WO2020215958A1 - Procédé de traitement d'informations d'authentification, et terminal et dispositif de réseau - Google Patents

Procédé de traitement d'informations d'authentification, et terminal et dispositif de réseau Download PDF

Info

Publication number
WO2020215958A1
WO2020215958A1 PCT/CN2020/080934 CN2020080934W WO2020215958A1 WO 2020215958 A1 WO2020215958 A1 WO 2020215958A1 CN 2020080934 W CN2020080934 W CN 2020080934W WO 2020215958 A1 WO2020215958 A1 WO 2020215958A1
Authority
WO
WIPO (PCT)
Prior art keywords
network device
key
terminal
type
authentication
Prior art date
Application number
PCT/CN2020/080934
Other languages
English (en)
Chinese (zh)
Inventor
刘福文
Original Assignee
中国移动通信有限公司研究院
中国移动通信集团有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中国移动通信有限公司研究院, 中国移动通信集团有限公司 filed Critical 中国移动通信有限公司研究院
Publication of WO2020215958A1 publication Critical patent/WO2020215958A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes

Definitions

  • the present invention relates to wireless communication technology, in particular to an authentication information processing method, terminal and network equipment.
  • the user equipment (UE, User Equipment) and the network side are authenticated through the authentication and key agreement (AKA, Authentication and Key Agreement) protocol.
  • the authentication methods between the UE and the network side in the 5G system include the following two authentication methods: 5G-AKA and EAP-AKA'.
  • the former is based on the Long Term Evolution (LTE) authentication protocol evolved packet system authentication and key agreement (EPS-AKA, Evolved Packet System-Authentication and Key Agreement) development, while the latter is the International Internet Engineering Task Force
  • LTE Long Term Evolution
  • EPS-AKA Evolved Packet System-Authentication and Key Agreement
  • the authentication protocol defined by (IETF, The Internet Engineering Task Force) is used for the UE in the 4G network to use wireless fidelity (Wi-Fi, Wireless-Fidelity) to access the operator's network.
  • the two authentication methods, 5G-AKA and EAP-AKA' are subject to correlation attacks because the UE may send two different types of error messages when it fails
  • the embodiments of the present application provide an authentication information processing method, terminal, and network equipment.
  • an embodiment of the present application provides a method for processing authentication information.
  • the method includes: in the case of a network authentication failure, a terminal separately based on the encryption key and the integrity key pair contains the first type of error message.
  • the indication information is encrypted and integrity protected; the encryption key and the integrity key are obtained based on the session root key; the first authentication of the session root key between the terminal and the first network device is successful Generated below; different error message types correspond to the first indication information in the same format;
  • the terminal sends the encrypted first instruction information to the first network device; wherein the encrypted instruction information is sent to the first network device through the second network device.
  • the method before the terminal performs network authentication, the method further includes: the terminal uses a key derivation function to determine the encryption at least according to the session root key and a random challenge (RAND) Key and the integrity key.
  • the terminal uses a key derivation function to determine the encryption at least according to the session root key and a random challenge (RAND) Key and the integrity key.
  • RAND random challenge
  • the method further includes: the terminal executes a non-access stratum security mode command (NAS SMC, Non Access Stratum Security Mode Command) process with the second network device In the case of success, the terminal stores the session root key.
  • NAS SMC Non Access Stratum Security Mode Command
  • the method further includes: performing a non-initial authentication between the terminal and the first network device, and after the authentication is successful and the terminal and the second network device are If the inter-NAS SMC process is successful, the session root key is updated, or the session root key is maintained.
  • the terminal sending the encrypted first instruction information to the first network device includes: the terminal sending the encrypted first instruction information to the first network device through an authentication response message And MAC information for integrity protection.
  • the encrypting and integrity protecting the first indication information containing the error message type based on the encryption key and the integrity key respectively includes: the terminal is based on the encryption key Encrypting the first indication information, and generating MAC information based on the integrity key.
  • that the terminal sends the encrypted first indication information to the first network device includes: the terminal sends the encrypted first indication information and MAC information to the first network device.
  • the first indication information includes an error message type and response data; the response data is related to the error message type; the error message type includes a first type or a second type
  • the first type of error message is used to indicate that the terminal fails to verify the MAC information in the authentication information; the second type of error message is used to indicate that the terminal fails to verify the SQN; where, in the error message
  • the response data is a numeric value that characterizes authentication synchronization failure; in the case where the type of the error message is the first type, the response data is a first random number; The length of the numerical value is the same as the length of the first random number.
  • the first indication information further includes at least one of the following information: a second random number, a permanent user identification; the second random number is used to distinguish the encrypted first A ciphertext indicating the information.
  • the session root key includes a first session root key and a second session root key; the second session and key are determined by the first session and key .
  • an embodiment of the present application also provides an authentication information processing method, the method includes: a first network device receives first instruction information sent by a terminal through a second network device; the first instruction information is based on an encrypted secret Key and integrity key for encryption and integrity protection; the encryption key and the integrity key are obtained based on the session root key; the session root key is the first time between the terminal and the first network device Generated when the authentication is successful; the first indication information includes the error message type corresponding to the terminal network authentication failure; different error message types correspond to the first indication information of the same format;
  • the first network device decrypts the first indication information based on the encryption key and the integrity key.
  • the first network device determining the encryption key and the integrity key according to the session root key includes:
  • the first network device uses a key derivation function to determine the encryption key and the integrity key at least according to the session root key and a random challenge (RAND).
  • RAND random challenge
  • the method further includes: the first network device receives second indication information of the second network device, where the second indication information is used to indicate the second network
  • the NAS SMC process between the device and the terminal is successful; the first network device stores the session root key.
  • the method further includes: performing non-first authentication between the first network device and the terminal, and after the authentication is successful, and the first network device receives the first network device 2.
  • the second indication information of the network device update the session root key or keep the session root key; the second indication information is used to indicate the communication between the second network device and the terminal The NAS SMC process was successful.
  • that the first network device receives the first indication information sent by the terminal through the second network device includes: the first network device receives the first indication information sent by the terminal through an authentication response message. An indication information and MAC information used for integrity protection; the authentication response message is received through the forwarding of the second network device.
  • the first network device decrypting the first indication information based on the encryption key and the integrity key includes: the first network device is based on the The integrity key verifies the MAC information, and if the verification is successful, decrypts the first indication information based on the encryption key.
  • the first indication information includes an error message type and response data; the response data is related to the error message type; the error message type includes a first type or a second type
  • the first type of error message is used to indicate that the terminal fails to verify the MAC information in the authentication information; the second type of error message is used to indicate that the terminal fails to verify the SQN; where, in the error message
  • the response data is a numeric value that characterizes authentication synchronization failure; in the case where the type of the error message is the first type, the response data is a first random number; The length of the numerical value is the same as the length of the first random number.
  • the first indication information further includes at least one of the following information: a second random number, a permanent user identification; the second random number is used to distinguish the encrypted first A ciphertext indicating the information.
  • the method further includes: in a case where the error message type included in the first indication information is the second type, the first network device sends the error message to the third The network device sends an authentication failure synchronization parameter, where the authentication failure synchronization parameter is at least used for the third network device to resume SQN synchronization with the terminal.
  • the method further includes: the first network device sends third instruction information to the second network device, and the third instruction information includes at least one of the following information: Error message type, permanent user identification.
