CN101222319B - A key distribution method and system in a mobile communication system - Google Patents
A key distribution method and system in a mobile communication system Download PDFInfo
- Publication number
- CN101222319B CN101222319B CN200710072932A CN200710072932A CN101222319B CN 101222319 B CN101222319 B CN 101222319B CN 200710072932 A CN200710072932 A CN 200710072932A CN 200710072932 A CN200710072932 A CN 200710072932A CN 101222319 B CN101222319 B CN 101222319B
- Authority
- CN
- China
- Prior art keywords
- key
- server
- vaaa
- random number
- haaa
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
本发明提出了一种移动通信系统中密钥分发方法,包括:归属网络认证、授权、计费AAA服务器生成第一密钥,将该第一密钥发送给拜访网络认证、授权、计费VAAA服务器;移动节点MN与家乡代理HA进行交互,HA请求所述VAAA服务器认证并下发第二密钥;所述VAAA服务器进行认证,将第二密钥下发给HA,HA获取第二密钥后与MN建立安全机制。本发明还提出了一种移动通信系统。根据本发明,减少了MIPv6服务授权所需要的时间。当使用IPSec SA对BU/BA消息进行保护的情况下,不仅可以减少MN访问归属网络的时间,还不需要在密钥分发过程中进行多次的EAP过程进行服务授权,节省了有限的无线网络的空中接口资源。
The present invention proposes a key distribution method in a mobile communication system, including: the home network authentication, authorization, and accounting AAA server generates a first key, and sends the first key to the visited network authentication, authorization, and accounting VAAA server; the mobile node MN interacts with the home agent HA, and the HA requests the VAAA server to authenticate and issue a second key; the VAAA server performs authentication and issues the second key to the HA, and the HA obtains the second key Then establish a security mechanism with the MN. The invention also proposes a mobile communication system. According to the present invention, the time required for MIPv6 service authorization is reduced. When IPSec SA is used to protect BU/BA messages, it can not only reduce the time for the MN to visit the home network, but also does not need to perform multiple EAP processes for service authorization during the key distribution process, saving limited wireless network resources. air interface resources.
Description
Technical field
The present invention relates to moving communicating field, relate in particular to key distribution technology in a kind of mobile communication system.
Background technology
Mobile IP (Mobile Internet Protocol, MIP) be the solution that locomotive function is provided on IP network, the original intention of this design of protocol is the mobility that main frame is provided in network layer, makes main frame moving for upper-layer protocol on IP network keep transparent.MIP is by third generation communication (3
RdGeneration, 3G) the standard technique framework is adopted, and along with the deployment of 3G network has obtained popularization.
(Internbet Protocol Version 4, IPv4) (Internet Protocol Version 6, IPv6), huge development self has taken place in the MIP technology, has solved problems to Internet protocol the 6th edition from Internet protocol the 4th edition.The new features that the IPv6 agreement possesses with respect to IPv4 as " address disposes automatically ", " neighbours' discovery " etc., provide better support for main frame moves.
In MIPv6, (Mobile Node is MN) by home address (Home Address, HoA) only sign and be the upper-layer protocol finding for mobile node.When MN moves to external network, its can be externally network obtain a Care-of Address (Care-of Address, CoA), the CoA of this MN and the mapping relations of HoA be called one " binding ".MN is notified to the home agent that is positioned at home network to the CoA of oneself, and (Home Agent, process HA) is called binding registration.Behind the binding registration, and the opposite end communication node (Correspondent Node, CN) data that mail to MN at first are routed to HA, and HA sends packet to MN indirectly according to the binding relationship of MN subsequently.MIPv6 also allows MN that binding information is sent to CN, realizes the direct transmission of MN and CN data, and need not through HA.
The groundwork flow process of MIPv6 is at the network of perfect condition, does not consider the problem of secure context.In the real network, because ambulant introducing will inevitably make the new safety problem of network faces, this threat comprises that Denial of Service attack, Replay Attack and information steals attack etc.Necessary in actual applications these potential safety hazards of careful attention of MIPv6 avoid level of security to descend as far as possible.In addition, the MIPv6 agreement when having realized the triangle routing optimality, has also been introduced new security threat by the signaling mechanism between definition MN, HA and the CN.
At present; protect for the signaling information between MN and the HA; can be undertaken by the shared key that presets; MN sends Binding Update (Binding Update to HA; BU) during message; by MN and home network authentication; authorize; accounting server (Home Authentication Authorization AccountingServer; the HAAA server) the shared key between carries out integrity protection to BU message; HA receives after the BU message integrality by this shared key authentication BU message that presets; return binding acknowledgement (Binding Acknowledge after being proved to be successful again; BA) message, and BA message is carried out integrity protection by this shared key.With reference to Fig. 1,3rd Generation Partnership Project two (3rdGeneration Partnership Project 2,3GPP2) in, the detailed process of cryptographic key distribution method that HA is arranged in home network is as follows:
After step 101:MN finished access authentication procedure, MN obtained CoA, HoA and HA address, sent BU message to HA, carried random number N once in this BU message.。Use the preset shared key MN-HAAA-Key between MN and the HAAA server that whole piece BU message is carried out integrity protection, the integrity protection data be placed on MN-AAA server authentication option (MN-HAAA-AuthenticationOption, MN-HAAA-AO) in.
