CN111050322A - GBA-based client registration and key sharing method, device and system - Google Patents

Abstract

The invention discloses a method, a device and a system for client registration and key sharing based on GBA, wherein the method comprises the following steps: the user terminal running with the third-party application client performs security authentication with the BSF (bootstrap service) server based on the B-TID acquired in the GBA initialization process and the generated master key; after the security authentication is successful, the service server BSF is guided to provide secure registration information and service for the third-party application client, and further a user token or an application key is generated for the third-party application client. The invention solves the problem that the third-party application server imitates the malicious request to consume the calculation and storage resources of the BSF and other third-party application servers, and further solves the problem that the third-party application client can calculate the application keys of other third-party application clients on the same user terminal.

Description

GBA-based client registration and key sharing method, device and system

【Technical field】

The present invention relates to the field of communication technologies and the field of Internet technologies, and in particular, to a method, device and system for client registration and key sharing based on Generic Bootstrapping Architecture (GBA).

【Background technique】

The 3GPP specification TS 33.220 defines a generic security authentication mechanism suitable for mobile networks—Generic Bootstrapping Architecture (GBA), which is a part of Generic Authentication Architecture (GAA).

GBA provides a general mechanism for establishing an application key between a user equipment (UE) and a network application function (NAF) based on an authentication and key agreement (AKA) mechanism.

The GBA architecture is mainly divided into two processes: GBA initialization and application key negotiation:

The first process is GBA Bootstrapping: between UE and bootstrapping server function (BSF), BSF and home subscriber server (HSS)/home location register (HLR) The key negotiation is performed based on the AKA mechanism, and finally the UE and the BSF negotiate a GBA master key Ks, and generate a bootstrapping transaction identifier (B-TID), and the master key Ks and B-TID are stored in the UE respectively. and BSF on.

The second process is the application key negotiation process (Bootstrapping Usage Procedure): the UE negotiates the application key with the NAF, and the NAF obtains the application key and user information from the BSF according to the application key negotiation request sent by the UE, and then the UE and NAF Use this application key for authentication, message encryption, and other operations. More specifically, referring to Figure 7, the application key negotiation process includes the following steps:

1. The UE sends an application connection request to the NAF through the Ua interface, and the request message carries the B-TID, and the UE uses the following formula to generate the application key Ks_(ext/int)_NAF. Before this step, a TLS link can be established in advance to ensure the communication security of the Ua interface.

Calculation formula in "GBA_ME" mode:

Ks_NAF=KDF(Ks,"gba-me",RAND,IMPI,NAF_Id)

Or, the calculation formula in "GBA_U" mode:

Ks_ext_NAF=KDF(Ks,"gba-me",RAND,IMPI,NAF_Id)

Ks_int_NAF=KDF(Ks,"gba-u",RAND,IMPI,NAF_Id)

Among them, Ks is the master key Ks generated during the GBA initialization process, "gba-me" and "gba-u" are fixed strings, RAND is the random number generated during the GBA initialization process, and IMPI is the IP Multimedia Private Identifier (IP MultimediaPrivateIdentity), NAF_Id is the identifier of NAF, and KDF is the abbreviation of Key Derivation Algorithm (also known as Key Derivation Function).

NAF_Id is formed by connecting the FQDN (Fully Qualified Domain Name, fully qualified domain name) of the NAF to be accessed and the protocol identifier (UaID) on the Ua interface. The connection method can be expressed as: NAF_Id=FQDN||UaID.

2. After receiving the application connection request from the UE, the NAF sends an authentication request message to the BSF, which carries the B-TID and NAF_Id.

3. After the first process (ie, the GBA initialization process) is completed, the B-TID has been stored on the BSF, and the IMPI corresponding to the B-TID, the master key Ks, the Ks key validity period, and the GBA initialization time are stored. , GBA User Security Settings (GUSS, GBA User Security Settings), etc.

After the BSF receives the authentication request from the NAF, the BSF verifies the identity of the sender according to the FQDN in the NAF_Id, and searches for the corresponding master key Ks according to the B-TID.

If the BSF does not find the corresponding master key Ks or the Ks has expired, the BSF returns an authentication failure response message to the NAF and requires the UE to re-initiate the GBA initialization process.

If the corresponding master key Ks is found and within the validity period, the BSF uses the same application key calculation formula as the UE to calculate the application key Ks_(ext/int)_NAF, and then returns an authentication success response message to the NAF server, and Send Ks_(ext/int)_NAF, Ks_(ext/int)_NAF validity period, GBA initialization time, and corresponding user security settings (USS) to NAF in the authentication success response message according to the preset settings .

4. After NAF stores the validity period information of Ks_(ext/int)_NAF and Ks_(ext/int)_NAF, it returns the authentication success response message to the UE, so that the application key Ks_(ext/int)_NAF is established between the UE and NAF, It can be used for subsequent authentication, message encryption and other operations.

The GBA architecture has been applied in IMS services to a certain extent, such as multimedia broadcast/multicast service (MBMS), secure user plane location (secure user plane location, SUPL) and other services.

With the intelligentization of user terminals (such as mobile smart phones) and the widespread use of Internet technology, users will install a large number of third-party application clients on user terminals. It is necessary to perform user identity authentication first, and negotiate a shared key with the corresponding third-party application server to meet the needs of data encryption and other aspects. If the GBA architecture can be applied in this field, it will greatly improve the security and enhance the user experience. However, the second process of the GBA architecture, that is, the application key negotiation process, cannot meet the requirements in this regard. A third-party application server is equivalent to As an example, NAF has the following technical defects:

Defect 1: Because the third-party application server is provided by different third-party application service providers, and because NAF_Id is a parameter that is easier to obtain through public channels or software reverse. The third-party application server collects the B-TID carried in the application connection request of the third-party application client, and then generates the application connection request according to the B-TID and the NAF_Id of other third-party application servers, so that it can impersonate other third-party application clients to send Other third-party application servers initiate application connections, which will cause BSF to perform unnecessary application key Ks_(ext/int)_NAF generation calculations, and cause other third-party application servers to store unnecessary application keys Ks_(ext/int )_NAF, which consumes computing and storage resources of BSF and other third-party application servers. Since every third-party application server can collect B-TIDs, the more B-TIDs are collected, the greater the potential harm to other third-party application servers.

Defect 2: Since there are a large number of third-party application clients installed on the user terminal, they are provided by different third-party application service providers, but the calculation method of the application key Ks_(ext/int)_NAF in the existing GBA mechanism , where "gba-me" and "gba-u" are fixed string parameters, IMPI is the same fixed parameter within the same user terminal, Ks and RAND are the same parameters within the validity period of a Ks, and NAF_Id is It is easier to obtain parameters through public channels or reverse software. Therefore, the third-party application client on the same user terminal can easily calculate the application key Ks_(ext/int)_NAF of other third-party application clients, so as to counterfeit Access by other third-party application clients.

[Content of the invention]

The main purpose of the present invention is to provide a GBA-based client registration and key sharing method, device and system, aiming to provide a secure registration method, device and system for a third-party application client running in a user terminal, Solve the problem that the third-party application server spoofed malicious requests consumes the computing and storage resources of the guiding business server BSF and other third-party application servers, and then solves the problem that the third-party application client can easily calculate other third-party applications on the same user terminal. The problem of the application key of the application client, so that the GBA architecture can be applied in the field of Internet technology more safely and effectively.

To achieve the above object, the invention provides the following technical solutions:

In a first aspect, a GBA-based client registration and key sharing method is provided, which is applied to a user terminal running a third-party application client, and the method includes:

Execute the GBA initialization process, obtain the B-TID and generate the first master key Ks;

Encrypting the first verification information based on the first master key Ks to generate a first encrypted value, the first verification information is the same as the value of the second verification information generated by the bootstrap service server BSF;

sending the B-TID and the first encrypted value to the bootstrap service server BSF;

Receive registration information and services provided by the bootstrap service server BSF, where the registration information and services are provided after the bootstrap service server BSF verifies that the first encrypted value is valid.

Preferably, the user terminal is connected with the guidance service server BSF through a data network.

Preferably, the data network includes the Internet and the mobile Internet.

Preferably, the user terminal accesses the mobile Internet through a mobile data connection, a WiFi connection or/and a WLAN connection.

Preferably, the mobile data includes 3G mobile data, 4G mobile data, 5G mobile data or 6G mobile data.

Preferably, generating the first encrypted value by encrypting the first verification information based on the first master key Ks includes:

A first authentication key is generated based on the first master key Ks, wherein the generation method of the first authentication key is consistent with the generation method of the bootstrap service server BSF to generate the second authentication key, so that the The value of the first authentication key is the same as that of the second authentication key generated by the bootstrap service server BSF;

Generating the first verification information, wherein the generation method of the first verification information is consistent with the generation method of the guidance service server BSF to generate the second verification information, so that the first verification information is consistent with the guidance service server BSF. The value of the second verification information generated by the service server BSF is the same;

The first authentication information is encrypted based on the first authentication key to generate a first encrypted value.

Preferably, the generating the first authentication key based on the first master key Ks includes:

using the first master key Ks as the first authentication key; or,

The first authentication key is generated based on information including the first master key Ks.

Preferably, the generating the first authentication key based on the information including the first master key Ks includes:

A first authentication key is generated based on information including the first master key Ks and a first fixed string or/and a first random string or/and a first timestamp or/and the B-TID or/and NAF_Id key, the first fixed character string is a pre-configured character string with the same value as the first fixed character string pre-configured by the guidance service server BSF, and the first random character string is a randomly generated character string, The first timestamp is generated by obtaining the current system time, and the NAF_Id is the identifier of the third-party application client;

If the information for generating the first authentication key includes the first random string or/and the first timestamp or/and the NAF_Id, the first random string or/and the first A timestamp or/and the NAF_Id are delivered to the bootstrapping service server BSF.

