WO2021088593A1 - Procédé, dispositif et équipement de vérification, et support de stockage lisible par ordinateur - Google Patents

Procédé, dispositif et équipement de vérification, et support de stockage lisible par ordinateur Download PDF

Info

Publication number
WO2021088593A1
WO2021088593A1 PCT/CN2020/120327 CN2020120327W WO2021088593A1 WO 2021088593 A1 WO2021088593 A1 WO 2021088593A1 CN 2020120327 W CN2020120327 W CN 2020120327W WO 2021088593 A1 WO2021088593 A1 WO 2021088593A1
Authority
WO
WIPO (PCT)
Prior art keywords
integrity
key
verification
network element
terminal
Prior art date
Application number
PCT/CN2020/120327
Other languages
English (en)
Chinese (zh)
Inventor
刘福文
Original Assignee
中国移动通信有限公司研究院
中国移动通信集团有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中国移动通信有限公司研究院, 中国移动通信集团有限公司 filed Critical 中国移动通信有限公司研究院
Publication of WO2021088593A1 publication Critical patent/WO2021088593A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • H04W12/121Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
    • H04W12/122Counter-measures against attacks; Protection against rogue devices

Definitions

  • the present disclosure relates to the field of communication technologies, and in particular, to a verification method, device, device, and computer-readable storage medium.
  • the 5G security standard adopts an integrated encryption scheme (elliptic curve integrate encrypt scheme, ECIES) to protect the user's long-term identity (Subscription Permanent Identifier, SUPI) to protect user privacy.
  • elliptic curve integrate encrypt scheme ECIES
  • SUPI Subscribe Permanent Identifier
  • ECIES encrypts SUPI so that the attacker cannot obtain the SUPI of User Equipment (UE) on the wireless air interface. However, the attacker can confirm whether the guessed SUPI is correct by guessing the value of SUPI and observing the feedback message of the Unified Data Management (UDM) entity.
  • UDM Unified Data Management
  • the above is called a SUPI guessing attack.
  • the attacker can find out the entire SUPI database of a particular network by repeating the above attack several times. How to solve the SUPI guessing attack is the main research direction of related technical personnel.
  • the embodiments of the present disclosure provide a verification method, device, equipment, and computer-readable storage medium to solve the SUPI guessing attack.
  • embodiments of the present disclosure provide a verification method applied to a terminal, including:
  • the shared key is a key used between the first network element and the terminal.
  • the shared key is an operator specific code (OPC) key or root key K that is commonly known to the first network element and the terminal;
  • OPC operator specific code
  • root key K that is commonly known to the first network element and the terminal;
  • integrity verification value is the first complete Sexual protection label;
  • the use of the shared key to perform an integrity operation on the target information to obtain an integrity verification value includes:
  • a global subscriber identity module uses an integrity calculation function to perform calculations on the OPC key or root key K, first information, and second information to obtain the first integrity protection label;
  • the first information is an integrity key
  • the second information is a result of encrypting SUPI with an encryption key.
  • the shared key is the session root key KAUSF between the first network element and the terminal;
  • the integrity verification value is a first integrity protection label;
  • the use of the shared key to perform an integrity operation on the target information to obtain an integrity verification value includes:
  • the mobile end uses an integrity calculation function to perform calculations on the first information, the second information, and the session root key KAUSF key to obtain the first integrity protection label;
  • the first information is an integrity key
  • the second information is a result of encrypting the user's permanent identity SUPI with an encryption key.
  • the sending the integrity verification value to the first network element includes:
  • SUCI Subscriber hidden identifier
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the integrity verification value is a second integrity protection label;
  • the use of the shared key to perform an integrity operation on the target information to obtain an integrity verification value includes:
  • the USIM uses an integrity calculation function to perform calculations on the OPC key or root key K in the SUCI and the existing integrity protection label to obtain the second integrity protection label.
  • the shared key is the session root key KAUSF between the first network element and the terminal;
  • the integrity verification value is a second integrity protection label;
  • the use of the shared key to perform an integrity operation on the target information to obtain an integrity verification value includes:
  • the ME uses the integrity operation function to perform operations on the existing integrity protection label in the SUCI and the session root key KAUSF between the two to obtain the second integrity protection label.
  • the sending the integrity verification value to the first network element includes:
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the integrity verification value is a random number and a third integrity protection label;
  • the use of the shared key to perform an integrity operation on the target information to obtain an integrity verification value includes:
  • the USIM uses an integrity operation function to perform operations on the OPC key or root key K and the random number to obtain the third integrity protection label; or, use a predefined function to perform operations on the OPC secret
  • the key and/or the root key K and the random number are operated to obtain the third integrity protection label.
  • the sending the integrity verification value to the first network element includes:
  • the SUCI, the random number and the third integrity protection label are obtained by the ME by the USIM; or, the random number and the third integrity protection label are obtained by the ME Obtained by the USIM, and the SUCI is generated by the ME.
  • embodiments of the present disclosure provide a verification method applied to a first network element, including:
  • the integrity verification value is obtained by performing an integrity operation on the target information using a shared key, and the shared key is a key used between the first network element and the terminal.
  • the integrity verification value is a first integrity protection label
  • the integrity verification value sent by the receiving terminal includes:
  • the shared key is an OPC key or a root key K that is commonly known to the first network element and the terminal;
  • the verification of the integrity verification value includes:
  • the OPC key or root key K, the third information, and the fourth information are calculated using the integrity calculation function to obtain the first calculation value; wherein, the third information is the integrity key, and the fourth The information is an encryption result of using an encryption key to encrypt the SUPI;
  • the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the shared key is the session root key KAUSF between the first network element and the terminal;
  • the integrity verification value is a first integrity protection label;
  • the verifying the integrity verification value includes:
  • the verification result is that the verification fails.
  • the method further includes:
  • the fifth information, the sixth information, and the session root key KAUSF are calculated using the integrity calculation function to obtain the second calculation value; wherein, the fifth information is the integrity key, and the sixth information is the use An encryption result obtained by encrypting the SUPI by an encryption key;
  • the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the integrity verification value is a second integrity protection label
  • the integrity verification value sent by the receiving terminal includes:
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the verifying the integrity verification value includes:
  • the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the shared key is the session root key KAUSF between the first network element and the terminal;
  • the verifying the integrity verification value includes:
  • the verification result is that the verification fails.
  • the method further includes:
  • the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the obtaining the session root key KAUSF corresponding to the SUPI includes:
  • the integrity verification value is a random number and a third integrity protection label
  • the method also includes:
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the verifying the integrity verification value includes:
  • the verification result is that the verification fails.
  • the method further includes:
  • the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the method further includes:
  • the random number is stored.
  • embodiments of the present disclosure provide a verification device, which is applied to a terminal, and includes:
  • the acquisition module is used to perform integrity operations on the target information by using the shared key to obtain the integrity verification value
  • a sending module configured to send the integrity verification value to the first network element
  • a receiving module configured to receive a verification result of the integrity verification value of the first network element
  • the shared key is a key used between the first network element and the terminal.
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the integrity verification value is a first integrity protection label;
  • the obtaining module is specifically configured to perform operations on the OPC key or root key K, the first information, and the second information by using an integrity operation function through the USIM to obtain the first integrity protection label;
  • the first information is an integrity key
  • the second information is a result of encrypting the user's permanent identity SUPI with an encryption key.
  • the shared key is the session root key KAUSF between the first network element and the terminal;
  • the integrity verification value is a first integrity protection label;
  • the obtaining module is specifically configured to perform operations on the first information, the second information, and the session root key KAUSF key by using an integrity operation function through the ME to obtain the first integrity protection label;
  • the first information is an integrity key
  • the second information is a result of encrypting the user's permanent identity SUPI with an encryption key.
  • the sending module is specifically configured to send SUCI to the first network element, and carry the first integrity protection label in the SUCI.
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the integrity verification value is a second integrity protection label;
  • the acquisition module is specifically configured to perform operations on the OPC key or root key K and the existing integrity protection label in the SUCI by using the integrity operation function through the USIM to obtain the second integrity protection label.
  • the shared key is the session root key KAUSF between the first network element and the terminal;
  • the integrity verification value is a second integrity protection label;
  • the acquisition module is specifically configured to perform operations on the existing integrity protection label in the SUCI and the session root key KAUSF between the ME using an integrity operation function to obtain the second integrity protection label.
  • the sending module is specifically configured to send SUCI and the second integrity protection label to the first network element.
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the integrity verification value is a random number and a third integrity protection label;
  • the acquisition module includes:
  • the obtaining sub-module is used to perform operations on the OPC key or root key K and the random number by the USIM using an integrity operation function to obtain the third integrity protection label; or, using a predefined
  • the function performs an operation on the OPC key and/or the root key K and the random number to obtain the third integrity protection label.