Wherein, described Nonce is used to generate shared key (MN-HA-Key) between MN and the HA, is used for the anti-time tag (timestamp) of protection of replaying.
After step 102:HA receives BU message, it is transmitted to the authentication of HAAA server requests.This BU message has also been carried mobility data (Mobility Data) and Nonce.
Described mobility data are the data of some data after connecting, the data of connecting comprise CoA, HoA and first slip-on head Security Parameter Index (SecurityParameter Index in the MN-HAAA-AO, SPI) data between the territory, described mobility data are used to verify MN-HAAA-AO.
Step 104:AAA server uses the correctness of MN-HAAA-Key checking MN-HAAA-AO, and generates MN-HA-Key according to random number N once, sends to HA then and inserts response message, comprises authentication success sign and MN-HA-Key in this access response message.
Step 105:HA obtains to send BA message to MN after the MN-HA-Key, and described BA message is carried Nonce, uses MN-HA-Key that entire message is carried out integrity protection simultaneously, and binding is finished.
In the technical program, MN finishes after the access authentication, and HA also needs to visit the process that home network just can be finished key distribution, and this needs the long time just to finish authorization of service.
When HA is positioned at visited network, can also expand for the BU/BA message between MN and the HA that (Internet Protocol Security extensions, IPSec) (SecurityAssociation SA) protects Security Association with internet protocol secure.IPSec is an industry standard network security protocol, and for IP network communication provides transparent security service, protection communication exempts from eavesdropping and distorts; can effectively resist network attack; keep ease for use simultaneously, for the IP bag provides privacy, data integrity and data source authentication.These are served by the transmitting terminal of safeguarding the IP bag and the shared state between the receiving terminal and provide, and in mobile communication, need a kind of agreement that can dynamically create this shared state.(Internet KeyExchange, IKE) agreement can meet such requirement to the Internet Key Exchange.
Because the wildcard between MN and the HA does not exist, therefore must by based on the Extensible Authentication Protocol of IKE (Extensible Authentication Protocol, EAP) process of IKE-EAP authenticates, with reference to Fig. 2, this technical method is as follows:
After step 201:MN finished access authentication procedure, MN and HA carried out the Security Association initial exchange.
In setting up the Security Association process, need at first to carry out the Security Association initial exchange, and can only carry out once, can set up the IKE Security Association after the Security Association initial exchange is finished,
Step 202:MN sends the Security Association authentication request message to HA, contain in the Security Association authentication request message and be useful on the promoter and state the identity information of oneself, this information is specially IDi load, can carry out authentication and can set up IPsec SA by the Security Association authenticated exchange.
After step 203:HA receives the Security Association authentication request message, initiate the IKE-EAP process and authenticate MN, HA is to aaa server request authentication MN, and obtains MN-HA-Key, and described MN-HA-Key is the MN that sets in advance and the shared key between the HA.
After the step 204:HA authentication MN success, send IKE_AUTH and receive the response, promptly finish the foundation of IPSec SA to MN.
Step 205: after finishing the foundation of IPSec SA, MN sends BU message to HA, utilizes IPSecSA that message is carried out encipherment protection.
Step 206:HA returns BA message to MN, utilizes IPSec SA that message is carried out encipherment protection.
In said method, HA is arranged in visited network, and losing time alternately between the HAAA server, needs repeatedly to carry out the EAP process and lose time and air interface resource in the key distribution process.
From two kinds of solutions of above-mentioned prior art,, cause and lose time in the authorization of service process and the problem of air interface resource though can guarantee safety between MN and the HA.
Summary of the invention
The present invention proposes cryptographic key distribution method and system in a kind of mobile communication system, solved the problem of in the process of authorization of service, losing time with air interface resource.
For realizing above goal of the invention, embodiments of the invention have proposed cryptographic key distribution method in a kind of mobile communication system, and concrete grammar is as follows:
Home network authentication, (HAAA) server of authorizing, charge generate first key, this first key is sent to visited network authentication, mandate, (VAAA) server that charges, and wherein said first key is the key MN-HA-Key between mobile node (MN) and the home agent (HA);
This MN sends Binding Update (BU) message to this home agent HA, and this HA asks this VAAA server authentication and issues second key, and wherein said second key is MN-HA-Key;
Described VAAA server authenticates, and gives HA with this second delivering key, and HA sets up security mechanism with MN after obtaining second key.
The embodiment of the invention also provides cryptographic key distribution method in the another kind of mobile communication system, and this method comprises:
The HAAA server generates first key, and described first key is sent to the VAAA server, and wherein said first key is the key MN-VAAA-Key between MN and the VAAA server;
This MN sends BU message to HA, wherein, comprises the random number that described MN produces in the described BU message;
Described HA asks described VAAA server authentication and issues second key, and the random number of described MN generation is sent to described VAAA server, and wherein said second key is the key MN-HA-Key between described MN and the described HA;
Described VAAA server generates described second key according to the random number that described MN produces, and finishes authentication, and described second key is sent to described HA;
Described HA sets up security mechanism with described MN after obtaining described second key.