  • the session root key includes a first session root key and a second session root key; the second session and key are determined by the first session and key .
  • an embodiment of the present application also provides a terminal, the terminal including an encryption unit and a first communication unit; wherein,
  • the encryption unit is configured to perform encryption and integrity protection on the first indication information containing the error message type based on the encryption key and the integrity key respectively when the network authentication fails; the encryption key and the integrity key The integrity key is obtained based on the session root key; the session root key is generated when the first authentication between the terminal and the first network device is successful; different error message types correspond to the first indication information in the same format ;
  • the first communication unit is configured to send encrypted first instruction information to the first network device; wherein the encrypted instruction information is sent to the first network device through a second network device.
  • the terminal further includes a first determining unit configured to use a key derivation function to determine the encryption key and the encryption key according to at least the session root key and a random challenge (RAND).
  • RAND random challenge
  • the terminal further includes a first execution unit and a first storage unit;
  • the first execution unit is configured to execute a non-access layer security mode command NAS SMC process with the second network device;
  • the first storage unit is configured to store the session root key when the NAS SMC process between the first execution unit and the second network device is successfully executed.
  • the first execution unit is further configured to perform non-initial authentication with the first network device, and when the authentication is successful and the communication with the second network device If the NAS SMC process is successful, update the session root key, or keep the session root key.
  • the first communication unit is configured to send the encrypted first indication information and the MAC information for integrity protection to the first network device through an authentication response message.
  • the encryption unit is configured to encrypt the first indication information based on an encryption key, and generate MAC information based on the integrity key.
  • the first indication information includes an error message type and response data; the response data is related to the error message type; the error message type includes a first type or a second type
  • the first type of error message is used to indicate that the terminal fails to verify the MAC information in the authentication information; the second type of error message is used to indicate that the terminal fails to verify the SQN; where, in the error message
  • the response data is a numeric value that characterizes authentication synchronization failure; in the case where the type of the error message is the first type, the response data is a first random number; The length of the numerical value is the same as the length of the first random number.
  • the first indication information further includes at least one of the following information: a second random number, a permanent user identification; the second random number is used to distinguish the encrypted first A ciphertext indicating the information.
  • the session root key includes a first session root key and a second session root key; the second session and key are determined by the first session and key .
  • an embodiment of the present application also provides a network device, the network device is a first network device, and the network device includes a second communication unit and a decryption unit; wherein,
  • the second communication unit is configured to receive the first instruction information sent by the terminal through the second network device; the first instruction information is encrypted and integrity protected based on the encryption key and the integrity key; the encryption key And the integrity key is obtained based on the session root key; the session root key is generated when the first authentication between the terminal and the first network device is successful; the first indication information includes the terminal network authentication failure Corresponding error message types; different error message types correspond to the first indication information in the same format;
  • the decryption unit is configured to decrypt the first indication information based on the encryption key and the integrity key.
  • the network device further includes a second determining unit configured to determine the encryption key and the encryption key at least according to the session root key and a random challenge (RAND) using a key derivation function The integrity key.
  • a second determining unit configured to determine the encryption key and the encryption key at least according to the session root key and a random challenge (RAND) using a key derivation function The integrity key.
  • the network device further includes a second storage unit
  • the second communication unit is further configured to receive second indication information of the second network device, where the second indication information is used to indicate that the NAS SMC process between the second network device and the terminal is successful;
  • the second storage unit is configured to store the session root key.
  • the network device further includes a second execution unit configured to perform non-first authentication with the terminal, and after the authentication is successful and the second communication unit receives the In the case of the second indication information of the second network device, update the session root key or keep the session root key; the second indication information is used to indicate the relationship between the second network device and the terminal The NAS SMC process was successful.
  • the second communication unit is configured to receive the first indication information sent by the terminal and the MAC information for integrity protection through an authentication response message; the authentication response message passes The second network device is forwarded and received.
  • the decryption unit is configured to verify the MAC information based on the integrity key, and if the verification is successful, pair the first based on the encryption key An instruction message is decrypted.
  • the first indication information includes an error message type and response data; the response data is related to the error message type; the error message type includes a first type or a second type
  • the first type of error message is used to indicate that the terminal fails to verify the MAC information in the authentication information; the second type of error message is used to indicate that the terminal fails to verify the SQN; where, in the error message
  • the response data is a numeric value that characterizes authentication synchronization failure; in the case where the type of the error message is the first type, the response data is a first random number; The length of the numerical value is the same as the length of the first random number.
  • the first indication information further includes at least one of the following information: a second random number, a permanent user identification; the second random number is used to distinguish the encrypted first A ciphertext indicating the information.
  • the second communication unit is further configured to send an error message to the third network device when the error message type included in the first indication information is the second type Send an authentication failure synchronization parameter, where the authentication failure synchronization parameter is used at least for the third network device to resume SQN synchronization with the terminal.
  • the second communication unit is further configured to send third indication information to the second network device, and the third indication information includes at least one of the following information: error message Type and permanent user identification.
  • the session root key includes a first session root key and a second session root key; the second session and key are determined by the first session and key .
  • the embodiment of the present application also provides a computer-readable storage medium on which a computer program is stored, which when executed by a processor, implements the steps of the authentication information processing method described in the first aspect of the embodiment of the present application; or, the program When executed by a processor, the steps of the authentication information processing method described in the second aspect of the embodiments of the present application are implemented.
  • the embodiment of the present application also provides a terminal, including a memory, a processor, and a computer program stored on the memory and capable of running on the processor.
  • the processor executes the program when the program is executed. The steps of the authentication information processing method are described.
  • the embodiment of the present application also provides a network device, including a memory, a processor, and a computer program stored in the memory and capable of running on the processor.
  • the processor implements the second aspect of the embodiment of the present invention when the program is executed. The steps of the authentication information processing method.
  • the authentication information processing method, terminal, and network equipment provided by the embodiments of the present application include: when the network authentication fails, the terminal includes a first indication of an error message type based on an encryption key and an integrity key pair, respectively Information is encrypted and integrity protected; the encryption key and the integrity key are obtained based on the session root key; different error message types correspond to the first indication information in the same format; the session root key is in the Generated when the first authentication between the terminal and the first network device is successful; the terminal sends the encrypted first instruction information to the first network device; wherein the encrypted instruction information is sent to the first network device through the second network device Sent by the first network device.
  • the technical solution of the embodiment of the present application indicates the type of error message through a message (i.e., the first indication information), that is, no matter what type of error message it obtains, the terminal will send the indication information in the same format to the network side, avoiding the network side according to different types.
