 2 or FIG. The node device may include at least a request receiving module 801, a request information sending module 802, a feedback information receiving module 803, and a feedback information sending module 804, where:

The request receiving module 801 is configured to receive a trusted credential obtaining request sent by the second terminal.

The request information sending module 802 is configured to send the trust credential request information to the key management system according to the trust credential obtaining request.

The feedback information receiving module 803 is configured to receive feedback information of the second terminal sent by the key management system, where the feedback information includes a trusted credential of the second terminal and a first digital signature of the second terminal The trust credential includes a first private key and a first public key, and the first digital signature is The key management system calculates the first public key based on the second private key of the key management system.

The feedback information sending module 804 is configured to send the feedback information to the second terminal.

Optionally, the node device in the embodiment of the present invention may further include:

The request sending module 805 is configured to send, by the request information sending module 802, an authentication request to the second node device according to the trusted credential obtaining request, before sending the trusted credential request information to the key management system, so that the first The two-node device detects whether the local database of the second node device includes broadcast service authorization information for the second terminal, and the local database of the second node device includes a broadcast service authorization for the second terminal. And the second node device sends the broadcast service authorization information of the second terminal to the node device.

The authorization information receiving module 806 is configured to receive broadcast service authorization information sent by the second node device to the second terminal.

Optionally, the request information sending module 802 is specifically configured to:

The effective start time of the trust credential is generated.

Sending the trust credential request information to the key management system, the trust credential request information carrying the valid start time.

Optionally, the first digital signature is that the key management system calculates the second private key, the first public key, and the valid start time of the key management system by using a preset signature algorithm. The obtained feedback information includes the trust credential, the first digital signature, the valid start time, and a second public key of the key management system.

The storage module 807 is configured to: after the feedback information receiving module 803 receives the feedback information sent by the key management system, generate a correspondence between the terminal identifier of the second terminal and the feedback information, and store the terminal identifier. And its corresponding feedback information.

In the node device shown in FIG. 8, the request receiving module 801 receives the trust credential acquisition request sent by the second terminal, and the request information sending module 802 sends the trust credential request information to the key management system according to the trust credential obtaining request, and the feedback information receiving module The 803 receives the feedback information of the second terminal sent by the key management system, and the feedback information sending module 804 sends the feedback information to the second terminal, which can reduce the overhead and the amount of data transmitted on the basis of ensuring the legitimacy of the broadcast message source.

Referring to FIG. 9, FIG. 9 is a schematic structural diagram of a node device according to another embodiment of the present invention. The node device provided in the embodiment of the present invention may be used to implement the foregoing embodiments of the present invention shown in FIG. 2 or FIG. For the convenience of the description, only the parts related to the embodiments of the present invention are shown. The specific technical details are not disclosed. Please refer to the embodiments of the present invention shown in FIG. 2 or FIG.

As shown in FIG. 9, the node device includes at least one processor 901, such as a CPU, at least one input device 903, at least one output device 904, a memory 905, and at least one communication bus 902. Among them, the communication bus 902 is used to implement connection communication between these components. The input device 903 can optionally include a standard wired interface and a wireless interface, and is configured to receive a trusted credential acquisition request sent by the second terminal. The output device 904 optionally includes a standard wired interface and a wireless interface, and is configured to send the trusted credential request information to the key management system according to the trusted credential obtaining request. Among them, the memory 905 may include a high speed RAM memory, and may also include a non-unstable memory such as at least one disk memory. The memory 905 can optionally include at least one storage device located remotely from the aforementioned processor 901. A set of program codes is stored in the memory 905, and the processor 901 calls the program code stored in the memory 905 for performing the following operations:

The input device 903 receives the trust credential acquisition request sent by the second terminal.

The output device 904 transmits the trust credential request information to the key management system according to the trust credential acquisition request.

The input device 903 receives the feedback information of the second terminal sent by the key management system, where the feedback information includes a trust credential of the second terminal and a first digital signature of the second terminal, the trust credential The first private key and the first public key are obtained, and the first digital signature is obtained by the key management system calculating the first public key based on a second private key of the key management system.

The output device 904 transmits the feedback information to the second terminal.

Optionally, before outputting the trusted credential request information to the key management system according to the trusted credential obtaining request, the outputting device 904 may further perform the following operations:

The output device 904 sends an authentication request to the second node device, so that the second node device detects whether the local database of the second node device includes broadcast service authorization information for the second terminal, when the When the local database of the two-node device includes the broadcast service authorization information for the second terminal, the second node device sends the broadcast service authorization information of the second terminal to the The first node device.