Preferably, the generating the first verification information includes:

The first verification information is generated based on information including a second fixed character string or/and a second random character string or/and a second timestamp or/and the B-TID or/and the NAF_Id, the second fixed character The string is a pre-configured character string with the same value as the second fixed character string pre-configured by the bootstrap service server BSF, the second random character string is a randomly generated character string, and the second time stamp is a Obtain the current system time generation, and the NAF_Id is the identifier of the third-party application client;

If generating the first verification information includes based on the second random string or/and the second timestamp or/and the NAF_Id, then the second random string or/and the second time The stamp or/and the NAF_Id are delivered to the bootstrapping service server BSF.

Preferably, the generating the first verification information based on the information including the second fixed character string or/and the second random character string or/and the second timestamp or/and the B-TID or/and the NAF_Id includes:

Use one of the second fixed string or the second random string or the second timestamp or the B-TID or the NAF_Id as the first verification information; or,

Using the second fixed character string or the second random character string or the second timestamp or the hash value generated by one of the B-TID or the NAF_Id as the first verification information; or,

The information including the second fixed string or/and the second random string or/and the second timestamp or/and the B-TID or/and the NAF_Id is combined and spliced as the first verification information; or,

Hash calculation after combining the information including the second fixed string or/and the second random string or/and the second timestamp or/and the B-TID or/and the NAF_Id The generated hash value is used as the first verification information.

Preferably, generating the first encrypted value by encrypting the first verification information based on the first authentication key includes:

Using a signature encryption algorithm to sign and encrypt the first verification information based on the first authentication key to generate the first encrypted value; or,

The first encrypted value is generated using a symmetric encryption algorithm based on the first authentication key for symmetric encryption of information including the first verification information.

Preferably, the method further includes:

Before receiving the registration information and services provided by the guidance service server BSF, passing the NAF_Id to the guidance service server BSF, where the NAF_Id is the identifier of the third-party application client;

The registration information and services are the registration information and services provided by the guidance service server BSF for the third-party application client.

Preferably, the delivering the NAF_Id to the bootstrap service server BSF includes:

In the process of sending the B-TID and the first encrypted value to the guidance service server BSF, the NAF_Id is delivered to the guidance service server BSF; or,

After the bootstrap service server BSF verifies that the first encrypted value is valid, and before the receiving registration information and services provided by the bootstrap service server BSF, the NAF_Id is delivered to the bootstrap service server BSF.

Preferably, the receiving registration information and services provided by the guidance service server BSF includes:

receiving a third-party user identity transmitted by the guidance service server BSF, where the third-party user identity is used to identify a user identity in the third-party application client; or/and,

The first application key is generated based on the first master key Ks, and the generation method of the first application key is consistent with the generation method of the bootstrap service server BSF to generate the second application key. key is used as an application key in the third-party application client; or/and,

The user token transmitted by the guidance service server BSF is received, where the user token is used for the authentication and authentication of the third-party application client to access the corresponding third-party application server.

Preferably, after receiving the third-party user identifier sent by the guidance service server BSF, the method further includes:

The first user key is generated based on the first master key Ks, and the generation method of the first user key is consistent with the generation method of the bootstrap service server BSF to generate the second user key. The key is used as the key of the third-party user identification in the third-party application client.

Preferably, the generating the first user key based on the first master key Ks includes:

Based on including the first master key Ks and a third fixed string or/and a third random string or/and a third timestamp or/and the B-TID or/and the NAF_Id or/and the The information of the third-party user identification generates a first user key, and the third fixed character string is a character string that is preconfigured and has the same value as the third fixed character string preconfigured by the guidance service server BSF. The three random character strings or/and the third time stamp are transmitted by the bootstrap service server BSF.

Preferably, the generating the first application key based on the first master key Ks includes:

The first application key is generated based on the first master key Ks and optional parameters; the optional parameters include one or more of Salt, RAND, IMPI and NAF_Id, wherein,

Salt is the same salt value as the bootstrap service server BSF;

RAND is the RAND generated during the GBA initialization;

IMPI is the IMPI of the user terminal;

NAF_Id is the NAF_Id;

KDF is the same key derivation algorithm as the bootstrap service server BSF;

The optional parameters are consistent with the optional parameters when the bootstrap service server BSF generates the second application key.

Preferably, after the delivering the NAF_Id to the guidance service server BSF, and before the receiving registration information and services provided by the guidance service server BSF, the method further includes:

The authorization information confirmed by the end user is sent to the bootstrap service server BSF.

Preferably, the sending of the authorization information confirmed by the end user to the guidance service server BSF includes:

receiving an application authorization request message sent by the guidance service server BSF;

Display the application authorization verification interface;

Receive the authorization information input by the terminal user in the application authorization verification interface;

If the authorization information indicates confirmation of authorization, an application authorization response message is sent to the bootstrap service server BSF, where the application authorization response message is an application authorization confirmation message.

In a second aspect, a GBA-based client registration and key sharing method is provided, which is applied to the bootstrap service server BSF, and the method includes:

After successfully performing the GBA initialization process with the user terminal, receive the B-TID and the first encrypted value sent by the user terminal;

Obtain the corresponding second master key Ks according to the B-TID;

Verifying the first encrypted value based on the second master key Ks and second verification information, the second verification information being the same as the value of the first verification information generated by the user terminal;

If it is verified that the first encrypted value is valid, registration information and services are provided to the user terminal.

Preferably, the guidance service server BSF is connected with the user terminal through a data network.

Preferably, the data network includes the Internet and the mobile Internet.

Preferably, the verifying the first encrypted value based on the second master key Ks and the second verification information includes:

A second authentication key is generated based on the second master key Ks, wherein the generation method of the second authentication key is consistent with the generation method of the user terminal to generate the first authentication key, so that the second authentication key is generated The authentication key is the same as the value of the first authentication key generated by the user terminal;

The second verification information is generated, wherein the generation method of the second verification information is consistent with the generation method of the user terminal to generate the first verification information, so that the second verification information is the same as that generated by the user terminal. The value of the first verification information is the same;

The first encrypted value is verified based on the second authentication key and the second verification information.

Preferably, the generating the second authentication key based on the second master key Ks includes:

using the second master key Ks as the second authentication key; or,

The second authentication key is generated based on information including the second master key Ks.

Preferably, the generating the second authentication key based on the information including the second master key Ks includes:

A second authentication key is generated based on information including the second master key Ks and a first fixed string or/and a first random string or/and a first timestamp or/and the B-TID or/and NAF_Id key, the first fixed character string is a preconfigured character string with the same value as the first fixed character string preconfigured by the user terminal, the first random character string or/and the first timestamp Or/and the NAF_Id is delivered by the user terminal.

Preferably, the generating the second verification information includes:

The second verification information is generated based on a second fixed character string or/and a second random character string or/and a second timestamp or/and the B-TID or/and the NAF_Id, and the second fixed character string is a predetermined A string that is configured and has the same value as the second fixed string preconfigured by the user terminal, the second random character string or/and the second timestamp or/and the NAF_Id is the user terminal transmitted.

Preferably, the generating the second verification information based on the second fixed character string or/and the second random character string or/and the B-TID or/and the NAF_Id includes:

Use one of the second fixed string or the second random string or the second timestamp or the B-TID or the NAF_Id as the second verification information; or,

Use the second fixed string or the second random string or the second timestamp or a hash value of one of the B-TID or the NAF_Id as the second verification information; or ,

The information including the second fixed string or/and the second random string or/and the second timestamp or/and the B-TID or/and the NAF_Id is combined and spliced as the second verification information; or,

Hash calculation after combining the information including the second fixed string or/and the second random string or/and the second timestamp or/and the B-TID or/and the NAF_Id The generated hash value is used as the second verification information.

Preferably, the verifying the first encrypted value based on the second authentication key and the second verification information includes:

If the user terminal uses a signature encryption algorithm to generate the first encrypted value, then use the same signature encryption algorithm to verify the first encryption value based on the second authentication key and the second verification information; or,

If the user terminal uses a symmetric encryption algorithm to generate the first encrypted value, the same symmetric encryption algorithm is used to verify the first encrypted value based on the second authentication key and the second verification information.

Preferably, the using the same signature encryption algorithm to verify the first encrypted value based on the second authentication key and the second verification information includes:

Using the same signature encryption algorithm as the user terminal, sign and encrypt the second verification information based on the second authentication key to generate a second encrypted value;

comparing whether the second encrypted value is consistent with the first encrypted value;

If they are consistent, it is determined to verify that the first encrypted value is valid.

Preferably, the using the same symmetric encryption algorithm to verify the first encrypted value based on the second authentication key and the second verification information includes:

Using the same symmetric encryption algorithm as the user terminal, decrypt the first encrypted value based on the second authentication key to obtain plaintext, and obtain first verification information from the plaintext obtained by the decryption;

comparing whether the second verification information is consistent with the first verification information;

If they are consistent, it is determined to verify that the first encrypted value is valid.

Preferably, the method further includes:

Before providing registration information and services to the user terminal, obtain the NAF_Id delivered by the user terminal, where the NAF_Id is an identifier of a third-party application client running in the user terminal;

The registration information and services provided to the user terminal are the registration information and services provided to the third-party application client.

Preferably, the acquiring the NAF_Id delivered by the user terminal includes:

In the process of receiving the B-TID and the first encrypted value sent by the user terminal, receive the NAF_Id sent by the user terminal; or,

After verifying that the first encrypted value is valid, and before providing registration information and services to the user terminal, the NAF_Id transmitted by the user terminal is received.