  • the sending module is configured to send SUCI, the random number, and the third integrity protection label to the first network element through the ME;
  • the SUCI, the random number and the third integrity protection label are obtained by the ME by the USIM; or, the random number and the third integrity protection label are obtained by the ME Obtained by the USIM, and the SUCI is generated by the ME.
  • embodiments of the present disclosure provide a verification device, which is applied to a first network element, and includes:
  • the receiving module is used to receive the integrity verification value sent by the terminal
  • a verification module for verifying the integrity verification value
  • a sending module configured to send a verification result of the integrity verification value to the terminal
  • the integrity verification value is obtained by performing an integrity operation on the target information using a shared key, and the shared key is a key used between the first network element and the terminal.
  • the integrity verification value is a first integrity protection label
  • the receiving module is configured to receive the SUCI sent by the terminal, and carry the first integrity protection label in the SUCI.
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the verification module includes:
  • the decryption sub-module is used to decrypt the SUCI to obtain SUPI;
  • An obtaining sub-module for obtaining the OPC key or root key K according to the SUPI An obtaining sub-module for obtaining the OPC key or root key K according to the SUPI;
  • the processing sub-module is used to perform operations on the OPC key or root key K, the third information, and the fourth information by using the integrity operation function to obtain the first operation value; wherein, the third information is the integrity secret Key, the fourth information is an encryption result obtained by encrypting the SUPI using an encryption key;
  • the verification sub-module is configured to, when the first operation value is consistent with the first integrity protection label, the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the shared key is the session root key KAUSF between the first network element and the terminal;
  • the verification module includes:
  • the decryption sub-module is used to decrypt the SUCI to obtain SUPI;
  • the search sub-module is used to search the SUPI in the database
  • the verification sub-module is used to verify that the verification result is that the verification fails if the SUPI is not found.
  • the verification module further includes:
  • the obtaining sub-module is used to obtain the session root key KAUSF corresponding to the SUPI when the SUPI is found;
  • the processing sub-module is used to perform operations on the fifth information, the sixth information and the session root key KAUSF by using the integrity operation function to obtain the second operation value; wherein, the fifth information is the integrity key, so
  • the sixth information is an encryption result of using an encryption key to encrypt the SUPI;
  • the verification sub-module is further configured to: in the case that the second operation value is consistent with the first integrity protection label, the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the integrity verification value is a second integrity protection label; the receiving module is further configured to receive the SUCI sent by the terminal.
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the verification module includes:
  • An obtaining sub-module for obtaining the OPC key or root key K according to the SUPI An obtaining sub-module for obtaining the OPC key or root key K according to the SUPI;
  • a processing sub-module configured to use an integrity calculation function to perform calculations on the OPC key or root key K and the integrity protection label carried in the SUCI to obtain a second calculation value
  • the verification sub-module is configured to verify that the verification result is passed when the verification of the integrity protection label carried in the SUCI and the second operation value is passed; otherwise, the verification result is that the verification fails.
  • the shared key is the session root key KAUSF between the first network element and the terminal;
  • the verification module includes:
  • the decryption sub-module is used to decrypt the SUCI to obtain SUPI;
  • the search sub-module is used to search the SUPI in the database
  • the verification sub-module is used to verify that the verification result is that the verification fails if the SUPI is not found.
  • the verification module further includes:
  • the obtaining sub-module is used to obtain the session root key KAUSF corresponding to the SUPI when the SUPI is found;
  • a processing sub-module configured to use an integrity operation function to perform operations on the integrity protection label carried in the SUCI and the session root key KAUSF to obtain a fourth operation value;
  • the verification submodule is further configured to: in the case where the verification of the integrity protection label carried in the SUCI and the fourth operation value is passed, the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the obtaining submodule is configured to obtain the session root key KAUSF stored by the first network element itself; or obtain the session root key KAUSF from the second network element.
  • the integrity verification value is a random number and a third integrity protection label
  • the receiving module is further configured to receive SUCI sent by the terminal.
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the verification module includes:
  • the first obtaining submodule is used to obtain the random number
  • the search sub-module is used to search the random number in the database
  • the verification sub-module is used to verify that the verification fails when the random number is found.
  • the verification module further includes:
  • the decryption sub-module is used to decrypt the SUCI to obtain SUPI if the random number is not found;
  • the second obtaining submodule is used to obtain the OPC key or root key K corresponding to the SUPI;
  • the processing sub-module is used to perform operations on the OPC key or root key K and the random number using an integrity operation function to obtain a fifth operation value; or use a predefined function to perform operations on the OPC key and/ Or the root key K and the random number are operated to obtain the fifth operation value;
  • the verification sub-module is further configured to: in the case that the third integrity protection label is consistent with the fifth operation value, the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the device further includes:
  • the storage module is configured to store the random number when the random number is not found.
  • embodiments of the present disclosure provide a verification device, which is applied to a terminal and includes a processor and a transceiver;
  • the processor is configured to perform an integrity operation on the target information by using a shared key to obtain an integrity verification value
  • the transceiver is configured to send the integrity verification value to a first network element; receive a verification result of the integrity verification value by the first network element;
  • the shared key is a key used between the first network element and the terminal.
  • the shared key is an OPC key or a root key K that is commonly known to the first network element and the terminal;
  • the integrity verification value is a first integrity protection label;
  • the processor is further configured to perform operations on the OPC key or root key K, the first information, and the second information by using an integrity operation function through the USIM to obtain the first integrity protection label;
  • the first information is an integrity key
  • the second information is a result of encrypting the user's permanent identity SUPI with an encryption key.
  • the shared key is the session root key KAUSF between the first network element and the terminal;
  • the integrity verification value is a first integrity protection label;
  • the processor is further configured to perform operations on the first information, the second information, and the session root key KAUSF key by using an integrity operation function through the ME to obtain the first integrity protection label;
  • the first information is an integrity key
  • the second information is a result of encrypting the user's permanent identity SUPI with an encryption key.
  • the transceiver is further configured to send a user hidden identifier SUCI to the first network element, and carry the first integrity protection label in the SUCI.
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the integrity verification value is a second integrity protection label;
  • the processor is further configured to: use an integrity calculation function to perform calculations on the OPC key or root key K and the existing integrity protection label in the SUCI through the USIM to obtain the second integrity protection label .
  • the shared key is the session root key KAUSF between the first network element and the terminal;
  • the integrity verification value is a second integrity protection label;
  • the processor is further configured to: use the ME to use an integrity operation function to perform operations on the existing integrity protection label in the SUCI and the session root key KAUSF between them to obtain the second integrity protection label.
  • the processor is further configured to send SUCI and the second integrity protection label to the first network element.
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the integrity verification value is a random number and a third integrity protection label;
  • the processor is further configured to: generate a random number through the USIM; the USIM uses an integrity operation function to perform operations on the OPC key or root key K and the random number to obtain the third integrity protection Label; or, using a predefined function to perform operations on the OPC key and/or root key K and the random number to obtain the third integrity protection label.
  • the transceiver is further configured to send the SUCI, the random number, and the third integrity protection label to the first network element through the ME.
  • the SUCI, the random number and the third integrity protection label are obtained by the ME by the USIM; or, the random number and the third integrity protection label are obtained by the ME Obtained by the USIM, and the SUCI is generated by the ME.
  • embodiments of the present disclosure provide a verification device, which is applied to a first network element, and includes: a processor and a transceiver;
  • the transceiver is used to receive the integrity verification value sent by the terminal;
  • the processor is configured to verify the integrity verification value
  • the transceiver is further configured to send a verification result of the integrity verification value to the terminal;
  • the integrity verification value is obtained by performing an integrity operation on the target information using a shared key, and the shared key is a key used between the first network element and the terminal.
  • the integrity verification value is a first integrity protection label
  • the transceiver is further configured to receive the SUCI sent by the terminal, and carry the first integrity protection label in the SUCI.
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal; the processor is further configured to:
  • the OPC key or root key K, the third information, and the fourth information are calculated using the integrity calculation function to obtain the first calculation value; wherein, the third information is the integrity key, and the fourth The information is an encryption result of using an encryption key to encrypt the SUPI;
  • the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the shared key is the session root key KAUSF between the first network element and the terminal;
  • the integrity verification value is a first integrity protection label;
  • the processor is further configured to:
  • the verification result is that the verification fails.
  • processor is also used for:
  • the fifth information, the sixth information, and the session root key KAUSF are calculated using the integrity calculation function to obtain the second calculation value; wherein, the fifth information is the integrity key, and the sixth information is the use An encryption result obtained by encrypting the SUPI by an encryption key;