The input device 903 receives the broadcast service authorization information sent by the second node device to the second terminal.

Optionally, the output device 904 sends the trusted credential request information to the key management system according to the trusted credential obtaining request, which may be:

The processor 901 generates a valid start time of the trust credential.

The output device 904 transmits the trust credential request information to the key management system, and the trust credential request information carries the valid start time.

Optionally, the first digital signature is obtained by calculating, by the key management system, the second private key, the first public key, and the valid start time of the key management system by using a preset signature algorithm. The feedback information includes the trust credential, the first digital signature, the valid start time, and a second public key of the key management system.

Optionally, after the input device 903 receives the feedback information sent by the key management system, the following operations may also be performed:

The processor 901 generates a correspondence between the terminal identifier of the second terminal and the feedback information, and stores the terminal identifier and corresponding feedback information.

Specifically, the node device introduced in the embodiment of the present invention may be used to implement some or all of the processes in the method embodiment introduced in conjunction with FIG. 2 or FIG.

Referring to FIG. 10, FIG. 10 is a schematic structural diagram of a data transmission system according to an embodiment of the present invention. The data transmission system in the embodiment of the present invention may include at least a first terminal 1001, a second terminal 1002, and Key management system 1003, wherein:

The second terminal 1002 transmits a trust credential acquisition request to the key management system 1003.

The key management system 1003 sends the feedback information of the second terminal 1002 to the second terminal 1002 according to the trust credential acquisition request, where the feedback information includes the trust credential of the second terminal 1002 and the first digital signature of the second terminal 1002. The trust credential includes a first private key and a first public key, the first digital signature being that the key management system 1003 pairs the first public key based on a second private key of the key management system 1003 Calculated.

The second terminal 1002 calculates the broadcast message based on the first private key to obtain the broadcast message. a second digital signature, and transmitting broadcast security information to the first terminal 1001, the broadcast security information including the broadcast message, the second digital signature, the first digital signature, the first public key, and The system identification of the key management system 1003.

The first terminal 1001 acquires the second public key of the key management system 1003 based on the system identifier, and performs verification on the first digital signature based on the second public key. When the verification succeeds, the identification is performed. The second terminal 1002 is a valid terminal.

The first terminal 1001 verifies the second digital signature based on the first public key, and processes the broadcast message when the verification is successful.

In the data transmission system shown in FIG. 10, the second terminal 1002 receives the feedback information of the second terminal 1002 sent by the key management system 1003, and the second terminal 1002 calculates the broadcast message based on the first private key to obtain the broadcast message. Two digital signatures, and the broadcast security information is sent to the first terminal 1001. The first terminal 1001 obtains the second public key of the key management system 1003 based on the system identifier, and checks the first digital signature based on the second public key. When the verification succeeds, the second terminal 1002 is identified as a valid terminal, and the first terminal 1001 checks the second digital signature based on the first public key. When the verification is successful, the broadcast message is processed, and the broadcast message can be ensured. Reduce the overhead and the amount of data transferred based on the legitimacy of the source.

In the description of the present specification, the description with reference to the terms "one embodiment", "some embodiments", "example", "specific example", or "some examples" and the like means a specific feature described in connection with the embodiment or example. A structure, material or feature is included in at least one embodiment or example of the invention. In the present specification, the schematic representation of the above terms is not necessarily directed to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in a suitable manner in any one or more embodiments or examples. In addition, various embodiments or examples described in the specification, as well as features of various embodiments or examples, may be combined and combined.

Moreover, the terms "first" and "second" are used for descriptive purposes only and are not to be construed as indicating or implying a relative importance or implicitly indicating the number of technical features indicated. Thus, features defining "first" or "second" may include at least one of the features, either explicitly or implicitly. In the description of the present invention, the meaning of "a plurality" is at least two, such as two, three, etc., unless specifically defined otherwise.

Any process or method description in the flowcharts or otherwise described herein may be understood to represent code that includes one or more executable instructions for implementing the steps of a particular logical function or process. Modules, segments or portions, and the scope of the preferred embodiments of the invention includes additional implementations, which may not be in the order shown or discussed, including in a substantially simultaneous manner or in the reverse order, depending on the functionality involved. To perform the functions, this should be understood by those skilled in the art to which the embodiments of the present invention pertain.

