WO2023010531A1

WO2023010531A1 - Security enhancement method for radio resource control (rrc) connection resumption, and communication apparatus

Info

Publication number: WO2023010531A1
Application number: PCT/CN2021/111198
Authority: WO
Inventors: 施饶
Original assignee: 北京小米移动软件有限公司
Priority date: 2021-08-06
Filing date: 2021-08-06
Publication date: 2023-02-09
Also published as: CN115943724A

Abstract

Disclosed in embodiments of the present application are a security enhancement method for radio resource control (RRC) connection resumption, a communications apparatus, and a storage medium, which can be applied to an NR network. The method comprises: determining an algorithm capability supported by a network device; selecting, according to the algorithm capability supported by the network device, a target integrity protection algorithm corresponding to the algorithm capability; and performing integrity protection verification on a RRC connection resumption request message according to the target integrity protection algorithm and an input parameter for calculating a message integrity verification code. By implementing the embodiments of the present application, the problem that the integrity protection algorithm is incompatible can be solved, such that the security of the RRC connection resumption request message can be enhanced.

Description

Security enhancement method and communication device for radio resource control RRC connection recovery

technical field

The present application relates to the field of communication technologies, and in particular to a security enhancement method for radio resource control (RRC) connection recovery, a communication device and a storage medium.

Background technique

With the rapid development of wireless mobile networks, the current NR (New Radio, new air interface 5G) network already has high reliability and security, but threats such as loopholes in the development framework and attacks from fake base stations are still emerging one after another. Looking for more reliable The secure encryption algorithm and more reliable security authentication are also an important direction that the NR network needs to consider.

For the RRC (Radio Resource Control, radio resource control) connection recovery request message initiated by the terminal equipment UE, it is also necessary to perform integrity protection verification on the RRC connection recovery request message.

Contents of the invention

Embodiments of the present application provide a security enhancement method and communication device for radio resource control RRC connection recovery, which can be applied to NR networks, and perform capability negotiation through terminal equipment and network equipment, so that both parties have the same algorithm capability and message integrity The verification information of the verification code resumeMAC-I can be correctly matched, which solves the problem of incompatibility of the integrity protection algorithm, so that the security of the RRC connection recovery request message can be enhanced.

In the first aspect, the embodiment of the present application provides a security enhancement method for radio resource control RRC connection recovery, the method is applied to a terminal device, and the method includes:

Determine the algorithm capability supported by the network device; select the target integrity protection algorithm corresponding to the algorithm capability according to the algorithm capability supported by the network device; The input parameter of the integrity verification code is used to perform integrity protection verification on the RRC connection recovery request message.

In this technical solution, by determining the algorithm capabilities supported by the network equipment, the integrity protection algorithm corresponding to the algorithm capabilities supported by the network equipment is selected to perform integrity protection verification on the RRC connection recovery request message, so that both parties have the same Algorithm capabilities, so that the check information of the message integrity verification code resumeMAC-I can be correctly matched, and the problem of incompatibility of integrity protection algorithms is solved, so that the security of the RRC connection recovery request message can be enhanced.

In one implementation, the input parameters include at least one or more of the following: Key _RRCint , bearer ID, data transmission direction, count COUNT value, target cell ID, source cell ID, temporary Identifier C-RNTI and increase variable.

In an implementation manner, the determining the algorithm capability supported by the network device includes:

According to the capability indication information sent by the network device, determine the algorithm capability supported by the network device.

Judging whether the first computing capability indication information sent by the network device is received; the first computing capability indication information is used to notify the terminal device whether the network device supports the first integrity protection algorithm; wherein, the The input parameters of the first integrity protection algorithm include key Key _RRCint , bearer ID, data transmission direction direction, count COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI and increase variable; response After receiving the first computing capability indication information sent by the network device, determine the algorithm capability supported by the network device according to the first computing capability indication information.

In an optional implementation manner, the determining the algorithm capability supported by the network device further includes:

In response to not receiving the first computing capability indication information sent by the network device, it is determined that the algorithm capability supported by the network device is not supporting the first integrity protection algorithm.

In this technical solution, the algorithm capability supported by the network device is determined by judging whether the capability indication information sent by the network device is received, and thus the capability negotiation is performed between the terminal device and the network device so that both parties have the same algorithm capability , so that the check information of the message integrity verification code resumeMAC-I can be correctly matched, and the problem of incompatibility of the integrity protection algorithm is solved, so that the security of the RRC connection recovery request message can be enhanced.

In an optional implementation manner, the first computing capability indication information is used to notify the terminal device that the network device supports a first integrity protection algorithm; according to the first computing capability indication information, Determine the algorithm capabilities supported by the network equipment, including:

It is determined that the algorithm capability supported by the network device is to support the first integrity protection algorithm.

In an optional implementation manner, the terminal device supports the first integrity protection algorithm; according to the algorithm capability supported by the network device, the target integrity protection corresponding to the algorithm capability is selected Algorithms, including:

According to the algorithm capability supported by the network device, a first integrity protection algorithm corresponding to the algorithm capability is selected.

In an optional implementation manner, performing integrity protection verification on the RRC connection recovery request message according to the target integrity protection algorithm and the input parameters used to calculate the message integrity verification code includes:

Using the first integrity protection algorithm, according to the key Key _RRCint , bearer ID, data transmission direction direction, count COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI and increase variable, calculate the message integrity verification code;

Perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.

In a possible implementation manner, the terminal device does not support the first integrity protection algorithm; according to the algorithm capability supported by the network device, select the target integrity protection algorithm corresponding to the algorithm capability Algorithms, including:

Select the second integrity protection algorithm as the target integrity protection algorithm; wherein, the input parameters of the second integrity protection algorithm include key Key _RRCint , bearer ID, data transmission direction direction, count COUNT value, target Cell ID, source cell ID and temporary identifier C-RNTI.

Optionally, performing integrity protection verification on the RRC connection recovery request message according to the target integrity protection algorithm and the input parameters for calculating the message integrity verification code includes:

Using the second integrity protection _algorithm , calculate A message integrity verification code: performing integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.

In an implementation manner, the first computing capability indication information is used to notify the terminal device that the network device does not support the first integrity protection algorithm; and according to the first computing capability indication information, determining the Algorithm capabilities supported by the above network devices, including:

It is determined that the algorithm capability supported by the network device is not supporting the first integrity protection algorithm.

In an optional implementation manner, the terminal device supports the first integrity protection algorithm or does not support the first integrity protection algorithm; according to the algorithm capability supported by the network device, select The target integrity protection algorithm corresponding to the algorithm capability includes: selecting a second integrity protection algorithm corresponding to the algorithm capability according to the algorithm capability supported by the network device.

In an optional implementation manner, performing integrity protection verification on the RRC connection recovery request message according to the target integrity protection algorithm and input parameters for calculating a message integrity verification code includes:

In one implementation, the increased variable at least includes any one of the following A) to F):

A) the recovery identification resumeIdentity, recovery reason resumeCause and spare spare field in the RRC connection recovery request message; B) the permutation and combination of the recovery identification resumeIdentity, recovery reason resumeCause and spare spare field in the RRC connection recovery request message; C ) the RRC connection recovery request message, wherein the field used to represent the message integrity verification code resumeMAC-I in the RRC connection recovery request message as the added variable is set to a special bit; D) the RRC connection recovery request message and the bits used to indicate the RRC connection recovery request; E) the RRC connection recovery request message, wherein the RRC connection recovery request message used as the added variable is deleted to represent the message integrity verification code resumeMAC- field of I; F) the RRC connection recovery request message and the bits used to indicate the RRC connection recovery request, wherein, the RRC connection recovery request message as the added variable deletes the message integrity verification code field of resumeMAC-I.

In one implementation, the method further includes:

Determine the algorithm capability supported by the terminal device; send second computing capability indication information to the network device according to the algorithm capability supported by the terminal device, where the second computing capability indication information is used to notify Whether the network device and the terminal device support the first integrity protection algorithm.

In an optional implementation manner, the sending the second computing capability indication information to the network device according to the algorithm capability supported by the terminal device includes:

In response to the algorithm capability supported by the terminal device supporting the first integrity protection algorithm, sending capability indication information supporting the first integrity protection algorithm to the network device.

In response to the algorithm capability supported by the terminal device not supporting the first integrity protection algorithm, sending capability indication information not supporting the first integrity protection algorithm to the network device.

In response to the algorithm capability supported by the terminal device not supporting the first integrity protection algorithm, no capability indication information about whether the first integrity protection algorithm is supported is not sent.

In an implementation manner, the manner of sending the capability indication information to the network device includes at least any one of the following: sending the message through the security mode; sending the UE capability information message through the terminal device; sending through the UE auxiliary information; Incoming message 5Msg5; initial access message 3Msg3; initial access message 1Msg1.

In one implementation, the method further includes:

For the message integrity verification code calculated by using the first integrity protection algorithm when the terminal resides in the anchor cell, and when cell reselection occurs in the inactive state, in response to RRC connection recovery, using the first integrity protection algorithm and input parameters for calculating message integrity verification codes, to perform integrity protection verification on the RRC connection recovery.

In a second aspect, the embodiment of the present application provides another security enhancement method for radio resource control RRC connection recovery, wherein the method is applied to a network device, and the method includes:

In response to receiving the RRC connection recovery request message sent by the terminal device, determine the algorithm capability supported by the terminal device; select the target integrity protection corresponding to the algorithm capability according to the algorithm capability supported by the terminal device Algorithm: perform integrity protection verification on the RRC connection recovery request message according to the target integrity protection algorithm and input parameters used for calculating message integrity verification codes.

In an implementation manner, wherein the input parameters include at least one or more of the following: key Key _RRCint , bearer ID, data transmission direction direction, count COUNT value, target cell ID, source cell ID , temporary identifier C-RNTI and increase variable.

In an implementation manner, the determining the algorithm capability supported by the terminal device includes:

According to the capability indication information sent by the terminal device, the algorithm capability supported by the terminal device is determined.

Judging whether the second computing capability indication information sent by the terminal device is received; the second computing capability indication information is used to notify the network device whether the terminal device supports the first integrity protection algorithm; wherein, the The input parameters of the first integrity protection algorithm include key Key _RRCint , bearer ID, data transmission direction direction, count COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI and increase variable; response After receiving the second computing capability indication information sent by the terminal device, determine the algorithm capability supported by the terminal device according to the second computing capability indication information.

In an optional implementation manner, the determining the algorithm capability supported by the terminal device further includes:

In response to not receiving the second computing capability indication information sent by the terminal device, it is determined that the algorithm capability supported by the terminal device is not supporting the first integrity protection algorithm.

In an optional implementation manner, the second computing capability indication information is used to notify the network device that the terminal device supports the first integrity protection algorithm; according to the second computing capability indication information, Determine the algorithm capabilities supported by the terminal device, including:

It is determined that the algorithm capability supported by the terminal device is to support the first integrity protection algorithm.

In an optional implementation manner, the network device supports the first integrity protection algorithm; according to the algorithm capability supported by the terminal device, the target integrity protection corresponding to the algorithm capability is selected The algorithm includes: selecting a first integrity protection algorithm corresponding to the algorithm capability according to the algorithm capability supported by the terminal device.

Using the first integrity protection algorithm, according to the key Key _RRCint , bearer ID, data transmission direction direction, count COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI and increase The variable is to calculate a message integrity verification code; perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.

In an optional implementation manner, the network device does not support the first integrity protection algorithm; according to the algorithm capability supported by the terminal device, the target integrity protection algorithm corresponding to the algorithm capability is selected The protection algorithm includes: selecting a second integrity protection algorithm as the target integrity protection algorithm; wherein, the input parameters of the second integrity protection algorithm include a key Key _RRCint , a bearer ID, a data transmission direction, Count COUNT value, target cell ID, source cell ID and temporary identifier C-RNTI.

In an optional implementation manner, the second computing capability indication information is used to notify the network device that the terminal device does not support the first integrity protection algorithm; The step of determining the algorithm capability supported by the terminal device includes: determining that the algorithm capability supported by the terminal device does not support the first integrity protection algorithm.

In an optional implementation manner, the network device supports the first integrity protection algorithm or does not support the first integrity protection algorithm; according to the algorithm capability supported by the terminal device, select The target integrity protection algorithm corresponding to the algorithm capability includes: selecting a second integrity protection algorithm corresponding to the algorithm capability according to the algorithm capability supported by the terminal device.

In an optional implementation manner, the performing integrity protection verification on the RRC connection recovery request message according to the target integrity protection algorithm and the input parameters used to calculate the message integrity verification code includes: using The second integrity protection algorithm calculates the message according to the key _RRCint , the bearer ID, the data transmission direction, the COUNT value, the target cell ID, the source cell ID, and the temporary identifier C-RNTI. Integrity verification code: performing integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.

In one implementation, the method further includes:

Determine the algorithm capabilities supported by the network device;

According to the algorithm capability supported by the network device, send first computing capability indication information to the terminal device, where the first computing capability indication information is used to notify the terminal device whether the network device supports the first An integrity protection algorithm.

In an optional implementation manner, the sending the first computing capability indication information to the terminal device according to the algorithm capability supported by the network device includes: responding to the algorithm capability supported by the network device The capability is to support the first integrity protection algorithm, sending capability indication information supporting the first integrity protection algorithm to the terminal device.

In an optional implementation manner, the sending the first computing capability indication information to the terminal device according to the algorithm capability supported by the network device includes: responding to the algorithm capability supported by the network device The capability is that the first integrity protection algorithm is not supported, and capability indication information that the first integrity protection algorithm is not supported is sent to the terminal device.

In an optional implementation manner, the sending the first computing capability indication information to the terminal device according to the algorithm capability supported by the network device includes: responding to the algorithm capability supported by the network device The capability is that the first integrity protection algorithm is not supported, and capability indication information for whether the first integrity protection algorithm is supported is not sent.

In an optional implementation manner, the manner of sending the capability indication information to the terminal includes at least any one of the following: sending through an RRC release message; broadcasting through a system message.

In one implementation, the method further includes:

For the message integrity verification code calculated by using the first integrity protection algorithm when the terminal resides in the anchor cell where the network device is located, and when cell reselection occurs in the inactive state, respond to the The terminal device recovers the RRC connection in the non-anchor cell, and receives a request message for extracting the context of the terminal device sent by a new network device in the non-anchor cell; wherein the request message for extracting the context of the terminal device includes the first complete input parameters required by the integrity protection algorithm; using the first integrity protection algorithm and the input parameters required to perform integrity protection verification on the recovery of the RRC connection.

In the third aspect, the embodiment of this application provides a communication device, which has some or all functions of the terminal equipment in the method described in the first aspect above, for example, the functions of the communication device may have part or all of the functions in this application The functions in the embodiments may also have the functions of independently implementing any one of the embodiments in the present application. The functions described above may be implemented by hardware, or may be implemented by executing corresponding software on the hardware. The hardware or software includes one or more units or modules corresponding to the above functions.