  • the terminal determines the encryption key and the integrity key through the shared key known to the network side, and according to the encryption key
  • the first indication information is encrypted and integrity protected with the integrity key, so that even if an attacker captures the authentication response message, he cannot obtain the error message type in the authentication response message from the ciphertext.
  • Figure 1 is a schematic diagram of the flow of correlation attacks in related technologies
  • FIG. 2 is a first flowchart of a method for processing authentication information according to an embodiment of the application
  • FIG. 3 is a second schematic diagram of the flow of the authentication information processing method according to an embodiment of the application.
  • FIG. 4 is a schematic diagram of a specific flow of the authentication information processing method according to an embodiment of the application.
  • FIG. 5 is a schematic diagram of a composition structure of a terminal according to an embodiment of the application.
  • FIG. 6 is a schematic diagram of another composition structure of a terminal according to an embodiment of the application.
  • FIG. 7 is a schematic diagram of another composition structure of a terminal according to an embodiment of the application.
  • FIG. 8 is a schematic diagram of a composition structure of a network device according to an embodiment of the application.
  • FIG. 9 is a schematic diagram of another composition structure of a network device according to an embodiment of the application.
  • FIG. 10 is a schematic diagram of another composition structure of a network device according to an embodiment of the application.
  • FIG. 11 is a schematic diagram of the hardware composition structure of a communication device according to an embodiment of the application.
  • Figure 1 is a schematic diagram of the flow of correlation attacks in related technologies;
  • Figure 1 takes a 4G network (such as an LTE network) as an example for illustration. As shown in Figure 1, it includes:
  • Step 101 The mobility management entity (MME, Mobility Management Entity) sends an authentication request message to the UE, and the authentication request message includes a random challenge (RAND, Random challenge) and an authentication token (AUTN).
  • the attacker may intercept the authentication request message, obtain and store the random challenge (RAND) and authentication token (AUTN) in the authentication request message.
  • Step 102 The UE performs network authentication. After the network authentication is completed, the UE sends an authentication response message to the MME. In this step, the attacker may intercept the authentication response message.
  • the UE may send two different types of error messages when the network authentication fails, including: a MAC failure (MAC_FAIL) message or a synchronization failure (SYNC_FAIL) message; among them, the MAC_FAIL message indicates that the UE fails to check the MAC information, usually It is caused by the mismatch between the root key of the UE and the root key of the network side; the SYNC_FAIL message indicates that the sequence number (SQN, Sequence Number) value of the network side is outside the range allowed by the UE.
  • MAC_FAIL MAC failure
  • SYNC_FAIL synchronization failure
  • Step 103 The attacker resends an authentication request message to the UE.
  • the authentication request message includes the random challenge (RAND) and the authentication token (AUTN) captured in step 101.
  • Step 104 The UE performs network authentication. After the network authentication is completed, the UE sends an authentication response message.
  • the UE sends an authentication response message carrying an error message, for example, the error message is a SYNC_FAIL message; the attacker intercepts the authentication response message, obtains the error message in the authentication response message, and determines the need to track based on the error message
  • the UE is in a specific area, so the attacker can track the UE by intercepting the error message in the authentication response message.
  • Fig. 2 is a schematic flow chart 1 of the authentication information processing method according to an embodiment of the application; as shown in Fig. 2, the method includes:
  • Step 201 When the network authentication fails, the terminal encrypts and protects the first indication information including the error message type based on the encryption key and the integrity key respectively; the encryption key and the integrity The key is obtained based on the session root key; the session root key is generated when the first authentication between the terminal and the first network device is successful; different error message types correspond to the first indication information in the same format;
  • Step 202 The terminal sends the encrypted first instruction information to the first network device; wherein the encrypted instruction information is sent to the first network device through the second network device.
  • the first network device and the second network device may be core network devices used for network authentication.
  • the first network device may specifically be an authentication server function node (AUSF, Authentication Server Function); the second network device may be a security anchor node function ( SEAF, SEcurity Anchor Function).
  • AUSF authentication server function node
  • SEAF SEcurity Anchor Function
  • the method before the terminal performs network authentication, that is, before step 201, the method further includes: the terminal determines the encryption key and the encryption key according to the session root key. The integrity key.
  • the terminal determines the encryption key and the integrity key based on the session root key commonly known by the terminal and the network side, and compares the first encryption key and the integrity key based on the encryption key and the integrity key.
  • One indication information is encrypted and integrity protected; on the other hand, the first network device can determine the encryption key and the integrity key based on the session root key that is commonly known to the terminal, and based on the encryption key and integrity key pair The first indication information is decrypted, thereby obtaining the error message type contained in the first indication information.
  • the session root key includes a first session root key and a second session root key; the second session root key is determined by the first session root key.
  • the first session root key may specifically be K AUSF ; the second session root key may specifically be K SEAF .
  • the terminal determining the encryption key and the integrity key according to the session root key includes: the terminal uses a key derivation function at least according to the session root key and a random challenge (RAND) Determine the encryption key and the integrity key.
  • RAND random challenge
  • the method for determining the encryption key may satisfy the following expression:
  • K E KDF (K AUSF , RAND "length of RAND”"EncryptionKey”"length of “Encryption Key”);
  • K E represents an encryption key
  • KDF is a key derivation function
  • RAND represents a random challenge
  • represents string concatenation
  • Encryption Key represents an encryption key
  • Encryption Key can be The character string corresponding to K E obtained in advance in the terminal and the first network device.
  • the method for determining the integrity key may satisfy the following expression:
  • K M KDF (K AUSF , the length of RAND ⁇ RAND ⁇ "MAC Key” ⁇ "MAC Key”length);
  • K M represents the encryption key
  • KDF is the key derivation function
  • RAND represents the random challenge
  • represents the string concatenation
  • MAC Key represents the integrity key
  • MAC Key can be It is a character string corresponding to K M that is known in advance in the terminal and the first network device.
  • the foregoing encryption key and integrity key are determined according to the session root key K AUSF .
  • the encryption key and integrity key may also be determined according to the session root key K SEAF .
  • the determination method is similar to the determination method represented by the above expression, and will not be repeated here.
  • the method before the terminal performs network authentication, the method further includes: performing the first authentication between the terminal and the first network device, and generating a session root if the authentication is successful Key.
  • the method further includes: in the case that the terminal successfully executes the NAS SMC procedure with the second network device, the terminal stores the session root key .
  • the method further includes: performing non-initial authentication between the terminal and the first network device, and after the authentication is successful, the terminal and the second network device If the NAS SMC process between the two is successful, the session root key is updated, or the session root key is maintained.
  • the terminal and the first network device when the terminal succeeds in the first mutual authentication between the first network device, the terminal and the first network device both generate the session root key, such as generating K AUSF and/or K SEAF ; In the case that the NAS SMC process between the network devices is successful, the terminal and the first network device store the session root key. Or in the case that the non-first mutual authentication between the terminal and the first network device is successful, and in the case that the NAS SMC process between the terminal and the second network device is successful, the terminal and the first network device can update the stored session root Key, or keep the stored session root key unchanged.
  • the session root key such as generating K AUSF and/or K SEAF
  • the terminal sending the encrypted first instruction information to the first network device includes: the terminal sends the first network device through an authentication response message The encrypted first indication information and MAC information used for integrity protection; wherein, the authentication response message is sent to the first network device through the second network device. It can be understood that the terminal sends an authentication response message containing the encrypted first indication information and MAC information for integrity protection to the second network device, and the second network device forwards the authentication response message to The first network equipment.