The logic and/or steps represented in the flowchart or otherwise described herein, for example, a list of programs that can be considered as executable instructions for implementing logical functions, can be embodied in any computer readable medium, Used by, or in conjunction with, an instruction execution system, apparatus, or device (such as a computer-based system, a system including a processor, or other system that can fetch instructions and execute instructions from an instruction execution system, apparatus, or device) Used for equipment. For the purposes of this specification, a "computer-readable medium" can be any apparatus that can contain, store, communicate, propagate, or transport a program for use in an instruction execution system, apparatus, or device, or in conjunction with the instruction execution system, apparatus, or device. More specific examples (non-exhaustive list) of computer readable media include the following: electrical connections (electronic devices) having one or more wires, portable computer disk cartridges (magnetic devices), random access memory (RAM), Read only memory (ROM), erasable editable read only memory (EPROM or flash memory), fiber optic devices, and portable compact disk read only memory (CDROM). In addition, the computer readable medium may even be a paper or other suitable medium on which the program can be printed, as it may be optically scanned, for example by paper or other medium, followed by editing, interpretation or, if appropriate, other suitable The method is processed to obtain the program electronically and then stored in computer memory.

It should be understood that portions of the invention may be implemented in hardware, software, firmware or a combination thereof. In the above-described embodiments, multiple steps or methods may be implemented in software or firmware stored in a memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, it can be implemented by any one or combination of the following techniques well known in the art: having logic gates for implementing logic functions on data signals. Discrete logic circuits, application specific integrated circuits with suitable combinational logic gates, programmable gate arrays (PGAs), field programmable gate arrays (FPGAs), etc.

One of ordinary skill in the art can understand that all or part of the steps carried by the method of implementing the above embodiments can be completed by a program to instruct related hardware, and the program can be stored in a computer readable storage medium. When executed, includes one of the steps of the method embodiment or a group thereof Hehe.

In addition, each functional unit in each embodiment of the present invention may be integrated into one processing module, or each unit may exist physically separately, or two or more units may be integrated into one module. The above integrated modules can be implemented in the form of hardware or in the form of software functional modules. The integrated modules, if implemented in the form of software functional modules and sold or used as stand-alone products, may also be stored in a computer readable storage medium.

The above mentioned storage medium may be a read only memory, a magnetic disk or an optical disk or the like. Although the embodiments of the present invention have been shown and described, it is understood that the above-described embodiments are illustrative and are not to be construed as limiting the scope of the invention. The embodiments are subject to variations, modifications, substitutions and variations.

Claims

A data transmission method, characterized in that the method comprises:

Receiving, by the first terminal, broadcast security information, where the broadcast security information includes a broadcast message, a second digital signature of the broadcast message, a first digital signature of the second terminal, and a second terminal a public key and a system identifier of the key management system, wherein the first digital signature is obtained by the key management system calculating the first public key based on a second private key of the key management system, The second digital signature is obtained by the second terminal calculating the broadcast message based on the first private key of the second terminal;

The first terminal acquires a second public key of the key management system based on the system identifier, and performs verification on the first digital signature based on the second public key. When the verification succeeds, the identification is performed. Said second terminal is a valid terminal;

The first terminal checks the second digital signature based on the first public key, and processes the broadcast message when the verification is successful.
The method of claim 1, wherein the first digital signature is that the key management system pairs the second private key, the first public key, and the first by a preset signature algorithm The effective start time of the private key is calculated.
The method of claim 2, wherein the broadcast security information further comprises the valid start time and a generation time of the second digital signature;

Before the first terminal acquires the second public key of the key management system based on the system identifier, the method further includes:

Determining, by the first terminal, a valid interval of the first private key based on the preset time parameter and the valid start time;

When the generation time is within the valid interval, the first terminal determines that the first private key is a valid private key.
The method of claim 3, wherein the determining, by the first terminal, the effective interval of the first private key based on the preset time parameter and the valid start time, further comprising:

Receiving, by the first terminal, the receiving time of the broadcast security information;

When the difference between the receiving time and the generating time is less than a preset time threshold, triggering, by the first terminal, determining the first private key based on the preset time parameter and the valid start time Effective range.
The method according to any one of claims 2 to 4, wherein the first terminal performs verification on the first digital signature based on the second public key, including:

The first terminal processes the second public key, the first public key, the valid start time, and the first digital signature by using a preset verification algorithm to obtain the first digital signature Test result

When the verification result of the first digital signature is equal to 1, the first terminal determines that the first digital signature verification is successful.
The method of claim 1, wherein before the first terminal acquires the second public key of the key management system based on the system identifier, the method further includes:

Sending, by the first terminal, a trust credential obtaining request to the first node device, so that the first node device sends the trusted credential request information to the key management system;

Receiving, by the first terminal, feedback information of the first terminal that is forwarded by the key management system by using the first node device, where the feedback information of the first terminal includes the system identifier and the key management system The updated second public key.
The method of claim 6, wherein the receiving, by the first terminal, the feedback information of the first terminal that is forwarded by the key management system by the first node device further includes:

The first terminal generates a correspondence between the system identifier and the updated second public key, and stores the system identifier and the corresponding updated second public key;

When the original second public key corresponding to the system identifier exists in the local database of the first terminal, the first terminal deletes the original second public key after a preset duration.
The method according to claim 7, wherein the first terminal acquires a second public key of the key management system based on the system identifier, and pairs the first number based on the second public key Signature verification, including:

Obtaining, by the first terminal, the updated second public key and the original second public key corresponding to the system identifier;

The first terminal performs verification on the first digital signature based on the updated second public key to obtain a first verification result of the first digital signature.

The first terminal performs verification on the first digital signature based on the original second public key to obtain a second verification result of the first digital signature.
The method of claim 8, wherein the identifying the second terminal as a valid terminal when the verification is successful comprises:

When the first check result is equal to 1 or the second check result is equal to 1, the first terminal determines that the second terminal is a valid terminal.
A data transmission method, characterized in that the method comprises:

The first node device receives the trust credential acquisition request sent by the second terminal;

Sending, by the first node device, trust credential request information to the key management system according to the trust credential obtaining request;

Receiving, by the first node device, feedback information of the second terminal that is sent by the key management system, where the feedback information includes a trusted credential of the second terminal and a first digital signature of the second terminal, where The trust credential includes a first private key and a first public key, and the first digital signature is obtained by the key management system calculating the first public key based on a second private key of the key management system. ;

The first node device sends the feedback information to the second terminal.
The method of claim 10, wherein before the sending, by the first node device, the trusted credential request information to the key management system, the first node device further includes:

Sending, by the first node device, an authentication request to the second node device, so that the second node device Detecting whether the local database of the second node device includes broadcast service authorization information for the second terminal, and when the local database of the second node device includes broadcast service authorization information for the second terminal, The second node device sends broadcast service authorization information of the second terminal to the first node device;

The first node device receives broadcast service authorization information sent by the second node device to the second terminal.
The method of claim 10, wherein the first node device sends the trusted credential request information to the key management system according to the trust credential acquisition request, including:

Generating, by the first node device, a valid start time of the trust credential;

The first node device sends the trust credential request information to the key management system, and the trust credential request information carries the valid start time.
The method according to claim 12, wherein said first digital signature is a second private key of said key management system to said key management system by said key management system, said first public key And calculating the effective starting time;

The feedback information includes the trust credential, the first digital signature, the valid start time, and a second public key of the key management system.
The method of claim 10, after the receiving, by the first node device, the feedback information sent by the key management system, the method further includes:

The first node device generates a correspondence between the terminal identifier of the second terminal and the feedback information, and stores the terminal identifier and corresponding feedback information.
A terminal, wherein the terminal comprises:

a broadcast security information receiving module, configured to receive broadcast security information sent by the second terminal, where the broadcast security information includes a broadcast message, a second digital signature of the broadcast message, a first digital signature of the second terminal, a first public key of the second terminal and a system identifier of the key management system, the first digital signature being the second private key pair of the key management system based on the key management system Calculated by a public key, the second digital signature is obtained by the second terminal calculating the broadcast message based on the first private key of the second terminal;

a verification module, configured to acquire a second public key of the key management system based on the system identifier, and verify the first digital signature based on the second public key, and when the verification succeeds, identify The second terminal is a valid terminal;

The verification module is further configured to perform verification on the second digital signature based on the first public key, and process the broadcast message when the verification is successful.
The terminal according to claim 15, wherein said first digital signature is said key management system to said second private key, said first public key, and said first by a preset signature algorithm The effective start time of the private key is calculated.
The terminal according to claim 16, wherein the broadcast security information further includes the valid start time and a generation time of the second digital signature;