Preferably, the providing registration information and services to the user terminal includes:

Obtain the corresponding third-party user identifier according to the B-TID and the NAF_Id, and deliver the third-party user identifier to the user terminal, so that the third-party user identifier is used in the third-party application client identify the user; or/and,

A second application key is generated based on the second master key Ks, the generation method of the second application key is consistent with the generation method of the user terminal to generate the first application key, and the B-TID and the corresponding relationship between the NAF_Id and the second application key; or/and,

A user token associated with the NAF_Id is generated, and the user token is delivered to the user terminal, where the user token is used for authentication of the third-party application client to access the corresponding third-party application server.

Preferably, the obtaining the corresponding third-party user identifier according to the B-TID and the NAF_Id includes:

Obtain the corresponding IMPI according to the B-TID;

Find the corresponding third-party user identifier according to the IMPI and the NAF_Id;

If the corresponding third-party user identifier is found, then determine that the found corresponding third-party user identifier is the third-party user identifier;

If the corresponding third-party user ID is not found, create a unique third-party user ID, determine that the unique third-party user ID is the third-party user ID, and establish the IMPI and the NAF_Id with the The corresponding relationship of the unique third-party user identifier, so that the unique third-party user identifier can be found according to the IMPI and the NAF_Id.

Preferably, after obtaining the corresponding third-party user identifier according to the B-TID and the NAF_Id, the method further includes:

Generate a second user key based on the second master key, and the generation method of the second user key is consistent with the generation method of the user terminal to generate the first user key;

A corresponding relationship between the third-party user identifier and the second user key is established.

Preferably, the generating the second application key based on the second master key Ks includes:

The second application key is generated based on the second master key Ks and optional parameters; the optional parameters include one or more of Salt, RAND, IMPI and NAF_Id, wherein,

Salt is the same salt value as the user terminal;

RAND is the RAND corresponding to the B-TID;

IMPI is the IMPI corresponding to the B-TID;

NAF_Id is the NAF_Id;

KDF is the same key derivation algorithm as the user terminal;

The optional parameters are consistent with the optional parameters when the user terminal generates the first application key.

Preferably, the generating the user token associated with the NAF_Id includes:

use a randomly generated globally unique string as the user token;

Establish an association relationship between the user token and the NAF_Id.

Preferably, the generating the user token associated with the NAF_Id further includes:

establishing an association relationship between the user token and the IMPI corresponding to the B-TID, so that the IMPI corresponding to the B-TID can be obtained according to the user token; or,

An association relationship between the user token and a unique user identifier is established, and the unique user identifier is the unique user identifier corresponding to the IMPI corresponding to the B-TID established in advance.

Preferably, after obtaining the NAF_Id transmitted by the user terminal and after verifying that the first encrypted value is valid, and before providing registration information and services to the user terminal, the method further includes:

Acquire the authorization information sent by the user terminal and confirmed by the terminal user, and if the authorization information sent by the user terminal and confirmed by the terminal user is acquired, execute the providing registration information and services to the user terminal.

Preferably, the obtaining the authorization information sent by the user terminal and confirmed by the terminal user includes:

sending an application authorization request message to the user terminal;

receiving an application authorization response message sent by the user terminal;

If the application authorization response message is an application authorization confirmation message, performing the providing registration information and services to the user terminal.

Preferably, the application authorization request message includes:

third-party application name, the third-party application name is the third-party application name obtained according to the NAF_Id; or/and,

Mobile user name, the mobile user name is the mobile user name obtained according to the B-TID.

In a third aspect, a GBA-based client registration and key sharing device is provided, wherein the device is applied to a user terminal running a third-party application client, and includes: a memory and a processor, and the processor uses When running the program stored in the memory, the program executes any one of the methods described in the above-mentioned first aspect applied to a user terminal running a third-party application client.

A GBA-based client registration and key sharing device is provided, wherein the device is applied to a bootstrap service server BSF, comprising: a memory and a processor, wherein the processor is configured to run a program stored in the memory, The execution of the program when the program is executed includes the method described in any one of the second aspect applied to the bootstrap service server BSF.

A GBA-based client registration and key sharing system is provided, wherein the system includes: a user terminal and a guidance service server BSF; The device; the guidance service server BSF includes the above-mentioned device applied to the guidance service server BSF.

A storage medium is provided, wherein a program is stored in the storage medium, and the program is used to implement any one of the methods of the above-mentioned first aspect applied to a user terminal running a third-party application client.

A storage medium is provided, wherein a program is stored in the storage medium, and the program is used to implement any one of the methods including the second aspect applied to the bootstrap service server BSF.

To sum up, after the GBA initialization process, the present invention provides a secure registration environment for the third-party application client running in the user terminal, and guides the service server BSF to provide the corresponding registration information and information only for the authenticated user terminal. The service, including obtaining a third-party user ID, generating a user key, generating an application key, and generating a user card, effectively solves the technical defects existing in the application of the GBA architecture as described in the background art in the field of Internet technology.

【Description of drawings】

In order to explain the embodiments of the present invention or the technical solutions in the prior art more clearly, the following briefly introduces the accompanying drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description are only It is an embodiment of the present invention. For those of ordinary skill in the art, other drawings can also be obtained according to the provided drawings without creative work.

1 is a schematic structural diagram of an implementation environment involved in a GBA-based client registration and key sharing method provided by an embodiment of the present invention;

2 is a schematic flowchart of Embodiment 1 of the GBA-based client registration and key sharing method provided by the present invention;

3 is a schematic flowchart of Embodiment 2 of the GBA-based client registration and key sharing method provided by the present invention;

4 is a schematic flowchart of Embodiment 3 of the GBA-based client registration and key sharing method provided by the present invention;

5 is a schematic flowchart of Embodiment 4 of the GBA-based client registration and key sharing method provided by the present invention;

6 is a schematic flowchart of Embodiment 5 of the GBA-based client registration and key sharing method provided by the present invention;

FIG. 7 is a schematic flowchart of a GBA application key negotiation process.

The realization, functional characteristics and advantages of the present invention will be further described with reference to the accompanying drawings in conjunction with the embodiments.

【Detailed ways】

In order to make the objectives, technical solutions and advantages of the present invention clearer, the embodiments of the present invention will be further described in detail below with reference to the accompanying drawings. It should be understood that the specific embodiments described herein are only used to explain the present invention, but not to limit the present invention.

1. Related terms

In order to facilitate understanding, some terms involved in this article are introduced and explained.

NAF_Id: NAF_Id is used to uniquely identify the third-party application server and to identify the third-party application client corresponding to the third-party application server. NAF_Id can be a fully qualified domain name (Fully Qualified DomainName, FQDN), or a concatenation of FQDN and a protocol identifier (UaID) on the Ua interface, or a string.

Signature encryption algorithm: refers to the encryption algorithm used to encrypt the authenticity of information. Only the sender of the information can generate a digital string that cannot be forged by others. This digital string is also a part of the authenticity of the information sent by the sender Valid proofs, such as message authentication codes (such as hash-based message authentication code HMAC, cipher block chaining message authentication code CBC-MAC, Galois message authentication code GMAC, etc.), hash function with key encryption, RSA-based Digital schemes (such as RSA-PSS), Digital Signature Algorithms (DSA) and Elliptic Curve Digital Signature Algorithms, etc.

Symmetric encryption algorithm: refers to an encryption algorithm that uses the same key for encryption and decryption, such as Triple Data Encryption Standard (DES) and Advanced Encryption Standard (AES).

2. Schematic diagram of the implementation environment structure

Please refer to FIG. 1 , which shows a schematic structural diagram of an implementation environment involved in a GBA-based client registration and key sharing method provided by an embodiment of the present invention. The implementation environment includes a bootstrap service server BSF, a user terminal, and a third-party application client.

Bootstrap service server BSF: BSF is usually provided by communication operators, and is connected to user terminals through data networks such as the Internet and mobile Internet to perform the GBA initialization process, and provide registration information and services to user terminals; The interface is connected with HSS (Home Subscriber Server, Home Subscriber Server) or/and HLR (Home Location Register, Home Location Register) to perform the GBA initialization process; it should be noted that the BSF in this application can also data management, UDM) connection to perform the GBA initialization process.

User terminal: The user terminal accesses the network through wired or wireless means such as WLAN, WiFi, mobile data (including 3G/4G/5G/6G mobile data), LAN, fixed broadband, etc., and performs data connection with the guidance service server BSF. The network includes Internet, mobile Internet and other data networks. The user terminal supports the GBA function, and is usually a smart phone, and may also be a smart TV, a set-top box, a tablet computer, a portable computer, a desktop computer, and the like.

Third-party application client: an application program running in the operating system of the user terminal, provided by a third-party application service provider.

It can be understood that, in the actual implementation environment, it may include one, more or a large number of user terminals, and each user terminal may run one or more third-party application clients provided by different third-party application service providers, each Each third-party application client can connect to access the corresponding third-party application server, so as to obtain business application data and services provided by the corresponding third-party application server.

For the sake of brevity, without affecting the implementation of the present invention, other components in the GBA architecture are ignored in the implementation diagram, such as the Home Subscriber Server (HSS), the Home Location Register (HLR), and the authentication proxy function. (Authentication Proxy, AP), Subscriber Locator Function (Subscriber Locator Function, SLF), etc. However, those skilled in the art can understand that these components have been used in necessary application scenarios.

It should also be noted that, in an actual business application environment, there should also be a third-party application server. The third-party application server is equivalent to the NAF in the GBA architecture. It is provided by the third-party application service provider and is used to connect with the third-party application client through the network to provide the third-party application client with the required business application data and services. For example, information, shopping, social networking, etc.; it is used to connect with the guidance service server BSF through the network, and obtain or verify the verification information submitted by the third-party application client to the guidance service server BSF, such as B-TID, application key, user token, etc. information.