In an implementation manner, the structure of the communication device may include a determination module, a selection module, a transceiver module, and a processing module, and the determination module is configured to support the communication device to perform corresponding functions in the above methods. The selection module is configured to support the communication device to perform corresponding functions in the above methods. The processing module is configured to support the communication device to perform corresponding functions in the above methods. The transceiver module is used to support communication between the communication device and other equipment. The communication device may further include a storage module, which is used to be coupled with the transceiver module and the processing module, and stores necessary computer programs and data of the communication device.

As an example, the processing module may be a processor, the transceiver module may be a transceiver or a communication interface, and the storage module may be a memory.

In the fourth aspect, the embodiment of the present application provides another communication device, which can implement some or all of the functions of the network equipment in the method example described in the second aspect above, for example, the functions of the communication device can have some of the functions in this application Or the functions in all the embodiments may also have the function of implementing any one embodiment in the present application alone. The functions described above can be realized by hardware, and can also be realized by executing corresponding software by hardware. The hardware or software includes one or more units or modules corresponding to the above functions.

In an implementation manner, the structure of the communication device may include a determination module, a selection module, a transceiver module, and a processing module, and the determination module is configured to support the communication device to perform corresponding functions in the above methods. The selection module is configured to support the communication device to perform corresponding functions in the above methods. The processing module is configured to support the communication device to perform corresponding functions in the above methods. The transceiver module is used to support communication between the communication device and other devices. The communication device may further include a storage module, which is used to be coupled with the transceiver module and the processing module, and stores necessary computer programs and data of the communication device.

In a fifth aspect, an embodiment of the present application provides a communication device, where the communication device includes a processor, and when the processor invokes a computer program in a memory, it executes the method described in the first aspect above.

In a sixth aspect, an embodiment of the present application provides a communication device, where the communication device includes a processor, and when the processor invokes a computer program in a memory, it executes the method described in the second aspect above.

In the seventh aspect, the embodiment of the present application provides a communication device, the communication device includes a processor and a memory, and a computer program is stored in the memory; the processor executes the computer program stored in the memory, so that the communication device executes The method described in the first aspect above.

In an eighth aspect, the embodiment of the present application provides a communication device, the communication device includes a processor and a memory, and a computer program is stored in the memory; the processor executes the computer program stored in the memory, so that the communication device executes The method described in the second aspect above.

In the ninth aspect, the embodiment of the present application provides a communication device, the device includes a processor and an interface circuit, the interface circuit is used to receive code instructions and transmit them to the processor, and the processor is used to run the code instructions to make the The device executes the method described in the first aspect above.

In the tenth aspect, the embodiment of the present application provides a communication device, the device includes a processor and an interface circuit, the interface circuit is used to receive code instructions and transmit them to the processor, and the processor is used to run the code instructions to make the The device executes the method described in the second aspect above.

In the eleventh aspect, the embodiment of the present application provides a communication system, the system includes the communication device described in the third aspect and the communication device described in the fourth aspect, or the system includes the communication device described in the fifth aspect and The communication device described in the sixth aspect, or, the system includes the communication device described in the seventh aspect and the communication device described in the eighth aspect, or, the system includes the communication device described in the ninth aspect and the communication device described in the tenth aspect the communication device described above.

In the twelfth aspect, the embodiment of the present invention provides a computer-readable storage medium, which is used to store instructions used by the above-mentioned terminal equipment, and when the instructions are executed, the terminal equipment executes the above-mentioned first aspect. method.

In a thirteenth aspect, an embodiment of the present invention provides a readable storage medium for storing instructions used by the above-mentioned network equipment, and when the instructions are executed, the network equipment executes the method described in the above-mentioned second aspect .

In a fourteenth aspect, the present application further provides a computer program product including a computer program, which, when run on a computer, causes the computer to execute the method described in the first aspect above.

In a fifteenth aspect, the present application further provides a computer program product including a computer program, which, when run on a computer, causes the computer to execute the method described in the second aspect above.

In a sixteenth aspect, the present application provides a computer program that, when run on a computer, causes the computer to execute the method described in the first aspect above.

In a seventeenth aspect, the present application provides a computer program that, when run on a computer, causes the computer to execute the method described in the second aspect above.

Description of drawings

In order to more clearly illustrate the technical solutions in the embodiment of the present application or the background art, the following will describe the drawings that need to be used in the embodiment of the present application or the background art.

FIG. 1 is a schematic structural diagram of a communication system provided by an embodiment of the present application;

FIG. 2 is a flowchart of a security enhancement method for radio resource control RRC connection recovery provided by an embodiment of the present application;

FIG. 3 is a flow chart of another security enhancement method for radio resource control RRC connection recovery provided by an embodiment of the present application;

FIG. 4 is a flow chart of another security enhancement method for radio resource control RRC connection recovery provided by an embodiment of the present application;

FIG. 5 is a flow chart of another security enhancement method for radio resource control RRC connection recovery provided by an embodiment of the present application;

FIG. 6 is a flow chart of another security enhancement method for radio resource control RRC connection recovery provided by an embodiment of the present application;

FIG. 7 is a flow chart of another security enhancement method for radio resource control RRC connection recovery provided by an embodiment of the present application;

FIG. 8 is a flow chart of another security enhancement method for radio resource control RRC connection recovery provided by an embodiment of the present application;

FIG. 9 is a flowchart of another security enhancement method for radio resource control RRC connection recovery provided by an embodiment of the present application;

FIG. 10 is a schematic structural diagram of a communication device provided by an embodiment of the present application;

Fig. 11 is a schematic structural diagram of a communication device provided by an embodiment of the present application.

Detailed ways

Embodiments of the present application are described in detail below, examples of which are shown in the drawings, wherein the same or similar reference numerals denote the same or similar elements or elements having the same or similar functions throughout. The embodiments described below by referring to the figures are exemplary, and are intended to explain the present application, and should not be construed as limiting the present application. Among them, in the description of this application, unless otherwise specified, "/" means or means, for example, A/B can mean A or B; "and/or" in this article is only a kind of association describing associated objects A relationship means that there may be three kinds of relationships, for example, A and/or B means: A exists alone, A and B exist simultaneously, and B exists alone.

First of all, with the rapid development of wireless mobile networks, the current NR network already has high reliability and security, but threats such as loopholes in the development framework and attacks from pseudo base stations still emerge in endlessly. Looking for more reliable security encryption algorithms, and More reliable security authentication is also an important direction that NR networks need to consider.

For the security of the access network (Access Stratum, referred to as: AS), the PDCP (Packet Date Convergence Protocol, packet data convergence protocol) layer uses MAC-I (Message Authentication Code Integrity, integrity authentication code) to carry out Integrity protection, after the integrity protection function is activated, the sender calculates each PDCP PDU (Protocol Date Unit, protocol data unit) MAC-I, and fill the MAC-I into the MAC-I field corresponding to the PDCP PDU. When the receiving end receives the PDCP PDU, it calculates an XMAC-I based on the corresponding input parameters, and verifies the integrity of the received PDCP PDU by checking whether the XMAC-I is consistent with the MAC-I. If the calculated XMAC-I is consistent with the received MAC-I, it proves that the received data is complete and has not been tampered with, otherwise it indicates to the upper layer that the integrity verification fails.

For the calculation method of MAC-I, the input parameters required for PDCP integrity protection include: 1, RRC message (whole segment data); 2, key Key _RRCint ; 3, COUNT value; 4, bearer identification bearer ID; 5, Data transmission direction direction. Through these 5 input parameters, combined with the integrity protection algorithm 128bit-NIA, a 32bit MAC-I/XMAC-I is calculated.

The above-mentioned MAC-I can protect the data integrity of the connected state UE (user equipment, user equipment), but for the UE of the RRC inactive state RRC_INACTIVE, when the RRC connection recovery (RRRCesumeRequest) is initiated to the network, use The uplink common control channel UL_CCCH is carried on SRB0, but SRB0 does not have the aforementioned integrity protection mechanism. Therefore, when the UE initiates a connection recovery RRCResumeRequest, another set of similar mechanisms will be used to verify the resumeMAC-I.

For example, the UE that initiates connection recovery still needs to calculate MAC-I, and the input parameters that need to be used still include the old key Key _RRCint , bearer ID, direction, and COUNT values, but they are different from the input parameters for calculating MAC-I in PDCP date PDU Yes, the calculation of MAC-I when the RRC connection resumes does not use the entire RRC message as an input parameter, but uses a UE variable VarResumeMAC-Input, which contains three sub-parameters: target cell ID, source cell ID and C- RNTI (cell radio network temporary identity, cell radio network temporary identity). Through the input parameters mentioned above, the UE calculates a 32-bit MAC-I, and takes the 16 least significant bits (ie, the rightmost 16 bits) and sets it as resumeMAC-I, which is included in the RRCResumeRequest for sending. The base station also calculates the resumeMAC-I value through the same algorithm. If it successfully matches the resumeMAC-I sent by the UE, the authentication is successful, and the RRCResume can be sent to notify the UE to resume the RRC connection.

However, in order to enhance the security of RRC connection recovery, it is necessary to design a new integrity protection algorithm to achieve the enhancement of RRC connection recovery security, and this is done when the terminal device and the network device use their respective algorithms to calculate the integrity authentication When encoding MAC-I, there may be compatibility issues.

To this end, this application proposes a security enhancement method and communication device for radio resource control RRC connection recovery, which can be applied to NR networks, and perform capability negotiation through terminal equipment and network equipment, so that both parties have the same algorithm capability, so that the message The verification information of the integrity verification code resumeMAC-I can be correctly matched, which solves the problem of incompatibility of the integrity protection algorithm, so that the security of the RRC connection recovery request message can be enhanced.

In order to better understand the security enhancement method for radio resource control RRC connection recovery disclosed in the embodiment of the present application, the communication system used in the embodiment of the present application is firstly described below.

Please refer to FIG. 1 . FIG. 1 is a schematic structural diagram of a communication system provided by an embodiment of the present application. The communication system may include, but is not limited to, a network device and a terminal device. The number and form of the devices shown in Figure 1 are for example only and do not constitute a limitation to the embodiment of the application. In practical applications, two or more network equipment, two or more terminal equipment. The communication system shown in FIG. 1 includes one network device 101 and one terminal device 102 as an example.

It should be noted that the technical solutions of the embodiments of the present application may be applied to various communication systems. For example: long term evolution (long term evolution, LTE) system, fifth generation (5th generation, 5G) mobile communication system, 5G new radio interface (new radio, NR) system, or other future new mobile communication systems, etc.

The network device 101 in the embodiment of the present application is an entity on the network side for transmitting or receiving signals. For example, the network device 101 may be an evolved base station (evolved NodeB, eNB), a transmission point (transmission reception point, TRP), a next generation base station (next generation NodeB, gNB) in an NR system, or a base station in other future mobile communication systems Or an access node in a wireless fidelity (wireless fidelity, WiFi) system, etc. The embodiment of the present application does not limit the specific technology and specific device form adopted by the network device. The network device provided by the embodiment of the present application may be composed of a centralized unit (central unit, CU) and a distributed unit (distributed unit, DU), wherein the CU may also be called a control unit (control unit), using CU-DU The structure of the network device, such as the protocol layer of the base station, can be separated, and the functions of some protocol layers are placed in the centralized control of the CU, and the remaining part or all of the functions of the protocol layer are distributed in the DU, and the CU centrally controls the DU.

The terminal device 102 in the embodiment of the present application is an entity on the user side for receiving or transmitting signals, such as a mobile phone. The terminal equipment may also be called terminal equipment (terminal), user equipment (user equipment, UE), mobile station (mobile station, MS), mobile terminal equipment (mobile terminal, MT) and so on. The terminal device can be a car with communication functions, a smart car, a mobile phone, a wearable device, a tablet computer (Pad), a computer with a wireless transceiver function, a virtual reality (VR) terminal device, an augmented reality ( augmented reality (AR) terminal equipment, wireless terminal equipment in industrial control (industrial control), wireless terminal equipment in self-driving (self-driving), wireless terminal equipment in remote medical surgery (remote medical surgery), smart grid ( Wireless terminal devices in smart grid, wireless terminal devices in transportation safety, wireless terminal devices in smart city, wireless terminal devices in smart home, etc. The embodiment of the present application does not limit the specific technology and specific device form adopted by the terminal device.

It can be understood that the communication system described in the embodiment of the present application is to illustrate the technical solution of the embodiment of the present application more clearly, and does not constitute a limitation to the technical solution provided in the embodiment of the present application. With the evolution of the system architecture and the emergence of new business scenarios, the technical solutions provided in the embodiments of the present application are also applicable to similar technical problems.

The following describes in detail the security enhancement method, communication device and storage medium for RRC connection recovery provided by this application with reference to the accompanying drawings.

Please refer to FIG. 2 . FIG. 2 is a flowchart of a security enhancement method for RRC connection recovery provided by an embodiment of the present application. It should be noted that the security enhancement method for radio resource control RRC connection recovery in the embodiment of the present application can be applied to a terminal device. As shown in FIG. 2 , the security enhancement method for radio resource control RRC connection recovery may include but not limited to the following steps.

Step 201, determine the algorithm capabilities supported by the network equipment.

Optionally, the terminal device and the network device may negotiate capabilities in advance, so that the terminal device can determine the algorithm capabilities that the network device can support. For example, the network device may send capability indication information to the terminal device. The terminal device can determine the algorithm capability supported by the network device according to the indication information sent by the network device.

As an example of a possible implementation, the capability indication information sent by the network device to the terminal device may be which integrity protection algorithm is supported, for example, the capability indication information may be the first integrity protection algorithm supported, and the terminal device according to the network The capability indication information sent by the device may determine that the algorithm capability supported by the network device is to support the first integrity protection algorithm. The specific indication method may be to use a certain field (or bit) to indicate the supported integrity protection algorithm type. When the value of this field (or bit) is X, it indicates that the first integrity protection algorithm is supported. When the value of bit) is Y, it indicates that the second integrity protection algorithm is supported.

For another example, the capability indication information may also be that the first integrity protection algorithm is not supported, and the terminal device may determine that the algorithm capability supported by the network device is that the first integrity protection algorithm is not supported according to the capability indication information sent by the network device. algorithm.

For another example, the capability indication information may also support an algorithm different from the first integrity protection algorithm, such as the second integrity protection algorithm, and the terminal device may determine the capabilities supported by the network device according to the capability indication information sent by the network device. The algorithm capability of is to support the second integrity protection algorithm.

It should be noted that the first integrity protection algorithm and the second integrity protection algorithm in the embodiment of the present application are different algorithms, and the input parameters of the first integrity protection algorithm and the second integrity protection algorithm are different. Among them, in this embodiment of the application, the input parameters include at least one or more of the following: Key _RRCint , bearer ID, data transmission direction, count COUNT value, target cell ID, source cell ID, temporary Identifier C-RNTI and increase variable.

As an example of another possible implementation manner, the network device may send a MAC-I computing capability indication to the terminal device to notify the terminal device whether the network device supports the first integrity protection algorithm.

In an implementation manner, the terminal device may determine whether the first computing capability indication information sent by the network device is received, and the first computing capability indication information is used to notify the terminal device whether the network device supports the first integrity protection algorithm; the response After receiving the first computing capability indication information sent by the network device, determine the algorithm capability supported by the network device according to the first computing capability indication information.