Cryptographic key distribution method in another mobile communication system that the embodiment of the invention provides, this method comprises:
The HAAA server generates first key, and described first key is sent to visited network authentication, mandate, charging VAAA server, and wherein said first key is the key MN-VAAA-Key between MN and the VAAA server;
Described MN produces random number, and described MN and home agent HA are carried out the Security Association initial exchange;
Described HA asks described VAAA server to authenticate and issue second key, and the random number of described MN generation is sent to described VAAA server, and wherein said second key is the key MN-HA-Key between described MN and the described HA;
Described VAAA server generates described second key according to the random number that described MN produces, and finishes authentication and described second key is sent to described HA, and described HA sets up security mechanism with described MN after obtaining described second key.
Cryptographic key distribution method in another mobile communication system that the embodiment of the invention provides, this method comprises:
The HAAA server generates first key, and described first key is sent to the VAAA server, and wherein said first key is the key MN-VAAA-Key between MN and the described VAAA server;
Described MN and home agent HA are carried out alternately, and described HA asks described VAAA server authentication and issues second key, and wherein said second key is MN-HA-Key, and described second key generates according to the random number that described VAAA server produces;
Described VAAA server authenticates, and gives described HA with described second delivering key, and described HA sets up security mechanism with described MN after obtaining described second key.
According to above inventive method, embodiments of the invention also provide a kind of mobile communication system, comprise MN, HA, VAAA server and HAAA server,
Described HAAA server generates key, and this key is sent to the VAAA server;
Described VAAA server receives the key that described HAAA server sends, and stores; And the authentication request that described HA is sent authenticates, authentication by after issue key;
Described HA asks described VAAA server authentication, and request issues the shared key between MN and the HA; After receiving the key that the VAAA server issues, set up security mechanism with MN.
The technical scheme that provides according to embodiments of the invention, when HA is positioned at visited network, MN does not need to visit visited network can finish key distribution between MN and the HA, finish the authorization of service of MIPv6, reduce the needed time of MIPv6 authorization of service, saved the air interface resource of limited wireless network.
Description of drawings
Cryptographic key distribution method schematic diagram when Fig. 1 is positioned at visited network for HA in the prior art;
IKE wildcard distribution method schematic diagram when Fig. 2 is positioned at visited network for HA in the prior art;
Fig. 3 is the schematic flow sheet of first embodiment of cryptographic key distribution method in a kind of mobile communication system of the present invention;
Fig. 4 is the schematic flow sheet of second embodiment of cryptographic key distribution method in a kind of mobile communication system of the present invention;
Fig. 5 is the schematic flow sheet of the 3rd embodiment of cryptographic key distribution method in a kind of mobile communication system of the present invention;
Fig. 6 is the schematic flow sheet of the 4th embodiment of cryptographic key distribution method in a kind of mobile communication system of the present invention;
Fig. 7 is the schematic flow sheet of the 5th embodiment of cryptographic key distribution method in a kind of mobile communication system of the present invention;
Fig. 8 is the schematic flow sheet of the 6th embodiment of cryptographic key distribution method in a kind of mobile communication system of the present invention;
Fig. 9 is the schematic flow sheet of the 7th embodiment of cryptographic key distribution method in a kind of mobile communication system of the present invention.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, the specific embodiment of the present invention is described in further detail below in conjunction with accompanying drawing.
With reference to Fig. 3, introduce the first embodiment of the present invention, the cryptographic key distribution method in a kind of mobile communication system has been proposed, when this method is applied to HA and is positioned at visited network.In the present embodiment, the shared key MN-HA-Key between MN and the HA is produced when the MN access authentication by the HAAA server, and the concrete grammar step is as follows:
Step 301:MN sends the access authentication request message to aaa server.
Step 302:AAA server authenticates MN, when authentication success, the HAAA server produces random number N once, and generates MN-HA-Key1 according to Nonce, the HAAA server sends authentication to the VAAA server again and finishes message, comprises Nonce and MN-HA-Key1 in this message.
Step 303:VAAA server receives after authentication finishes message, extracts MN-HA-Key1 and Nonce, and store M N-HA-Key1, sends authentication to MN and finishes message, comprises Nonce in this message.
Step 304:MN sends BU message to HA; this BU message uses MN-HA-Key2 to carry out integrity protection; this MN-HA-Key2 is that MN generates according to Nonce; the integrity protection data are placed on MN-HA-AO (MN-HA Authentication Option; the MN-HA authentication option) in; the content of MN-HA-Key1 and MN-HA-Key2 is identical, but the main body difference that generates.
After step 305:HA receives BU message, send the access request message, and request VAAA server issues the shared key between MN and the HA to the VAAA server; Comprise content relevant with authentication in the BU message in this access request message, the content that authentication is relevant comprises mobility data and MN-HA-AO.
After step 306:VAAA server receives and inserts request message, MN-HA-Key1 according to storage authenticates MN-HA-AO, behind the authentication success, return the access response message, comprise the MN-HA-Key1 that authentication success identified and sent to HA in this access response message to HA.
Step 307:HA obtains after the MN-HA-Key1, sends BA message to MN, and Nonce is included in the BA message, uses MN-HA-Key1 that entire message is carried out integrity protection simultaneously, and the integrity protection data are placed among the MN-HA-AO.