  • the authentication response message includes an encrypted part of the first indication information and an integrity protection part of the first indication information; the integrity protection part of the first indication information is used for integrity protection The MAC information; the encryption and integrity protection of the first indication information containing the error message type based on the encryption key and the integrity key respectively includes: the terminal encrypts the first indication information based on the encryption key, based on The integrity key generates MAC information.
  • the terminal sending the encrypted first indication information to the first network device includes: the terminal sending the encrypted first indication information and MAC information to the first network device.
  • the MAC information may be understood as a sequence or a value, which is used to protect the integrity of the first indication information.
  • the terminal receives an authentication request message from a network device (specifically a third network device), and the authentication request message includes a random challenge (RAND) and an authentication token (AUTN); as an example, the authentication request message
  • the token (AUTN) can be a 128-bit value; the terminal performs MAC information verification based on the information in the authentication token (AUTN). For example, the terminal generates MAC information based on the information in the authentication token (AUTN), and verifies the generated MAC information with its own MAC information; if the verification is consistent, the verification is successful; if the verification is inconsistent, the verification is The test failed.
  • the first indication information includes an error message type and response data; the response data is related to the error message type; the error message type includes the first type or the second type; the first type of error The message is used to indicate that the terminal fails to verify the MAC information in the authentication information; the second type of error message is used to indicate that the terminal fails to verify the SQN; wherein, the type of the error message is the second
  • the response data is a numeric value that characterizes authentication synchronization failure; in the case where the type of the error message is the first type, the response data is a first random number; the length of the numeric value is The lengths of the first random numbers are the same.
  • the first type of error message may specifically be a MAC failure (MAC_FAIL) message, where the MAC_FAIL message indicates that the UE failed to verify the MAC information in the authentication token (AUTN), usually due to the UE's root key and the network side It is caused by the mismatch of the root keys of;
  • the second type of error message may specifically be a synchronization failure (SYNC_FAIL) message, which indicates that the SQN value on the network side is outside the range allowed by the UE.
  • MAC_FAIL MAC failure
  • SYNC_FAIL synchronization failure
  • the first indication information further includes at least one of the following information: a second random number (such as represented by Nonce), a permanent user identification (such as SUPI); the second The random number is used to distinguish the encrypted ciphertext of the first indication information.
  • a second random number such as represented by Nonce
  • a permanent user identification such as SUPI
  • the second random number is a one-time random number, which is used to make the ciphertext of the first indication information (or authentication response message) different every time, so as to prevent an attacker from guessing the The error message type in the first indication message.
  • the first indication information may carry a permanent user identification to prevent the second network device from initiating an identity request to the terminal when the user permanent identification of the terminal cannot be obtained.
  • the response data is related to the error message type.
  • the response data is a numerical value that characterizes authentication synchronization failure; as an example, the response data is AUTS; when the type of the error message is the first
  • the response data may be a first random number; the length of the numerical value is the same as the length of the first random number.
  • the terminal sends an authentication response message in the same format to the network side, and the authentication response message is encrypted and complete by the encryption key and the integrity key
  • the security protection makes it impossible for an attacker to obtain the error message type in the authentication response message from the ciphertext even if the authentication response message is captured.
  • the terminal since the terminal sends the authentication response message in the same format, it prevents the SEAF from responding to different types of authentication Respond to the message, thereby generating a correlation attack, preventing the terminal from being tracked by the attacker.
  • Fig. 3 is a schematic diagram 2 of the flow of the authentication information processing method according to an embodiment of the application; as shown in Fig. 3, the method includes:
  • Step 301 The first network device receives the first instruction information sent by the terminal through the second network device; the first instruction information performs encryption and integrity protection based on the encryption key and the integrity key; the encryption key and the integrity key The integrity key is obtained based on the session root key; the session root key is generated when the first authentication between the terminal and the first network device is successful; the first indication information includes information corresponding to the terminal network authentication failure Error message type; different error message types correspond to the first indication information in the same format;
  • Step 302 The first network device decrypts the first indication information based on the encryption key and the integrity key.
  • the first network device and the second network device may be core network devices used for network authentication.
  • the first network device may specifically be AUSF; and the second network device may be SEAF.
  • the method before the first network device decrypts the first indication information based on the encryption key and the integrity key, the method further includes: The first network device determines the encryption key and the integrity key according to the session root key.
  • the first network device determines the encryption key and the integrity key based on the session root key commonly known by the terminal and the network side, and pairs the first indication information based on the encryption key and the integrity key. Decryption is performed to obtain the error message type contained in the first indication information.
  • the session root key includes a first session root key and a second session root key; the second session root key is determined by the first session root key.
  • the first session root key may specifically be K AUSF ; the second session root key may specifically be K SEAF .
  • the first network device determining the encryption key and the integrity key according to the session root key includes: the first network device uses at least the session root key and a random challenge (RAND)
  • RAND random challenge
  • the method for determining the encryption key may satisfy the following expression:
  • K E KDF (K AUSF , RAND "length of RAND”"EncryptionKey”"length of “Encryption Key”);
  • K E represents an encryption key
  • KDF is a key derivation function
  • RAND represents a random challenge
  • represents string concatenation
  • Encryption Key represents an encryption key
  • Encryption Key can be The character string corresponding to K E obtained in advance in the terminal and the first network device.
  • the method for determining the integrity key may satisfy the following expression:
  • K M KDF (K AUSF , the length of RAND ⁇ RAND ⁇ "MAC Key” ⁇ "MAC Key”length);
  • K M represents the encryption key
  • KDF is the key derivation function
  • RAND represents the random challenge
  • represents the string concatenation
  • MAC Key represents the integrity key
  • MAC Key can be It is a character string corresponding to K M that is known in advance in the terminal and the first network device.
  • the foregoing encryption key and integrity key are determined according to the session root key K AUSF .
  • the encryption key and integrity key may also be determined according to the session root key K SEAF .
  • the determination method is similar to the determination method expressed by the above expression, and will not be repeated here.
  • the method before the first network device decrypts the first indication information based on the encryption key and the integrity key, that is, before step 302, The method further includes: performing first authentication between the first network device and the terminal, and generating a session root key if the authentication is successful.
  • the method further includes: the first network device receives second indication information of the second network device, and the second indication information is used to indicate the second The NAS SMC process between the network device and the terminal is successful; the first network device stores the session root key.
  • the method further includes: performing non-initial authentication between the first network device and the terminal, and after the authentication is successful and the first network device receives the In the case of the second indication information of the second network device, update the session root key or keep the session root key; the second indication information is used to indicate the relationship between the second network device and the terminal
  • the NAS SMC process was successful.
  • the terminal and the first network device when the terminal succeeds in the first mutual authentication between the first network device, the terminal and the first network device both generate the session root key, such as generating K AUSF and/or K SEAF ; In the case that the NAS SMC process between the network devices is successful, the terminal and the first network device store the session root key. Or in the case that the non-first mutual authentication between the terminal and the first network device is successful, and in the case that the NAS SMC process between the terminal and the second network device is successful, the terminal and the first network device can update the stored session root Key, or keep the stored session root key unchanged.
  • the session root key such as generating K AUSF and/or K SEAF