It should be noted that the first integrity protection algorithm is a set of new MAC-I calculation methods designed by the network device for the RRC connection recovery process, and is completed by adding input parameters in the UE storage variable VarResumeMAC-Input. Wherein, the input parameters of the first integrity protection algorithm may include key _RRCint , bearer ID, data transmission direction direction, count COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI and Adding variables, wherein, the target cell ID, the source cell ID, the temporary identifier C-RNTI and the added variables can be used as the content of VarResumeMAC-Input in the first integrity protection algorithm. The added variable is the variable added in the stored variable VarResumeMAC-Input.

In order to solve the problem of compatibility, the terminal device and the network device can perform capability negotiation in advance. Optionally, the terminal device may determine the algorithm capability supported by the network device by judging whether the first computing capability indication information sent by the network device is received. As an example of a possible implementation manner, in response to receiving the first computing capability indication information sent by the network device, the algorithm capability supported by the network device is determined according to the first computing capability indication information. For example, the first computing capability indication information is used to notify the terminal device that the network device supports the first integrity protection algorithm, and the terminal device can determine that the algorithm capability supported by the network device is to support the first integrity protection algorithm according to the first computing capability indication information. An integrity protection algorithm. In another example, the first computing capability indication information is used to notify the terminal device that the network device does not support the first integrity protection algorithm, and the terminal device can determine that the network device supports the algorithm capability according to the first computing capability indication information. The first integrity protection algorithm is not supported.

As an example of another possible implementation manner, in response to not receiving the first computing capability indication information sent by the network device, the terminal device may determine that the algorithm capability supported by the network device is not supporting the first integrity protection algorithm. For example, the network device supports the second integrity protection algorithm but does not support the first integrity protection algorithm. Wherein, the input parameters of the second integrity protection algorithm include Key _RRCint , bearer ID, data transmission direction, COUNT value, target cell ID, source cell ID and temporary identifier C-RNTI. Wherein, the target cell ID, the source cell ID and the temporary identifier C-RNTI can be used as the content of VarResumeMAC-Input in the second integrity protection algorithm.

It can be seen that the difference between the second integrity protection algorithm in the embodiment of the present application and the first integrity protection algorithm is that the required input parameters are different. More parameters have been added to increase variables. In this embodiment of the present application, by designing the added variable in the input parameters of the integrity protection algorithm, the security of RRC connection recovery can be effectively enhanced.

In some embodiments of the present application, the enhanced variable may include at least any one of the following A) to F):

A) The resumeIdentity, resumeCause, and spare fields in the RRC connection resume request message; B) The arrangement and combination of resumeIdentity, resumeCause, and spare spare fields in the RRC connection resume request message; C) RRC connection resume request message, wherein, the field used to represent the message integrity verification code resumeMAC-I in the RRC connection recovery request message as an increased variable is set to a special bit; D) the RRC connection recovery request message and the field used to indicate the RRC connection recovery request Bits; E) RRC connection recovery request message, wherein the field used to represent the message integrity verification code resumeMAC-I is deleted from the RRC connection recovery request message as an added variable; F) RRC connection recovery request message and used for Indicates the bit of the RRC connection resume request, where the field used to represent the message integrity verification code resumeMAC-I is deleted from the RRC connection resume request message as an added variable. For the convenience of understanding, a corresponding implementation manner will be given below for description.

In an implementation manner, the enhanced variable may include resumeIdentity, resumeCause and spare fields in the RRC connection resume request message. That is to say, add the resumeIdentity, resumeCause and spare fields in the RRC connection resume request message to the UE storage variable VarResumeMAC-Input, and substitute them into the integrity protection algorithm as additional input parameters to obtain a brand new 32-bit MAC -I (in addition to using the input parameters of VarResumeMAC-Input, you also need to use the key Key _RRCint , bearer ID, direction, and COUNT values), and finally take the 16 least significant bits as the message integrity verification code ResumeMAC-I, store In the RRC connection recovery request message (RRRCesumeRequest).

In an implementation manner, referring to the above embodiment, the enhanced variable may include the arrangement and combination of the resumeIdentity, resumeCause and spare fields in the RRC connection resume request message, and the calculation method is the same. Wherein, the permutation and combination can be understood as any one or more of resumeIdentity, resumeCause, and spare fields. For example, the enhanced variable may include any one of resumeIdentity, resumeCause, and spare field in the RRC connection resume request message; for another example, the enhanced variable may include resumeIdentity, resumeCause, and spare field in the RRC connection resume request message. Any two of the spare fields. Specifically, it may be determined according to actual conditions, and this application does not specifically limit it.

In an implementation manner, the enhanced variable may include an RRC connection resume request message, wherein the field used to represent the message integrity verification code resumeMAC-I in the RRC connection resume request message as an added variable is set to a special bit. For example, in the variable VarResumeMAC-Input stored in the UE, the RRC connection recovery request message is directly used as the enhanced variable, wherein the RRC connection recovery request message used as the enhanced variable is used to represent the field of the message integrity verification code resumeMAC-I set as a special bit. As an example, the special bits may be all 0 or all 1, for example, the resumeMAC-I field in the RRC connection resume request message as the enhanced variable is set to all 1 or all 0.

In an implementation manner, the enhanced variable may include an RRC connection recovery request message and a bit used to indicate the RRC connection recovery request. For example, in the variable VarResumeMAC-Input stored in the UE, the RRC connection recovery request message and the bit used to indicate the RRC connection recovery request are directly used as the enhanced variable, that is, while the RRC connection recovery request message is used as the enhanced variable , an additional bit for indicating the RRC connection recovery request can also be added as the enhanced variable.

In an implementation manner, the enhanced variable may include an RRC connection resume request message, wherein the field used to represent the message integrity verification code resumeMAC-I is deleted from the RRC connection resume request message as an added variable. For example, in the variable VarResumeMAC-Input stored in the UE, the RRC connection resume request message is directly used as the enhanced variable, wherein the field for indicating resumeMAC-I is deleted from the RRC connection resume request message used as the enhanced variable.

In an implementation manner, the enhanced variable may include an RRC connection recovery request message and a bit used to indicate the RRC connection recovery request, wherein the RRC connection recovery request message used as the added variable is deleted from the RRC connection recovery request message indicating that the message is complete. field of the authentication code resumeMAC-I. For example, in the variable VarResumeMAC-Input stored in the UE, the RRC connection recovery request message and the bits used to indicate the RRC connection recovery request are directly used as the enhanced variable, wherein the RRC connection recovery request message as the enhanced variable deletes Field used to indicate resumeMAC-I.

Step 202: Select a target integrity protection algorithm corresponding to the algorithm capability according to the algorithm capability supported by the network device.

In this embodiment of the present application, the terminal device may support the first integrity protection algorithm, that is, support a new MAC-I calculation manner. It can be understood that if the terminal device supports the first integrity protection algorithm, it can be considered that the terminal device can also support the second integrity protection algorithm. At this time, according to the algorithm capability supported by the network device, the target integrity corresponding to the algorithm capability is selected. Protection algorithm, for example, if it is determined that the algorithm capability supported by the network device is to support the first integrity protection algorithm, then the terminal device can select the first integrity protection algorithm as the target integrity protection algorithm; determine the algorithm supported by the network device If the capability is that the first integrity protection algorithm is not supported, the terminal device may select the second integrity protection algorithm as the target integrity protection algorithm.

Optionally, the terminal device may not support the first integrity protection algorithm, that is, support the old MAC-I calculation method, such as supporting the second integrity protection algorithm. At this time, no matter whether the network device supports the first integrity protection algorithm or not The integrity protection algorithm is supported. Since the terminal device does not support the first integrity protection algorithm, the terminal device may select the second integrity protection algorithm as the target integrity protection algorithm. Therefore, the terminal device can select an integrity protection algorithm that both the terminal device and the network device can support to perform integrity protection verification on the RRC connection recovery request message according to the algorithm capabilities supported by itself and the algorithm capabilities supported by the network device. To ensure that the terminal device and the network device use the same algorithm, and ensure that the resumeMAC-I verification information can be correctly matched.

Step 203, perform integrity protection verification on the RRC connection recovery request message according to the target integrity protection algorithm and the input parameters for calculating the message integrity verification code.

In one implementation, if the target integrity protection algorithm is the first integrity protection algorithm, the first integrity protection algorithm may be used, according to the key Key _RRCint , bearer ID, data transmission direction, count COUNT value, The ID of the target cell, the ID of the source cell, the temporary identifier C-RNTI and the added variable, calculate the message integrity verification code, and perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.

In another implementation, if the target integrity protection algorithm is the second integrity protection algorithm, the second integrity protection algorithm can be used, according to the key Key _RRCint , the bearer ID, the direction of data transmission, and the count COUNT value , the target cell ID, the source cell ID and the temporary identifier C-RNTI, calculate a message integrity verification code, and perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.

By implementing the embodiment of the present application, by determining the algorithm capabilities supported by the network equipment, the integrity protection algorithm corresponding to the algorithm capabilities supported by the network equipment can be selected to perform integrity protection verification on the RRC connection recovery request message, so that both parties have With the same algorithm capability, the verification information of the message integrity verification code resumeMAC-I can be correctly matched, and the problem of incompatibility of integrity protection algorithms is solved, so that the security of the RRC connection recovery request message can be enhanced.

Please refer to FIG. 3 . FIG. 3 is a flowchart of another security enhancement method for radio resource control RRC connection recovery provided by an embodiment of the present application. It should be noted that the security enhancement method for radio resource control RRC connection recovery in the embodiment of the present application can be applied to a terminal device. In this embodiment, the terminal device learns that the network device supports the first integrity protection algorithm through the first computing capability indication information; assuming that the terminal device in this embodiment supports the first integrity protection algorithm, as shown in FIG. 3 , the The security enhancement method for radio resource control RRC connection recovery may include but not limited to the following steps.

Step 301, judging whether the first computing capability indication information sent by the network device is received; wherein the first computing capability indication information is used to notify the terminal device that the network device supports the first integrity protection algorithm.

Wherein, in the embodiment of the present application, the input parameters of the first integrity protection algorithm include key _RRCint , bearer ID, data transmission direction, count COUNT value, target cell ID, source cell ID, temporary Identifier C-RNTI and increase variable.

Step 302: In response to receiving the first computing capability indication information sent by the network device, determine the algorithm capability supported by the network device as supporting the first integrity protection algorithm according to the first computing capability indication information.

Step 303: Select a first integrity protection algorithm corresponding to the algorithm capability according to the algorithm capability supported by the network device.

Step 304, using the first integrity protection algorithm, according to the key Key _RRCint , bearer ID, data transmission direction direction, count COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI and increase variables , to calculate the message integrity verification code. Wherein, after the message integrity verification code is calculated, step 307 may be performed, that is, to perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.

Step 305, in response to not receiving the first computing capability indication information sent by the network device, determine that the algorithm capability supported by the network device is not supporting the first integrity protection algorithm.

In this embodiment, after determining that the algorithm capability supported by the network device does not support the first integrity protection algorithm, the terminal device may select the second integrity protection algorithm to perform security verification of the RRC connection recovery request message. Wherein, in the embodiment of the present application, the input parameters of the second integrity protection algorithm include key _RRCint , bearer ID, data transmission direction, count COUNT value, target cell ID, source cell ID, and temporary Identifier C-RNTI.

Step 306, according to the algorithm capabilities supported by the network equipment, choose to use the second integrity protection algorithm according to the key Key _RRCint , bearer ID, data transmission direction, count COUNT value, target cell ID, source cell ID and the temporary identifier C-RNTI to calculate the message integrity verification code. Wherein, after the message integrity verification code is calculated, step 307 may be performed, that is, to perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.

Step 307, perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.

According to the technical solution of the embodiment of the present application, by determining the algorithm capabilities supported by the network equipment, the integrity protection algorithm corresponding to the algorithm capabilities supported by the network equipment is selected to perform integrity protection verification on the RRC connection recovery request message, so that both parties With the same algorithm capability, the verification information of the message integrity verification code resumeMAC-I can be correctly matched, and the problem of incompatibility of the integrity protection algorithm is solved, so that the security of the RRC connection recovery request message can be enhanced.

Please refer to FIG. 4 . FIG. 4 is a flow chart of another security enhancement method for radio resource control RRC connection recovery provided by an embodiment of the present application. It should be noted that the security enhancement method for radio resource control RRC connection recovery in the embodiment of the present application can be applied to a terminal device. In this embodiment, the terminal device learns that the network device supports the first integrity protection algorithm through the first computing capability indication information; assuming that the terminal device in this embodiment does not support the first integrity protection algorithm, as shown in FIG. 4, The security enhancement method for radio resource control RRC connection recovery may include but not limited to the following steps.

Step 401, judging whether the first computing capability indication information sent by the network device is received; the first computing capability indication information is used to notify the terminal device that the network device supports the first integrity protection algorithm;

Wherein, the input parameters of the first integrity protection algorithm include key _RRCint , bearer ID, data transmission direction direction, count COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI and increase variable .

Step 402, in response to not receiving the first computing capability indication information sent by the network device, determine that the algorithm capability supported by the network device is not supporting the first integrity protection algorithm.

In this embodiment, after determining that the algorithm capability supported by the network device does not support the first integrity protection algorithm, since the terminal device does not support the first integrity protection algorithm, the terminal device can select the second integrity protection algorithm Carry out the security verification of the RRC connection recovery request message, that is, in this embodiment, after determining that the algorithm capability supported by the network device is not supporting the first integrity protection algorithm, step 404 can be performed, that is, the second integrity protection algorithm is selected The algorithm calculates the message integrity verification code according to the key _RRCint , the bearer ID, the direction of data transmission, the COUNT value, the target cell ID, the source cell ID, and the temporary identifier C-RNTI.

Wherein, in the embodiment of the present application, the input parameters of the second integrity protection algorithm include key _RRCint , bearer ID, data transmission direction, count COUNT value, target cell ID, source cell ID, and temporary Identifier C-RNTI.

Step 403: In response to receiving the first computing capability indication information sent by the network device, determine that the algorithm capability supported by the network device is to support the first integrity protection algorithm according to the first computing capability indication information.

That is to say, in response to receiving the first computing capability indication information sent by the network device, after determining that the algorithm capability supported by the network device is to support the first integrity protection algorithm according to the first computing capability indication information, since the terminal device does not The first integrity protection algorithm is supported, so the second integrity protection algorithm needs to be used to perform integrity protection verification on the RRC connection recovery request message, that is, step 404 is performed.

Step 404, choose to adopt the second integrity protection _algorithm , and calculate Message integrity verification code.

Step 405, perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.

That is to say, even if the network device supports the first integrity protection algorithm, since the terminal device does not support the integrity protection algorithm, the capability negotiation between the terminal device and the network device is carried out so that both parties have the same algorithm capability, so that the message integrity verification The verification information of code resumeMAC-I can be correctly matched, which solves the problem of incompatibility of the integrity protection algorithm, so that the security of the RRC connection recovery request message can be enhanced.