So far, finish binding between MN and the HA, and finished the distribution of key, make HA under the situation of visited network, can under the situation of not visiting home network, finish the MIPv6 authorization of service, reduced the needed time of MIP authorization of service.
In actual applications; can increase key hierarchy strengthens the safeguard protection between MN and the HA; with reference to Fig. 4, introduce the second embodiment of the present invention, a kind of cryptographic key distribution method has been proposed; with respect to first embodiment; in the key distribution process, set up the shared key MN-VAAA-Key between MN and the VAAA server earlier, and then set up MN-HA-Key; strengthen for protection safe between MN and the HA by increasing a key hierarchy, its concrete grammar is as follows:
Step 401:MN sends the access authentication request to HAAA.
Step 402:HAAA server authenticates MN, when authentication success, the HAAA server produces random number N once1, and according to the shared key MN-VAAA-Key1 between Nonce1 generation MN and the VAAA server, send authentication to the VAAA server and finish message, include Nonce1 and MN-VAAA-Key1 in this message.
Step 403:VAAA server receives after authentication finishes message, extracts MN-VAAA-Key1 and Nonce1, and store M N-VAAA-Key1, sends authentication to MN and finishes message, and this authentication is finished and included Nonce1 in the message.
Step 404:MN receive the authentication finish message after, generate MN-VAAA-Key2 according to Nonce1, send BU message to HA, use MN-VAAA-Key2 to carry out integrity protection to BU message simultaneously, the integrity protection data are placed on MN-VAAA-AO (MN-VAAA-Authentication Option, the MN-VAAA authentication option) in, also comprises the random number N once2 that MN oneself produces in this BU message; Described MN-VAAA-Key2 is identical with the content of MN-VAAA-Key1, but the main body difference that generates.
After step 405:HA receives BU message, send in the access request message to the VAAA server, and issue shared key between MN and the HA to the VAAA server requests, comprise the relevant content of authentication in the BU message in this access request message, the content that authentication is relevant comprises mobility data, MN-VAAA-AO and Nonce2.
After step 406:VAAA server receives and inserts request message, MN-VAAA-Key1 according to storage authenticates MN-VAAA-AO, and according to Nonce2 generation MN-HA-Key, after authentication is passed through, the VAAA server sends to HA and inserts response message, comprises authentication success sign and MN-HA-Key in this access response message.
Step 407:HA obtains to return BA message to MN after the MN-HA-Key, also comprises Nonce2 in the BA message, uses MN-HA-Key that entire message is carried out integrity protection simultaneously, and the integrity protection data are placed among the MN-HA-AO.
So far, set up security mechanism between MN and the HA, strengthened safeguard protection between them by a key hierarchy that increases.
With reference to Fig. 5; introduce the 3rd embodiment of cryptographic key distribution method in a kind of mobile communication system; be applicable to that BU message between MN and the HA and BA message will be with the situations of IPSec SA protection; when HA is positioned at visited network; utilizing increases key hierarchy distributed key between MN and HA, and its method and step are as follows:
Step 501 step 401 to step 503 and second embodiment is identical to step 403.
After step 504:MN received and authenticates the message of finishing, MN generated MN-VAAA-Key2 according to Nonce1, generated MN-HA-Key1 according to MN-VAAA-Key2 and Nonce2 again, and Nonce2 is produced by MN oneself; MN and HA carry out the Security Association initial exchange.
The process of Security Association initial exchange is: MN sends the IKE_SA_INIT request message to HA, in the Vendor of IKE_SA_INIT request message ID load, carry Nonce2, HA is after receiving the IKE_SA_INIT request message, sending IKE_SA_INIT to MN receives the response, can carry Nonce2 in the Vendor ID load of this message, make MN confirm that HA receives Nonce2.
Step 505:MN sends the IKE_AUTH request message to HA, and the IKE_AUTH request message includes AUTH load, uses MN-HA-Key1 that AUTH load is protected.
AUTH load is used for allowing HA verify the integrality of current message content.
After step 506:HA receives the IKE_AUTH message of MN transmission, send the access request message to the VAAA server, request VAAA server issues the shared key between MN and the HA, inserts in the request message to comprise Nonce2.
After step 507:VAAA server authenticated, MN-VAAA-Key1 and Nonce2 generation MN-HA-Key2 according to storage sent the access response message to HA, also include MN-HA-Key2 in this access response message; MN-HA-Key2 is identical with the MN-HA-Key1 content, but the main body difference that generates.
Step 508:HA sends IKE_AUTH to MN and receives the response, and AUTH load used MN-HA-Key2 to calculate during IKE_AUTH was receiveed the response, and then finished the foundation of IPSec SA between MN and the HA.
Step 509:MN sends to HA and uses IPSec SA encipherment protection BU message.
Step 510:HA sends to MN and uses IPSec SA encipherment protection BA message.
The foundation of IPSec SA when so far finishing HA between MN and the HA and being positioned at visited network; and a key hierarchy that increases is strengthened the safeguard protection between MN and the HA; under the situation of using IPSec SA that BU and BA message are protected; the present invention not only can reduce the time of MN visit home network; also do not need repeatedly to carry out the EAP process and carry out authorization of service, saved air interface resource.