  • the first network device receives the first indication information sent by the terminal through the second network device includes: the first network device receives the first indication information sent by the terminal through an authentication response message The first indication information and MAC information used for integrity protection; the authentication response message is received through forwarding by the second network device. It can be understood that the terminal sends an authentication response message containing the encrypted first indication information and MAC information for integrity protection to the second network device, and the second network device forwards the authentication response message to The first network equipment.
  • the authentication response message includes an encrypted part of the first indication information and an integrity protection part of the first indication information; the integrity protection part of the first indication information is used for integrity protection The MAC information; the first network device decrypts the first indication information based on the encryption key and the integrity key, including: the first network device checks based on the integrity key If the MAC information is successfully verified, decrypt the first indication information based on the encryption key.
  • the MAC information may be understood as a sequence or a value, which is used to protect the integrity of the first indication information.
  • the first indication information includes an error message type and response data; the response data is related to the error message type; the error message type includes the first type or the second type; the first type of error The message is used to indicate that the terminal fails to verify the MAC information in the authentication information; the second type of error message is used to indicate that the terminal fails to verify the SQN; wherein, the type of the error message is the second
  • the response data is a numeric value that characterizes the failure of authentication synchronization; in the case where the type of the error message is the first type, the response data is the first random number; the length of the numeric value is equal to The lengths of the first random numbers are the same.
  • the first type of error message may specifically be a MAC failure (MAC_FAIL) message, where the MAC_FAIL message indicates that the UE fails to verify the MAC information in the authentication token (AUTN), usually because the root key of the UE and the network side It is caused by the mismatch of the root keys of;
  • the second type of error message may specifically be a synchronization failure (SYNC_FAIL) message, which indicates that the SQN value on the network side is outside the range allowed by the UE.
  • MAC_FAIL MAC failure
  • SYNC_FAIL synchronization failure
  • the first indication information further includes at least one of the following information: a second random number (such as represented by Nonce), a permanent user identification (such as SUPI); the second The random number is used to distinguish the encrypted ciphertext of the first indication information.
  • a second random number such as represented by Nonce
  • a permanent user identification such as SUPI
  • the second random number is a one-time random number, which is used to make the ciphertext of the first indication information (or authentication response message) different every time, so as to prevent an attacker from guessing the The error message type in the first indication message.
  • the first indication information may carry a permanent user identification to prevent the second network device from initiating an identity request to the terminal when the user permanent identification of the terminal cannot be obtained.
  • the response data is related to the error message type.
  • the response data is a numerical value that characterizes authentication synchronization failure; as an example, the response data is AUTS; when the type of the error message is all
  • the response data may be a first random number; the length of the numerical value is the same as the length of the first random number.
  • the method further includes: when the error message type included in the first indication information is the second type, the first network device sends the error message to the first The third network device sends an authentication failure synchronization parameter, where the authentication failure synchronization parameter is at least used for the third network device to resume SQN synchronization with the terminal.
  • the method further includes: the first network device sends third instruction information to the second network device, and the third instruction information includes at least one of the following information : Error message type, permanent user identification.
  • the technical solution of the embodiment of the present application indicates the type of error message through a message (i.e., the first indication information), that is, no matter what type of error message it obtains, the terminal will send the indication information in the same format to the network side, avoiding the network side according to different types In order to prevent the attacker from intercepting different types of responses to determine the error message type; and, the terminal determines the encryption key and the integrity key through the shared key known to the network side, and according to the encryption key
  • the first indication information is encrypted and integrity protected with the integrity key, so that even if an attacker captures the authentication response message, he cannot obtain the error message type in the authentication response message from the ciphertext.
  • AUSF corresponds to the first network device in the foregoing embodiment
  • SEAF corresponds to the second network in the foregoing embodiment
  • FIG 4 is a schematic diagram of a specific flow of the authentication information processing method according to an embodiment of the application; as shown in Figure 4, the method includes:
  • Step 401 Perform the first authentication between the UE and AUSF.
  • the UE and AUSF respectively generate a session root key; in this example, the session root key includes: K AUSF and/or K SEAF .
  • Step 402 A NAS SMC process is performed between the UE and the SEAF. In the case that the NAS SMC process is successful, the terminal stores the session root key.
  • Step 403 SEAF sends instruction information to AUSF.
  • the SEAF sends indication information to the AUSF, and the indication information is used to indicate that the NAS SMC process is successful.
  • the AUSF stores the session root key. Based on this, both the UE and the AUSF store the session root key.
  • the UE and the AUSF may update the stored session root key, or Keep the stored session root key unchanged.
  • Step 404 UDM/ARPF sends an authentication request message to the UE based on the selected authentication protocol; the authentication request message may include: a random challenge (RAND) and an authentication token (AUTN).
  • RAND random challenge
  • AUTN authentication token
  • Step 405 The UE performs network verification based on the network, and obtains a result of network verification failure.
  • Step 406 The UE sends an authentication response message (Authentication Response) to AUSF through SEAF.
  • Authentication Response an authentication response message
  • the authentication response message may include: error reason (FAIL_CAUSE), random number (Nonce), SUPI, response data (RES_DATA), and MAC information for integrity protection.
  • the different values of the error cause (FAIL_CAUSE) correspond to the first type of error message and the second type of error message respectively; the first type of error message may specifically be a MAC failure (MAC_FAIL) message, and the second The type of error message may specifically be a synchronization failure (SYNC_FAIL) message.
  • the random number is a one-time random number, which is used to make the ciphertext of the first indication information (or an authentication response message) different each time, so as to prevent an attacker from guessing an error in the first indication information Message type.
  • the authentication response message may carry SUPI to prevent the second network device from initiating an identity request to the terminal when the second network device cannot obtain the SUPI of the terminal.
  • the response data is related to the error message type. In the case that the type of the error message is the second type, the response data is a numerical value that characterizes authentication synchronization failure; as an example, the response data is AUTS; when the type of the error message is all In the case of the first type, the response data may be a random number. Among them, the length of AUTS is the same as the length of the random number.
  • the UE encrypts the authentication response message based on the encryption key K E , and generates MAC information based on the integrity key K M for integrity protection.
  • the encryption key K E and the integrity key K M are determined based on the session root key (K AUSF and/or K SEAF ).
  • Step 407 AUSF decrypts the authentication response message based on the encryption key K E and the integrity key K M , and determines the error message type.
  • AUSF may determine the encryption key K E and the integrity key K M based on the stored session root key ( KAUSF and/or K SEAF ), so as to decrypt the authentication response message.
  • AUSF verifies the MAC information in the authentication response message based on the integrity key K M ; in the case of passing the verification, decrypts the authentication response message based on the encryption key K E. If the verification fails, the process ends.
  • Step 408 In the case that the error message type included in the authentication response message is the second type, AUSF sends an authentication failure synchronization parameter to UDM/ARPF, and the authentication failure synchronization parameter is used at least for UDM/ARPF recovery and the The SQN of the terminal is synchronized.
  • AUSF sends a Nudm_UEAuthentication_Get Request message to UDM/ARPF, and the message carries authentication failure synchronization parameters.
  • the authentication failure synchronization parameter may specifically be a random challenge (RAND) and AUTS, so that the UDM/ARPF can resume synchronization with the SQN of the terminal according to the random challenge (RAND) and AUTS.
  • Step 409 AUSF sends the error message type and SUPI to SEAF.
  • AUSF sends a Nausf_UEAuthentication_Authenticate Response message to SEAF, and the message carries the error message type and SUPI, that is, the message carries the error cause (FAIL_CAUSE) and SUPI.
  • the technical solution of the embodiment of the present application indicates the type of error message through a message (i.e., the first indication information), that is, no matter what type of error message it obtains, the terminal will send the indication information in the same format to the network side, avoiding the network side according to different types.