Those skilled in the art can understand that the implementation environment structure shown in FIG. 1 does not constitute a limitation to the implementation environment, and may include more or less components than the one shown, or combine some components, or arrange different components.

3. Prerequisites for Implementation

Before implementing the embodiments of the present invention, the user terminal and the guidance service server BSF have successfully completed the GBA initialization process, and the user terminal has the B-TID and the corresponding Ks (ie the first master key Ks), RAND; the guidance service server The BSF stores the B-TID and the corresponding Ks (that is, the second master key Ks), and RAND, and establishes the correspondence between the B-TID and the corresponding Ks (that is, the second master key Ks), and RAND. The service server BSF stores the correspondence between the B-TID and the IMPI (IP Multimedia Private Identity, IP Multimedia Private Identity) of the user terminal, that is, the corresponding IMPI can be searched and acquired through the B-TID.

4. Embodiment 1 of the method for client registration and key sharing based on GBA

Please refer to FIG. 2 , which shows a flowchart of Embodiment 1 of the GBA-based client registration and key sharing method provided by the present invention, and this embodiment can be used in the implementation environment shown in FIG. 1 . This embodiment includes:

After acquiring the operation instruction for starting the GBA-based client registration and key sharing process, the user terminal starts the GBA-based client registration and key sharing process, which may include the following three sub-processes and corresponding steps:

The first sub-process: the user terminal and the bootstrap service server BSF generate an authentication key with the same value based on the same B-TID and the master key Ks with the same value. Specifically, it can include:

Step 201. The user terminal obtains the B-TID and the first master key Ks.

The user terminal acquires the B-TID and the first master key Ks. Correspondingly, after the user terminal and the guiding service server BSF successfully perform the GBA initialization process, the B-TID and the B-TID are stored on the guiding service server BSF. The second master key Ks corresponding to the TID.

Step 202. The user terminal generates a first authentication key based on the first master key Ks.

For example, the first master key Ks can be used as the first authentication key.

For another example, it is generated based on information including the first master key Ks and the first fixed character string (1) or/and the first random character string or/and the first timestamp or/and the B-TID or/and the NAF_Id A first authentication key; wherein, the first fixed character string (1) is a character string that is preconfigured and has the same value as the first fixed character string (2) preconfigured on the guidance service server BSF, and the first random character string The string is a locally randomly generated string, and the first timestamp is generated by acquiring the current system time of the user terminal. Specifically, taking the key derivation algorithm formula as an example, it can be expressed as: DK=PBKDF2(passphrase, Salt, c, dkLen), where: DK is the generated first authentication key, PBKDF2 is the key derivation algorithm, and passphrase is The first master key Ks and the first fixed character string (1) or/and the first random character string or/and the first timestamp or/and the B-TID or/and the NAF_Id are combined and spliced into a character string; Salt is the salt value, which is a fixed string in this example; c is the number of iterations; dkLen is the key output length, which can be generated according to the required encryption algorithm.

NAF_Id is the identifier of the third-party application client running in the user terminal. For example, it is stored in the third-party application client software installation package and stored in the configuration file after installation, and the user terminal obtains the NAF_Id from the configuration file; Alternatively, it is obtained after the third-party application client sends a request to the corresponding third-party application server, and then obtained by the user terminal from the third-party application client, or sent by the third-party application client to the user terminal.

Step 203. The user terminal sends the B-TID and the information for generating the first authentication key to the bootstrap service server BSF.

The user terminal sends the B-TID to the guidance service server BSF, so that the guidance service server BSF can obtain the corresponding second master key Ks according to the B-TID.

In order for the bootstrap service server BSF to generate a second authentication key with the same value as the first authentication key, if the information for generating the first authentication key further includes a first random string or/and a first timestamp or/and NAF_Id, then send the first random character string or/and the first timestamp or/and the NAF_Id to the bootstrap service server BSF.

Correspondingly, the guiding service server BSF receives the B-TID and the first random character string or/and the first timestamp or/and the NAF_Id sent by the user terminal.

It can be understood that if the above-mentioned information for generating the first authentication key also includes the first fixed character string (1), since the first fixed character string (2) of the same value can be preconfigured on the guidance service server BSF, it is not necessary to The first fixed character string (1) is sent to the guidance service server BSF.

Step 204. Guide the service server BSF to obtain the second master key Ks according to the B-TID.

The corresponding relationship between the B-TID and the second master key Ks is stored on the bootstrap service server BSF.

The bootstrap service server BSF searches and obtains the corresponding second master key Ks in the corresponding relationship according to the B-TID.

Step 205. Guide the service server BSF to generate a second authentication key based on the second master key Ks.

Guide the service server BSF to use the same authentication key generation method as the user terminal, generate a second authentication key based on the second master key Ks, and the same authentication key generation method includes the same key derivation algorithm formula, the same input information, the same input parameters, the same string combination and splicing method, etc., so that the generated second authentication key has the same value as the first authentication key generated by the user terminal.

For example, taking the same authentication key generation method as the user terminal in step 202 as an example, if the user terminal uses the first master key Ks as the first authentication key, the guiding service server BSF uses the second master key Ks as the first authentication key. The second authentication key.

For another example, taking the same authentication key generation method as the user terminal in step 202 as an example, if the user terminal includes the first master key Ks and the first fixed character string (1) or/and the first random character string or and/and the first timestamp or/and the B-TID or/and the NAF_Id to generate a first authentication key, then the bootstrap service server BSF is based on including the second master key Ks and the first fixed character string (2) or/and The first random character string or/and the first time stamp or/and the information of the B-TID or/and the NAF_Id generates the first authentication key, and the generation method of the second authentication key is the same as that for the user terminal to generate the first authentication key. The keys are generated in the same manner; wherein, the first fixed character string (2) is a character string that is preconfigured and has the same value as the first fixed character string (1) preconfigured by the user terminal, and the first random character string or / and the first timestamp or/and NAF_Id are sent by the user terminal. It can be understood that if the generation of the first authentication key by the user terminal also includes other input information or input parameters, then guiding the service server BSF to generate the second authentication key also needs to include the use of the same input information or input parameters, so that the generated first authentication key is generated. The value of the second authentication key is the same as that of the first authentication key generated by the user terminal.

Specifically, taking the example corresponding to step 202 as an example, the key derivation algorithm formula is: DK=PBKDF2(passphrase, Salt, c, dkLen), wherein: DK is the generated second authentication key, PBKDF2 is the The same key derivation algorithm, passphrase is the second master key Ks and the first fixed string (2) or/and the first random string or/and the first timestamp or/and the B-TID or/ The string concatenated with NAF_Id; Salt is the salt value, which is the same fixed string as the user terminal; c is the same number of iterations as the user terminal; dkLen is the same key output length as the user terminal.

So far, after the GBA initialization process is successfully performed, the values of the first master key Ks corresponding to the same B-TID on the user terminal and the second master key Ks corresponding to the bootstrap service server BSF are the same. The first authentication key and the second authentication key are generated using the same key generation method and based on the master key Ks with the same value. Therefore, the values of the first authentication key and the second authentication key are also the same.

The second sub-process: the user terminal and the bootstrap service server BSF generate authentication information with the same value. Specifically, it can include:

Step 206. The user terminal generates first verification information.

The user terminal generates the first verification information, so that the first verification information is used for encryption, and the value of the first verification information is the same as that of the second verification information generated by the bootstrap service server BSF.

The user terminal may use one of the second fixed character string (1) or the second random character string or the second timestamp or the B-TID or the NAF_Id as the first verification information; One of the character string (1) or the second random character string or the second timestamp or the B-TID or the NAF_Id is hashed with a hash algorithm, and the generated hash value is used as the first verification information; or , the user terminal generates the first verification information after splicing the information including the second fixed character string (1) or/and the second random character string or/and the second timestamp or/and the B-TID or/and the NAF_Id Or, the user terminal will include the information generated after the second fixed character string (1) or/and the second random character string or/and the second time stamp or/and the information of the B-TID or/and the NAF_Id combined and spliced , and then use the hash algorithm to perform hash calculation, and use the generated hash value as the first verification information.

Wherein, the second fixed character string (1) is a preconfigured character string with the same value as the second fixed character string (2) preconfigured on the guiding service server BSF, and the second random character string is randomly generated locally String, the second timestamp is generated by obtaining the current system time of the user terminal.

Step 207. The user terminal sends the information for generating the first verification information to the guidance service server BSF.

After the user terminal generates the first verification information, in order for the bootstrap service server BSF to generate the second verification information with the same value as the first verification information, if the generated first verification information further includes a second random character string or/and a second timestamp or/and the B-TID or/and the NAF_Id, send the second random string or/and the second timestamp or/and the B-TID or/and the NAF_Id to the bootstrap service server BSF.

Correspondingly, the guiding service server BSF receives the second random character string or/and the second timestamp or/and the B-TID or/and the NAF_Id sent by the user terminal.

It can be understood that if the above-mentioned information for generating the first verification information also includes the second fixed character string (1), since the fixed character string (2) of the same value can be preconfigured on the guidance service server BSF, the second fixed character string (2) may not be used. The fixed character string (1) is sent to the bootstrap service server BSF.

It can be understood that this step can also be combined with the above-mentioned step 203 to be implemented in one step, that is, the user terminal can send the B-TID and the information for generating the first authentication key and the information for generating the first verification information in a sending request at the same time. For the guidance service server BSF, correspondingly, the above-mentioned steps of generating the second authentication key and generating the second verification information by the guidance service server BSF are also implemented after the merging step.

It can be understood that, if implemented in one step, if the information for generating the first authentication key and the information for generating the first verification information have the same information in the two steps, the same information need not be sent repeatedly.

Step 208. Guide the service server BSF to generate the second verification information.