Please refer to FIG. 5 . FIG. 5 is a flow chart of another security enhancement method for radio resource control RRC connection recovery provided by an embodiment of the present application. It should be noted that the security enhancement method for radio resource control RRC connection recovery in the embodiment of the present application can be applied to a terminal device. In this embodiment, when the terminal device determines that the network device does not support the first integrity protection algorithm, no matter whether the terminal device supports the first integrity protection algorithm or does not support the first integrity protection algorithm, the second integrity protection algorithm is adopted. The protection algorithm performs integrity protection verification on the RRC connection recovery request message. As shown in FIG. 5 , the security enhancement method for radio resource control RRC connection recovery may include but not limited to the following steps.

Step 501, judging whether the first computing capability indication information sent by the network device is received; the first computing capability indication information is used to notify the terminal device that the network device does not support the first integrity protection algorithm.

Step 502, in response to not receiving the first computing capability indication information sent by the network device, determine that the algorithm capability supported by the network device is not supporting the first integrity protection algorithm.

In this embodiment, after it is determined that the algorithm capability supported by the network device is not supporting the first integrity protection algorithm, at this time, regardless of whether the terminal device supports the first integrity protection algorithm or does not support the first integrity protection algorithm, the terminal The device selects the second integrity protection algorithm to verify the security of the RRC connection recovery request message, that is, in this embodiment, after determining that the algorithm capability supported by the network device does not support the first integrity protection algorithm, step 504 can be performed , that is, select the second integrity protection algorithm, and calculate the message integrity according to the key Key _RRCint , the bearer ID, the data transmission direction direction, the count COUNT value, the target cell ID, the source cell ID, and the temporary identifier C-RNTI gender verification code.

Step 503: In response to receiving the first computing capability indication information sent by the network device, determine that the algorithm capability supported by the network device is not supporting the first integrity protection algorithm according to the first computing capability indication information.

That is to say, in response to receiving the first computing capability indication information sent by the network device, when it is determined according to the first computing capability indication information that the algorithm capability supported by the network device is not supporting the first integrity protection algorithm, no matter what Whether the terminal device supports the first integrity protection algorithm or does not support the first integrity protection algorithm, the terminal device chooses to use the second integrity protection algorithm to perform integrity protection verification on the RRC connection recovery request message, that is, step 504 is executed.

Step 504, choose to adopt the second integrity protection _algorithm , and calculate Message integrity verification code.

Step 505, perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.

That is to say, since the network device does not support the first integrity protection algorithm, no matter whether the terminal device supports the first integrity protection algorithm or does not support the first integrity protection algorithm, the capability negotiation between the terminal device and the network device is performed to Make both parties have the same algorithm capability, make the check information of the message integrity verification code resumeMAC-I match correctly, solve the problem of incompatibility of the integrity protection algorithm, and thus realize the enhancement of the security of the RRC connection recovery request message .

In some embodiments of the present application, the terminal device may determine the algorithm capabilities supported by itself, and send the second computing capability indication information to the network device according to the algorithm capabilities supported by the terminal device, wherein the second computing capability indication information It is used to notify the network device whether the terminal device supports the first integrity protection algorithm. Optionally, the terminal device may report its supported algorithm capabilities to the network device through the indication information.

As an example of a possible implementation manner, in response to the algorithm capability supported by the terminal device supporting the first integrity protection algorithm, sending capability indication information supporting the first integrity protection algorithm to the network device. For example, assuming that the terminal device supports the first integrity protection algorithm, the terminal device may send capability indication information supporting the first integrity protection algorithm to the network device.

As an example of another possible implementation manner, in response to the algorithm capability supported by the terminal device not supporting the first integrity protection algorithm, sending capability indication information not supporting the first integrity protection algorithm to the network device. For example, assuming that the terminal device does not support the first integrity protection algorithm, the terminal device may send capability indication information not supporting the first integrity protection algorithm to the network device.

As another example of a possible implementation manner, in response to the fact that the algorithm capability supported by the terminal device does not support the first integrity protection algorithm, no capability indication information about whether the first integrity protection algorithm is supported is not sent. For example, assuming that the terminal device does not support the first integrity protection algorithm, it does not report the capability indication information. Wherein, if the network device does not receive the capability indication information sent by the terminal device, the network device may determine that the terminal device does not support the first integrity protection algorithm.

In some embodiments of the present application, the way of sending the capability indication information to the network device includes at least any one of the following: sending the message through the security mode; sending the UE capability information message through the terminal device; sending through the UE auxiliary information; through the initial access Sent by message 5Msg5; sent by initial access message 3Msg3; sent by initial access message 1Msg1. For example, the terminal device can report the capability indication information in the following ways: send the capability indication information through the security mode complete (SecurityModeComplete) message; send the capability indication information through the terminal device UE capability information (UECapabilityInformation) message; Send capability indication information; send capability indication information through initial access message 5Msg5 (RRCSetupComplete); send capability indication information through initial access message 3Msg3 (RRCSetupRequest); send capability indication information through initial access message 1Msg1 (preamble).

A possible implementation method: when a UE that supports the first integrity protection algorithm initially accesses the network and enters the connection state through RRCSetup connection establishment, the network device needs to perform AS security authentication through the SecurityModeCommand (security mode command), and the UE When replying to the SecurityModeComplete message, the capability indication information supporting the first integrity protection algorithm is carried to support reporting to the network device.

A possible implementation method: when a UE that does not support the first integrity protection algorithm initially accesses the network and enters the connection state through RRCSetup connection establishment, the network device needs to perform AS security authentication through the SecurityModeCommand (security mode command). When the UE replies to the SecurityModeComplete message, it carries capability indication information that does not support the first integrity protection algorithm to report to the network device.

A possible implementation manner: for a UE that does not support the first integrity protection algorithm to initially access the network, after entering the connected state, it will not report any indication of the ability to support the first integrity protection algorithm.

Therefore, the capability negotiation between the terminal device and the network device can be performed in advance, so that when the terminal device initiates an RRC connection recovery request, the terminal device can adopt the integrity protection that both the terminal device and the network device can support based on the negotiation result with the network device The algorithm performs integrity protection verification on the RRC connection recovery request, so that the verification information of the message integrity verification code resumeMAC-I can be correctly matched, and the problem of incompatibility of the integrity protection algorithm is solved, so that the RRC connection recovery request message can be realized. Security enhancements.

In some embodiments of the present application, the message integrity verification code calculated by the first integrity protection algorithm is used when the terminal camps on the anchor cell, and when cell reselection occurs in the inactive state, the response to When the RRC connection resumes in the non-anchor cell, the terminal device may use the first integrity protection algorithm and the input parameters for calculating the message integrity verification code to perform integrity protection verification on the RRC connection restoration. Wherein, the anchor cell may be understood as the cell where the serving network device of the terminal device is located; the non-anchor cell may be understood as the cell where the terminal device is located when cell reselection is triggered.

Optionally, assuming that the terminal equipment is in the inactive INACTIVE state, and the terminal equipment undergoes cell reselection, and RRC connection recovery occurs in a non-anchor cell (that is, a serving cell that is not in the last connection state), then the terminal equipment at this time The original algorithm capability can be kept unchanged, and the new network device in the non-anchor cell needs to send a new request message to extract the terminal device context to notify the old network device to perform ResumeMAC-I verification. For example, for the message integrity verification code calculated by using the first integrity protection algorithm when the terminal camps on the anchor cell, and when cell reselection occurs in the inactive state, the anchor cell broadcasts support for the first Integrity protection algorithm, assuming that the terminal device recovers the RRC connection in a non-anchor cell, the terminal device can adopt the first integrity protection algorithm, according to the key _RRCint , bearer ID, data transmission direction, count COUNT value, The ID of the target cell, the ID of the source cell, the temporary identifier C-RNTI and the added variable, calculate the message integrity verification code, and perform integrity protection verification on the RRC connection recovery according to the calculated message integrity verification code. For another example, when the terminal is camped on the anchor cell, the message integrity verification code calculated by using the first integrity protection algorithm, and in the case of cell reselection in the inactive state, the anchor cell broadcast does not support the message integrity verification code. The first integrity protection algorithm, although the anchor cell does not support the first integrity protection algorithm, the ResumeMAC-I check is performed by the serving network device of the anchor cell, and the serving network device of the anchor cell supports the first Integrity protection algorithm, so the terminal device can use the first integrity protection algorithm to perform integrity protection verification on RRC connection recovery.

It should be noted that in the DCCA (Dual Connectivity with Carrier Aggregation) scenario, the serving cell in the last connection state of the terminal device refers to the primary cell that can receive system messages for the first time: PCell (Primary cell) or PSCell (Primary cell) Primary secondary cell, PrimarySecondary cell).

It can be understood that the foregoing embodiments describe the implementation of the security enhancement method for radio resource control RRC connection recovery in the embodiment of the present application from the terminal device side. The embodiment of the present application also proposes another security enhancement method for radio resource control RRC connection recovery. The implementation of the security enhancement method for radio resource control RRC connection recovery will be described below from the network device side. Please refer to FIG. 6 . FIG. 6 is a flow chart of another security enhancement method for radio resource control RRC connection recovery provided by an embodiment of the present application. It should be noted that the security enhancement method for radio resource control RRC connection recovery in the embodiment of the present application can be applied to a network device. As shown in FIG. 6 , the security enhancement method for radio resource control RRC connection recovery may include but not limited to the following steps.

Step 601, in response to receiving the RRC connection recovery request message sent by the terminal device, determine the algorithm capability supported by the terminal device.

Optionally, when the network device receives the RRC connection recovery request message sent by the terminal device, it needs to perform integrity protection verification on the RRC connection recovery request message, wherein the algorithm capability supported by the terminal device can be determined first, and the terminal Algorithm capability of the device to select the corresponding integrity protection algorithm for complete verification.

Optionally, the network device and the terminal device may negotiate capabilities in advance, so that the network device may determine the algorithm capabilities that the terminal device can support. For example, the terminal device may send capability indication information to the network device. The network device can determine the algorithm capability supported by the terminal device according to the indication information sent by the terminal device.

As an example of a possible implementation manner, the capability indication information sent by the terminal device to the network device may be which integrity protection algorithm is supported, for example, the capability indication information may support the first integrity protection algorithm, and the network device The sent capability indication information may determine that the algorithm capability supported by the terminal device is to support the first integrity protection algorithm.

For another example, the capability indication information may also be that the first integrity protection algorithm is not supported, and the network device may determine that the algorithm capability supported by the terminal device is that the first integrity protection algorithm is not supported according to the capability indication information sent by the terminal device. algorithm.

For another example, the capability indication information may also support an algorithm different from the first integrity protection algorithm, such as the second integrity protection algorithm, and the network device may determine the capabilities supported by the terminal device according to the capability indication information sent by the terminal device. The algorithm capability of is to support the second integrity protection algorithm.

As an example of another possible implementation manner, the terminal device may send the MAC-I computing capability indication to the network device to notify the network device whether the terminal device supports the first integrity protection algorithm. Optionally, the network device may determine the algorithm capability supported by the terminal device by judging whether the capability indication information sent by the terminal device is received. In an implementation manner, it is judged whether the second computing capability indication information sent by the terminal device is received; the second computing capability indication information is used to notify the network device whether the terminal device supports the first integrity protection algorithm; wherein, the first The input parameters of the integrity protection algorithm include key _RRCint , bearer ID, data transmission direction direction, count COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI and increase variable; To the second computing capability indication information sent by the terminal device, determine the algorithm capability supported by the terminal device according to the second computing capability indication information.

It should be noted that the first integrity protection algorithm is a set of new MAC-I calculation methods designed by the network device for the RRC connection recovery process, and is completed by adding input parameters in the UE storage variable VarResumeMAC-Input. Wherein, the input parameters of the first integrity protection algorithm may include key _RRCint , bearer ID, data transmission direction direction, count COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI and Add variables. The added variable is the variable added in the stored variable VarResumeMAC-Input.

In order to solve the compatibility problem, the network device and the terminal device can perform capability negotiation in advance. Optionally, the network device may determine the algorithm capability supported by the terminal device by judging whether the second computing capability indication information sent by the terminal device is received. As an example of a possible implementation manner, in response to receiving the second computing capability indication information sent by the terminal device, the algorithm capability supported by the terminal device is determined according to the second computing capability indication information. For example, the second computing capability indication information is used to notify the network device that the terminal device supports the first integrity protection algorithm, and the network device can determine that the algorithm capability supported by the terminal device is to support the first integrity protection algorithm according to the second computing capability indication information. An integrity protection algorithm. In another example, the second computing capability indication information is used to notify the network device that the terminal device does not support the first integrity protection algorithm, and the network device may determine that the terminal device supports the algorithm capability according to the second computing capability indication information. The first integrity protection algorithm is not supported.

As an example of another possible implementation manner, in response to not receiving the second computing capability indication information sent by the terminal device, the network device may determine that the algorithm capability supported by the terminal device is not supporting the first integrity protection algorithm. For example, the terminal device supports the second integrity protection algorithm but does not support the first integrity protection algorithm. Wherein, the input parameters of the second integrity protection algorithm include Key _RRCint , bearer ID, data transmission direction, COUNT value, target cell ID, source cell ID and temporary identifier C-RNTI.

Step 602: Select a target integrity protection algorithm corresponding to the algorithm capability according to the algorithm capability supported by the terminal device.

In this embodiment of the present application, the network device may support the first integrity protection algorithm, that is, support a new MAC-I calculation manner. It can be understood that if the network device supports the first integrity protection algorithm, it can be considered that the network device can also support the second integrity protection algorithm. At this time, according to the algorithm capability supported by the terminal device, select the target integrity value corresponding to the algorithm capability Protection algorithm, for example, if it is determined that the algorithm capability supported by the terminal device is to support the first integrity protection algorithm, then the network device can select the first integrity protection algorithm as the target integrity protection algorithm; determine the algorithm supported by the terminal device If the capability is that the first integrity protection algorithm is not supported, the network device may select the second integrity protection algorithm as the target integrity protection algorithm.

Optionally, the network device may not support the first integrity protection algorithm, that is, support the old MAC-I calculation method, such as supporting the second integrity protection algorithm. At this time, no matter whether the terminal device supports the first integrity protection algorithm or not The integrity protection algorithm is supported. Since the network device does not support the first integrity protection algorithm, the network device may select the second integrity protection algorithm as the target integrity protection algorithm. Therefore, the network device can select an integrity protection algorithm that both the terminal device and the network device can support to perform integrity protection verification on the RRC connection recovery request message according to the algorithm capabilities supported by itself and the algorithm capabilities supported by the terminal. , to ensure that the terminal device and the network device use the same algorithm, and ensure that the resumeMAC-I verification information can be correctly matched.

Step 603, according to the target integrity protection algorithm and the input parameters for calculating the message integrity verification code, perform integrity protection verification on the RRC connection recovery request message.

By implementing the embodiment of the present application, by determining the algorithm capability supported by the terminal device, the integrity protection algorithm corresponding to the algorithm capability supported by the terminal device can be selected to perform integrity protection verification on the RRC connection recovery request message, so that both parties have With the same algorithm capability, the verification information of the message integrity verification code resumeMAC-I can be correctly matched, and the problem of incompatibility of integrity protection algorithms is solved, so that the security of the RRC connection recovery request message can be enhanced.