Among the above embodiment, the random number that the HAAA server is used to generate key is produced by HAAA server self, with reference to Fig. 6, introduce the fourth embodiment of the present invention, propose the cryptographic key distribution method in a kind of mobile communication system, in the present embodiment, the random number that the HAAA server is used to generate key is produced by MN, and in the process of access authentication, send to the HAAA server, its concrete grammar and step are as follows:
Step 601:MN sends authentication to the HAAA server and inserts request message, and this authentication inserts request message and also comprises the random number N once that MN produces.
Step 602:HAAA server authenticates MN, after authentication is passed through, generates key MN-HA-Key1 according to Nonce, sends authentication to the VAAA server and finishes message, and this authentication is finished and also included this Nonce and MN-HA-Key1 in the message.
Step 603 is identical to step 307 with step 303 among first embodiment to step 607, does not repeat them here.
So far, finished HA key distribution between HA and the MN when the visited network.The random number that the HAAA server produces according to MN generates the method for key, and is suitable equally for increasing key hierarchy and utilizing IPSecSA to carry out in the method for key distribution.
In the embodiment of the inventive method; in the method that utilization increase key hierarchy is protected; the random number that is used to generate second layer key can be produced by MN; also can produce,, introduce the fifth embodiment of the present invention with reference to Fig. 7 by VAAA server oneself; cryptographic key distribution method in a kind of mobile communication system is proposed; in the present embodiment, the random number that is used to generate second layer key is by the generation of VAAA server, and its method and step are as follows:
Step 701 is identical to step 403 with step 401 among second embodiment to step 703.
Step 704:MN generates MN-VAAA-Key2 according to the Nonce1 that receives, and sends BU message to HA, uses MN-VAAA-Key2 to carry out integrity protection to BU message simultaneously, and the integrity protection data are placed among the MN-VAAA-AO; MN-VAAA-Key2 is identical with the MN-VAAA-Key1 content, but the main body difference that generates.
After step 705:HA receives BU message, send and insert request message, and request VAAA server issues the shared key between MN and the HA to the VAAA server; Include the relevant content of authentication in the BU message in this access request message, the content that authentication is relevant comprises mobility data and MN-VAAA-AO.
Step 706:VAAA server authenticates MN-VAAA-AO according to the MN-VAAA-Key1 that stores after receiving and inserting request message, and the VAAA server produces random number N once2 simultaneously, and generates MN-HA-Key1 according to Nonce2; The VAAA server sends to HA and inserts response message, comprises authentication success sign, Nonce2 and MN-HA-Key1 in this access response message.
After step 707:HA receives and inserts response message, send BA message, include Nonce2 in the BA message, use MN-HA-Key1 that entire message is carried out integrity protection simultaneously to MN; After MN receives Nonce2, generate MN-HA-Key2 according to Nonce2, and the message that sends to HA is carried out integrity protection, the integrity protection data are placed among the MN-HA-AO.
So far, set up security mechanism between MN and the HA, strengthened safeguard protection between them by a key hierarchy that increases.In the present embodiment, utilize VAAA server self to produce random number and generate the method for the key of next level, can be suitable for equally in the situation that BU between MN and HA and BA message need be protected with IPSec SA.
Among the above embodiment, described VAAA server all is that random number is directly sent to MN, with reference to Fig. 8, introduce the sixth embodiment of the present invention, proposed the cryptographic key distribution method in a kind of mobile communication system, in the present embodiment, the VAAA server can pass through DHCP (Dynamic HostConfiguration Protocol, DHCP) mode sends to MN with random number, and concrete grammar and step are as follows:
Step 801:MN sends the access authentication request message to the HAAA server.
Step 802:HAAA server authenticates MN, when authentication success, the HAAA server produces a random number N once, and generates MN-HA-Key1 according to Nonce, send authentication to the VAAA server and finish message, this authentication is finished and is included Nonce and MN-HA-Key1 in the message.
Step 803:VAAA server receive the authentication finish message after, extract MN-HA-Key and Nonce, store M N-HA-Key, and to network access server (Network Access Server, NAS) send authentication and finish message, this authentication is finished and is comprised Nonce in the message.
Step 804:NAS finishes message with authentication and sends to MN.
Step 805:MN sends the DHCP configuration request message to the DHCP relay unit after receiving that message is finished in authentication.
After step 806:DHCP TU Trunk Unit receives above-mentioned configuration request message,, include Nonce in this message to Dynamic Host Configuration Protocol server being transmitted this message.
After step 807:DHCP server receives dhcp message, send configuration messages, include Nonce and configuration information in this configuration messages to the DHCP relay unit.
After step 808:DHCP TU Trunk Unit receives configuration messages, send it to MN.
After step 809:MN receives configuration messages, generate MN-HA-Key2 according to Nonce, send BU message to HA, and use MN-HA-Key2 to carry out integrity protection to entire message, the integrity protection data are placed among the MN-HA-AO.
After step 810:HA receives BU message, send the access request message to the VAAA server, and issue shared key between MN and the HA to the VAAA server requests, include content relevant with authentication in the BU message in this access request message, the content that authentication is relevant comprises mobility data and MN-HA-AO.