  • the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the integrity verification value is a second integrity protection label
  • the transceiver is also used to receive SUCI sent by the terminal.
  • the shared key is an OPC key or a root key K known to the first network element and the terminal; the processor is also used to: decrypt the SUCI to obtain SUPI and the second Integrity protection label;
  • the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the shared key is the session root key KAUSF between the first network element and the terminal;
  • the processor is also used for:
  • the verification result is that the verification fails.
  • processor is also used for:
  • the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the processor is further configured to: obtain the session root key KAUSF stored by the first network element itself; or obtain the session root key KAUSF from the second network element.
  • the integrity verification value is a random number and a third integrity protection label
  • the transceiver is also used to receive SUCI sent by the terminal.
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the processor is also used for:
  • the verification result is that the verification fails.
  • processor is also used for:
  • the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the processor is further configured to store the random number when the random number is not found.
  • the shared key of the terminal and the first network element is used to perform an integrity operation on the target information, thereby generating an integrity verification value. Because the attacker does not know the shared key between the terminal and the first network element, even if the SUPI guess is correct, the first network element will detect the error of the integrity verification value and return a registration rejection message, thereby solving the SUPI guessing attack problem.
  • FIG. 1 is one of the flowcharts of the verification method provided by an embodiment of the present disclosure
  • FIG. 2 is the second flow chart of the verification method provided by an embodiment of the present disclosure
  • FIG. 3 is the third flowchart of the verification method provided by an embodiment of the present disclosure.
  • FIG. 4 is the fourth flow chart of the verification method provided by the embodiment of the present disclosure.
  • FIG. 5 is the fifth flowchart of the verification method provided by an embodiment of the present disclosure.
  • FIG. 6 is one of the structural diagrams of the verification device provided by the embodiment of the present disclosure.
  • FIG. 7 is the second structural diagram of the verification device provided by the embodiment of the present disclosure.
  • FIG. 8 is the third structural diagram of the verification device provided by the embodiment of the present disclosure.
  • FIG. 9 is the fourth structural diagram of the verification device provided by an embodiment of the present disclosure.
  • FIG. 10 is one of the structural diagrams of a communication device provided by an embodiment of the present disclosure.
  • Fig. 11 is a second structural diagram of a communication device provided by an embodiment of the present disclosure.
  • FIG. 1 is a flowchart of a verification method provided by an embodiment of the present disclosure, which is applied to a terminal. As shown in Figure 1, it includes the following steps:
  • Step 101 Perform an integrity operation on the target information by using a shared key to obtain an integrity verification value.
  • the shared key is a key used between the first network element and the terminal.
  • the process of terminal encryption for SUPI is as follows: First, an elliptic curve Diffie-Hellman key exchange (Elliptic Curve Diffie-Hellman key exchange, ECDH) private key A PRI is randomly generated, and an ECDH public key A PUB is derived . Then, the terminal uses its own private key A PRI and the network's ECDH public key B PUB to generate a shared key K ECDH . The terminal derives the encryption key K E from K ECDH , the initial value of AES count encryption, and the integrity key K M , which is called key data K D , namely:
  • KDF is the key deduction function
  • It is the decimal number of the terminal's ECDH public key A PUB.
  • the far left of KD is the encryption key K E
  • the middle is the initial value of AES count encryption
  • the far right is the integrity key K M.
  • Counting Advanced Encryption Standard (Advanced Encryption Standard, AES) for encryption using K E SUPI encrypt the encrypted message using the K M SUPI is complete security, generate an integrity protection tag Tag.
  • AES Advanced Encryption Standard
  • Tag HMAC-SHA-256(K M ,K E ⁇ SUPI ⁇ )
  • SUCI includes the following:
  • SUCI Type of SUPI+Home network ID+Route ID+Protection scheme ID+B PUB +A PUB +K E ⁇ SUPI ⁇ +Tag.
  • the home network identifier is used to find the corresponding home network
  • the routing identifier is used to find the corresponding UDM in the same home network.
  • the shared key of the terminal and the network is used to generate an integrity verification value for the related message. Because the attacker does not know the shared key between the terminal and the network, even if the SUPI guess is correct, the network will detect the error of the integrity protection label generated according to the embodiment of the present disclosure, and will return a registration rejection message with reason #3. Thus the problem of SUPI guessing attack is solved.
  • the first solution is to add a key that only the terminal and the network know to the function input for generating the integrity protection tag Tag to obtain the first integrity protection tag. In this way, even if the SUPI guess is correct, because there is no key known to the terminal and the network, the tag generated by the attacker will be detected by the network as an error. Then, the network will also return a registration rejection message with reason #3, thus solving the SUPI guessing attack problem.
  • the SUPI encryption can be performed in a universal integrated circuit card (also called a universal integrated circuit card, UICC, USIM), or it can be performed on the terminal ME.
  • a universal integrated circuit card also called a universal integrated circuit card, UICC, USIM
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal
  • the integrity verification value is a first integrity protection label
  • the OPC key preset in the USIM is obtained after a series of calculations between the OP and the root key K, which ensures that different cards are preset with different OPCs.
  • the terminal and the network shared key OPC or the root key K known to the terminal and the network is used to generate the first integrity protection label.
  • the USIM uses an integrity calculation function to perform calculations on the first information, the second information, the OPC key or the root key to obtain the first integrity protection label.
  • the specific method is as follows:
  • Tag is the first integrity protection tag
  • K M represents the integrity key
  • K E represents the encryption key
  • K represents the root key.
  • the integrity calculation function here is HMAC-SHA-256, and it can also be other integrity calculation functions, such as HMAC-SHA3.
  • UDM verifies the correctness of the first integrity protection label. Even if the attacker guesses a correct SUPI, because he does not know the OPC or the root key K, the attacker cannot generate the correct first integrity protection label, and the network will return a registration rejection message with reason #3. In other words, whether the attacker guessed a correct SUPI or did not guess a correct SUPI, the network will return a registration rejection message with reason #3.
  • the shared key is the session root key K AUSF between the first network element and the terminal; the integrity verification value is a first integrity protection label.
  • the terminal and the network After using 5G Authentication and Key Agreement (AKA) or Extensible Authentication Protocol-Authentication and Key Agreement (EAP-AKA') in the terminal and network to complete mutual authentication , The terminal and the network will calculate and store the session root key K AUSF .
  • AKA 5G Authentication and Key Agreement
  • EAP-AKA' Extensible Authentication Protocol-Authentication and Key Agreement
  • the terminal and the network will calculate and store the session root key K AUSF .
  • the embodiment of the present disclosure uses the shared key K AUSF of the terminal and the network to generate the first integrity protection label.
  • the ME uses an integrity calculation function to perform calculations on the first information, the second information, and the session root key K AUSF to obtain the first integrity protection label.
  • the specific method is as follows:
  • Tag is the first integrity protection tag
  • K M represents the integrity key
  • K E represents the encryption key
  • K represents the root key.
  • the integrity calculation function here is HMAC-SHA-256, and it can also be other integrity calculation functions, such as HMAC-SHA3.
  • UDM verifies the correctness of the first integrity protection label. Even if the attacker guesses a correct SUPI, because he does not know K AUSF , the attacker cannot generate the correct first integrity protection label, and the network will return a registration rejection message with reason #3.
  • K AUSF The initial value of K AUSF is zero.
  • AUSF Authentication Server Function
  • UDM User Data Management Function
  • UDM decrypts SUCI to obtain SUPI, and directly uses the stored K AUSF to perform operations in the above-mentioned manner and verify.
  • UDM first decrypts SUCI to get SUPI, and then searches for SUPI in the database. If there is no corresponding SUPI in the database, UDM returns a "404 Not Found” message, and the network returns a registration rejection message with reason #3 accordingly. If there is a corresponding SUPI in the database, UDM obtains the K AUSF corresponding to SUPI from AUSF , and then verifies the first integrity protection label. If the verification is passed, UDM returns a "200 OK" message containing the authentication vector; if the verification fails, UDM returns a "404 Not Found” message.
  • the terminal sends SUCI to the first network element, and the first integrity protection label is carried in the SUCI.
  • the second scheme is to use the shared key of the terminal and the network to perform a complete protection operation on the tag of the SUCI on the basis of the SUCI to generate a second integrity protection tag, that is, the STag. Because the attacker does not know the shared key between the terminal and the network, even if the SUPI guess is correct, the network will detect the STag error and return a registration rejection message with reason #3, so that the SUPI guess attack problem is solved.
  • the second integrity protection tag STag can be generated by the USIM, and the second integrity protection tag STag can also be generated by the ME.
  • the shared key is an OPC key or a root key K commonly known to the first network element and the terminal;
  • the integrity verification value is a second integrity protection label.
  • the terminal and the network shared key OPC or the root key K are used to calculate the third integrity protection tag Tag in the SUCI to generate the Stag.
  • the USIM uses an integrity calculation function to perform calculations on the OPC key or root key K and the existing integrity protection label in the SUCI to obtain the second integrity protection label. The calculation is as follows:
  • STag HMAC-SHA-256 (OPC or K, Tag).
  • STag is the second integrity protection tag
  • Tag is the third integrity protection tag.
  • the integrity calculation function here is HMAC-SHA-256, and it can also be other integrity calculation functions, such as HMAC-SHA3.
  • the UDM will verify the correctness of the Tag and STag in the SUCI. Only when both of them pass the verification, the network side will send a verification request message to the terminal.
  • the shared key is the session root key K AUSF between the first network element and the terminal;
  • the integrity verification value is a second integrity protection label.
  • the session root key K AUSF between the terminal and the network is used to calculate the third integrity protection tag Tag to generate the second integrity protection tag Stag.