Please refer to FIG. 7 . FIG. 7 is a flow chart of another security enhancement method for radio resource control RRC connection recovery provided by an embodiment of the present application. It should be noted that the security enhancement method for radio resource control RRC connection recovery in the embodiment of the present application can be applied to a network device. In this embodiment, the network device learns that the terminal device supports the first integrity protection algorithm through the second computing capability indication information; assuming that the network device in this embodiment supports the first integrity protection algorithm, as shown in FIG. 7, the The security enhancement method for radio resource control RRC connection recovery may include but not limited to the following steps.

Step 701, judging whether the second computing capability indication information sent by the terminal device is received; wherein, the second computing capability indication information is used to notify the network device that the terminal device supports the first integrity protection algorithm.

A) The recovery identification resumeIdentity, resumeCause and spare spare fields in the RRC connection recovery request message;

B) The arrangement and combination of the resume identification resumeIdentity, resume cause resumeCause and spare spare fields in the RRC connection resume request message;

C) RRC connection recovery request message, wherein the field used to represent the message integrity verification code resumeMAC-I in the RRC connection recovery request message as an added variable is set to a special bit;

D) The RRC connection recovery request message and the bits used to indicate the RRC connection recovery request;

E) RRC connection recovery request message, wherein, the field used to represent the message integrity verification code resumeMAC-I is deleted in the RRC connection recovery request message as an added variable;

F) The RRC connection recovery request message and the bits used to indicate the RRC connection recovery request, wherein the field used to represent the message integrity verification code resumeMAC-I is deleted from the RRC connection recovery request message as an added variable. For the convenience of understanding, a corresponding implementation manner will be given below for description.

Step 702: In response to receiving the second computing capability indication information sent by the terminal device, determine that the algorithm capability supported by the terminal device is to support the first integrity protection algorithm according to the second computing capability indication information.

Step 703: Select a first integrity protection algorithm corresponding to the algorithm capability according to the algorithm capability supported by the terminal device.

Step 704, using the first integrity protection algorithm, according to the key Key _RRCint , bearer ID, data transmission direction direction, count COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI and increase variables , to calculate the message integrity verification code. Wherein, after the message integrity verification code is calculated, step 707 may be performed, that is, to perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.

Step 705: In response to not receiving the second computing capability indication information sent by the terminal device, determine that the algorithm capability supported by the terminal device is not supporting the first integrity protection algorithm.

In this embodiment, after determining that the algorithm capability supported by the terminal device does not support the first integrity protection algorithm, the network device may select the second integrity protection algorithm to verify the security of the RRC connection recovery request message. Wherein, in the embodiment of the present application, the input parameters of the second integrity protection algorithm include key _RRCint , bearer ID, data transmission direction, count COUNT value, target cell ID, source cell ID, and temporary Identifier C-RNTI.

Step 706, according to the algorithm capability supported by the terminal equipment, choose to adopt the second integrity protection algorithm according to the key Key _RRCint , the bearer ID, the direction of data transmission, the count COUNT value, the target cell ID, and the source cell ID and the temporary identifier C-RNTI to calculate the message integrity verification code. Wherein, after the message integrity verification code is calculated, step 707 may be performed, that is, to perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.

Step 707, perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.

According to the technical solution of the embodiment of the present application, by determining the algorithm capability supported by the terminal device, the integrity protection algorithm corresponding to the algorithm capability supported by the terminal device is selected to perform integrity protection verification on the RRC connection recovery request message, so that both parties With the same algorithm capability, the verification information of the message integrity verification code resumeMAC-I can be correctly matched, and the problem of incompatibility of the integrity protection algorithm is solved, so that the security of the RRC connection recovery request message can be enhanced.

Please refer to FIG. 8 . FIG. 8 is a flow chart of another security enhancement method for RRC connection recovery provided by an embodiment of the present application. It should be noted that the security enhancement method for radio resource control RRC connection recovery in the embodiment of the present application can be applied to a network device. In this embodiment, the network device learns that the terminal device supports the first integrity protection algorithm through the second computing capability indication information; assuming that the network device in this embodiment does not support the first integrity protection algorithm, as shown in FIG. 8, The security enhancement method for radio resource control RRC connection recovery may include but not limited to the following steps.

Step 801, judging whether the second computing capability indication information sent by the terminal device is received; the second computing capability indicating information is used to notify the network device that the terminal device supports the first integrity protection algorithm.

Wherein, the input parameters of the first integrity protection algorithm include key _RRCint , bearer ID, data transmission direction, count COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI and increment variable.

Step 802, in response to not receiving the second computing capability indication information sent by the terminal device, determine that the algorithm capability supported by the terminal device is not supporting the first integrity protection algorithm.

In this embodiment, after determining that the algorithm capability supported by the terminal device does not support the first integrity protection algorithm, since the network device does not support the first integrity protection algorithm, the network device can select the second integrity protection algorithm Perform security verification of the RRC connection recovery request message, that is, in this embodiment, after determining that the algorithm capability supported by the terminal device is not supporting the first integrity protection algorithm, step 804 can be performed, that is, the second integrity protection algorithm is selected The algorithm calculates the message integrity verification code according to the key _RRCint , the bearer ID, the direction of data transmission, the COUNT value, the target cell ID, the source cell ID, and the temporary identifier C-RNTI.

Step 803: In response to receiving the second computing capability indication information sent by the terminal device, determine that the algorithm capability supported by the terminal device is to support the first integrity protection algorithm according to the second computing capability indication information.

That is to say, in response to receiving the second computing capability indication information sent by the terminal device, after determining according to the second computing capability indication information that the algorithm capability supported by the network device is to support the first integrity protection algorithm, since the network device does not The first integrity protection algorithm is supported, so the second integrity protection algorithm needs to be used to perform integrity protection verification on the RRC connection recovery request message, that is, step 804 is executed.

Step 804, choose to adopt the second integrity protection _algorithm , and calculate Message integrity verification code.

Step 805, perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.

That is to say, even if the terminal device supports the first integrity protection algorithm, since the network device does not support the integrity protection algorithm, the capability negotiation between the terminal device and the network device is performed so that both parties have the same algorithm capability, and the message integrity verification The verification information of code resumeMAC-I can be correctly matched, which solves the problem of incompatibility of the integrity protection algorithm, so that the security of the RRC connection recovery request message can be enhanced.

Please refer to FIG. 9 . FIG. 9 is a flow chart of another security enhancement method for RRC connection recovery provided by an embodiment of the present application. It should be noted that the security enhancement method for radio resource control RRC connection recovery in the embodiment of the present application can be applied to a network device. In this embodiment, when the network device determines that the terminal device does not support the first integrity protection algorithm, no matter whether the network device supports the first integrity protection algorithm or does not support the first integrity protection algorithm, the second integrity protection algorithm is adopted. The protection algorithm performs integrity protection verification on the RRC connection recovery request message. As shown in FIG. 9 , the security enhancement method for radio resource control RRC connection recovery may include but not limited to the following steps.

Step 901, judging whether the second computing capability indication information sent by the terminal device is received; the second computing capability indication information is used to notify the terminal device that the network device does not support the first integrity protection algorithm.

Step 902: In response to not receiving the second computing capability indication information sent by the terminal device, determine that the algorithm capability supported by the terminal device is not supporting the first integrity protection algorithm.

In this embodiment, when it is determined that the algorithm capability supported by the terminal device is not supporting the first integrity protection algorithm, at this time, regardless of whether the network device supports the first integrity protection algorithm or does not support the first integrity protection algorithm, the network The device selects the second integrity protection algorithm to verify the security of the RRC connection recovery request message, that is, in this embodiment, after determining that the algorithm capability supported by the terminal device does not support the first integrity protection algorithm, step 904 can be performed , that is, select the second integrity protection algorithm, and calculate the message integrity according to the key Key _RRCint , the bearer ID, the data transmission direction direction, the count COUNT value, the target cell ID, the source cell ID, and the temporary identifier C-RNTI gender verification code.

Step 903: In response to receiving the second computing capability indication information sent by the terminal device, determine that the algorithm capability supported by the terminal device is not supporting the first integrity protection algorithm according to the second computing capability indication information.

That is to say, in response to receiving the second computing capability indication information sent by the terminal device, when it is determined according to the second computing capability indication information that the algorithm capability supported by the terminal device is not supporting the first integrity protection algorithm, regardless of Whether the network device supports the first integrity protection algorithm or does not support the first integrity protection algorithm, the network device chooses to use the second integrity protection algorithm to perform integrity protection verification on the RRC connection recovery request message, that is, step 904 is executed.

Step 904, choose to adopt the second integrity protection _algorithm , and calculate Message integrity verification code.

Step 905, perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.

That is to say, since the terminal device does not support the first integrity protection algorithm, no matter whether the network device supports the first integrity protection algorithm or does not support the first integrity protection algorithm, the capability negotiation between the terminal device and the network device is performed to Make both parties have the same algorithm capability, make the check information of the message integrity verification code resumeMAC-I match correctly, solve the problem of incompatibility of the integrity protection algorithm, and thus realize the enhancement of the security of the RRC connection recovery request message .

In some embodiments of the present application, the network device may determine the algorithm capabilities supported by itself, and send the first computing capability indication information to the terminal device according to the algorithm capabilities supported by the network device, wherein the first computing capability indication information It is used to notify the terminal device whether the network device supports the first integrity protection algorithm. Optionally, the network device may send the algorithm capability supported by itself to the terminal device through the indication information.

As an example of a possible implementation manner, in response to the fact that the algorithm capability supported by the network device is to support the first integrity protection algorithm, capability indication information supporting the first integrity protection algorithm is sent to the terminal device. For example, assuming that the network device supports the first integrity protection algorithm, the network device may send capability indication information supporting the first integrity protection algorithm to the terminal device.

As an example of another possible implementation manner, in response to the fact that the algorithm capability supported by the network device is not supporting the first integrity protection algorithm, capability indication information not supporting the first integrity protection algorithm is sent to the terminal device. For example, assuming that the network device does not support the first integrity protection algorithm, the network device may send capability indication information that the terminal device does not support the first integrity protection algorithm.

As another example of a possible implementation manner, in response to the fact that the algorithm capability supported by the network device does not support the first integrity protection algorithm, no capability indication information on whether to support the first integrity protection algorithm is not sent. For example, assuming that the network device does not support the first integrity protection algorithm, the terminal device is not notified that the network device does not support the capability indication information of the first integrity protection algorithm. Wherein, if the terminal device does not receive the capability indication information sent by the network device, the terminal device may determine that the network device does not support the first integrity protection algorithm.

In some embodiments of the present application, the manner of sending the capability indication information to the terminal device includes at least any one of the following: sending through an RRC release message; broadcasting through a system message.

A possible implementation method: For broadcasting, network devices that support the first integrity protection algorithm need to broadcast the ability indication of supporting the first integrity protection algorithm in the system message (SIBX), and at the same time support the first integrity protection algorithm The network equipment must also support the second integrity protection algorithm (such as the old MAC-I algorithm).

A possible implementation method: For broadcasting, network devices that do not support the first integrity protection algorithm need to broadcast a capability indication that does not support the first integrity protection algorithm in the system message (SIBX). At this time, only the old MAC- I algorithm, such as the second integrity protection algorithm mentioned herein.

A possible implementation method: for broadcasting, the broadcast parameter of whether to support the first integrity protection algorithm is area specific (area-level parameter). When the network devices in the area have the same algorithm capability, the network devices in the area The party may broadcast a capability indication of whether to support the first integrity protection algorithm in a system message (SIBX).

A possible implementation method: For the RRCRelease (RRC Release) message, the network device that supports the first integrity protection algorithm, when the UE in the connected state is released to the INACTIVE state, carries the information that supports the first integrity protection algorithm in the RRCRelease message. The capability indication is used to inform the UE that the first integrity protection algorithm can be used for RRC connection recovery.

A possible implementation method: For the RRCRelease message, a network device that does not support the first integrity protection algorithm, when the UE in the connected state is released to the INACTIVE state, the RRCRelease message carries a capability indication that does not support the first integrity protection algorithm In order to notify the UE to use the old algorithm (such as the second integrity protection algorithm mentioned in this document) to perform RRC connection recovery.

A possible implementation manner: For any manner, a network device that does not support the first integrity protection algorithm will not perform any capability indication of supporting the first integrity protection algorithm.

In some embodiments of the present application, when the terminal resides in the anchor cell where the network device is located, the message integrity verification code calculated by the first integrity protection algorithm is used, and when cell reselection occurs in the inactive state , in response to the RRC connection recovery of the terminal device in the non-anchor cell, the network device may receive an extract terminal device context request message sent by a new network device in the non-anchor cell; wherein the extract terminal device context request message includes the first integrity The input parameters required by the protection algorithm; using the first integrity protection algorithm and the input parameters required to perform integrity protection verification on RRC connection recovery.

Optionally, for the network device side, the network device needs to extract the added content in the terminal device context request message, and the added content may include input parameters required by the first integrity protection algorithm. Assuming that the UE in the INACTIVE state restores the RRC connection in another cell, the new network device needs to send a context request to the original network device to obtain the context of the UE. Among them, the original network device needs to perform ResumeMAC-I verification before responding to the context reply. Since the new MAC-I algorithm is introduced, it is necessary to expand the fields in the Retrieve UE context request (extracting the terminal device context request message) to ensure that it can The input parameters of the new and old algorithms are provided for the old network equipment to use, and the old network equipment selects an appropriate algorithm according to the capabilities of the UE.

In the above-mentioned embodiments provided in the present application, the methods provided in the embodiments of the present application are introduced from the perspectives of the terminal device and the network device respectively. In order to realize the various functions in the method provided by the above embodiments of the present application, the network device and the terminal device may include a hardware structure and a software module, and realize the above functions in the form of a hardware structure, a software module, or a hardware structure plus a software module. A certain function among the above-mentioned functions may be implemented in the form of a hardware structure, a software module, or a hardware structure plus a software module.

Please refer to FIG. 10 , which is a schematic structural diagram of a communication device 1000 provided in an embodiment of the present application. The communication device 1000 shown in FIG. 10 may include a determination module 1001 , a selection module 1002 , and a processing module 1003 . Optionally, the communication device 1000 may further include a transceiver module 1004 . Wherein, the transceiver module 1004 may include a sending module and/or a receiving module, the sending module is used to realize the sending function, the receiving module is used to realize the receiving function, and the sending and receiving module 1004 can realize the sending function and/or the receiving function.

The communication device 1000 may be a network device, or a device in the network device, or a device that can be matched with the network device. Alternatively, the communication device 1000 may be a terminal device, may also be a device in a terminal device, and may also be a device that can be matched and used with the terminal device.

The communication device 1000 is a terminal device: in the embodiment of this application, the determination module 1001 is used to determine the algorithm capability supported by the network device; the selection module 1002 is used to select the corresponding algorithm capability according to the algorithm capability supported by the network device. Target integrity protection algorithm; the processing module 1003 is configured to perform integrity protection verification on the RRC connection recovery request message according to the target integrity protection algorithm and the input parameters used for calculating the message integrity verification code.