Step 811:VAAA server authenticates MN-HA-AO according to the MN-HA-Key1 of storage, and sends the access response message to HA, comprises authentication success sign, Nonce and MN-HA-Key1 in this access response message.
Step 812:HA sends BA message to MN after receiving and inserting response message, includes Nonce in this BA message, uses MN-HA-Key1 that entire message is carried out integrity protection simultaneously, and the integrity protection data are placed among the MN-HA-AO.
So far, finish binding between MN and the HA, and finished the distribution of key, set up security mechanism.In the present embodiment, it is all applicable for all embodiment of the present invention to utilize the DHCP mode random number to be sent to the method for MN.
With reference to Fig. 9, introduce the 7th embodiment of the cryptographic key distribution method in a kind of mobile communication system of the present invention, because in the system of reality, under the situation that increases key hierarchy, fail safe is guaranteed, therefore aaa server can not need to produce random number when generating key, and the method and the step of present embodiment are as follows:
Step 901:MN sends the access authentication request to the HAAA server.
Step 902:HAAA server MN authenticates, and when authentication success, generates the shared key MN-VAAA-Key1 between MN and the VAAA server, sends authentication to the VAAA server and finishes message, includes MN-VAAA-Key1 in this message.
Step 903:VAAA server receives after authentication finishes message, store M N-VAAA-Key1, and message is finished in authentication sent to MN.
Step 904:MN receives after authentication finishes message, sends BU message to HA, generates MN-VAAA-Key2 simultaneously, and entire message is carried out integrity protection, and the integrity protection data are placed among the MN-VAAA-AO; Include the random number N once that MN produces in this BU message.
After step 905:HA receives BU message, send the access authentication request message, and issue shared key between MN and the HA to the VAAA server requests to the VAAA server; Include content relevant with authentication in the BU message in this access authentication request message, the content that authentication is relevant comprises mobility data, MN-VAAA-AO and Nonce.
After step 906:VAAA server receives the access authentication request message, MN-VAAA-Key1 according to storage authenticates the MN-VAAA-AO that HA transmits, generate MN-HA-Key according to Nonce simultaneously, the VAAA server returns the access response message, wherein comprises the MN-HA-Key that authentication success identified and sent to HA.
After step 907:HA receives and inserts response message, send BA message to MN, include Nonce in this BA message, use MN-HA-Key that entire message is carried out integrity protection simultaneously, the integrity protection data are placed among the MN-HA-AO.
So far, set up security mechanism between MN and the HA, strengthened safeguard protection between them by a key hierarchy that increases.
The method and system that provides according to embodiments of the invention, when HA is positioned at visited network, MN does not need to visit visited network can finish key distribution between MN and the HA, reduces the needed time of authorization of service, the air interface resource of having saved the limited wireless network; The key hierarchy that utilization increases can also be strengthened the protection for authorization of service safety.
Though pass through with reference to some of the preferred embodiment of the invention, the present invention is illustrated and describes, but those of ordinary skill in the art should be understood that and can do various changes to it in the form and details, and without departing from the spirit and scope of the present invention.
Claims (17)
1. cryptographic key distribution method in the mobile communication system is characterized in that described method comprises:
Home network authentication, mandate, charging HAAA server generate first key, described first key is sent to visited network authentication, mandate, charging VAAA server, and wherein said first key is the key MN-HA-Key between mobile node MN and the home agent HA;
Described MN sends Binding Update BU message to described HA, and described HA asks described VAAA server authentication and issues second key, and wherein said second key is MN-HA-Key;
Described VAAA server authenticates, and gives described HA with described second delivering key, and described HA sets up security mechanism with described MN after obtaining described second key.
2. method according to claim 1 is characterized in that, described HAAA server generates first key and is: described HAAA server generates described first key according to the random number of described HAAA server or described MN generation; And
Described method further comprises: described HAAA server sends to described VAAA server with the random number of described HAAA server or described MN generation;
Described first key of described VAAA server stores;
Described VAAA server sends to described MN to the random number of described HAAA server or described MN generation.
3. method according to claim 2 is characterized in that, described VAAA server sends to described MN to the random number of described HAAA server or described MN generation, comprising:
Described VAAA server sends to network access server NAS to the random number of described HAAA server or described MN generation, described NAS is in carrying out the dynamic host configuration protocol DHCP process, and the random number that described HAAA server or described MN are produced sends to the MN that goes back.
4. cryptographic key distribution method in the mobile communication system is characterized in that described method comprises:
Home network authentication, mandate, charging HAAA server generate first key, described first key is sent to visited network authentication, mandate, charging VAAA server, and wherein said first key is the key MN-VAAA-Key between mobile node MN and the VAAA server;
Described MN sends Binding Update BU message to home agent HA, wherein, comprises the random number that described MN produces in the described BU message;
Described HA asks described VAAA server authentication and issues second key, and the random number of described MN generation is sent to described VAAA server, and wherein said second key is the key MN-HA-Key between described MN and the described HA;
Described VAAA server generates described second key according to the random number that described MN produces, and finishes authentication, and described second key is sent to described HA;
Described HA sets up security mechanism with described MN after obtaining described second key.