The guiding service server BSF generates the second authentication information, and the value of the generated second authentication information is to be the same as the value of the first authentication information generated by the user terminal.

Taking the same authentication information generation method as in step 206 as an example, if the user terminal uses one of the second fixed character string (1) or the second random character string or the second timestamp or the B-TID or the NAF_Id as the For the first verification information, the guiding service server BSF takes one of the second fixed character string (2) or the second random character string or the second timestamp or the B-TID or the NAF_Id as the second verification information.

Taking the same authentication information generation method as in step 206 as an example, if the user terminal uses one of the second fixed character string (1) or the second random character string or the second timestamp or the B-TID or the NAF_Id The hash value is used as the first verification information, and the service server BSF is guided to use the same one of the second fixed string (2) or the second random string or the second timestamp or the B-TID or the NAF_Id. The hash algorithm performs hash calculation, and uses the generated hash value as the second verification information.

Taking the same authentication information generation method as in step 206 as an example, if the user terminal will include the second fixed character string (1) or/and the second random character string or/and the second time stamp or/and the B-TID or / and the information of the NAF_Id to generate the first verification information, then the bootstrap service server BSF will include the second fixed character string (2) or/and the second random character string or/and the second time stamp or/and the B-TID or / and the information of the NAF_Id to generate the second verification information. For example, if the user terminal combines the second fixed string (1) or/and the second random string or/and the second timestamp or/and the B-TID or/and the NAF_Id as the first verification information, Then guide the service server BSF to combine the second fixed character string (2) or/and the second random character string or/and the second timestamp or/and the B-TID or/and the NAF_Id in the same way as the first 2. Verification information.

Taking the same authentication information generation method as in step 206 as an example, if the user terminal will include the second fixed character string (1) or/and the second random character string or/and the second time stamp or/and the B-TID or /The hash value generated by hash calculation after splicing with the information of this NAF_Id is used as the first verification information, then the guidance service server BSF will include the second fixed character string (2) or/and the second random character string or/and the first Two timestamps or/and the information of the B-TID or/and the NAF_Id use the same method to combine the information generated after splicing, and then use the same hash algorithm to perform hash calculation on the combined and spliced information, and generate The hash value is used as the second verification information.

Wherein, the second fixed character string (2) is a preconfigured character string with the same value as the second fixed character string (1) preconfigured on the user terminal, the second random character string or/and the second The timestamp or/and the NAF_Id are sent by the user terminal.

It can be understood that if the generation of the first verification information by the user terminal also includes other input information, then guiding the service server BSF to generate the second verification information also needs to include using the same input information, so that the generated second verification information and the user terminal generate the same input information. The value of the first verification information is the same.

So far, since the second verification information and the first verification information are generated using the same verification information generation method and based on information of the same value, the values of the second verification information and the first verification information are also the same.

Further, if the information for generating the first verification information also includes a second time stamp, the bootstrap service server BSF compares the second time stamp with the current system time of the bootstrap service server BSF after receiving the second time stamp. , to determine whether the time difference between the two is within the preset valid range: if it is within the valid range, execute the subsequent steps; if it is not within the valid range, do not execute the subsequent steps.

The third sub-process: the user terminal and the bootstrap service server BSF implement security authentication based on the authentication key with the same value and the verification information with the same value. Specifically, it can include:

Step 209. The user terminal encrypts the first authentication information based on the first authentication key to generate a first encrypted value.

According to the first authentication key and the first verification information generated in the above steps, the user terminal encrypts the first verification information based on the first authentication key to generate a first encrypted value. Depending on the encryption algorithm used, various implementations may be included, at least including:

In a first implementation manner, the user terminal uses a signature encryption algorithm to sign and encrypt the first verification information based on the first authentication key to generate a first encrypted value.

The first encrypted value generated by the user terminal using the signature encryption algorithm to sign and encrypt the first verification information based on the first authentication key is the signature value. The signature value can uniquely identify the first verification information, and only the same signature is used. The same signature value can only be generated by the encryption algorithm, the signature key of the same value, and the information to be signed of the same value.

For example, taking the hash message authentication code as an example for the signature encryption algorithm, the signature method can be expressed as: Signature=HMAC_SHA256(k,m), where m is the information to be signed, that is, the first verification information, and k is the signature key, that is, the first verification information. The first authentication key, HMAC_SHA256 is the signature encryption algorithm, and Signature is the signature value, that is, the first encryption value.

For another example, taking the signature encryption algorithm using a hash function encrypted with a key as an example, the signature method can be expressed as: Signature=SHA256(k||m), where m is the information to be signed, that is, the first verification information, and k is the first verification information. The signature key is the first authentication key, "k||m" represents the combination of k and m, SHA256 is the hash function, and Signature is the signature value, that is, the first encrypted value.

In the second implementation manner, the user terminal uses a symmetric encryption algorithm based on the first authentication key to symmetrically encrypt the information including the first verification information to generate a first encrypted value.

The user terminal uses a symmetric encryption algorithm to symmetrically encrypt the information including the first verification information based on the first authentication key to generate a first encrypted value, where the first encrypted value is the ciphertext of the information including the first verification information, and only Only by using the same symmetric encryption algorithm and key of the same value can the ciphertext be decrypted to obtain the original plaintext.

For example, taking the symmetric encryption algorithm using AES as an example, the encryption method can be expressed as: s=AES_ENCRYPT(m,k), where m is the plaintext, and the plaintext is the first verification information, or the information including the first verification information , k is the encryption key, that is, the first authentication key, AES_ENCRYPT is the encryption algorithm, and s is the encryption result, that is, the first encryption value.

The above-mentioned information including the first verification information means that the generated information also includes the first verification information and other information, for example, the information generated after combining and splicing the first verification information and other information, for the other information. Information, unless otherwise specified, is not limited in this embodiment.

Step 210. The user terminal sends a security authentication request to the bootstrap service server BSF, where the security authentication request includes the first encrypted value.

The user terminal sends a security authentication request to the guidance service server BSF, where the security authentication request includes the first encrypted value, so that the guidance service server BSF implements security authentication for the user terminal by verifying the first encrypted value.

Correspondingly, the guiding service server BSF receives the security authentication request sent by the user terminal, and acquires the first encrypted value included in the security authentication request.

It can be understood that this step can also be combined with the above-mentioned step 203 or/and step 207 into one step, that is, the user terminal can combine the first encrypted value with the B-TID and the information for generating the first authentication key, or/and The information of generating the first verification information is simultaneously sent to the guiding service server BSF in a sending request, and accordingly, the steps of guiding the service server BSF to generate the second authentication key and generating the second verification information are also implemented after the merging step. .

Step 211. Guide the service server BSF to verify the first encrypted value based on the second authentication key and the second verification information.

Corresponding to the various implementations that can be included in the generation of the first encrypted value in the user terminal, the guiding service server BSF needs to use the corresponding implementation to verify the first encrypted value based on the second authentication key and the second verification information. ,include:

The first implementation manner, corresponding to the implementation manner in which the user terminal uses a signature encryption algorithm to generate the first encrypted value, guides the service server BSF to use the same signature encryption algorithm as the user terminal, based on the second authentication key and the second The verification information verifies the first encrypted value. Specifically, it can include:

Step 211a. Instruct the service server BSF to use the same signature encryption algorithm as that of the user terminal to sign and encrypt the second verification information based on the second authentication key to generate a second encrypted value.

The bootstrap service server BSF uses the same signature encryption algorithm as the user terminal to sign and encrypt the second verification information based on the second authentication key to generate a signature value, where the signature value is the second encryption value.

For example, taking the same hash message authentication code used in the user terminal in step 209 as an example for the signature encryption algorithm, the signature method can be expressed as: Signature=HMAC_SHA256(k,m), where m is the information to be signed, that is, the second verification information, k is the signature key, that is, the second authentication key, HMAC_SHA256 is the same hash message authentication code as the user terminal, and Signature is the signature value, that is, the second encrypted value.

For another example, taking the same hash function encrypted with a key as that used in the user terminal in step 209 for the signature algorithm as an example, the signature method can be expressed as: Signature=SHA256(k||m), where m is the information to be signed, that is, the first Second verification information, k is the signature key, that is, the second authentication key, SHA256 is the same hash function as the user terminal, and Signature is the signature value, that is, the second encrypted value.

So far, since the bootstrap service server BSF uses the same signature algorithm as the user terminal, the second verification information and the first verification information are information to be signed with the same value, and the second authentication key and the first authentication key have the same value. signature key, the generated second encrypted value is the same as the first encrypted value.

Step 211b. Guide the service server BSF to compare whether the second encrypted value is consistent with the first encrypted value; if they are consistent, determine to verify that the first encrypted value is valid.

The bootstrap service server BSF compares whether the second encrypted value is consistent with the first encrypted value, and performs corresponding operations according to the comparison result, including:

If the comparison results are consistent, it is determined to verify that the first encrypted value is valid.

If the comparison result is inconsistent, it is determined that the verification of the first encrypted value is invalid.

In the second embodiment, corresponding to the user terminal using the symmetric encryption algorithm to generate the first encryption value, the service server BSF is guided to use the same symmetric encryption algorithm as the user terminal, and verify based on the second authentication key and the second verification information. the second encrypted value. Specifically, it can include:

Step 211i. Instruct the service server BSF to use the same symmetric encryption algorithm as that of the user terminal, decrypt the first encrypted value based on the second authentication key to obtain plaintext, and obtain the first verification information from the plaintext.

The bootstrap service server BSF uses the same symmetric encryption algorithm as the user terminal to decrypt the first encrypted value based on the second authentication key, so as to obtain the decrypted plaintext.