In one implementation, the input parameters include at least one or more of the following: Key _RRCint , bearer ID, data transmission direction, count COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI and increasing variables.

In an implementation manner, the determining module 1001 is configured to determine the algorithm capability supported by the network device according to the capability indication information sent by the network device.

In one implementation, the determination module 1001 is specifically configured to: determine whether the first computing capability indication information sent by the network device is received; the first computing capability indication information is used to notify the terminal device whether the network device supports the first integrity protection Algorithm; wherein, the input parameters of the first integrity protection algorithm include key Key _RRCint , bearer identification bearer ID, data transmission direction direction, count COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI and Add a variable; in response to receiving the first computing capability indication information sent by the network device, determine the algorithm capability supported by the network device according to the first computing capability indication information.

In a possible implementation, the determining module 1001 is further configured to: in response to not receiving the first computing capability indication information sent by the network device, determine that the algorithm capability supported by the network device is not supporting the first integrity protection algorithm .

In a possible implementation manner, the first computing capability indication information is used to notify the terminal device that the network device supports the first integrity protection algorithm; the determining module 1001 is specifically configured to: determine that the algorithm capability supported by the network device is to support the first integrity protection algorithm An integrity protection algorithm.

In a possible implementation manner, the terminal device supports the first integrity protection algorithm; the selection module 1002 is specifically configured to: select the first integrity protection algorithm corresponding to the algorithm capability according to the algorithm capability supported by the network device.

In a possible implementation manner, the processing module 1003 is specifically configured to: adopt the first integrity protection algorithm, according to the key Key _RRCint , bearer ID, data transmission direction direction, count COUNT value, target cell ID, source The cell identification ID, the temporary identifier C-RNTI and the added variable calculate the message integrity verification code; perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.

In a possible implementation manner, the terminal device does not support the first integrity protection algorithm; the selection module 1002 is specifically configured to: select the second integrity protection algorithm as the target integrity protection algorithm; wherein, the second integrity protection algorithm The input parameters include key _RRCint , bearer ID, data transmission direction, COUNT value, target cell ID, source cell ID and temporary identifier C-RNTI.

In a possible implementation, the processing module 1003 is specifically configured to: adopt the second integrity protection algorithm, according to the key Key _RRCint , bearer ID, data transmission direction direction, count COUNT value, target cell ID, source The cell identification ID and the temporary identifier C-RNTI calculate the message integrity verification code; perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.

In a possible implementation manner, the first computing capability indication information is used to notify the terminal device that the network device does not support the first integrity protection algorithm; the determining module 1001 is specifically configured to: determine that the algorithm capability supported by the network device is not Supports the first integrity protection algorithm.

In a possible implementation manner, the terminal device supports the first integrity protection algorithm or does not support the first integrity protection algorithm; the selection module 1002 is specifically configured to: select an algorithm corresponding to the algorithm capability according to the algorithm capability supported by the network device. The second integrity protection algorithm of .

In a possible implementation, increasing variables at least includes any one of the following A) to F):

A) The resumeIdentity, resumeCause, and spare fields in the RRC connection resume request message; B) The arrangement and combination of resumeIdentity, resumeCause, and spare spare fields in the RRC connection resume request message; C) RRC connection resume request message, wherein, the field used to represent the message integrity verification code resumeMAC-I in the RRC connection recovery request message as an increased variable is set to a special bit; D) the RRC connection recovery request message and the field used to indicate the RRC connection recovery request Bits; E) RRC connection recovery request message, wherein the field used to represent the message integrity verification code resumeMAC-I is deleted from the RRC connection recovery request message as an added variable; F) RRC connection recovery request message and used for Indicates the bit of the RRC connection resume request, where the field used to represent the message integrity verification code resumeMAC-I is deleted from the RRC connection resume request message as an added variable.

In one implementation, the transceiver module 1004 is configured to send the second computing capability indication information to the network device according to the algorithm capability supported by the terminal device, wherein the second computing capability indication information is used to notify the network device whether the terminal device Supports the first integrity protection algorithm.

In a possible implementation, the transceiver module 1004 is specifically configured to: in response to the algorithm capability supported by the terminal device supporting the first integrity protection algorithm, send capability indication information supporting the first integrity protection algorithm to the network device .

In a possible implementation manner, the transceiver module 1004 is specifically configured to: in response to the fact that the algorithm capability supported by the terminal device is not supporting the first integrity protection algorithm, send the capability of not supporting the first integrity protection algorithm to the network device Instructions.

In a possible implementation, the transceiver module 1004 is specifically configured to: respond to the fact that the algorithm capability supported by the terminal device does not support the first integrity protection algorithm, not sending a capability indication on whether to support the first integrity protection algorithm information.

In a possible implementation manner, the manner in which the transceiver module 1004 sends the capability indication information to the network device includes at least any one of the following:

The message is sent through the security mode; through the terminal equipment UE capability information message; through the UE auxiliary information; through the initial access message 5Msg5; through the initial access message 3Msg3; through the initial access message 1Msg1.

In a possible implementation, the processing module 1003 is further configured to: use the message integrity verification code calculated by the first integrity protection algorithm when the terminal camps on the anchor cell, and the cell In the case of reselection, in response to the RRC connection recovery occurring in the non-anchor cell, the first integrity protection algorithm and the input parameters for calculating the message integrity verification code are used to perform integrity protection verification on the RRC connection recovery.

The communication device 1000 is a network device. In the embodiment of this application, the determination module 1001 is used to determine the algorithm capability supported by the terminal device in response to receiving the RRC connection recovery request message sent by the terminal device; According to the algorithm capability supported by the device, select the target integrity protection algorithm corresponding to the algorithm capability; the processing module 1003 is used to process the RRC connection recovery request message according to the target integrity protection algorithm and the input parameters used to calculate the message integrity verification code Perform integrity protection verification.

In an implementation manner, the determining module 1001 is configured to determine the algorithm capability supported by the terminal device according to the capability indication information sent by the terminal device.

In one implementation, the determination module 1001 is specifically configured to: determine whether the second computing capability indication information sent by the terminal device is received; the second computing capability indication information is used to notify the network device whether the terminal device supports the first integrity protection Algorithm; wherein, the input parameters of the first integrity protection algorithm include key Key _RRCint , bearer identification bearer ID, data transmission direction direction, count COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI and Add a variable; in response to receiving the second computing capability indication information sent by the terminal device, determine the algorithm capability supported by the terminal device according to the second computing capability indication information.

In a possible implementation, the determining module 1001 is further configured to: in response to not receiving the second computing capability indication information sent by the terminal device, determine that the algorithm capability supported by the terminal device is not supporting the first integrity protection algorithm .

In a possible implementation manner, the second computing capability indication information is used to notify the network device that the terminal device supports the first integrity protection algorithm; the determining module 1001 is specifically configured to: determine that the algorithm capability supported by the terminal device is to support the first integrity protection algorithm An integrity protection algorithm.

Optionally, the network device supports the first integrity protection algorithm; the selection module 1002 is specifically configured to: select the first integrity protection algorithm corresponding to the algorithm capability according to the algorithm capability supported by the terminal device.

Optionally, the processing module 1003 is specifically configured to: adopt the first integrity protection algorithm, according to the key Key _RRCint , bearer ID, data transmission direction direction, count COUNT value, target cell ID, source cell ID, temporary The identifier C-RNTI and variable are added, and the message integrity verification code is calculated; the integrity protection verification of the RRC connection recovery request message is performed according to the calculated message integrity verification code.

In a possible implementation manner, the network device does not support the first integrity protection algorithm; the selection module 1002 is specifically configured to: select the second integrity protection algorithm as the target integrity protection algorithm; wherein, the second integrity protection algorithm The input parameters include key _RRCint , bearer ID, data transmission direction, COUNT value, target cell ID, source cell ID and temporary identifier C-RNTI.

Optionally, the processing module 1003 is specifically configured to: adopt the second integrity protection algorithm, according to the key Key _RRCint , bearer ID, data transmission direction direction, count COUNT value, target cell ID, source cell ID, and temporary The identifier C-RNTI calculates a message integrity verification code; and performs integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.

In one implementation, the second computing capability indication information is used to notify the network device that the terminal device does not support the first integrity protection algorithm; the determining module 1001 is specifically configured to: determine that the algorithm capability supported by the terminal device is not supporting the first integrity protection algorithm An integrity protection algorithm.

In a possible implementation, the network device supports the first integrity protection algorithm or does not support the first integrity protection algorithm; the selection module 1002 is specifically configured to: select the algorithm corresponding to the algorithm capability according to the algorithm capability supported by the terminal device. The second integrity protection algorithm of .

In one implementation, increasing variables at least includes any one of the following A) to F):

In one implementation, the transceiver module 1004 is configured to send the first computing capability indication information to the terminal device according to the algorithm capability supported by the network device, wherein the first computing capability indication information is used to notify the terminal device whether the network device Supports the first integrity protection algorithm.

In a possible implementation manner, the transceiver module 1004 is specifically configured to: send capability indication information supporting the first integrity protection algorithm to the terminal device in response to the algorithm capability supported by the network device supporting the first integrity protection algorithm .

In a possible implementation, the transceiver module 1004 is specifically configured to: in response to the fact that the algorithm capability supported by the network device is not supporting the first integrity protection algorithm, send the capability of not supporting the first integrity protection algorithm to the terminal device Instructions.

In a possible implementation, the transceiver module 1004 is specifically configured to: respond to the fact that the algorithm capability supported by the network device does not support the first integrity protection algorithm, not sending a capability indication on whether to support the first integrity protection algorithm information.

In a possible implementation manner, the manner of sending the capability indication information to the terminal by the transceiver module 1004 includes at least any one of the following: sending through an RRC release message; broadcasting through a system message.

In a possible implementation, the transceiver module 1004 is also configured to use the message integrity verification code calculated by the first integrity protection algorithm when the terminal resides in the anchor cell where the network device is located, and the verification code is generated when the terminal is in an inactive state. In the case of cell reselection, in response to the RRC connection recovery of the terminal device in the non-anchor cell, the terminal device context extraction request message sent by the new network device in the non-anchor cell is received; wherein, the extraction terminal device context request message includes Input parameters required by the first integrity protection algorithm; the processing module 1003 is also configured to perform integrity protection verification on RRC connection recovery by using the first integrity protection algorithm and its required input parameters.

Regarding the apparatus in the foregoing embodiments, the specific manner in which each module executes operations has been described in detail in the embodiments related to the method, and will not be described in detail here.

Please refer to FIG. 11 , which is a schematic structural diagram of another communication device 1100 provided in an embodiment of the present application. The communication device 1100 may be a network device, or a terminal device, or a chip, a chip system, or a processor that supports the network device to implement the above method, or a chip, a chip system, or a chip that supports the terminal device to implement the above method. processor etc. The device can be used to implement the methods described in the above method embodiments, and for details, refer to the descriptions in the above method embodiments.

The communication device 1100 may include one or more processors 1101 . The processor 1101 may be a general-purpose processor or a special-purpose processor. For example, it can be a baseband processor or a central processing unit. The baseband processor can be used to process communication protocols and communication data, and the central processing unit can be used to control communication devices (such as base stations, baseband chips, terminal equipment, terminal equipment chips, DU or CU, etc.) and execute computer programs , to process data for computer programs.

Optionally, the communication device 1100 may further include one or more memories 1102, on which a computer program 1104 may be stored, and the processor 1101 executes the computer program 1104, so that the communication device 1100 executes the method described in the foregoing method embodiments. method. Optionally, data may also be stored in the memory 1102 . The communication device 1100 and the memory 1102 can be set separately or integrated together.

Optionally, the communication device 1100 may further include a transceiver 1105 and an antenna 1106 . The transceiver 1105 may be called a transceiver unit, a transceiver, or a transceiver circuit, etc., and is used to implement a transceiver function. The transceiver 1105 may include a receiver and a transmitter, and the receiver may be called a receiver or a receiving circuit, etc., for realizing a receiving function; the transmitter may be called a transmitter, or a sending circuit, for realizing a sending function.

Optionally, the communication device 1100 may further include one or more interface circuits 1107 . The interface circuit 1107 is used to receive code instructions and transmit them to the processor 1101 . The processor 1101 executes the code instructions to enable the communication device 1100 to execute the methods described in the foregoing method embodiments.

The communication device 1100 is a terminal device: the processor 1101 runs the code instructions to enable the communication device 1100 to execute the methods described in the embodiments shown in FIGS. 2 to 5 above.

The communication device 1100 is a network device: the processor 1101 runs the code instructions to enable the communication device 1100 to execute the methods described in the embodiments shown in FIGS. 6 to 9 above.

In an implementation manner, the processor 1101 may include a transceiver for implementing receiving and sending functions. For example, the transceiver may be a transceiver circuit, or an interface, or an interface circuit. The transceiver circuits, interfaces or interface circuits for realizing the functions of receiving and sending can be separated or integrated together. The above-mentioned transceiver circuit, interface or interface circuit may be used for reading and writing code/data, or the above-mentioned transceiver circuit, interface or interface circuit may be used for signal transmission or transfer.

In an implementation manner, the processor 1101 may store a computer program 1103 , and the computer program 1103 runs on the processor 1101 to enable the communication device 1100 to execute the methods described in the foregoing method embodiments. The computer program 1103 may be solidified in the processor 1101, and in this case, the processor 1101 may be implemented by hardware.

In an implementation manner, the communication device 1100 may include a circuit, and the circuit may implement the function of sending or receiving or communicating in the foregoing method embodiments. The processors and transceivers described in this application can be implemented in integrated circuits (integrated circuits, ICs), analog ICs, radio frequency integrated circuits (RFICs), mixed-signal ICs, application specific integrated circuits (ASICs), printed circuit boards ( printed circuit board, PCB), electronic equipment, etc. The processor and transceiver can also be fabricated using various IC process technologies, such as complementary metal oxide semiconductor (CMOS), nMetal-oxide-semiconductor (NMOS), P-type Metal oxide semiconductor (positive channel metal oxide semiconductor, PMOS), bipolar junction transistor (bipolar junction transistor, BJT), bipolar CMOS (BiCMOS), silicon germanium (SiGe), gallium arsenide (GaAs), etc.

The communication device described in the above embodiments may be a network device or a terminal device (such as the first terminal device in the foregoing method embodiments), but the scope of the communication device described in this application is not limited thereto, and the structure of the communication device can be Not limited by Figure 11. A communication device may be a stand-alone device or may be part of a larger device. For example the communication device may be:

(1) Stand-alone integrated circuits ICs, or chips, or chip systems or subsystems;

(2) A set of one or more ICs, optionally, the set of ICs may also include storage components for storing data and computer programs;

(3) ASIC, such as modem (Modem);

(4) Modules that can be embedded in other devices;

(5) Receivers, terminal equipment, intelligent terminal equipment, cellular phones, wireless equipment, handsets, mobile units, vehicle equipment, network equipment, cloud equipment, artificial intelligence equipment, etc.;

(6) Others and so on.