5. method according to claim 4 is characterized in that, described HAAA server generates first key and is: described HAAA server generates described first key according to the random number of described HAAA server or described MN generation; And
Described method further comprises: described HAAA server sends to described VAAA server with the random number of described HAAA server or described MN generation;
Described first key of described VAAA server stores;
Described VAAA server sends to described MN to the random number of described HAAA server or described MN generation.
6. method according to claim 5 is characterized in that, described VAAA server sends to described MN to the random number of described HAAA server or described MN generation, comprising:
Described VAAA server sends to network access server NAS to the random number of described HAAA server or described MN generation, described NAS is in carrying out the dynamic host configuration protocol DHCP process, and the random number that described HAAA server or described MN are produced sends to described MN.
7. cryptographic key distribution method in the mobile communication system is characterized in that described method comprises:
Home network authentication, mandate, charging HAAA server generate first key, described first key is sent to visited network authentication, mandate, charging VAAA server, and wherein said first key is the key MN-VAAA-Key between mobile node MN and the VAAA server;
Described MN produces random number, and described MN and described HA carry out the Security Association initial exchange;
Described HA asks described VAAA server to authenticate and issue second key, and the random number of described MN generation is sent to described VAAA server, and wherein said second key is the key MN-HA-Key between described MN and the described HA;
Described VAAA server generates described second key according to the random number that described MN produces, and finishes authentication and described second key is sent to described HA, and described HA sets up security mechanism with described MN after obtaining described second key.
8. method according to claim 7 is characterized in that, described method comprises: described HAAA server generates first key and is: described HAAA server generates described first key according to the random number of described HAAA server or described MN generation; And
Described method further comprises: described HAAA server sends to described VAAA server with the random number of described HAAA server or described MN generation;
Described first key of described VAAA server stores;
Described VAAA server sends to described MN to the random number of described HAAA server or described MN generation.
9. method according to claim 8 is characterized in that, described VAAA server sends to described MN to the random number of described HAAA server or described MN generation, comprising:
Described VAAA server sends to network access server NAS to the random number of described HAAA server or described MN generation, described NAS is in carrying out the dynamic host configuration protocol DHCP process, and the random number that described HAAA server or described MN are produced sends to described MN.
10. cryptographic key distribution method in the mobile communication system is characterized in that described method comprises:
Home network authentication, mandate, charging HAAA server generate first key, described first key is sent to visited network authentication, mandate, charging VAAA server, and wherein said first key is the key MN-VAAA-Key between mobile node MN and the described VAAA server;
Described MN and home agent HA are carried out alternately, and described HA asks described VAAA server authentication and issues second key, and wherein said second key is MN-HA-Key, and described second key generates according to the random number that described VAAA server produces;
Described VAAA server authenticates, and gives described HA with described second delivering key, and described HA sets up security mechanism with described MN after obtaining described second key.
11. method according to claim 10 is characterized in that, described MN and home agent HA carry out comprising alternately:
Described MN sends Binding Update BU message to HA;
Described VAAA server authenticates, and gives described HA with described second delivering key, comprising:
Described VAAA server authenticates, and produces random number;
Described VAAA server generates described second key according to described random number;
Described VAAA server sends to described HA and inserts response message, and described second key is carried in the described access response message is sent to described HA.
12. method according to claim 10 is characterized in that, described HAAA server generates first key and is:
Described HAAA server generates described first key according to the random number of described HAAA server or described MN generation; And
Described method further comprises: described HAAA server sends to described VAAA server with the random number of described HAAA server or described MN generation;
Described first key of described VAAA server stores;
Described VAAA server sends to described MN to the random number of described HAAA server or MN generation.
13. method according to claim 10 is characterized in that, the method that the random number that described VAAA server produces described HAAA server or described MN sends to described MN further comprises:
Described VAAA server sends to network access server NAS to the random number of described HAAA server or described MN generation, described NAS is in carrying out the dynamic host configuration protocol DHCP process, and the random number that described HAAA server or MN are produced sends to described MN.
14. a mobile communication system comprises mobile node MN, home agent HA, visited network authentication, mandate, charging VAAA server and home network authentication, mandate, charging HAAA server, it is characterized in that,
Described HAAA server generates key, and this key is sent to the VAAA server;
Described VAAA server receives the key that described HAAA server sends, and stores; And the authentication request that described HA is sent authenticates, authentication by after issue key;
Described HA asks described VAAA server authentication, and request issues the shared key between MN and the HA; After receiving the key that the VAAA server issues, set up security mechanism with MN.
15. system according to claim 14 is characterized in that,
Described HAAA server also produces random number, and described random number is sent to the VAAA server;
Described VAAA server also is used to receive the random number that the HAAA server sends, and this random number is sent to MN.
16. system according to claim 14 is characterized in that,
Described MN also is used to produce random number, and this random number is sent to the HAAA server;
Described HAAA server is used for the random number generation key that described MN produces, and the random number that described MN is produced sends to the VAAA server.