  • the ME uses an integrity calculation function to calculate the existing integrity protection label in the SUCI and the session root key K AUSF between the two to obtain the second integrity protection label.
  • the calculation method is as follows:
  • STag HMAC-SHA-256( KAUSF , Tag).
  • STag is the second integrity protection tag
  • Tag is the third integrity protection tag.
  • the integrity calculation function here is HMAC-SHA-256, and it can also be other integrity calculation functions, such as HMAC-SHA3.
  • the UDM will verify the correctness of the Tag and STag in the SUCI. Only when both of them pass the verification, the network side will send a verification request message to the terminal.
  • the terminal in addition to sending the second integrity protection label to the first network element, the terminal also needs to send SUCI to the first network element.
  • the third scheme is to generate a one-time random number on the USIM of the terminal, and use the shared key of the terminal and the network to perform an integrity calculation on it to generate an integrity verification value NTag. Because the attacker does not know the shared key between the terminal and the network, even if the SUPI guess is correct, the network will detect the NTag error and return a registration rejection message with reason #3, so that the SUPI guess attack problem is solved.
  • the shared key is an OPC key or a root key K that is commonly known to the first network element and the terminal.
  • a random number is generated by the USIM, and the USIM uses an integrity operation function or a function defined in 3GPP TS 35.206 to operate the OPC key and/or root key K and the random number to obtain the third Integrity protection label.
  • the USIM generates a one-time random number Nonce, and uses the OPC key or root key K shared by the terminal and the network to generate a third integrity protection tag NTag for Nonce, which is calculated as follows:
  • NTag HMAC-SHA-256 (OPC or K, Nonce)
  • NTag is the third integrity protection tag
  • Nonce is a random number.
  • the integrity calculation function here is HMAC-SHA-256, and it can also be other integrity calculation functions, such as HMAC-SHA3.
  • the USIM uses a predefined function to perform operations on the OPC key and/or root key K and the random number to obtain the fifth operation value.
  • the calculation is as follows:
  • NTag f2 (OPC and/or K, Nonce)
  • NTag is the third integrity protection tag
  • Nonce is a random number.
  • the predefined function f2 function where the encryption function is AES or other encryption functions.
  • the predefined f3 or f4 or f5 function can also be used.
  • the ME When sending the random number and the third integrity protection label, the ME sends the SUCI, the random number and the third integrity protection label to the first network element.
  • the SUCI, the random number and the third integrity protection label are obtained by the ME by the USIM; or, the random number and the third integrity protection label are obtained by the ME Obtained by the USIM, and the SUCI is generated by the ME.
  • the USIM transmits SUCI, Nonce, and NTag to the ME, and the ME sends it to the network. If the encryption of SUPI is performed on the ME, the USIM transmits the Nonce and NTag to the ME. After the ME completes the encryption of SUCI, it sends SUCI, Nonce and NTag to the network.
  • the network After receiving SUCI, Nonce and NTag, the network first checks whether there is Nonce in the database. If it exists, it responds with a rejection message to resist replay attacks. If Nonce does not exist in the database, decrypt SUCI to get SUPI, and get OPC or root key K according to SUPI. Use OPC or root key K to verify NTag. If the verification is successful, store Nonce and generate a verification vector. If the verification fails, reply with a rejection message.
  • the above three schemes are all based on the key shared by the terminal and the network to generate an integrity protection tag Tag or an integrity secondary tag STag or a one-time random number integrity protection tag NTag. Since the attacker does not know the secret key shared by the terminal and the network, it cannot forge a correct integrity protection tag or integrity secondary tag STag or NTag. In this way, even if an attacker can guess a correct SUPI, he cannot generate a correct integrity protection tag or integrity secondary tag STag or NTag. In other words, the proposed scheme can resist SUPI guessing attacks.
  • the first scheme only adds the shared key of the terminal and the network to the integrity function, so it basically does not increase the amount of calculation.
  • Scheme 2 and Scheme 3 only increase the calculation amount of an integrity function, and this calculation requires less calculation resources and has less impact on the system.
  • Scheme 2 and Scheme 3 are well compatible with systems in related technologies. Because the integrity secondary tag STag or the one-time random number integrity protection tag NTag is superimposed on the ECIES scheme, there is no need Make adjustments to the elliptic curve integrate encrypt scheme (ECIES) scheme.
  • ECIES elliptic curve integrate encrypt scheme
  • Step 102 Send the integrity verification value to the first network element.
  • the SUCI is sent to the first network element, and the SUCI includes the first integrity verification label.
  • the SUCI and the second integrity verification label are respectively sent to the first network element.
  • the SUCI, the random number and the third integrity verification label are respectively sent to the first network element.
  • Step 103 Receive a verification result of the integrity verification value by the first network element.
  • the shared key of the terminal and the first network element is used to perform an integrity operation on the target information, thereby generating an integrity verification value. Because the attacker does not know the shared key between the terminal and the first network element, even if the SUPI guess is correct, the first network element will detect the error of the integrity verification value and return a registration rejection message, thereby solving the SUPI guessing attack problem.
  • FIG. 2 is a flowchart of a verification method provided by an embodiment of the present disclosure, which is applied to the first network element.
  • the first network element may be UDM, for example. As shown in Figure 2, it includes the following steps:
  • Step 201 Receive the integrity verification value sent by the terminal.
  • the integrity verification value is obtained by performing an integrity operation on the target information using a shared key, and the shared key is a key used between the first network element and the terminal.
  • the first network element receives the SUCI sent by the terminal, and carries the first integrity protection label in the SUCI.
  • the first network element receives the SUCI and the second integrity protection label
  • the first network element receives the SUCI, the random number, and the third integrity protection label.
  • Step 202 Verify the integrity verification value.
  • this step may include:
  • Step 2021 Decrypt the SUCI to obtain SUPI.
  • Step 2022 Obtain the OPC key or root key according to the SUPI.
  • the corresponding relationship between the SUPI and the key can be stored in the first network element. Then, here, the OPC key or the root key can be obtained according to the SUPI obtained in step 2021.
  • Step 2023 Use the integrity calculation function to perform calculations on the OPC key or root key of the third information and the fourth information to obtain a first calculation value; wherein, the third information is the integrity key, so The fourth information is the result of encryption performed by the SUPI using the encryption key.
  • Tag is the first operation value
  • K M represents the integrity key
  • K E represents the encryption key
  • K represents the root key.
  • the integrity calculation function here is HMAC-SHA-256, and it can also be other integrity calculation functions, such as HMAC-SHA3.
  • Step 2024 When the first operation value is consistent with the first integrity protection label, the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • this step may include:
  • Step 2025 Decrypt the SUCI to obtain SUPI.
  • Step 2026 Search the SUPI in the database.
  • Step 2027 If the SUPI is not found, the verification result is that the verification fails.
  • the method may further include:
  • Step 2028 If the SUPI is found, obtain the session root key K AUSF corresponding to the SUPI.
  • the first network element may obtain the session itself stored root key K AUSF; or obtaining the root key K AUSF session from the second network element.
  • the second network element may be AUSF, for example.
  • Step 2029 Use an integrity calculation function to perform calculations on the fifth information, the sixth information, and the session root key KAUSF to obtain a second calculation value; wherein, the fifth information is the integrity key, and the The sixth information is the encryption result of using the encryption key to encrypt the SUPI.
  • Step 2030 In a case where the second operation value is consistent with the first integrity protection label, the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • K AUSF The initial value of K AUSF is zero.
  • K AUSF On the network side, there are two possibilities for storing K AUSF : (1) It is stored on both AUSF and UDM at the same time; (2) It is only stored on AUSF.
  • UDM decrypts SUCI to obtain SUPI, and directly uses the stored K AUSF to perform operations in the above manner and verify.
  • UDM first decrypts SUCI to get SUPI, and then searches for SUPI in the database. If there is no corresponding SUPI in the database, UDM returns a "404 Not Found” message, and the network returns a registration rejection message with reason #3 accordingly. If there is a corresponding SUPI in the database, UDM obtains the K AUSF corresponding to SUPI from AUSF , and then verifies the first integrity protection label. If the verification is passed, UDM returns a "200 OK" message containing the authentication vector; if the verification fails, UDM returns a "404 Not Found” message.
  • the first network element also needs to receive the SUCI sent by the terminal.
  • this step may include:
  • Step 2031 Decrypt the SUCI to obtain the SUPI and the second integrity protection label
  • Step 2032 obtain the OPC key or root key K according to the SUPI
  • Step 2033 Use an integrity calculation function to perform calculations on the OPC key or root key K and the integrity protection label carried in the SUCI to obtain a second calculation value;
  • Step 2034 In the case where the verification of the integrity protection label carried in the SUCI and the second operation value is passed, the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • this step may include:
  • Step 2035 Decrypt the SUCI to obtain SUPI
  • Step 2036 Search the SUPI in the database
  • Step 2037 If the SUPI is not found, the verification result is that the verification fails.
  • the method may further include:
  • Step 2038 If the SUPI is found, obtain the session root key K AUSF corresponding to the SUPI;
  • Step 2039 Use an integrity calculation function to perform calculations on the integrity protection label carried in the SUCI and the session root key K AUSF to obtain a fourth calculation value.
  • Step 2040 In the case where the verification of the integrity protection label carried in the SUCI and the fourth operation value is passed, the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the process of obtaining the session root key K AUSF corresponding to the SUPI may include obtaining the session root key K AUSF stored by the first network element itself; or obtaining the session from a second network element Root key K AUSF .
  • the second network element may be AUSF.
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal; this step may include:
  • Step 2041 Obtain the random number.
  • Step 2042 search the random number in the database.
  • Step 2043 If the random number is found, the verification result is that the verification fails.
  • the method may further include:
  • Step 2043 If the random number is not found, decrypt the SUCI to obtain SUPI;
  • Step 2044 Obtain the OPC key or root key K corresponding to the SUPI;