  • the terminal determines the encryption key and the integrity key through the shared key known to the network side, and according to the encryption key
  • the first indication information is encrypted and integrity protected with the integrity key, so that even if an attacker captures the authentication response message, he cannot obtain the error message type in the authentication response message from the ciphertext.
  • the embodiment of the present application also provides a terminal.
  • 5 is a schematic diagram of a structure of a terminal according to an embodiment of the application; as shown in FIG. 5, the terminal includes an encryption unit 51 and a first communication unit 52; wherein, the encryption unit 51 is configured to fail network authentication
  • the encryption key and the integrity key the first indication information containing the error message type is encrypted and integrity protected respectively; the encryption key and the integrity key are obtained based on the session root key
  • the session root key is generated when the first authentication is successful between the terminal and the first network device; different error message types correspond to the first indication information in the same format;
  • the first communication unit 52 is configured to send encrypted first instruction information to the first network device; wherein the encrypted instruction information is sent to the first network device through a second network device.
  • the terminal further includes a first determining unit 53 configured to determine the encryption key according to the session root key before performing network authentication And the integrity key.
  • the first determining unit 53 is configured to use a key derivation function to determine the encryption key and the encryption key according to at least the session root key and a random challenge (RAND). Integrity key.
  • the terminal further includes a first execution unit 54 configured to perform the first authentication with the first network device, and if the authentication is successful Generate the session root key.
  • the terminal further includes a first storage unit 55; the first execution unit 54 is configured to perform inter-operation with the second network device NAS SMC process;
  • the first storage unit 55 is configured to store the session root key when the NAS SMC process between the first execution unit 54 and the second network device is successfully executed.
  • the first execution unit 54 is further configured to perform non-initial authentication with the first network device, and when the authentication is successful, and with the second network device If the inter-NAS SMC process is successful, the session root key is updated, or the session root key is maintained.
  • the first communication unit 52 is configured to send the encrypted first indication information and the MAC information for integrity protection to the first network device through an authentication response message.
  • the encryption unit 51 is configured to encrypt the first indication information based on an encryption key, and generate MAC information based on the integrity key.
  • the first indication information includes an error message type and response data; the response data is related to the error message type; and the error message type includes the first type or the second type.
  • Type the first type of error message is used to indicate that the terminal has failed to verify the MAC information in the authentication information
  • the second type of error message is used to indicate that the terminal has failed to verify the SQN; wherein, in the error message
  • the response data is a value that characterizes authentication synchronization failure
  • the response data is a first random number ; The length of the numerical value is the same as the length of the first random number.
  • the first indication information further includes at least one of the following information: a second random number, a permanent user identification; the second random number is used to distinguish the encrypted The ciphertext of the first indication information.
  • the session root key includes a first session root key and a second session root key; the second session root key is determined by the first session root key.
  • the encryption unit 51, the first determination unit 53, and the first execution unit 54 in the terminal can all be controlled by the central processing unit (CPU, Central Processing Unit), digital Signal processor (DSP, Digital Signal Processor), microcontroller unit (MCU, Microcontroller Unit) or programmable gate array (FPGA, Field-Programmable Gate Array) is implemented;
  • the first communication unit 52 in the terminal is used in practical applications It can be realized by a communication module (including: basic communication kit, operating system, communication module, standardized interface and protocol, etc.) and a transceiver antenna;
  • the first storage unit 55 in the terminal can be realized by a memory in practical applications.
  • the terminal provided in the above embodiment performs authentication information processing
  • only the division of the above-mentioned program modules is used as an example for illustration.
  • the above-mentioned processing can be allocated by different program modules as needed, namely The internal structure of the terminal is divided into different program modules to complete all or part of the processing described above.
  • the terminal provided in the foregoing embodiment and the embodiment of the authentication information processing method belong to the same concept, and the specific implementation process is detailed in the method embodiment, which will not be repeated here.
  • FIG. 8 is a schematic diagram of a composition structure of a network device according to an embodiment of the application; as shown in FIG. 8, the network device includes a second communication unit 61 and a decryption unit 62; wherein, the second communication unit 61 is configured as
  • the first indication information sent by the terminal is received through the second network device; the first indication information is encrypted and integrity protected based on the encryption key and the integrity key; the encryption key and the integrity key are based on the session The root key is obtained; the session root key is generated when the first authentication between the terminal and the first network device is successful; the first indication information includes the error message type corresponding to the terminal network authentication failure; different errors The message type corresponds to the first indication information in the same format;
  • the decryption unit 62 is configured to decrypt the first indication information based on the encryption key and the integrity key.
  • the network device further includes a second determining unit 63, configured so that the decryption unit 62 is based on the encryption key and the integrity key Before decrypting the first indication information, determine the encryption key and the integrity key according to the session root key.
  • the second determining unit 63 is configured to use a key derivation function to determine the encryption key and the encryption key according to at least the session root key and a random challenge (RAND). Integrity key.
  • the network device further includes a second execution unit 64 configured such that the decryption unit 62 is based on the encryption key and the integrity key Before decrypting the first indication information, perform a first authentication with the terminal, and generate a session root key if the authentication is successful.
  • the network device further includes a second storage unit 65; the second communication unit 61 is further configured to receive the second network device 2. Indication information, where the second indication information is used to indicate that the NAS SMC process between the second network device and the terminal is successful;
  • the second storage unit 65 is configured to store the session root key.
  • the second execution unit 64 is further configured to perform non-first authentication with the terminal, and when the authentication succeeds and the second communication
  • the unit 61 receives the second indication information of the second network device, it updates the session root key or keeps the session root key; the second indication information is used to indicate the second network
  • the NAS SMC process between the device and the terminal is successful.
  • the second communication unit 61 is configured to receive the first indication information sent by the terminal and the MAC information for integrity protection through an authentication response message; the authentication response The message is received through the forwarding of the second network device.
  • the decryption unit 62 is configured to verify the MAC information based on the integrity key, and in the case of a successful verification, perform the verification based on the encryption key.
  • the first instruction information is decrypted.
  • the first indication information includes an error message type and response data; the response data is related to the error message type; and the error message type includes the first type or the second type.
  • Type the first type of error message is used to indicate that the terminal has failed to verify the MAC information in the authentication information
  • the second type of error message is used to indicate that the terminal has failed to verify the SQN; wherein, in the error message
  • the response data is a value that characterizes authentication synchronization failure
  • the response data is a first random number ; The length of the numerical value is the same as the length of the first random number.
  • the first indication information further includes at least one of the following information: a second random number, a permanent user identification; the second random number is used to distinguish the encrypted The ciphertext of the first indication information.
  • the second communication unit 61 is further configured to send an error message to the third type when the error message type included in the first indication information is the second type
  • the network device sends an authentication failure synchronization parameter, where the authentication failure synchronization parameter is at least used for the third network device to resume SQN synchronization with the terminal.
  • the second communication unit 61 is further configured to send third indication information to the second network device, and the third indication information includes at least one of the following information: Error message type, permanent user identification.
  • the session root key includes a first session root key and a second session root key; the second session root key is determined by the first session root key.