For example, taking the same AES as the symmetric encryption algorithm used in the user terminal in step 209 as an example, the decryption method can be expressed as: m=AES_DENCRYPT(s,k), where m is the result value after decryption, that is, the decrypted plaintext, k is the decryption key, that is, the second authentication key, AES_DENCRYPT is the decryption algorithm, and s is the ciphertext, that is, the first encrypted value.

Since the plaintext is the first verification information or information including the first verification information, the decrypted first verification information can be obtained from the plaintext.

Step 211i i. The guiding service server BSF compares whether the second verification information is consistent with the first verification information; if they are consistent, it is determined that the verification of the first encrypted value is valid.

The guidance service server BSF compares whether the second verification information is consistent with the decrypted first verification information, and performs corresponding operations according to the comparison result, including:

If the comparison results are consistent, it is determined to verify that the first encrypted value is valid.

If the comparison result is inconsistent, it is determined that the verification of the first encrypted value is invalid.

Step 212 . Guide the service server BSF to determine whether the security authentication is successful according to the verification result of the first encrypted value and perform corresponding operations.

The bootstrap service server BSF determines whether the security authentication is successful according to the verification result of the first encrypted value, and performs corresponding operations, including:

If it is determined that the verification of the first encrypted value is valid, it is determined that the security authentication is successful.

If it is determined that the verification of the first encrypted value is invalid, it is determined that the security authentication fails.

After determining that the security authentication is successful, the bootstrap service server BSF can provide registration information and services to the user terminal, maintain a session state with the user terminal to receive information transmitted by the user terminal, or generate an authentication token for the user terminal. Correspondingly, the user terminal receives the registration information and services provided by the guidance service server BSF, or transmits information to the guidance service server BSF through the session state maintained with the guidance service server BSF or the received authentication token.

After determining that the security authentication fails, the guiding service server BSF sends a registration failure response message to the user terminal. Correspondingly, the user terminal receives the registration failure response message sent by the bootstrap service server BSF.

To sum up, the method provided in this embodiment is mainly based on the B-TID and the first master key Ks in the user terminal, and the same B-TID and the corresponding second master key stored in the bootstrap service server BSF. The key Ks guides the service server BSF to perform security authentication on the user terminal by using the same encryption algorithm as the user terminal. After determining that the security authentication is successful, it can securely provide the user terminal and the third-party application client running on the user terminal. registration information and services.

V. Embodiment 2 of the GBA-based client registration and key sharing method

Please refer to FIG. 3 , which shows a flowchart of Embodiment 2 of the GBA-based client registration and key sharing method provided by the present invention, and the method can be used in the implementation environment shown in FIG. 1 . As a more preferred embodiment provided by Embodiment 1 of the GBA-based client registration and key sharing method, this embodiment further provides registration information for the third-party application client running in the user terminal, and the registration information includes the first Three-party user ID and user key.

In order for the guidance service server BSF to provide corresponding registration information and services for the third-party application client running in the user terminal, the user terminal needs to transmit the NAF_Id corresponding to the third-party application client to the guidance service server BSF.

Specifically, transmitting the NAF_Id by the user terminal to the guidance service server BSF may include various implementations, for example, may include:

In the first implementation manner, during the security authentication process of the user terminal to the guidance service server BSF, the user terminal transmits the NAF_Id to the guidance service server BSF.

The user terminal transmits the NAF_Id to the steering service server BSF, and can send the NAF_Id to the steering service server BSF in a single sending request, or can send the NAF_Id to the steering service server BSF in other sending requests. For example, taking the first embodiment of the above GBA-based client registration and key sharing method as an example, it can be incorporated in the security authentication request in the above step 210, or in the above step 203 or/and step 207. The user terminal sends the B- In the step of TID and the information of generating the first authentication key, or/and sending the information of generating the first authentication information, so that the guidance service server BSF receives the information of generating the first authentication key or generating the first authentication information when receiving the information of generating the first authentication key or generating the first authentication information , receive and obtain the NAF_Id at the same time.

In the second embodiment, after the security authentication of the user terminal to the guidance service server BSF is successful, and before the guidance service server BSF provides registration information and services to the user terminal, the user terminal passes the session state or session state maintained with the guidance service server BSF. The authentication token passes the NAF_Id to the Bootstrap Service Server BSF.

For example, taking the first embodiment of the above-mentioned GBA-based client registration and key sharing method as an example, after the user terminal and the bootstrap service server BSF successfully perform security authentication, a session state or an authentication token is maintained between the user terminal and the bootstrap service server BSF. , the user terminal transmits the third-party application identifier to the guidance service server BSF through the session state or the authentication token.

After the user terminal transmits the NAF_Id to the bootstrap service server BSF, and the bootstrap service server BSF determines that the security authentication is successful, the bootstrap service server BSF may provide the third-party application client running in the user terminal with the third-party user ID and user key. Registration information, that is, the following steps in this embodiment are applied after the first embodiment of the GBA-based client registration and key sharing method. Specifically, it can include:

Step 301. Guide the service server BSF to obtain the corresponding third-party user identifier according to the B-TID and NAF_Id.

The guidance service server BSF obtains the corresponding third-party user identifier according to the B-TID and NAF_Id, which may specifically include:

Step 301a. Guide the service server BSF to obtain the corresponding IMPI according to the B-TID.

After the GBA initialization process is successfully performed, the corresponding relationship between the B-TID and the IMPI is stored on the bootstrap service server BSF, that is, the corresponding IMPI can be searched and acquired according to the B-TID.

The guidance service server BSF searches and obtains the corresponding IMPI in the corresponding relationship according to the B-TID.

Step 301b. Guide the service server BSF to search for the corresponding third-party user identifier according to the IMPI and the NAF_Id.

The account correspondence between the IMPI and NAF_Id and the third-party user identifier is stored on the guidance service server BSF, that is, the corresponding third-party user identifier can be found in the account correspondence according to the IMPI and NAF_Id.

The guidance service server BSF searches for the corresponding third-party user identifier in the account correspondence according to the IMPI and the NAF_Id.

If the corresponding third-party user ID is found, it means that the guiding service server BSF has created a third-party user ID for the NAF_Id for the IMPI, then the guiding service server BSF obtains the corresponding third-party user ID, and then executes the following steps 302 or step 303.

If the corresponding third-party user ID is not found, it means that the bootstrap service server BSF has not created a third-party user ID for the NAF_Id for the IMPI, and the following step 301c is executed.

Step 301c. Instruct the service server BSF to create a unique third-party user identifier.

Guiding the service server BSF to create a new user identity, the new user identity is the unique identity among all the third-party user identities on the guidance service server BSF, or can be all the corresponding NAF_Ids in the account corresponding relationship described in step 301a. The unique ID among the three-party user IDs, and then the new user ID is used as the third-party user ID.

Step 301d. Guide the service server BSF to establish and store the correspondence between the IMPI and the NAF_Id and the third-party user identifier.

The guidance service server BSF adds the corresponding relationship between the IMPI and the NAF_Id and the third-party user identifier in the account corresponding relationship described in step 301a, that is, according to the IMPI and the NAF_Id in the account corresponding relationship, it will be able to find and obtain the This third-party user ID.

In step 301b, step 301c and step 301d, the guidance service server BSF may pre-establish an application user relationship table for the NAF_Id, and the application user relationship table stores a one-to-one correspondence between IMPI and third-party user IDs. Guide the service server BSF to look up the third-party user ID in the application user relationship table according to the IMPI, and if no third-party user ID is found, create a unique third-party user ID, and add the third-party user ID to the application user relationship table. There is a one-to-one correspondence between the IMPI and the third-party user ID. If the third-party user ID is found, the third-party user ID is obtained.

In step 301b, step 301c and step 301d, the guidance service server BSF may pre-establish a mobile user relationship table for the IMPI, and the mobile user relationship table stores a one-to-one correspondence between NAF_Id and third-party user ID. Guide the service server BSF to look up the third-party user ID in the mobile user relationship table according to the NAF_Id, and if no third-party user ID is found, create a unique third-party user ID, and add the third-party user ID to the mobile user relationship table. There is a one-to-one correspondence between NAF_Id and the third-party user ID. If the third-party user ID is found, the third-party user ID is obtained.

Step 302. Optionally, guide the service server BSF to generate a second user key corresponding to the third-party user identifier based on the second master key Ks.

Generating the second user key may specifically include the following steps:

Step 302a. Guide the service server BSF to generate a second user key based on the second master key Ks.

The bootstrap service server BSF generates a second user key based on the second master key Ks.

Further, the guidance service server BSF is based on including the second master key Ks and the third fixed character string (2) or/and the third random character string or/and the third time stamp or/and the B-TID or/and The NAF_Id or/and the information of the third-party user identification generates a second user key; wherein, the third fixed character string (2) is preconfigured and is the same as the third fixed character string (1) preconfigured on the user terminal The string with the same value of , the third random string is a locally randomly generated string, and the third timestamp is generated by acquiring the current system time of the bootstrap service server BSF. Specifically, taking the key derivation algorithm formula as an example, it can be expressed as: DK=PBKDF2(passphrase, Salt, c, dkLen), where: DK is the generated second user key, PBKDF2 is the key derivation algorithm, and passphrase is The second master key Ks and the third fixed string or/and the third random string or/and the third timestamp or/and the B-TID or/and the NAF_Id or/and the third-party user ID are combined String; Salt is the salt value, which is a fixed string in this example; c is the number of iterations; dkLen is the key output length, and a key length that meets the requirements can be generated as needed.

Step 302b. Guide the service server BSF to establish a correspondence between the third-party user identifier and the second user key.

The guiding service server BSF establishes a corresponding relationship between the third-party user identifier and the second user key, so that the corresponding second user key can be obtained in the corresponding relationship according to the third-party user identifier.