  • Step 2045 Use an integrity operation function to perform operations on the OPC key or root key K and the random number to obtain a fifth operation value; or use a predefined function to perform operations on the OPC key and/or root secret. Perform operations on the key K and the random number to obtain a fifth operation value;
  • Step 2046 When the third integrity protection label is consistent with the fifth operation value, the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the first network element After receiving SUCI, Nonce and NTag, the first network element first checks whether there is Nonce in the database. If it exists, it responds with a rejection message to resist replay attacks. If Nonce does not exist in the database, decrypt SUCI to get SUPI, and get OPC or root key K according to SUPI. Use OPC or root key K to verify NTag. If the verification is successful, store Nonce and generate a verification vector. If the verification fails, reply with a rejection message.
  • Step 203 Send a verification result of the integrity verification value to the terminal.
  • the shared key of the terminal and the first network element is used to perform an integrity operation on the target information, thereby generating an integrity verification value. Because the attacker does not know the shared key between the terminal and the first network element, even if the SUPI guess is correct, the first network element will detect the error of the integrity verification value and return a registration rejection message, thereby solving the SUPI guessing attack problem.
  • FIG. 3 is a flowchart of a verification method provided by an embodiment of the present disclosure, which includes the following steps:
  • Step 301 The terminal converts the SUPI into SUCI, where the Tag in the SUCI is generated according to the method of the embodiment of the present disclosure, that is, the aforementioned first integrity protection tag.
  • the terminal sends the SUCI to the Access and Mobility Management Function (AMF)/Security Anchor Function (SEAF).
  • AMF Access and Mobility Management Function
  • SEAF Security Anchor Function
  • Step 302 AMF/SEAF sends SUCI to AUSF.
  • Step 303 AUSF sends SUCI to UDM.
  • Step 304 The UDM verifies the first integrity protection label in the SUCI.
  • the specific verification method can refer to the description of the foregoing embodiment.
  • Step 305 If the verification is passed, UDM sends "200 OK” to AUSF. If the verification fails, it will return "404 Not Found” with the content of "USER_NOT_FOUND".
  • Step 306 After receiving "200 OK", AUSF sends "201 Created” to AMF/SEAF. After AUSF receives "404 Not Found”, it will send the "404 Not Found” message to AMF/SEAF.
  • Step 307 In the case of "201 Created", the AMF/SEAF sends RAND and AUTN to the terminal in the verification request message. In the case of "404 Not Found", AMF/SEAF sends a registration rejection message with reason #3 to the terminal.
  • Fig. 4 is a flowchart of a verification method provided by an embodiment of the present disclosure, which includes the following steps:
  • Step 401 The terminal converts SUPI to SUCI, and obtains a second integrity protection label according to the method of the foregoing embodiment.
  • the terminal sends the SUCI and the second integrity protection label to AMF/SEAF.
  • Step 402 AMF/SEAF sends SUCI and the second integrity protection label to AUSF.
  • Step 403 AUSF sends the SUCI and the second integrity protection label to UDM.
  • Step 404 Verify the Tag in the SUCI and the second integrity protection tag.
  • the specific verification method can refer to the description of the foregoing embodiment.
  • Step 405 If the verification is passed, UDM sends "200 OK” to AUSF. If the verification fails, UDM returns "404 Not Found” with the content of "USER_NOT_FOUND".
  • Step 406 After receiving "200 OK", AUSF sends "201 Created” to AMF/SEAF. After AUSF receives "404 Not Found”, it will send the "404 Not Found” message to AMF/SEAF.
  • Step 407 In the case of "201 Created", AMF/SEAF sends RAND and AUTN to the terminal in the identity verification request message. In the case of "404 Not Found", AMF/SEAF sends a registration rejection message with reason #3 to the terminal.
  • FIG. 5 is a flowchart of a verification method provided by an embodiment of the present disclosure, which includes the following steps:
  • Step 501 The terminal sends the SUCI, the random number and the third integrity protection label to the AMF/SEAF.
  • the terminal can obtain the third integrity protection label according to the method of the foregoing embodiment.
  • Step 502 AMF/SEAF sends SUCI, random number and third integrity protection label to AUSF.
  • Step 503 AUSF sends SUCI, random number and third integrity protection label to UDM.
  • Step 504 The UDM verifies the random number and the third integrity protection label.
  • UDM first checks whether there is a random number Nonce in the database, and if it does, it responds with a rejection message to resist replay attacks; if the Nonce database does not exist, it decrypts SUCI to SUPI, and obtains OPC or root key K according to SUPI. . Use OPC or root key K to verify NTag. If the verification is successful, store Nonce and generate an authentication vector. If the verification fails, reply with a rejection message.
  • Step 505 If the verification fails or there is a random number Nonce, return "504 Not Found” with the content of "USER_NOT_FOUND". If the verification is passed, "200 OK" is sent to AUSF.
  • Step 506 After receiving "200 OK", AUSF sends "201 Created” to AMF/SEAF. After the AUSF receives the "504 Not Found”, it will send the "504 Not Found” message to the AMF/SEAF.
  • Step 507 In the case of "201 Created", AMF/SEAF sends RAND and AUTN to the terminal in the identity verification request message. In the case of "504 Not Found", AMF/SEAF sends a registration rejection message with reason #3 to the terminal.
  • the embodiment of the present disclosure also provides a verification device, which is applied to a terminal.
  • a verification device which is applied to a terminal.
  • FIG. 6 which is a structural diagram of a verification device provided by an embodiment of the present disclosure. Since the principle of the verification device to solve the problem is similar to the verification method in the embodiment of the present disclosure, the implementation of the verification device can refer to the implementation of the method, and the repetition will not be repeated.
  • the verification device includes: an acquisition module 601, configured to perform integrity operations on target information using a shared key to obtain an integrity verification value; and a sending module 602, configured to send the integrity to the first network element Verification value; a receiving module 603, configured to receive the verification result of the integrity verification value of the first network element;
  • the shared key is a key used between the first network element and the terminal.
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the integrity verification value is a first integrity protection label;
  • the obtaining module 601 is specifically configured to perform operations on the OPC key or root key K, first information, and second information by using an integrity operation function through USIM to obtain the first integrity protection label;
  • the first information is an integrity key
  • the second information is a result of encrypting the user's permanent identity SUPI with an encryption key.
  • the shared key is the session root key K AUSF between the first network element and the terminal;
  • the integrity verification value is a first integrity protection label;
  • the obtaining module 601 is specifically configured to perform operations on the first information, the second information, and the session root key K AUSF key by using an integrity operation function through the ME to obtain the first integrity protection label;
  • the first information is an integrity key
  • the second information is a result of encrypting the user's permanent identity SUPI with an encryption key.
  • the sending module 602 is specifically configured to send SUCI to the first network element, and the first integrity protection label is carried in the SUCI.
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the integrity verification value is a second integrity protection label;
  • the obtaining module 601 is specifically configured to perform operations on the OPC key or root key K and the existing integrity protection label in the SUCI by using an integrity operation function through the USIM to obtain the second integrity protection label.
  • the shared key is the session root key K AUSF between the first network element and the terminal;
  • the integrity verification value is a second integrity protection label;
  • the acquisition module 601 is specifically configured to perform operations on the existing integrity protection label in the SUCI and the session root key K AUSF between the ME using an integrity operation function to obtain the second integrity protection label .
  • the sending module 602 is further configured to send SUCI and the second integrity protection label to the first network element.
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the integrity verification value is a random number and a third integrity protection label;
  • the obtaining module 601 includes:
  • the obtaining sub-module is used to perform operations on the OPC key or root key K and the random number by the USIM using an integrity operation function to obtain the third integrity protection label; or, using a predefined
  • the function performs an operation on the OPC key and/or the root key K and the random number to obtain the third integrity protection label.
  • the sending module 602 is configured to send SUCI, the random number, and the third integrity protection label to the first network element through the ME;
  • the SUCI, the random number and the third integrity protection label are obtained by the ME by the USIM; or, the random number and the third integrity protection label are obtained by the ME Obtained by the USIM, and the SUCI is generated by the ME.
  • the device provided in the embodiment of the present disclosure can execute the foregoing method embodiment, and its implementation principles and technical effects are similar, and details are not described in this embodiment here.
  • the embodiment of the present disclosure also provides a verification device, which is applied to the first network element.
  • FIG. 7 is a structural diagram of a verification device provided by an embodiment of the present disclosure. Since the principle of the verification device to solve the problem is similar to the verification method in the embodiment of the present disclosure, the implementation of the verification device can refer to the implementation of the method, and the repetition will not be repeated.
  • the verification device includes: a receiving module 701, used to receive the integrity verification value sent by the terminal; a verification module 702, used to verify the integrity verification value; a sending module 703, used to send the The terminal sends a verification result of the integrity verification value; wherein, the integrity verification value is obtained by performing an integrity operation on the target information using a shared key, and the shared key is the first network element and the The key used between the terminals.
  • the integrity verification value is a first integrity protection label
  • the receiving module is configured to receive the SUCI sent by the terminal, and carry the first integrity protection label in the SUCI.
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the verification module includes:
  • the decryption sub-module is used to decrypt the SUCI to obtain SUPI;
  • An obtaining sub-module for obtaining the OPC key or root key K according to the SUPI An obtaining sub-module for obtaining the OPC key or root key K according to the SUPI;
  • the processing sub-module is used to perform operations on the OPC key or root key K, the third information, and the fourth information by using the integrity operation function to obtain the first operation value; wherein, the third information is the integrity secret Key, the fourth information is an encryption result obtained by encrypting the SUPI using an encryption key;