The terminal further includes:

a determining module, configured to determine, according to the preset time parameter and the valid start time, the first private key before the verification module acquires the second public key of the key management system based on the system identifier Effective interval

The determining module is further configured to: when the generating time is within the valid interval, determine that the first private key is a valid private key.
The terminal according to claim 17, wherein the terminal further comprises:

a receiving time obtaining module, configured to acquire, by the determining module, a receiving time of the broadcast security information before determining an effective interval of the first private key based on the preset time parameter and the valid starting time;

The determining module is further configured to: when the difference between the receiving time and the generating time is less than a preset time threshold, determine the first based on the preset time parameter and the effective starting time The effective range of the private key.
The terminal according to any one of claims 16 to 18, wherein the verification module base And verifying, by the second public key, the first digital signature, specifically for:

Processing the second public key, the first public key, the valid start time, and the first digital signature by using a preset verification algorithm to obtain a verification result of the first digital signature;

When the verification result of the first digital signature is equal to 1, it is determined that the verification of the first digital signature is successful.
The terminal according to claim 15, wherein the terminal further comprises:

a request sending module, configured to send, by the verification module, a trusted credential obtaining request to the first node device before acquiring the second public key of the key management system, so that the first node device The trust credential request information is sent to the key management system;

a feedback information receiving module, configured to receive feedback information of the first terminal that is forwarded by the key management system by using the first node device, where the feedback information of the first terminal includes the system identifier and the key The updated second public key of the management system.
The terminal according to claim 20, wherein the terminal further comprises:

a storage module, configured to: after the feedback information receiving module receives the feedback information of the first terminal that is forwarded by the key management system by using the first node device, generate the system identifier and the updated second Corresponding relationship of the public key, and storing the system identifier and its corresponding updated second public key;

The deleting module is configured to delete the original second public key after a preset duration, when the original second public key corresponding to the system identifier exists in the local database of the terminal.
The terminal according to claim 21, wherein the verification module acquires a second public key of the key management system based on the system identifier, and pairs the first number based on the second public key Signature verification, specifically for:

Obtaining the updated second public key and the original second public key corresponding to the system identifier;

Performing verification on the first digital signature based on the updated second public key to obtain a first verification result of the first digital signature;

And verifying the first digital signature based on the original second public key to obtain the first number The second verification result of the signature.
The terminal according to claim 22, wherein the verification module identifies the second terminal as a valid terminal when the verification is successful, and is specifically configured to:

When the first check result is equal to 1 or the second check result is equal to 1, it is determined that the second terminal is a valid terminal.
A node device, where the node device includes:

a request receiving module, configured to receive a trust credential acquisition request sent by the second terminal;

a request information sending module, configured to send the trust credential request information to the key management system according to the trust credential obtaining request;

a feedback information receiving module, configured to receive feedback information of the second terminal sent by the key management system, where the feedback information includes a trust credential of the second terminal and a first digital signature of the second terminal, The trust credential includes a first private key and a first public key, and the first digital signature is that the key management system calculates the first public key based on a second private key of the key management system. of;

And a feedback information sending module, configured to send the feedback information to the second terminal.
The node device of claim 24, wherein the node device further comprises:

a request sending module, configured to send, by the request information sending module, an authentication request to the second node device according to the trusted credential obtaining request to send the trust credential request information to the key management system, so that the second node The device detects whether the local database of the second node device includes broadcast service authorization information for the second terminal, when the local database of the second node device includes broadcast service authorization information for the second terminal The second node device sends broadcast service authorization information of the second terminal to the node device;

And an authorization information receiving module, configured to receive broadcast service authorization information sent by the second node device to the second terminal.
The node device according to claim 24, wherein said request information transmission mode Block, specifically for:

Generating a valid start time of the trust credential;

Sending the trust credential request information to the key management system, the trust credential request information carrying the valid start time.
The node device according to claim 26, wherein said first digital signature is a second private key of said key management system to said key management system by said key management system, said first public The key and the valid start time are calculated;

The feedback information includes the trust credential, the first digital signature, the valid start time, and a second public key of the key management system.
The node device of claim 24, wherein the node device further comprises:

a storage module, configured to: after the feedback information receiving module receives the feedback information sent by the key management system, generate a correspondence between the terminal identifier of the second terminal and the feedback information, and store the terminal identifier and Corresponding feedback information.