  • the decryption unit 62, the second determination unit 63, and the second execution unit 64 in the network device can all be implemented by the CPU, DSP, MCU or FPGA in the network device in practical applications;
  • the second communication unit 61 in the network device can be implemented in practical applications through a communication module (including: basic communication suite, operating system, communication module, standardized interface and protocol, etc.) and a transceiver antenna;
  • the second storage unit 65 can be implemented by a memory in practical applications.
  • the network device provided in the above embodiment performs authentication information processing
  • only the division of the above-mentioned program modules is used as an example.
  • the above-mentioned processing can be distributed by different program modules as needed. That is, the internal structure of the network device is divided into different program modules to complete all or part of the processing described above.
  • the network equipment provided in the above-mentioned embodiment and the authentication information processing method embodiment belong to the same concept. For the specific implementation process, please refer to the method embodiment, which will not be repeated here.
  • FIG. 11 is a schematic diagram of the hardware composition structure of a communication device according to an embodiment of the application.
  • the communication device includes a memory 72, a processor 71, and a computer program stored on the memory 72 and running on the processor 71.
  • the processor 71 executes the program, the steps of the authentication information processing method applied to the terminal in the embodiment of the present application are implemented; as another implementation manner, when the processor 71 executes the program Implement the steps of the authentication information processing method applied to the first network device in the embodiment of the present application.
  • the communication device further includes a communication interface 73.
  • the various components in the communication device are coupled together through the bus system 74.
  • the bus system 74 is used to implement connection and communication between these components.
  • the bus system 74 also includes a power bus, a control bus, and a status signal bus.
  • various buses are marked as the bus system 74 in FIG. 11.
  • the memory 72 may be a volatile memory or a non-volatile memory, and may also include both volatile and non-volatile memory.
  • the non-volatile memory can be a read only memory (ROM, Read Only Memory), a programmable read only memory (PROM, Programmable Read-Only Memory), an erasable programmable read only memory (EPROM, Erasable Programmable Read- Only Memory, Electrically Erasable Programmable Read-Only Memory (EEPROM, Electrically Erasable Programmable Read-Only Memory), magnetic random access memory (FRAM, ferromagnetic random access memory), flash memory (Flash Memory), magnetic surface memory , CD-ROM, or CD-ROM (Compact Disc Read-Only Memory); magnetic surface memory can be magnetic disk storage or tape storage.
  • the volatile memory may be random access memory (RAM, Random Access Memory), which is used as an external cache.
  • RAM random access memory
  • SRAM Static Random Access Memory
  • SSRAM synchronous static random access memory
  • DRAM Dynamic Random Access Memory
  • SDRAM Synchronous Dynamic Random Access Memory
  • DDRSDRAM Double Data Rate Synchronous Dynamic Random Access Memory
  • ESDRAM enhanced -Type synchronous dynamic random access memory
  • SLDRAM SyncLink Dynamic Random Access Memory
  • direct memory bus random access memory DRRAM, Direct Rambus Random Access Memory
  • DRRAM Direct Rambus Random Access Memory
  • the memory 72 described in the embodiment of the present application is intended to include, but is not limited to, these and any other suitable types of memory.
  • the method disclosed in the above embodiments of the present application may be applied to the processor 71 or implemented by the processor 71.
  • the processor 71 may be an integrated circuit chip with signal processing capability. In the implementation process, the steps of the foregoing method can be completed by hardware integrated logic circuits in the processor 71 or instructions in the form of software.
  • the aforementioned processor 71 may be a general-purpose processor, a digital signal processor (DSP, Digital Signal Processor), or other programmable logic devices, discrete gates or transistor logic devices, discrete hardware components, and the like.
  • the processor 71 may implement or execute various methods, steps, and logical block diagrams disclosed in the embodiments of the present application.
  • the general-purpose processor may be a microprocessor or any conventional processor.
  • the steps of the method disclosed in the embodiments of the present application can be directly embodied as being executed and completed by a hardware decoding processor, or executed by a combination of hardware and software modules in the decoding processor.
  • the software module may be located in a storage medium, and the storage medium is located in the memory 72.
  • the processor 71 reads the information in the memory 72 and completes the steps of the foregoing method in combination with its hardware.
  • the communication device may be used by one or more application specific integrated circuits (ASIC, Application Specific Integrated Circuit), DSP, programmable logic device (PLD, Programmable Logic Device), complex programmable logic device (CPLD, Complex Programmable Logic Device, Field-Programmable Gate Array (FPGA, Field-Programmable Gate Array), general-purpose processor, controller, microcontroller (MCU, Micro Controller Unit), microprocessor (Microprocessor), or other electronic components Implementation, used to perform the aforementioned method.
  • ASIC Application Specific Integrated Circuit
  • DSP programmable logic device
  • PLD Programmable Logic Device
  • CPLD Complex Programmable Logic Device
  • FPGA Field-Programmable Gate Array
  • general-purpose processor controller, microcontroller (MCU, Micro Controller Unit), microprocessor (Microprocessor), or other electronic components Implementation, used to perform the aforementioned method.
  • the embodiment of the present application also provides a computer-readable storage medium on which a computer program is stored.
  • a computer program As an implementation manner, when the program is executed by a processor, the authentication information processing method applied to the terminal in the embodiment of the present application is implemented. Step; As another implementation manner, when the program is executed by the processor, the steps of the authentication information processing method applied to the first network device in the embodiment of this application are implemented; as another implementation manner, when the program is executed by the processor Implement the steps of the authentication information processing method applied to the third network device in the embodiment of the present application.
  • the disclosed device and method may be implemented in other ways.
  • the device embodiments described above are merely illustrative.
  • the division of the units is only a logical function division, and there may be other divisions in actual implementation, such as: multiple units or components can be combined, or It can be integrated into another system, or some features can be ignored or not implemented.
  • the coupling, or direct coupling, or communication connection between the components shown or discussed may be indirect coupling or communication connection through some interfaces, devices or units, and may be electrical, mechanical or other forms of.
  • the units described above as separate components may or may not be physically separate, and the components displayed as units may or may not be physical units, that is, they may be located in one place or distributed on multiple network units; Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
  • the functional units in the embodiments of the present application can all be integrated into one processing unit, or each unit can be individually used as a unit, or two or more units can be integrated into one unit;
  • the unit can be implemented in the form of hardware, or in the form of hardware plus software functional units.
  • the foregoing program can be stored in a computer readable storage medium. When the program is executed, it is executed. Including the steps of the foregoing method embodiment; and the foregoing storage medium includes: various media that can store program codes, such as a mobile storage device, ROM, RAM, magnetic disk, or optical disk.
  • the above-mentioned integrated unit of this application is implemented in the form of a software function module and sold or used as an independent product, it can also be stored in a computer readable storage medium.
  • the computer software product is stored in a storage medium and includes several instructions for A computer device (which may be a personal computer, a server, or a network device, etc.) executes all or part of the methods described in the various embodiments of the present application.
  • the aforementioned storage media include: removable storage devices, ROM, RAM, magnetic disks, or optical disks and other media that can store program codes.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Selon les modes de réalisation, la présente invention concerne un procédé de traitement d'informations d'authentification, et un terminal et un dispositif de réseau. Ledit procédé comprend les étapes suivantes : dans le cas où une authentification de réseau échoue, un terminal effectue un chiffrement et une protection d'intégrité sur des premières informations d'indication contenant un type de message d'erreur respectivement en fonction d'une clé de chiffrement et d'une clé d'intégrité, la clé de chiffrement et la clé d'intégrité étant obtenues en fonction d'une clé racine de session, la clé racine de session étant produite lorsqu'une première authentification entre le terminal et un premier dispositif de réseau réussit, et différents types de message d'erreur correspondant à des premières informations d'indication dans le même format ; et le terminal envoie les premières informations d'indication chiffrées au premier dispositif de réseau, les informations d'indication chiffrées étant envoyées au premier dispositif de réseau au moyen d'un deuxième dispositif de réseau.
PCT/CN2020/080934 2019-04-22 2020-03-24 Procédé de traitement d'informations d'authentification, et terminal et dispositif de réseau WO2020215958A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910324947.0A CN111835691B (zh) 2019-04-22 2019-04-22 一种认证信息处理方法、终端和网络设备
CN201910324947.0 2019-04-22