  • the verification sub-module is configured to, when the first operation value is consistent with the first integrity protection label, the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the shared key is the session root key K AUSF between the first network element and the terminal;
  • the verification module includes:
  • the decryption sub-module is used to decrypt the SUCI to obtain SUPI;
  • the search sub-module is used to search the SUPI in the database
  • the verification sub-module is used to verify that the verification result is that the verification fails if the SUPI is not found.
  • the verification module further includes:
  • the obtaining sub-module is used to obtain the session root key K AUSF corresponding to the SUPI when the SUPI is found;
  • the processing sub-module is used to perform operations on the fifth information, the sixth information and the session root key K AUSF by using an integrity operation function to obtain a second operation value; wherein, the fifth information is an integrity key, The sixth information is an encryption result of using an encryption key to encrypt the SUPI;
  • the verification sub-module is further configured to: in the case that the second operation value is consistent with the first integrity protection label, the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the integrity verification value is a second integrity protection label; the receiving module is further configured to receive the SUCI sent by the terminal.
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the verification module includes:
  • An obtaining sub-module for obtaining the OPC key or root key K according to the SUPI An obtaining sub-module for obtaining the OPC key or root key K according to the SUPI;
  • a processing sub-module configured to use an integrity calculation function to perform calculations on the OPC key or root key K and the integrity protection label carried in the SUCI to obtain a second calculation value
  • the verification sub-module is configured to verify that the verification result is passed when the verification of the integrity protection label carried in the SUCI and the second operation value is passed; otherwise, the verification result is that the verification fails.
  • the shared key is the session root key K AUSF between the first network element and the terminal;
  • the verification module includes:
  • the decryption sub-module is used to decrypt the SUCI to obtain SUPI;
  • the search sub-module is used to search the SUPI in the database
  • the verification sub-module is used to verify that the verification result is that the verification fails if the SUPI is not found.
  • the verification module further includes:
  • the obtaining sub-module is used to obtain the session root key K AUSF corresponding to the SUPI when the SUPI is found;
  • a processing submodule configured to use an integrity operation function to perform operations on the integrity protection label carried in the SUCI and the session root key K AUSF to obtain a fourth operation value;
  • the verification submodule is further configured to: in the case where the verification of the integrity protection label carried in the SUCI and the fourth operation value is passed, the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the obtaining submodule is configured to obtain the session root key K AUSF stored by the first network element itself; or obtain the session root key K AUSF from the second network element.
  • the integrity verification value is a random number and a third integrity protection label
  • the receiving module is further configured to receive SUCI sent by the terminal.
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the verification module includes:
  • the first obtaining submodule is used to obtain the random number
  • the search sub-module is used to search the random number in the database
  • the verification sub-module is used to verify that the verification fails when the random number is found.
  • the verification module further includes:
  • the decryption sub-module is used to decrypt the SUCI to obtain SUPI if the random number is not found;
  • the second obtaining submodule is used to obtain the OPC key or root key K corresponding to the SUPI;
  • the processing sub-module is used to perform operations on the OPC key or root key K and the random number using an integrity operation function to obtain a fifth operation value; or use a predefined function to perform operations on the OPC key and/ Or the root key K and the random number are operated to obtain the fifth operation value;
  • the verification sub-module is further configured to: in the case that the third integrity protection label is consistent with the fifth operation value, the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the device further includes:
  • the storage module is configured to store the random number when the random number is not found.
  • the device provided in the embodiment of the present disclosure can execute the foregoing method embodiment, and its implementation principles and technical effects are similar, and details are not described herein again in this embodiment.
  • the embodiment of the present disclosure also provides a verification device, which is applied to a terminal.
  • a verification device which is applied to a terminal.
  • FIG. 8 which is a structural diagram of a verification device provided by an embodiment of the present disclosure. Since the principle of the verification device to solve the problem is similar to the verification method in the embodiment of the present disclosure, the implementation of the verification device can refer to the implementation of the method, and the repetition will not be repeated.
  • the verification device includes: a processor 801 and a transceiver 802.
  • the processor 801 is configured to perform an integrity operation on the target information by using a shared key to obtain an integrity verification value
  • the transceiver 802 is configured to send the integrity verification value to a first network element; receive a verification result of the integrity verification value by the first network element;
  • the shared key is a key used between the first network element and the terminal.
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the integrity verification value is a first integrity protection label;
  • the processor is further configured to perform operations on the OPC key or root key K, the first information, and the second information by using an integrity operation function through the USIM to obtain the first integrity protection label;
  • the first information is an integrity key
  • the second information is a result of encrypting the user's permanent identity SUPI with an encryption key.
  • the shared key is the session root key K AUSF between the first network element and the terminal;
  • the integrity verification value is a first integrity protection label;
  • the processor is further configured to perform operations on the first information, the second information, and the session root key K AUSF key by using an integrity operation function through the ME to obtain the first integrity protection label;
  • the first information is an integrity key
  • the second information is a result of encrypting the user's permanent identity SUPI with an encryption key.
  • the transceiver is further configured to send a user hidden identifier SUCI to the first network element, and carry the first integrity protection label in the SUCI.
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the integrity verification value is a second integrity protection label;
  • the processor is further configured to: use an integrity calculation function to perform calculations on the OPC key or root key K and the existing integrity protection label in the SUCI through the USIM to obtain the second integrity protection label .
  • the shared key is the session root key K AUSF between the first network element and the terminal;
  • the integrity verification value is a second integrity protection label;
  • the processor is further configured to: calculate the existing integrity protection label in the SUCI and the session root key K AUSF between the ME using an integrity operation function to obtain the second integrity protection label.
  • the processor is further configured to send SUCI and the second integrity protection label to the first network element.
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the integrity verification value is a random number and a third integrity protection label;
  • the processor is further configured to: generate a random number through the USIM; the USIM uses an integrity operation function to perform operations on the OPC key or root key K and the random number to obtain the third integrity protection Label; or, using a predefined function to perform operations on the OPC key and/or root key K and the random number to obtain the third integrity protection label.
  • the transceiver is further configured to send SUCI, the random number, and the third integrity protection label to the first network element through the ME;
  • the SUCI, the random number and the third integrity protection label are obtained by the ME by the USIM; or, the random number and the third integrity protection label are obtained by the ME Obtained by the USIM, and the SUCI is generated by the ME.
  • the device provided in the embodiment of the present disclosure can execute the foregoing method embodiment, and its implementation principles and technical effects are similar, and details are not described herein again in this embodiment.
  • the embodiment of the present disclosure also provides a verification device, which is applied to the first network element.
  • a verification device which is applied to the first network element.
  • FIG. 9 is a structural diagram of a verification device provided by an embodiment of the present disclosure. Since the principle of the verification device to solve the problem is similar to the verification method in the embodiment of the present disclosure, the implementation of the verification device can refer to the implementation of the method, and the repetition will not be repeated.
  • the verification device includes: a processor 901 and a transceiver 902.
  • the transceiver 902 is configured to receive the integrity verification value sent by the terminal;
  • the processor 901 is configured to verify the integrity verification value
  • the transceiver 902 is further configured to send a verification result of the integrity verification value to the terminal;
  • the integrity verification value is obtained by performing an integrity operation on the target information using a shared key, and the shared key is a key used between the first network element and the terminal.
  • the integrity verification value is a first integrity protection label
  • the transceiver is further configured to receive the SUCI sent by the terminal, and carry the first integrity protection label in the SUCI.
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal; the processor is further configured to:
  • the OPC key or root key K, the third information, and the fourth information are calculated using the integrity calculation function to obtain the first calculation value; wherein, the third information is the integrity key, and the fourth The information is an encryption result of using an encryption key to encrypt the SUPI;
  • the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the shared key is the session root key K AUSF between the first network element and the terminal;
  • the integrity verification value is a first integrity protection label;
  • the processor is further configured to:
  • the verification result is that the verification fails.
  • processor is also used for:
  • the fifth information, the sixth information, and the session root key K AUSF are calculated using the integrity calculation function to obtain the second calculation value; wherein, the fifth information is the integrity key, and the sixth information is An encryption result obtained by encrypting the SUPI using an encryption key;
  • the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the integrity verification value is a second integrity protection label
  • the transceiver is also used to receive SUCI sent by the terminal.
  • the shared key is an OPC key or a root key K known to the first network element and the terminal; the processor is also used to: decrypt the SUCI to obtain SUPI and the second Integrity protection label;
  • the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the shared key is the session root key K AUSF between the first network element and the terminal;