If the third-party user identifier is a unique identifier among all the third-party user identifiers on the bootstrap service server BSF, a corresponding relationship between the third-party user identifier and the second user key is established.

If the third-party user identifier is the unique identifier among all the third-party user identifiers corresponding to the NAF_Id, a corresponding relationship between the third-party user identifier and the NAF_Id and the second user key is established.

For example, the bootstrap service server BSF pre-establishes an account-key relationship table for the NAF_Id, and the account-key relationship table stores a one-to-one correspondence between the third-party user ID and the second user key. Guide the service server BSF to search for the second user key in the account key relationship table according to the third party user identifier, and if the second user key is not found, then add the third party user in the account key relationship table The one-to-one correspondence between the identifier and the second user key, if the second user key is found, the third-party user identifier is replaced with the second user key newly generated in this step in the account key relationship table Existing user key.

Taking combining step 301 as an example, if the application user relationship table for the NAF_Id is pre-established on the guidance service server BSF, or if the mobile user relationship table for the IMPI is pre-established on the guidance service server BSF, it can also be used in this The user relationship table or the mobile user relationship table is used to establish and update the one-to-one correspondence between the third-party user identifier and the second user key, which will not be repeated here.

It should be noted that, the above step 302 may also be executed after the following step 303, which is not limited in the present invention.

So far, the guiding service server BSF has established the corresponding relationship between the third-party user identifier and the second user key, and the guiding service server BSF can store the corresponding relationship locally, or send the corresponding relationship to the third-party authentication server synchronously, or send the corresponding relationship to the third-party authentication server. The corresponding relationship is synchronously sent to the third-party application server corresponding to the NAF_Id, so that the third-party application server can implement operations such as identity authentication and data encryption for the third-party application client based on the corresponding relationship.

Step 303. Instruct the service server BSF to transfer the third-party user identifier to the user terminal.

The guiding service server BSF transmits the third-party user identifier to the user terminal. For example, the registration success response message sent by the guiding service server BSF to the user terminal includes the third-party user identifier.

Corresponding to step 302a, if the generated second user key further includes a third random string or/and a third timestamp, then the third random string or/and the third timestamp is also delivered to the user terminal.

Step 304. The user terminal receives the third-party user identity transmitted by the bootstrap service server BSF.

The user terminal receives the third-party user identifier transmitted by the bootstrap service server BSF, for example, receives a registration success response message sent by the bootstrap service server BSF, and obtains the third-party user ID in the registration success response message.

For another example, the above steps 303 and 304 may also be that after the user terminal successfully performs security authentication with the guidance service server BSF, the user terminal maintains a session state or an authentication token, and the user terminal sends the obtained information to the guidance service server BSF through the session state or the authentication token. The request for the third-party user identification guides the service server BSF to feed back the third-party user identification, and the user terminal receives and obtains the third-party user identification.

After the user terminal receives the third-party user identification, it transfers the third-party user identification to the third-party application client. If the above step 302 is implemented, the following step 305 is performed to generate a first user key, and the generated first user key is sent to the corresponding third-party application client at the same time.

Step 305. Optionally, the user terminal generates the first user key based on the first master key Ks using the same user key generation method as the bootstrap service server BSF.

Corresponding to the above step 302, the user terminal generates the first user key based on the first master key Ks using the same user key generation method as the bootstrap service server BSF.

Correspondingly, if in step 302, the service server BSF is guided to include the second master key Ks and the third fixed character string (2) or/and the third random character string or/and the third time stamp or/and the B -TID or/and NAF_Id or/and the information of the third-party user identification to generate a second user key, then the user terminal is based on the information including the first master key Ks and the third fixed string (1) or/and the third random String or/and the third time stamp or/and the B-TID or/and NAF_Id or/and the information of the third-party user identification to generate the first user key; wherein, the third fixed string (1) is a A string that is configured and has the same value as the third fixed string (2) pre-configured on the bootstrap service server BSF, where the third random string or/and the third time stamp are transmitted by the bootstrap service server BSF. Specifically, taking the use of the same key derivation algorithm as that used to guide the service server BSF in step 502 as an example, the key derivation algorithm formula can be expressed as DK=PBKDF2(passphrase, Salt, c, dkLen), where: DK is the generated first User key; PBKDF2 is the same key derivation algorithm as the bootstrap service server BSF; passphrase is the first master key Ks and the third fixed string (1) or/and the third random string or/and the third time Stamp or/and the B-TID or/and NAF_Id or/and the third-party user ID combined and spliced string, and the combined splicing method is consistent with the guide service server BSF; Salt is the salt value, which is the same as the guide service server BSF The fixed string of ; c is the same number of iterations as the bootstrap service server BSF; dkLen is the same key output length as the bootstrap service server BSF.

So far, since the value of the first master key Ks generated on the user terminal and the second master key Ks generated on the bootstrap service server BSF is the same, and since the first user key and the second user key are the same The user key is generated based on the master key with the same value. Therefore, the values of the first user key and the second user key are also the same.

The user terminal transmits the third-party user identifier and the first user key to the third-party application client corresponding to the NAF_Id, and the third-party application client can send the corresponding data to the corresponding third-party user identifier and the first user key according to the third-party user identifier and the first user key. The third-party application server performs operations such as identity authentication and data encryption; and since the third-party application server is connected to the guidance service server BSF through the network, the third-party application server can communicate with the second user based on the third-party user identifier established by the guidance service server BSF. The correspondence between the keys realizes operations such as identity authentication and data encryption for third-party application clients.

As shown in the above process, on the basis of Embodiment 1 of the GBA-based client registration and key sharing method, in this embodiment, the user terminal and the guidance service server BSF are further generated for the third-party application client running in the user terminal. The third-party user ID and user key not only have the effects of the first embodiment, but also include at least the following effects: in the first aspect, the third-party user ID and the corresponding user key are automatically obtained for the third-party application client, reducing the number of In the second aspect, the third-party application client running in the user terminal can send the corresponding third-party application server to the corresponding third-party application server according to the obtained third-party user ID and the generated user key. Realize fast and safe identity authentication, data encryption and other operations; in the third aspect, since the guidance service server BSF only generates the third-party user ID and user key for the third-party application client after determining that the user terminal has been successfully authenticated, Instead of generating the application key in response to the B-TID submitted by the third-party application server, it effectively solves the first defect in the background technology, that is, the third-party application server in the second process of the GBA architecture application key negotiation process counterfeit malicious request consumption The problem of guiding the computing and storage resources of the business server BSF and other third-party application servers.

VI. Embodiment 3 of the GBA-based Client Registration and Key Sharing Method

Please refer to FIG. 4 , which shows a flowchart of Embodiment 3 of the GBA-based client registration and key sharing method provided by the present invention, and the method can be used in the implementation environment shown in FIG. 1 . As a more preferred embodiment provided by Embodiment 1 of the GBA-based client registration and key sharing method, this embodiment further provides registration information for the third-party application client running in the user terminal, where the registration information includes application key.

In order for the guidance service server BSF to provide corresponding registration information and services for the third-party application client running in the user terminal, the user terminal needs to transmit the NAF_Id corresponding to the third-party application client to the guidance service server BSF. For specific embodiments, reference may be made to the second embodiment of the above-mentioned GBA-based client registration and key sharing method, which will not be repeated here.

After the user terminal transmits the NAF_Id to the bootstrap service server BSF, and the bootstrap service server BSF determines that the security authentication is successful, the bootstrap service server BSF can provide the third-party application client running in the user terminal with registration information including the application key, that is, the local The following steps of the embodiment are applied after the first embodiment of the GBA-based client registration and key sharing method. Specifically, it can include:

Step 401. Guide the service server BSF to generate a second application key based on the second master key Ks.

Guide the service server BSF to use a key derivation algorithm to generate a second application key based on the second master key Ks, and further guide the service server BSF to use a key derivation algorithm based on the second master key Ks and/or the salt value, and/or RAND, and/or IMPI, and/or NAF_Id to generate a second application key.

The key derivation algorithm formula can be expressed as: Key=KDF(Ks, Salt, RAND, IMPI, NAF_Id). Among them, Key is the second application key; Ks is the second master key Ks; Salt is the salt value, which can be a fixed string or a random value. When it is a random value, then The bootstrap service server BSF shall pass this value to the user terminal; RAND is the RAND corresponding to the B-TID; IMPI is the IMPI corresponding to the B-TID; NAF_Id is the NAF_Id obtained from the client registration request; KDF is the key derivation algorithm. Ks is a required parameter, and Salt, RAND, IMPI, and NAF_Id are optional parameters.

Taking the key derivation algorithm formula Key=KDF(Ks,"gba-me",RAND,IMPI,NAF_Id) as an example, the second application key generation steps are as follows:

Step 401a. Guide the service server BSF to obtain the corresponding IMPI according to the B-TID.

After the GBA initialization process is successfully performed, the corresponding relationship between the B-TID and the IMPI is stored on the bootstrap service server BSF, that is, the corresponding IMPI can be searched and acquired according to the B-TID.

The guidance service server BSF searches and obtains the corresponding IMPI in the corresponding relationship according to the B-TID.

Step 401b. Guide the service server BSF to obtain the RAND according to the B-TID.

After the GBA initialization process, the corresponding relationship between the B-TID and the RAND is stored on the bootstrap service server BSF, that is, the corresponding RAND can be searched and acquired according to the B-TID.

The guidance service server BSF searches and obtains the corresponding RAND in the corresponding relationship according to the B-TID.

In addition, since the generation format of the B-TID is "base64encode(RAND)@BSF_servers_domain_name", the corresponding RAND can also be obtained from the B-TID.

Step 401c. Guide the service server BSF to generate a second application key based on the second master key Ks and "gba-me", the RAND, the IMPI and the NAF_Id.