Those skilled in the art can also understand that various illustrative logical blocks and steps listed in the embodiments of the present application can be implemented by electronic hardware, computer software, or a combination of both. Whether such functions are implemented by hardware or software depends on the specific application and overall system design requirements. Those skilled in the art may use various methods to implement the described functions for each specific application, but such implementation should not be understood as exceeding the protection scope of the embodiments of the present application.

The embodiment of the present application also provides a system for determining the duration of the side link. The system includes the communication device as the terminal device and the communication device as the network device in the aforementioned embodiment in FIG. A communication device as a terminal device and a communication device as a network device.

The present application also provides a readable storage medium on which instructions are stored, and when the instructions are executed by a computer, the functions of any one of the above method embodiments are realized.

The present application also provides a computer program product, which implements the functions of any one of the above method embodiments when executed by a computer.

In the above embodiments, all or part of them may be implemented by software, hardware, firmware or any combination thereof. When implemented using software, it may be implemented in whole or in part in the form of a computer program product. The computer program product comprises one or more computer programs. When the computer program is loaded and executed on the computer, all or part of the processes or functions according to the embodiments of the present application will be generated. The computer can be a general purpose computer, a special purpose computer, a computer network, or other programmable devices. The computer program can be stored in or transmitted from one computer-readable storage medium to another computer-readable storage medium, for example, the computer program can be downloaded from a website, computer, server or data center Transmission to another website site, computer, server or data center by wired (such as coaxial cable, optical fiber, digital subscriber line (DSL)) or wireless (such as infrared, wireless, microwave, etc.). The computer-readable storage medium may be any available medium that can be accessed by a computer, or a data storage device such as a server or a data center integrated with one or more available media. The available medium may be a magnetic medium (for example, a floppy disk, a hard disk, a magnetic tape), an optical medium (for example, a high-density digital video disc (digital video disc, DVD)), or a semiconductor medium (for example, a solid state disk (solid state disk, SSD)) etc.

Those of ordinary skill in the art can understand that: the first, second and other numbers involved in this application are only for convenience of description, and are not used to limit the scope of the embodiments of this application, and also indicate the sequence.

At least one in this application can also be described as one or more, and multiple can be two, three, four or more, and this application does not make a limitation. In this embodiment of the application, for a technical feature, the technical feature is distinguished by "first", "second", "third", "A", "B", "C" and "D", etc. The technical features described in the "first", "second", "third", "A", "B", "C" and "D" have no sequence or order of magnitude among the technical features described.

The corresponding relationships shown in the tables in this application can be configured or predefined. The values of the information in each table are just examples, and may be configured as other values, which are not limited in this application. When configuring the corresponding relationship between the information and each parameter, it is not necessarily required to configure all the corresponding relationships shown in the tables. For example, in the table in this application, the corresponding relationship shown in some rows may not be configured. For another example, appropriate deformation adjustments can be made based on the above table, for example, splitting, merging, and so on. The names of the parameters shown in the titles of the above tables may also adopt other names understandable by the communication device, and the values or representations of the parameters may also be other values or representations understandable by the communication device. When the above tables are implemented, other data structures can also be used, for example, arrays, queues, containers, stacks, linear tables, pointers, linked lists, trees, graphs, structures, classes, heaps, hash tables or hash tables can be used wait.

Predefined in this application can be understood as defining, predefining, storing, prestoring, prenegotiating, preconfiguring, curing, or prefiring.

Those skilled in the art can appreciate that the units and algorithm steps of the examples described in conjunction with the embodiments disclosed herein can be implemented by electronic hardware, or a combination of computer software and electronic hardware. Whether these functions are executed by hardware or software depends on the specific application and design constraints of the technical solution. Those skilled in the art may use different methods to implement the described functions for each specific application, but such implementation should not be regarded as exceeding the scope of the present application.

Those skilled in the art can clearly understand that for the convenience and brevity of the description, the specific working process of the above-described system, device and unit can refer to the corresponding process in the foregoing method embodiment, which will not be repeated here.

The above is only a specific implementation of the application, but the scope of protection of the application is not limited thereto. Anyone familiar with the technical field can easily think of changes or substitutions within the technical scope disclosed in the application. Should be covered within the protection scope of this application. Therefore, the protection scope of the present application should be determined by the protection scope of the claims.

Claims

A security enhancement method for radio resource control RRC connection recovery, characterized in that the method is applied to a terminal device, and the method includes:

Determine the algorithm capabilities supported by network equipment;

Selecting a target integrity protection algorithm corresponding to the algorithm capability according to the algorithm capability supported by the network device;

Perform integrity protection verification on the RRC connection recovery request message according to the target integrity protection algorithm and input parameters used for calculating message integrity verification codes.
The method according to claim 1, wherein the input parameters include at least one or more of the following:

Key RRCint , bearer ID, data transmission direction, COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI, and added variables.
The method according to claim 1 or 2, wherein said determining the algorithm capabilities supported by the network equipment includes:

According to the capability indication information sent by the network device, determine the algorithm capability supported by the network device.
The method according to claim 2, wherein said determining the algorithm capability supported by the network device comprises:

Judging whether the first computing capability indication information sent by the network device is received; the first computing capability indication information is used to notify the terminal device whether the network device supports the first integrity protection algorithm; wherein, the The input parameters of the first integrity protection algorithm include key Key RRCint , bearer ID, data transmission direction direction, count COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI and increase variable;

In response to receiving the first computing capability indication information sent by the network device, determine the algorithm capability supported by the network device according to the first computing capability indication information.
The method according to claim 4, wherein said determining the algorithm capability supported by the network device further comprises:

In response to not receiving the first computing capability indication information sent by the network device, determine that the algorithm capability supported by the network device is not supporting the first integrity protection algorithm.
The method according to claim 4, wherein the first computing capability indication information is used to notify the terminal device that the network device supports a first integrity protection algorithm; Instruction information to determine the algorithm capabilities supported by the network device, including:

It is determined that the algorithm capability supported by the network device is to support the first integrity protection algorithm.
The method according to claim 6, wherein the terminal device supports the first integrity protection algorithm; and according to the algorithm capability supported by the network device, the target corresponding to the algorithm capability is selected Integrity protection algorithms, including:

According to the algorithm capability supported by the network device, a first integrity protection algorithm corresponding to the algorithm capability is selected.
The method according to claim 6 or 7, wherein, according to the target integrity protection algorithm and the input parameters used to calculate the message integrity verification code, the RRC connection recovery request message is verified for integrity protection, include:

Using the first integrity protection algorithm, according to the key Key RRCint , bearer ID, data transmission direction direction, count COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI and increase variable, calculate the message integrity verification code;

Perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.
The method according to claim 6, wherein the terminal device does not support the first integrity protection algorithm; and according to the algorithm capability supported by the network device, the algorithm capability corresponding to the algorithm capability is selected. Target integrity protection algorithms, including:

Select the second integrity protection algorithm as the target integrity protection algorithm; wherein, the input parameters of the second integrity protection algorithm include key Key RRCint , bearer ID, data transmission direction direction, count COUNT value, target Cell ID, source cell ID and temporary identifier C-RNTI.
The method according to claim 9, wherein, according to the target integrity protection algorithm and the input parameters for calculating the message integrity verification code, performing integrity protection verification on the RRC connection recovery request message includes:

Using the second integrity protection algorithm , calculate Message integrity verification code;

Perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.
The method according to claim 4, wherein the first computing capability indication information is used to notify the terminal device that the network device does not support the first integrity protection algorithm; Capability indication information to determine the algorithm capabilities supported by the network device, including:

It is determined that the algorithm capability supported by the network device is not supporting the first integrity protection algorithm.
The method according to claim 11, wherein the terminal device supports the first integrity protection algorithm or does not support the first integrity protection algorithm; the algorithm supported by the network device Capability, select the target integrity protection algorithm corresponding to the algorithm capability, including:

According to the algorithm capability supported by the network device, a second integrity protection algorithm corresponding to the algorithm capability is selected.
The method according to claim 12, wherein the integrity protection verification is performed on the RRC connection recovery request message according to the target integrity protection algorithm and the input parameters used to calculate the message integrity verification code, include:

Using the second integrity protection algorithm , calculate Message integrity verification code;

Perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.
The method according to any one of claims 2 to 13, wherein said increasing variable comprises at least any one of the following A) to F):

A) the recovery identification resumeIdentity, resumeCause and spare spare fields in the RRC connection recovery request message;

B) the permutation and combination of resume identification resumeIdentity, resume cause resumeCause and spare spare field in the RRC connection resume request message;

C) the RRC connection recovery request message, wherein the field used to represent the message integrity verification code resumeMAC-I in the RRC connection recovery request message as the added variable is set to a special bit;

D) the RRC connection recovery request message and the bits used to indicate the RRC connection recovery request;

E) the RRC connection recovery request message, wherein the field used to represent the message integrity verification code resumeMAC-I is deleted from the RRC connection recovery request message as the added variable;

F) the RRC connection recovery request message and the bits used to indicate the RRC connection recovery request, wherein, the RRC connection recovery request message used as the added variable is deleted for indicating the message integrity verification code resumeMAC-I field.
The method according to any one of claims 1 to 14, further comprising:

Determine the algorithm capabilities supported by the terminal device;

According to the algorithm capability supported by the terminal device, send second computing capability indication information to the network device, where the second computing capability indication information is used to notify the network device whether the terminal device supports the first An integrity protection algorithm.
The method according to claim 15, wherein the sending the second computing capability indication information to the network device according to the algorithm capability supported by the terminal device includes:

In response to the algorithm capability supported by the terminal device supporting the first integrity protection algorithm, sending capability indication information supporting the first integrity protection algorithm to the network device.
The method according to claim 15 or 16, wherein the sending the second computing capability indication information to the network device according to the algorithm capability supported by the terminal device includes:

In response to the algorithm capability supported by the terminal device not supporting the first integrity protection algorithm, sending capability indication information not supporting the first integrity protection algorithm to the network device.
The method according to any one of claims 15 to 17, wherein the sending the second computing capability indication information to the network device according to the algorithm capability supported by the terminal device includes:

In response to the algorithm capability supported by the terminal device not supporting the first integrity protection algorithm, no capability indication information about whether the first integrity protection algorithm is supported is not sent.
The method according to claim 15, wherein the manner of sending capability indication information to the network device includes at least any of the following:

Complete message sending through safe mode;

Sending through terminal equipment UE capability information message;

Send through UE auxiliary information;

Sent through the initial access message 5 Msg5;

Sent through the initial access message 3 Msg3;

Sent via initial access message 1 Msg1.
The method according to claim 1, further comprising:

For the message integrity verification code calculated by using the first integrity protection algorithm when the terminal resides in the anchor cell, and when cell reselection occurs in the inactive state, in response to RRC connection recovery, using the first integrity protection algorithm and input parameters for calculating message integrity verification codes, to perform integrity protection verification on the RRC connection recovery.
A security enhancement method for radio resource control RRC connection recovery, characterized in that the method is applied to a network device, and the method includes:

In response to receiving the RRC connection recovery request message sent by the terminal device, determine the algorithm capability supported by the terminal device;

Selecting a target integrity protection algorithm corresponding to the algorithm capability according to the algorithm capability supported by the terminal device;

Perform integrity protection verification on the RRC connection recovery request message according to the target integrity protection algorithm and input parameters used for calculating message integrity verification codes.
The method according to claim 21, wherein the input parameters include at least one or more of the following:

Key RRCint , bearer ID, data transmission direction, COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI, and added variables.
The method according to claim 21 or 22, wherein the determining the algorithm capability supported by the terminal device includes:

According to the capability indication information sent by the terminal device, the algorithm capability supported by the terminal device is determined.
The method according to claim 22, wherein the determining the algorithm capability supported by the terminal device comprises:

Judging whether the second computing capability indication information sent by the terminal device is received; the second computing capability indication information is used to notify the network device whether the terminal device supports the first integrity protection algorithm; wherein, the The input parameters of the first integrity protection algorithm include key Key RRCint , bearer ID, data transmission direction direction, count COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI and increase variable;

In response to receiving the second computing capability indication information sent by the terminal device, determine the algorithm capability supported by the terminal device according to the second computing capability indication information.
The method according to claim 24, wherein the determining the algorithm capability supported by the terminal device further comprises:

In response to not receiving the second computing capability indication information sent by the terminal device, it is determined that the algorithm capability supported by the terminal device is not supporting the first integrity protection algorithm.
The method according to claim 24, wherein the second computing capability indication information is used to notify the network device that the terminal device supports the first integrity protection algorithm; Instruction information to determine the algorithm capabilities supported by the terminal device, including:

It is determined that the algorithm capability supported by the terminal device is to support the first integrity protection algorithm.
The method according to claim 26, wherein the network device supports the first integrity protection algorithm; and according to the algorithm capability supported by the terminal device, the target corresponding to the algorithm capability is selected Integrity protection algorithms, including:

According to the algorithm capability supported by the terminal device, a first integrity protection algorithm corresponding to the algorithm capability is selected.
The method according to claim 26 or 27, wherein the integrity protection of the RRC connection recovery request message is performed according to the target integrity protection algorithm and the input parameters used to calculate the message integrity verification code Verification, including:

Using the first integrity protection algorithm, according to the key Key RRCint , bearer ID, data transmission direction direction, count COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI and increase variable, calculate the message integrity verification code;

Perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.
The method according to claim 26, wherein the network device does not support the first integrity protection algorithm; and according to the algorithm capability supported by the terminal device, the algorithm capability corresponding to the algorithm capability is selected. Target integrity protection algorithms, including:

Select the second integrity protection algorithm as the target integrity protection algorithm; wherein, the input parameters of the second integrity protection algorithm include key Key RRCint , bearer ID, data transmission direction direction, count COUNT value, target Cell ID, source cell ID and temporary identifier C-RNTI.
The method according to claim 29, characterized in that, performing integrity protection verification on the RRC connection recovery request message according to the target integrity protection algorithm and the input parameters used to calculate the message integrity verification code, include:

Using the second integrity protection algorithm , calculate Message integrity verification code;

Perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.
The method according to claim 24, wherein the second computing capability indication information is used to notify the network device that the terminal device does not support the first integrity protection algorithm; Capability indication information, which determines the algorithm capabilities supported by the terminal device, including:

It is determined that the algorithm capability supported by the terminal device is not supporting the first integrity protection algorithm.
The method according to claim 31, wherein the network device supports the first integrity protection algorithm or does not support the first integrity protection algorithm; the algorithm supported by the terminal device Capability, select the target integrity protection algorithm corresponding to the algorithm capability, including:

According to the algorithm capability supported by the terminal device, a second integrity protection algorithm corresponding to the algorithm capability is selected.
The method according to claim 32, characterized in that, performing integrity protection verification on the RRC connection recovery request message according to the target integrity protection algorithm and the input parameters used to calculate the message integrity verification code, include:

Using the second integrity protection algorithm , calculate Message integrity verification code;

Perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.
The method according to any one of claims 22 to 33, wherein the increased variable includes at least any one of the following A) to F):

A) the recovery identification resumeIdentity, resumeCause and spare spare fields in the RRC connection recovery request message;