  • the processor is also used for:
  • the verification result is that the verification fails.
  • processor is also used for:
  • the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the processor is further configured to: obtain the session root key K AUSF stored by the first network element itself; or obtain the session root key K AUSF from the second network element.
  • the integrity verification value is a random number and a third integrity protection label
  • the transceiver is also used to receive SUCI sent by the terminal.
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the processor is also used for:
  • the verification result is that the verification fails.
  • processor is also used for:
  • the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the processor is further configured to store the random number when the random number is not found.
  • the device provided in the embodiment of the present disclosure can execute the foregoing method embodiment, and its implementation principles and technical effects are similar, and details are not described herein again in this embodiment.
  • the communication device of the embodiment of the present disclosure applied to a terminal, includes: a processor 1000, configured to read a program in a memory 1020, and execute the following process:
  • the shared key is a key used between the first network element and the terminal.
  • the transceiver 1010 is used to receive and send data under the control of the processor 1000.
  • the bus architecture may include any number of interconnected buses and bridges. Specifically, one or more processors represented by the processor 1000 and various circuits of the memory represented by the memory 1020 are linked together.
  • the bus architecture can also link various other circuits such as peripheral devices, voltage regulators, power management circuits, etc., which are all known in the art, and therefore, will not be further described herein.
  • the bus interface provides the interface.
  • the transceiver 1010 may be a plurality of elements, including a transmitter and a transceiver, and provide a unit for communicating with various other devices on a transmission medium.
  • the processor 1000 is responsible for managing the bus architecture and general processing, and the memory 1020 can store data used by the processor 1000 when performing operations.
  • the processor 1000 is responsible for managing the bus architecture and general processing, and the memory 1020 can store data used by the processor 1000 when performing operations.
  • the shared key is an OPC key or a root key K commonly known by the first network element and the terminal;
  • the integrity verification value is a first integrity protection label;
  • the processor 1000 is further configured to read the program and execute the following steps:
  • USIM uses an integrity calculation function to perform calculations on the OPC key or root key K, first information, and second information to obtain the first integrity protection label;
  • the first information is an integrity key
  • the second information is a result of encrypting SUPI with an encryption key.
  • the shared key is the session root key K AUSF between the first network element and the terminal;
  • the integrity verification value is a first integrity protection label;
  • the processor 1000 is also used to read The procedure described below performs the following steps:
  • the ME uses an integrity calculation function to perform calculations on the first information, the second information, and the session root key K AUSF key to obtain the first integrity protection label;
  • the first information is an integrity key
  • the second information is a result of encrypting the user's permanent identity SUPI with an encryption key.
  • the processor 1000 is further configured to read the program and execute the following steps:
  • the shared key is an OPC key or a root key K known to the first network element and the terminal; the integrity verification value is a second integrity protection label; the processor 1000 is also used to read
  • the procedure described below performs the following steps:
  • the USIM uses an integrity calculation function to perform calculations on the OPC key or root key K and the existing integrity protection label in the SUCI to obtain the second integrity protection label.
  • the shared key is the session root key K AUSF between the first network element and the terminal;
  • the integrity verification value is a second integrity protection label;
  • the processor 1000 is also used to read The procedure described below performs the following steps:
  • the ME uses an integrity operation function to perform operations on the existing integrity protection label in the SUCI and the session root key K AUSF between the two to obtain the second integrity protection label.
  • the processor 1000 is further configured to read the program and execute the following steps:
  • the shared key is an OPC key or a root key K commonly known to the first network element and the terminal;
  • the integrity verification value is a random number and a third integrity protection label;
  • the processor 1000 It is also used to read the program and perform the following steps:
  • the USIM uses an integrity operation function to perform operations on the OPC key or root key K and the random number to obtain the third integrity protection label; or, use a predefined function to perform operations on the OPC secret
  • the key and/or the root key K and the random number are operated to obtain the third integrity protection label.
  • the processor 1000 is further configured to read the program and execute the following steps:
  • the SUCI, the random number and the third integrity protection label are obtained by the ME by the USIM; or, the random number and the third integrity protection label are obtained by the ME Obtained by the USIM, and the SUCI is generated by the ME.
  • the communication device of the embodiment of the present disclosure applied to the first network element, includes: a processor 1100, configured to read a program in a memory 1111, and execute the following process:
  • the integrity verification value is obtained by performing an integrity operation on the target information using a shared key, and the shared key is a key used between the first network element and the terminal.
  • the transceiver 1110 is configured to receive and send data under the control of the processor 1100.
  • the bus architecture may include any number of interconnected buses and bridges. Specifically, one or more processors represented by the processor 1100 and various circuits of the memory represented by the memory 1111 are linked together.
  • the bus architecture can also link various other circuits such as peripheral devices, voltage regulators, power management circuits, etc., which are all known in the art, and therefore, will not be further described herein.
  • the bus interface provides the interface.
  • the transceiver 1110 may be a plurality of elements, including a transmitter and a transceiver, and provide a unit for communicating with various other devices on a transmission medium.
  • the processor 1100 is responsible for managing the bus architecture and general processing, and the memory 1111 may store data used by the processor 1100 when performing operations.
  • the processor 1100 is responsible for managing the bus architecture and general processing, and the memory 1111 may store data used by the processor 1100 when performing operations.
  • the integrity verification value is the first integrity protection label
  • the processor 1100 is further configured to read the program and perform the following steps: receive the SUCI sent by the terminal, and carry the first SUCI in the SUCI Integrity protection label.
  • the shared key is an OPC key or root key K that is commonly known to the first network element and the terminal; the processor 1100 is further configured to read the program and execute the following steps:
  • the OPC key or root key K, the third information, and the fourth information are calculated using the integrity calculation function to obtain the first calculation value; wherein, the third information is the integrity key, and the fourth The information is an encryption result of using an encryption key to encrypt the SUPI;
  • the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the shared key is the session root key K AUSF between the first network element and the terminal;
  • the integrity verification value is a first integrity protection label;
  • the processor 1100 is also used to read The procedure described below performs the following steps:
  • the verification result is that the verification fails.
  • the processor 1100 is further configured to read the program and execute the following steps:
  • the fifth information, the sixth information, and the session root key K AUSF are calculated using the integrity calculation function to obtain the second calculation value; wherein, the fifth information is the integrity key, and the sixth information is An encryption result obtained by encrypting the SUPI using an encryption key;
  • the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the integrity verification value is a second integrity protection label
  • the processor 1100 is further configured to read the program and execute the following steps: receiving the SUCI and the second integrity protection label sent by the terminal.
  • the shared key is an OPC key or root key K that is commonly known to the first network element and the terminal; the processor 1100 is further configured to read the program and execute the following steps:
  • the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the shared key is the session root key K AUSF between the first network element and the terminal; the processor 1100 is further configured to read the program and perform the following steps:
  • the verification result is that the verification fails.
  • the processor 1100 is further configured to read the program and execute the following steps:
  • the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the processor 1100 is further configured to read the program and execute the following steps:
  • the integrity verification value is a random number and a third integrity protection label; the processor 1100 is further configured to read the program and execute the following steps:
  • the shared key is an OPC key or root key K that is commonly known to the first network element and the terminal; the processor 1100 is further configured to read the program and execute the following steps:
  • the verification result is that the verification fails.
  • the processor 1100 is further configured to read the program and execute the following steps:
  • the verification result is that the verification is passed; otherwise, the verification result is that the verification is not passed.
  • the processor 1100 is further configured to read the program and execute the following steps:
  • the random number is stored.
  • the embodiments of the present disclosure also provide a computer-readable storage medium, and a computer program is stored on the computer-readable storage medium.
  • a computer program is stored on the computer-readable storage medium.
  • the computer program is executed by a processor, each process of the above-mentioned verification method embodiment is realized, and the same technical effect can be achieved. To avoid repetition, I won’t repeat it here.
  • the computer-readable storage medium such as read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic disk, or optical disk, etc.
  • the method of the above embodiments can be implemented by means of software plus the necessary general hardware platform. Of course, it can also be implemented by hardware, but in many cases the former is better.
  • Implementation mode According to this understanding, the technical solution of the present disclosure can be embodied in the form of a software product in essence or the part that contributes to the related technology.
  • the computer software product is stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk). ) Includes several instructions to make a terminal (which can be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) execute the methods described in the various embodiments of the present disclosure.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Storage Device Security (AREA)