Publications (1)

Publication Number Publication Date
WO2020215958A1 true WO2020215958A1 (fr) 2020-10-29

Family

ID=72912296

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/080934 WO2020215958A1 (fr) 2019-04-22 2020-03-24 Procédé de traitement d'informations d'authentification, et terminal et dispositif de réseau

Country Status (2)

Country Link
CN (1) CN111835691B (fr)
WO (1) WO2020215958A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113726524A (zh) * 2021-09-02 2021-11-30 山东安控信息科技有限公司 一种安全通信方法及通信系统

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113727057B (zh) * 2021-08-31 2023-05-23 成都卫士通信息产业股份有限公司 多媒体会议终端入网认证方法、装置、设备及存储介质

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101835154A (zh) * 2010-04-20 2010-09-15 中兴通讯股份有限公司 一种建立增强的空口密钥的方法及系统
CN102056202A (zh) * 2009-10-29 2011-05-11 中兴通讯股份有限公司 移动终端错误处理方法及系统
US20140080449A1 (en) * 2011-05-18 2014-03-20 Huawei Technologies Co., Ltd. Handover method, base station, user equipment, and mobility management entity
CN106161376A (zh) * 2015-04-13 2016-11-23 中国移动通信集团公司 一种端到端加密通信的协商方法及装置
CN109309566A (zh) * 2017-07-28 2019-02-05 中国移动通信有限公司研究院 一种认证方法、装置、系统、设备及存储介质

Family Cites Families (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101119206B (zh) * 2007-09-13 2011-03-02 北京交通大学 基于标识的一体化网络终端统一接入控制方法
CN101505479B (zh) * 2009-03-16 2014-04-30 中兴通讯股份有限公司 一种认证过程中安全上下文协商方法和系统
CN102045210B (zh) * 2009-10-10 2014-05-28 中兴通讯股份有限公司 一种支持合法监听的端到端会话密钥协商方法和系统
CN101854629B (zh) * 2010-05-21 2013-02-27 西安电子科技大学 家庭基站系统中用户终端接入认证及重认证的方法
KR20170137872A (ko) * 2015-05-04 2017-12-13 텔레폰악티에볼라겟엘엠에릭슨(펍) 암호화 체크섬 생성
EP3151599A1 (fr) * 2015-09-30 2017-04-05 Apple Inc. Gestion d'échec d'authentification d'accès àu réseau cellulaire par wlan
CN108809903B (zh) * 2017-05-02 2021-08-10 中国移动通信有限公司研究院 一种认证方法、装置及系统
CN108880813B (zh) * 2017-05-08 2021-07-16 中国移动通信有限公司研究院 一种附着流程的实现方法及装置
US11044276B2 (en) * 2017-08-24 2021-06-22 Apple Inc. Cellular security framework

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102056202A (zh) * 2009-10-29 2011-05-11 中兴通讯股份有限公司 移动终端错误处理方法及系统
CN101835154A (zh) * 2010-04-20 2010-09-15 中兴通讯股份有限公司 一种建立增强的空口密钥的方法及系统
US20140080449A1 (en) * 2011-05-18 2014-03-20 Huawei Technologies Co., Ltd. Handover method, base station, user equipment, and mobility management entity
CN106161376A (zh) * 2015-04-13 2016-11-23 中国移动通信集团公司 一种端到端加密通信的协商方法及装置
CN109309566A (zh) * 2017-07-28 2019-02-05 中国移动通信有限公司研究院 一种认证方法、装置、系统、设备及存储介质

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113726524A (zh) * 2021-09-02 2021-11-30 山东安控信息科技有限公司 一种安全通信方法及通信系统

Also Published As

Publication number Publication date
CN111835691A (zh) 2020-10-27
CN111835691B (zh) 2022-09-27

Similar Documents

Publication Publication Date Title
US11863982B2 (en) Subscriber identity privacy protection against fake base stations
JP6492115B2 (ja) 暗号鍵の生成
TWI672933B (zh) 用於下一代蜂巢網路的使用者面安全
CN112566112B (zh) 用于无线通信的装置、方法和存储介质
TWI429254B (zh) Uicc及終端間安全頻道技術
US11075752B2 (en) Network authentication method, and related device and system
WO2018045817A1 (fr) Procédé d'authentification de réseau mobile, dispositif terminal, serveur, et entité d'authentification de réseau
US20140237247A1 (en) System and method for provisioning and authenticating via a network
WO2018201946A1 (fr) Procédé de génération de clé d'ancrage, dispositif et système
KR20070112260A (ko) Sim/uicc 키 설정을 위한 네트워크 지원 단말기
US11838417B2 (en) Subscription concealed identifier (SUCI) supporting post-quantum cryptography
WO2018076740A1 (fr) Procédé de transmission de données et dispositif associé
US20200195446A1 (en) System and method for ensuring forward & backward secrecy using physically unclonable functions
JP7237200B2 (ja) パラメータ送信方法及び装置
US11228428B2 (en) Mitigation of problems arising from SIM key leakage
US20230327857A1 (en) Communication Method and Apparatus
US20230308424A1 (en) Secure Session Resumption using Post-Quantum Cryptography
WO2020215958A1 (fr) Procédé de traitement d'informations d'authentification, et terminal et dispositif de réseau
WO2020216047A1 (fr) Procédé de traitement d'informations d'authentification, terminal, et dispositif de réseau
WO2020029735A1 (fr) Procédé et dispositif d'authentification extensibles basés sur une architecture d'amorçage générique, et support de stockage
WO2021236078A1 (fr) Procédé simplifié d'intégration et d'authentification d'identités pour accéder à un réseau
Huang et al. OSNP: Secure wireless authentication protocol using one-time key
CN114079924A (zh) 消息的处理方法、装置、相关设备及存储介质
Londe et al. A new lightweight eap-pk authentication method for ieee 802. 11 standard wireless network

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20796440

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20796440

Country of ref document: EP

Kind code of ref document: A1