17., it is characterized in that this system also comprises network access server NAS and dynamic host configuration protocol DHCP server according to claim 15 or 16 described systems,
Described NAS is used to receive the authentication that the VAAA server sends and finishes message and random number, and message is finished in described authentication is sent to MN;
Comprise the DHCP relay unit among the described NAS, be used for the described random number that NAS receives being sent to Dynamic Host Configuration Protocol server in the process of MN request configuration, Dynamic Host Configuration Protocol server sends to the DHCP relay unit to this random number with configuration information, and the DHCP relay unit sends to MN with configuration information and random number.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200710072932A CN101222319B (en) | 2007-01-10 | 2007-01-10 | A key distribution method and system in a mobile communication system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200710072932A CN101222319B (en) | 2007-01-10 | 2007-01-10 | A key distribution method and system in a mobile communication system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101222319A CN101222319A (en) | 2008-07-16 |
| CN101222319B true CN101222319B (en) | 2010-05-26 |
Family
ID=39631918
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200710072932A Expired - Fee Related CN101222319B (en) | 2007-01-10 | 2007-01-10 | A key distribution method and system in a mobile communication system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101222319B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101616407B (en) * | 2008-06-25 | 2011-04-27 | 华为技术有限公司 | Pre-certification method and certification system |
| CN101800988B (en) * | 2010-03-16 | 2012-08-15 | 东南大学 | Mobile IPv6 service authentication method based on network access device |
| CN105681364B (en) * | 2016-04-11 | 2019-02-05 | 清华大学 | An anti-attack method for IPv6 mobile terminals based on enhanced binding |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1317159A1 (en) * | 2001-11-30 | 2003-06-04 | Motorola, Inc. | Authentication, authorisation and accounting for a roaming user terminal |
| CN1726727A (en) * | 2002-11-13 | 2006-01-25 | 诺基亚公司 | Method and apparatus for performing inter-technology handover from WLAN to cellular network |
| CN1890994A (en) * | 2003-12-03 | 2007-01-03 | 高通股份有限公司 | Methods and apparatuses for CDMA2000/gprs roaming |
| CN1889781A (en) * | 2006-07-28 | 2007-01-03 | 电信科学技术研究院 | Identification method for multi-mode terminal roaming among heterogenous inserting technology networks |
-
2007
- 2007-01-10 CN CN200710072932A patent/CN101222319B/en not_active Expired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1317159A1 (en) * | 2001-11-30 | 2003-06-04 | Motorola, Inc. | Authentication, authorisation and accounting for a roaming user terminal |
| CN1726727A (en) * | 2002-11-13 | 2006-01-25 | 诺基亚公司 | Method and apparatus for performing inter-technology handover from WLAN to cellular network |
| CN1890994A (en) * | 2003-12-03 | 2007-01-03 | 高通股份有限公司 | Methods and apparatuses for CDMA2000/gprs roaming |
| CN1889781A (en) * | 2006-07-28 | 2007-01-03 | 电信科学技术研究院 | Identification method for multi-mode terminal roaming among heterogenous inserting technology networks |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101222319A (en) | 2008-07-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20060078119A1 (en) | Bootstrapping method and system in mobile network using diameter-based protocol | |
| CN101106452B (en) | Method and system for generating and distributing mobile IP keys | |
| US7840811B2 (en) | Network system and communication methods for securely bootstraping mobile IPv6 mobile node using pre-shared key | |
| US7065067B2 (en) | Authentication method between mobile node and home agent in a wireless communication system | |
| CN1666190B (en) | Method for registering home address of mobile node with home agent | |
| US7486951B2 (en) | Apparatus of dynamically assigning external home agent for mobile virtual private networks and method for the same | |
| CN101502078A (en) | Method and system for providing an access specific key | |
| EP1855442B1 (en) | System and Method for Authentication in a Communication System | |
| US20060227971A1 (en) | Secret authentication key setup in mobile IPv6 | |
| CN101304319A (en) | Mobile communication network and method and apparatus for authenticating mobile node therein | |
| US7477626B2 (en) | Apparatus of dynamically assigning external home agent for mobile virtual private networks and method for the same | |
| CN101106806A (en) | Method and system for obtaining mobile IP type of mobile terminal by wireless network, and mobile terminal | |
| CN101079705B (en) | Method and system for generating and distributing mobile IP keys after re-authentication | |
| CN101313627B (en) | Method and system for assigning home agent | |
| CN101227712A (en) | A system and method for realizing multi-type communication network integration | |
| CN101075870B (en) | Method for generating and distributing movable IP Key | |
| CN101222319B (en) | A key distribution method and system in a mobile communication system | |
| CN101569160B (en) | Method for transmission of DHCP messages | |
| Laurent-Maknavicius et al. | Inter-domain security for mobile Ipv6 | |
| CN102281287B (en) | TLS (transport layer security)-based separation mechanism mobile signaling protection system and method | |
| CN101447978B (en) | Method for acquiring correct HA-RK Context by accessing AAA server in WiMAX network | |
| TWI254546B (en) | Assignment method and system of home agent in mobile VPN | |
| CN101291215B (en) | Method and device for generating and distributing mobile IP cipher key | |
| CN101516092B (en) | A WiMAX network authentication method and device | |
| CN101094066A (en) | Method for generating and distributing mobile IP cipher key |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20100526 |