Abstract

La présente invention se rapporte au domaine technique des communications. La présente invention concerne un procédé, un dispositif et un équipement de vérification, ainsi qu'un support de stockage lisible par ordinateur, pour résoudre le problème des attaques en devinant l'identificateur permanent d'abonnement (SUPI). Le procédé consiste à : effectuer une opération d'intégrité sur des informations cibles en utilisant une clé partagée pour obtenir une valeur de vérification d'intégrité ; envoyer la valeur de vérification d'intégrité à un premier élément de réseau ; et recevoir un résultat de vérification du premier élément de réseau pour la valeur de vérification d'intégrité. La clé partagée est utilisée entre le premier élément de réseau et un terminal.
PCT/CN2020/120327 2019-11-06 2020-10-12 Procédé, dispositif et équipement de vérification, et support de stockage lisible par ordinateur WO2021088593A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201911104767.8 2019-11-06
CN201911104767.8A CN112839329B (zh) 2019-11-06 2019-11-06 一种验证方法、装置、设备及计算机可读存储介质

Publications (1)

Publication Number Publication Date
WO2021088593A1 true WO2021088593A1 (fr) 2021-05-14

Family

ID=75848774

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/120327 WO2021088593A1 (fr) 2019-11-06 2020-10-12 Procédé, dispositif et équipement de vérification, et support de stockage lisible par ordinateur

Country Status (2)

Country Link
CN (1) CN112839329B (fr)
WO (1) WO2021088593A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115379445A (zh) * 2022-08-23 2022-11-22 中国联合网络通信集团有限公司 一种密钥派生方法及装置、网络设备

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101562558A (zh) * 2008-04-15 2009-10-21 华为技术有限公司 一种终端等级划分的方法、系统和设备
CN102026165A (zh) * 2009-09-14 2011-04-20 中兴通讯股份有限公司 一种用于识别终端的方法及系统
CN104202168A (zh) * 2014-09-19 2014-12-10 浪潮电子信息产业股份有限公司 一种基于可信第三方的云数据完整性验证方法
CN107666491A (zh) * 2017-11-15 2018-02-06 北京交通大学 基于对称加密的空地一体化网络的数据传输方法
WO2019084575A1 (fr) * 2017-10-25 2019-05-02 Alibaba Group Holding Limited Procédé de démarrage de bios et procédé de traitement de données

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019105695A1 (fr) * 2017-11-30 2019-06-06 Telefonaktiebolaget Lm Ericsson (Publ) Désactivation sécurisée de protection d'identifiant d'abonné dans 5g
CN109699031B (zh) * 2018-01-11 2020-03-20 华为技术有限公司 采用共享密钥、公钥和私钥的验证方法及装置
CN110035433B (zh) * 2018-01-11 2024-03-19 华为技术有限公司 采用共享密钥、公钥和私钥的验证方法及装置
CN110225600B (zh) * 2018-03-01 2021-09-07 华为技术有限公司 通信方法及装置
CN108683510B (zh) * 2018-05-18 2021-03-23 兴唐通信科技有限公司 一种加密传输的用户身份更新方法
CN108848495B (zh) * 2018-05-18 2021-03-23 兴唐通信科技有限公司 一种使用预置密钥的用户身份更新方法

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101562558A (zh) * 2008-04-15 2009-10-21 华为技术有限公司 一种终端等级划分的方法、系统和设备
CN102026165A (zh) * 2009-09-14 2011-04-20 中兴通讯股份有限公司 一种用于识别终端的方法及系统
CN104202168A (zh) * 2014-09-19 2014-12-10 浪潮电子信息产业股份有限公司 一种基于可信第三方的云数据完整性验证方法
WO2019084575A1 (fr) * 2017-10-25 2019-05-02 Alibaba Group Holding Limited Procédé de démarrage de bios et procédé de traitement de données
CN107666491A (zh) * 2017-11-15 2018-02-06 北京交通大学 基于对称加密的空地一体化网络的数据传输方法

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115379445A (zh) * 2022-08-23 2022-11-22 中国联合网络通信集团有限公司 一种密钥派生方法及装置、网络设备
CN115379445B (zh) * 2022-08-23 2024-05-14 中国联合网络通信集团有限公司 一种密钥派生方法及装置、网络设备

Also Published As

Publication number Publication date
CN112839329B (zh) 2022-07-22
CN112839329A (zh) 2021-05-25

Similar Documents

Publication Publication Date Title
Aman et al. Mutual authentication in IoT systems using physical unclonable functions
CN110971415B (zh) 一种天地一体化空间信息网络匿名接入认证方法及系统
Das et al. An efficient multi‐gateway‐based three‐factor user authentication and key agreement scheme in hierarchical wireless sensor networks
US10638321B2 (en) Wireless network connection method and apparatus, and storage medium
KR101485230B1 (ko) 안전한 멀티 uim 인증 및 키 교환
Mishra et al. A secure and efficient chaotic map-based authenticated key agreement scheme for telecare medicine information systems
Das A secure and effective user authentication and privacy preserving protocol with smart cards for wireless communications
Saxena et al. Authentication protocol for an IoT-enabled LTE network
Doss et al. Secure RFID tag ownership transfer based on quadratic residues
Wang et al. Ultra super fast authentication protocol for electric vehicle charging using extended chaotic maps
Qian et al. A Lightweight RFID Security Protocol Based on Elliptic Curve Crytography.
Mehmood et al. Authentication and secure key management in E-health services: a robust and efficient protocol using biometrics
US20200195446A1 (en) System and method for ensuring forward & backward secrecy using physically unclonable functions
Xu et al. An anonymous handover authentication scheme based on LTE‐A for vehicular networks
Choudhury HashXor: A lightweight scheme for identity privacy of IoT devices in 5G mobile network
Noh et al. Secure authentication and four-way handshake scheme for protected individual communication in public wi-fi networks
Odelu et al. A secure anonymity preserving authentication scheme for roaming service in global mobility networks
CN114143117B (zh) 数据处理方法及设备
De Smet et al. Lightweight PUF based authentication scheme for fog architecture
Liu et al. A new authentication and key agreement protocol for 5G wireless networks
TWI568234B (zh) 全球移動通訊網路的匿名認證方法
Yu et al. Puf-based robust and anonymous authentication and key establishment scheme for v2g networks
Ouaissa et al. New security level of authentication and key agreement protocol for the IoT on LTE mobile networks
Coruh et al. Hybrid secure authentication and key exchange scheme for M2M home networks
Lee et al. Secure and anonymous authentication scheme for mobile edge computing environments

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20885552

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20885552

Country of ref document: EP

Kind code of ref document: A1