B) the permutation and combination of resume identification resumeIdentity, resume cause resumeCause and spare spare field in the RRC connection resume request message;

C) the RRC connection recovery request message, wherein the field used to represent the message integrity verification code resumeMAC-I in the RRC connection recovery request message as the added variable is set to a special bit;

D) the RRC connection recovery request message and the bits used to indicate the RRC connection recovery request;

E) the RRC connection recovery request message, wherein the field used to represent the message integrity verification code resumeMAC-I is deleted from the RRC connection recovery request message as the added variable;

F) the RRC connection recovery request message and the bits used to indicate the RRC connection recovery request, wherein, the RRC connection recovery request message used as the added variable is deleted for indicating the message integrity verification code resumeMAC-I field.
The method according to any one of claims 21 to 34, further comprising:

Determine the algorithm capabilities supported by the network device;

According to the algorithm capability supported by the network device, send first computing capability indication information to the terminal device, where the first computing capability indication information is used to notify the terminal device whether the network device supports the first An integrity protection algorithm.
The method according to claim 35, wherein the sending of the first computing capability indication information to the terminal device according to the algorithm capability supported by the network device includes:

In response to the algorithm capability supported by the network device supporting the first integrity protection algorithm, sending capability indication information supporting the first integrity protection algorithm to the terminal device.
The method according to claim 35 or 36, wherein the sending of the first computing capability indication information to the terminal device according to the algorithm capability supported by the network device includes:

In response to the algorithm capability supported by the network device not supporting the first integrity protection algorithm, sending capability indication information not supporting the first integrity protection algorithm to the terminal device.
The method according to any one of claims 35 to 36, wherein the sending the first computing capability indication information to the terminal device according to the algorithm capability supported by the network device includes:

In response to the algorithm capability supported by the network device not supporting the first integrity protection algorithm, no capability indication information about whether the first integrity protection algorithm is supported is not sent.
The method according to claim 35, wherein the manner of sending capability indication information to the terminal includes at least any of the following:

Send by RRC release message;

Broadcast via system messages.
The method according to claim 21, further comprising:

For the message integrity verification code calculated by using the first integrity protection algorithm when the terminal resides in the anchor cell where the network device is located, and when cell reselection occurs in the inactive state, respond to the The terminal device recovers the RRC connection in the non-anchor cell, and receives a request message for extracting the context of the terminal device sent by a new network device in the non-anchor cell; wherein the request message for extracting the context of the terminal device includes the first complete The input parameters required by the security protection algorithm;

Using the first integrity protection algorithm and its required input parameters, integrity protection verification is performed on the RRC connection restoration.
A communication device, characterized in that the communication device includes:

A determination module, the determination module is used to determine the algorithm capabilities supported by the network equipment;

A selection module, the selection module is configured to select a target integrity protection algorithm corresponding to the algorithm capability according to the algorithm capability supported by the network device;

A processing module, the processing module is used to perform integrity protection verification on the RRC connection recovery request message according to the target integrity protection algorithm and the input parameters used for calculating the message integrity verification code.
The communication device according to claim 41, wherein the input parameters include at least one or more of the following:

Key RRCint , bearer ID, data transmission direction, COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI, and added variables.
The method according to claim 42 or 42, wherein the determining module is used for:

According to the capability indication information sent by the network device, determine the algorithm capability supported by the network device.
The communication device according to claim 41, wherein the determining module is specifically configured to:

Judging whether the first computing capability indication information sent by the network device is received; the first computing capability indication information is used to notify the terminal device whether the network device supports the first integrity protection algorithm; wherein, the The input parameters of the first integrity protection algorithm include key Key RRCint , bearer ID, data transmission direction direction, count COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI and increase variable;

In response to receiving the first computing capability indication information sent by the network device, determine the algorithm capability supported by the network device according to the first computing capability indication information.
The communication device according to claim 44, wherein the determination module is also used for:

In response to not receiving the first computing capability indication information sent by the network device, it is determined that the algorithm capability supported by the network device is not supporting the first integrity protection algorithm.
The communication device according to claim 44, wherein the first computing capability indication information is used to notify the terminal device that the network device supports the first integrity protection algorithm; the determining module is specifically used for:

It is determined that the algorithm capability supported by the network device is to support the first integrity protection algorithm.
The communication device according to claim 46, wherein the terminal device supports the first integrity protection algorithm; the selection module is specifically used for:

According to the algorithm capability supported by the network device, a first integrity protection algorithm corresponding to the algorithm capability is selected.
The communication device according to claim 46 or 47, wherein the processing module is specifically used for:

Using the first integrity protection algorithm, according to the key Key RRCint , bearer ID, data transmission direction direction, count COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI and increase variable, calculate the message integrity verification code;

Perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.
The communication device according to claim 46, wherein the terminal device does not support the first integrity protection algorithm; the selection module is specifically used for:

Select the second integrity protection algorithm as the target integrity protection algorithm; wherein, the input parameters of the second integrity protection algorithm include key Key RRCint , bearer ID, data transmission direction direction, count COUNT value, target Cell ID, source cell ID and temporary identifier C-RNTI.
The communication device according to claim 49, wherein the processing module is specifically used for:

Using the second integrity protection algorithm , calculate Message integrity verification code;

Perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.
The communication device according to claim 44, wherein the first computing capability indication information is used to notify the terminal device that the network device does not support the first integrity protection algorithm; the determining module is specifically used to :

It is determined that the algorithm capability supported by the network device is not supporting the first integrity protection algorithm.
The communication device according to claim 51, wherein the terminal device supports the first integrity protection algorithm or does not support the first integrity protection algorithm; the selection module is specifically used for:

According to the algorithm capability supported by the network device, a second integrity protection algorithm corresponding to the algorithm capability is selected.
The communication device according to claim 52, wherein the processing module is specifically used for:

Using the second integrity protection algorithm , calculate Message integrity verification code;

Perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.
The communication device according to any one of claims 42 to 53, wherein the increased variable includes at least any one of the following A) to F):

A) the recovery identification resumeIdentity, resumeCause and spare spare fields in the RRC connection recovery request message;

B) the permutation and combination of resume identification resumeIdentity, resume cause resumeCause and spare spare field in the RRC connection resume request message;

C) the RRC connection recovery request message, wherein the field used to represent the message integrity verification code resumeMAC-I in the RRC connection recovery request message as the added variable is set to a special bit;

D) the RRC connection recovery request message and the bits used to indicate the RRC connection recovery request;

E) the RRC connection recovery request message, wherein the field used to represent the message integrity verification code resumeMAC-I is deleted in the RRC connection recovery request message as the added variable;

F) the RRC connection recovery request message and the bits used to indicate the RRC connection recovery request, wherein the RRC connection recovery request message used as the added variable is deleted for indicating the message integrity verification code resumeMAC-I field.
The communication device according to any one of claims 41 to 54, further comprising:

A transceiver module, configured to send second computing capability indication information to the network device according to the algorithm capability supported by the terminal device, wherein the second computing capability indication information is used to notify the network device, whether the terminal device supports the first integrity protection algorithm.
The communication device according to claim 55, wherein the transceiver module is specifically used for:

In response to the algorithm capability supported by the terminal device supporting the first integrity protection algorithm, sending capability indication information supporting the first integrity protection algorithm to the network device.
The communication device according to claim 55 or 56, wherein the transceiver module is specifically used for:

In response to the algorithm capability supported by the terminal device not supporting the first integrity protection algorithm, sending capability indication information not supporting the first integrity protection algorithm to the network device.
The communication device according to any one of claims 55 to 57, wherein the transceiver module is specifically used for:

In response to the algorithm capability supported by the terminal device not supporting the first integrity protection algorithm, no capability indication information about whether the first integrity protection algorithm is supported is not sent.
The communication device according to claim 55, characterized in that, the manner in which the sending and receiving module sends capability indication information to the network device includes at least any of the following:

Complete message sending through safe mode;

Sending through terminal equipment UE capability information message;

Send through UE auxiliary information;

Sent through the initial access message 5 Msg5;

Sent through the initial access message 3 Msg3;

Sent via initial access message 1 Msg1.
The communication device according to claim 41, wherein the processing module is further used for:

For the message integrity verification code calculated by using the first integrity protection algorithm when the terminal resides in the anchor cell, and when cell reselection occurs in the inactive state, in response to RRC connection recovery, using the first integrity protection algorithm and input parameters for calculating message integrity verification codes, to perform integrity protection verification on the RRC connection recovery.
A communication device, characterized in that the communication device includes:

A determining module, the determining module is configured to determine the algorithm capability supported by the terminal device in response to receiving the RRC connection recovery request message sent by the terminal device;

A selection module, the selection module is configured to select a target integrity protection algorithm corresponding to the algorithm capability according to the algorithm capability supported by the terminal device;

A processing module, the processing module is configured to perform integrity protection verification on the RRC connection recovery request message according to the target integrity protection algorithm and input parameters for calculating a message integrity verification code.
The communication device according to claim 61, wherein the input parameters include at least one or more of the following:

Key RRCint , bearer ID, data transmission direction, COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI, and added variables.
The communication device according to claim 61 or 62, wherein the determining module is used for:

According to the capability indication information sent by the terminal device, the algorithm capability supported by the terminal device is determined.
The communication device according to claim 62, wherein the determining module is specifically configured to:

Judging whether the second computing capability indication information sent by the terminal device is received; the second computing capability indication information is used to notify the network device whether the terminal device supports the first integrity protection algorithm; wherein, the The input parameters of the first integrity protection algorithm include key Key RRCint , bearer ID, data transmission direction direction, count COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI and increase variable;

In response to receiving the second computing capability indication information sent by the terminal device, determine the algorithm capability supported by the terminal device according to the second computing capability indication information.
The communication device according to claim 64, wherein the determining module is also used for:

In response to not receiving the second computing capability indication information sent by the terminal device, it is determined that the algorithm capability supported by the terminal device is not supporting the first integrity protection algorithm.
The communication device according to claim 64, wherein the second computing capability indication information is used to notify the network device that the terminal device supports the first integrity protection algorithm; the determining module is specifically used for:

It is determined that the algorithm capability supported by the terminal device is to support the first integrity protection algorithm.
The communication device according to claim 66, wherein the network device supports the first integrity protection algorithm; the selection module is specifically used for:

According to the algorithm capability supported by the terminal device, a first integrity protection algorithm corresponding to the algorithm capability is selected.
The communication device according to claim 66 or 67, wherein the processing module is specifically used for:

Using the first integrity protection algorithm, according to the key Key RRCint , bearer ID, data transmission direction direction, count COUNT value, target cell ID, source cell ID, temporary identifier C-RNTI and increase variable, calculate the message integrity verification code;

Perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.
The communication device according to claim 66, wherein the network device does not support the first integrity protection algorithm; the selection module is specifically used for:

Select the second integrity protection algorithm as the target integrity protection algorithm; wherein, the input parameters of the second integrity protection algorithm include key Key RRCint , bearer ID, data transmission direction direction, count COUNT value, target Cell ID, source cell ID and temporary identifier C-RNTI.
The communication device according to claim 69, wherein the processing module is specifically used for:

Using the second integrity protection algorithm , calculate Message integrity verification code;

Perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.
The communication device according to claim 64, wherein the second computing capability indication information is used to notify the network device that the terminal device does not support the first integrity protection algorithm; the determining module is specifically used to :

It is determined that the algorithm capability supported by the terminal device is not supporting the first integrity protection algorithm.
The communication device according to claim 71, wherein the network device supports the first integrity protection algorithm or does not support the first integrity protection algorithm; the selection module is specifically used for:

According to the algorithm capability supported by the terminal device, a second integrity protection algorithm corresponding to the algorithm capability is selected.
The communication device according to claim 72, wherein the processing module is specifically used for:

Using the second integrity protection algorithm , calculate Message integrity verification code;

Perform integrity protection verification on the RRC connection recovery request message according to the calculated message integrity verification code.
The communication device according to any one of claims 62 to 73, wherein the increased variable includes at least any one of the following A) to F):

A) the recovery identification resumeIdentity, resumeCause and spare spare fields in the RRC connection recovery request message;

B) the permutation and combination of resume identification resumeIdentity, resume cause resumeCause and spare spare field in the RRC connection resume request message;

C) the RRC connection recovery request message, wherein the field used to represent the message integrity verification code resumeMAC-I in the RRC connection recovery request message as the added variable is set to a special bit;

D) the RRC connection recovery request message and the bits used to indicate the RRC connection recovery request;

E) the RRC connection recovery request message, wherein the field used to represent the message integrity verification code resumeMAC-I is deleted from the RRC connection recovery request message as the added variable;

F) the RRC connection recovery request message and the bits used to indicate the RRC connection recovery request, wherein, the RRC connection recovery request message used as the added variable is deleted for indicating the message integrity verification code resumeMAC-I field.
The communication device according to any one of claims 61 to 74, further comprising:

A transceiver module, configured to send first computing capability indication information to the terminal device according to the algorithm capability supported by the network device, wherein the first computing capability indication information is used to notify the terminal device, whether the network device supports the first integrity protection algorithm.
The communication device according to claim 75, wherein the transceiver module is specifically used for:

In response to the algorithm capability supported by the network device supporting the first integrity protection algorithm, sending capability indication information supporting the first integrity protection algorithm to the terminal device.
The communication device according to claim 75 or 76, wherein the transceiver module is specifically used for:

In response to the algorithm capability supported by the network device not supporting the first integrity protection algorithm, sending capability indication information not supporting the first integrity protection algorithm to the terminal device.
The communication device according to any one of claims 75 to 77, wherein the transceiver module is specifically used for:

In response to the algorithm capability supported by the network device not supporting the first integrity protection algorithm, no capability indication information about whether the first integrity protection algorithm is supported is not sent.
The communication device according to claim 75, characterized in that, the manner in which the transceiver module sends capability indication information to the terminal includes at least any of the following:

Send by RRC release message;

Broadcast via system messages.
The communication device according to claim 75, wherein:

The transceiver module is further configured to use the message integrity verification code calculated by using the first integrity protection algorithm when the terminal resides in the anchor cell where the network device is located, and a cell reconfiguration occurs when the terminal is in an inactive state Optionally, in response to the terminal device recovering the RRC connection in the non-anchor cell, receiving a request message for extracting the terminal device context sent by the new network device in the non-anchor cell; wherein the extracting the terminal device context The request message includes input parameters required by the first integrity protection algorithm;

The processing module is further configured to use the first integrity protection algorithm and its required input parameters to perform integrity protection verification on the recovery of the RRC connection.
A communication device, characterized in that the device includes a processor and a memory, and a computer program is stored in the memory, and the processor executes the computer program stored in the memory, so that the device performs the The method described in any one of 1 to 20.
A communication device, characterized in that the device includes a processor and a memory, and a computer program is stored in the memory, and the processor executes the computer program stored in the memory, so that the device performs the The method described in any one of 21-40.
A computer-readable storage medium is used for storing instructions, and when the instructions are executed, the method according to any one of claims 1-20 is realized.
A computer-readable storage medium for storing instructions, which, when executed, cause the method according to any one of claims 21-40 to be implemented.