The bootstrap service server BSF generates a second application key based on the second master key Ks and "gba-me", the RAND, the IMPI and the NAF_Id, and the calculation formula is:

Key=KDF(Ks,"gba-me",RAND,IMPI,NAF_Id)

Step 402. Guide the service server BSF to establish the corresponding relationship between the B-TID and the NAF_Id and the second application key.

The bootstrap service server BSF establishes a correspondence between the B-TID and the NAF_Id and the second application key, so that the second application key can be found according to the B-TID and the NAF_Id.

For example, the bootstrap service server BSF pre-establishes an account-key relationship table for the NAF_Id, and the account-key relationship table stores a one-to-one correspondence between the B-TID and the second application key. Guide the service server BSF to search for the second application key in the account key relationship table according to the B-TID, if the second application key is not found, then add the B-TID and the account key relationship table in the account key relationship table. The one-to-one correspondence of the second application key, if the second application key is found, the new second application key generated this time is used in the account key relationship table to replace the existing B-TID The second application key.

It should be noted that, the above steps 401 and 402 may also be executed after the following step 403, which is not limited in the present invention.

Step 403. The guiding service server BSF sends a registration response message to the user terminal, where the registration response message is a registration success response message.

Corresponding to step 401, if the parameter for generating the second application key also includes the Salt value, the registration success response message is sent to the user terminal, including the Salt value.

Step 404. The user terminal receives the registration response message sent by the bootstrap service server BSF and performs corresponding operations.

The user terminal receives a registration response message sent by the bootstrap service server BSF, where the registration response message is a registration success response message.

The user terminal performs corresponding operations according to the client registration response message, including:

If the registration response message is a registration success response message, the following step 405 is performed.

Otherwise, the following steps are not performed.

Step 405. The user terminal uses the same application key generation method as the bootstrap service server BSF, and generates a first application key based on the first master key Ks.

The user terminal generates the first application key based on the first master key Ks using the same application key generation method as the bootstrap service server BSF.

Take the key derivation algorithm formula used by the guiding service server BSF in step 401 as an example: Key=KDF(Ks, Salt, RAND, IMPI, NAF_Id). Among them: Key is the first application key; Ks is the first master key Ks; Salt is the same salt value as the bootstrap service server BSF, if the salt value of the bootstrap service server BSF is a fixed string, then Salt is a The same fixed string, if the salt value of the bootstrap service server BSF is a random value, the user terminal receives the salt value transmitted by the bootstrap service server BSF; RAND is the RAND generated during the GBA initialization process; IMPI is the IMPI of the user terminal ; NAF_Id is the NAF_Id corresponding to the third-party application client; KDF is the same key derivation algorithm as the bootstrap service server BSF. Ks is a mandatory parameter, Salt, RAND, IMPI, and NAF_Id are optional parameters, and the selected optional parameters are consistent with the bootstrap service server BSF.

Correspondingly, taking the key derivation algorithm formula Key=KDF(Ks, "gba-me", RAND, IMPI, NAF_Id) used by the guiding service server BSF in step 401 as an example, the first application key generation step is as follows:

Step 405a. The user terminal obtains the IMPI of the user terminal.

The user terminal acquires the IMPI of the user terminal, which is the same IMPI as the IMPI acquired in the GBA initialization process. For example, the IMPI is obtained from an IP Multimedia Services Identity Module (ISIM, IP Multimedia Services Identity Module) using a method consistent with the GBA initialization process.

Step 405b. The user terminal obtains the RAND.

After the GBA initialization process, the B-TID and the corresponding RAND are stored on the user terminal, and the user terminal obtains the RAND.

In addition, since the generation format of the B-TID is "base64encode(RAND)@BSF_servers_domain_name", the corresponding RAND can also be obtained from the B-TID.

Step 405c. The user terminal generates a first application key based on the first master key Ks and "gba-me", the RAND, the IMPI and the NAF_Id.

The user terminal generates a second application key based on the first master key Ks and "gba-me", the RAND, the IMPI and the NAF_Id, and the calculation formula is:

Key=KDF(Ks,"gba-me",RAND,IMPI,NAF_Id)

So far, after the GBA initialization process is successfully performed, the B-TID and the corresponding RAND, Ks (ie the first master key Ks) stored on the user terminal and the RAND corresponding to the B-TID stored on the boot service server BSF , Ks (that is, the second master key Ks) are the same, and the IMPI obtained on the user terminal and the IMPI corresponding to the B-TID stored on the guidance service server BSF are the same, and because the user terminal and the guidance service server BSF If the same application key generation method, the same NAF_Id, and the same salt value are used, the values of the generated first application key and the second application key are the same. The user terminal transmits the B-TID and the first application key to the third-party application client corresponding to the NAF_Id, and the third-party application client can implement a shortcut to the third-party application server based on the B-TID and the first application key , safe identity authentication, data encryption and other operations; and because the third-party application server is connected with the guidance service server BSF through the network, the third-party application server can be based on the B-TID and NAF_Id established by the guidance service server BSF. The corresponding relationship of the key, so as to realize the identity authentication and data encryption of the third-party application client.

As shown in the above process, on the basis of Embodiment 1 of the GBA-based client registration and key sharing method, in this embodiment, the user terminal and the guidance service server BSF are further generated for the third-party application client running in the user terminal. The application key not only has the effects of the first embodiment, but also has the following effects: first, since the bootstrap service server BSF generates an application for the third-party application client after determining that the security authentication of the user terminal is successful Instead of generating the application key in response to the B-TID submitted by the third-party application server, it effectively solves the defect one in the background technology, that is, the third-party application server counterfeiting in the second process of the GBA architecture application key negotiation process Malicious requests consume the computing and storage resources of the bootstrap service server BSF and other third-party application servers; secondly, even after the same GBA initialization process is performed for the same third-party application client to provide the application key multiple times, If Salt uses a random value, the generated application key will also be different, thereby improving security; thirdly, the application key can be automatically obtained for the third-party application client, and the application key can be used for third-party applications. The operation of identity authentication and data encryption of the application client to the corresponding third-party application server reduces the input operation of the end user and improves the user experience.

7. Embodiment 4 of the GBA-based client registration and key sharing method

Please refer to FIG. 5 , which shows a flowchart of Embodiment 4 of the GBA-based client registration and key sharing method provided by the present invention, and the method can be used in the implementation environment shown in FIG. 1 . As a more preferred embodiment provided by Embodiment 1 of the GBA-based client registration and key sharing method, this embodiment further provides registration information for the third-party application client running in the user terminal, and the registration information includes: The third-party application client running in the user terminal generates the user token.

In order for the guidance service server BSF to provide corresponding registration information and services for the third-party application client running in the user terminal, the user terminal needs to transmit the NAF_Id corresponding to the third-party application client to the guidance service server BSF. For specific embodiments, reference may be made to the second embodiment of the above-mentioned GBA-based client registration and key sharing method, which will not be repeated here.

After the user terminal transmits the NAF_Id to the bootstrap service server BSF, and the bootstrap service server BSF determines that the security authentication is successful, the bootstrap service server BSF can provide the third-party application client running in the user terminal with registration information including the user token, that is, this The following steps of the embodiment are applied after the first embodiment of the GBA-based client registration and key sharing method. Specifically, it can include:

Step 501. Guide the service server BSF to generate a user token.

The business server BSF is guided to generate a user token that is unique and of sufficient length and randomness to be difficult to crack by guessing.

Step 502. Direct the service server BSF to associate the user token with the NAF_Id or/and the IMPI corresponding to the B-TID.

The guidance service server BSF establishes the association relationship between the user token and the NAF_Id, and the guidance service server BSF may store the association relationship locally, or send the association relationship to a third-party authentication server synchronously, or synchronously send the association relationship to the NAF_Id The corresponding third-party application server. Then, based on the association relationship, if the third-party application client running on the user terminal has the same user token, the third-party application server will be able to authenticate the third-party application client according to the association relationship, for example, to authenticate the user For example, the token is sent to the third-party application server corresponding to the NAF_Id synchronously. The third-party application server receives the authentication request including the user token sent by the third-party application client, and checks whether the user token exists in the association relationship. If so, the authentication is successful, so it can be determined that the sender of the authentication request is the third-party application client corresponding to the third-party application server; for another example, taking the synchronous sending of the association relationship to the third-party authentication server as an example, the third After receiving the authentication request including the user token sent by the third-party application client, the third-party application server forwards the authentication request to the third-party authentication server, and the third-party authentication server verifies the authentication request according to the association relationship, thereby Determine if authentication was successful.

Further, in order to provide the same user with continuous application services, an association relationship between the user token and the IMPI corresponding to the B-TID should also be established, so that the IMPI corresponding to the B-TID can be found according to the user token. , so as to provide continuous service for the same user. For example, taking the association relationship synchronously sent to the third-party application server corresponding to the NAF_Id as an example, the third-party application server receives the authentication request including the user token, and searches for the corresponding IMPI in the association relationship according to the user token, If found, a continuous application service can be provided to the user associated with the IMPI. For the implementation manner of acquiring the IMPI corresponding to the B-TID, reference may be made to the implementation manner in the foregoing step 401a, which will not be repeated here.

Further, in order not to leak the IMPI on the third-party application server, a unique user ID corresponding to the IMPI can also be created in advance, and then the association relationship between the user token and the NAF_Id and the unique user ID can be established. According to the IMPI The unique user identifier is obtained in the association relationship, thereby avoiding leakage of the user's IMPI to a third-party application server.

It should be noted that a clean-up mechanism should also be provided, and the corresponding association relationship should be cleaned up in time for the expired user token, for example, after the user token is verified once, the corresponding association relationship of the user token should be deleted, or the user token should be set. Set a validity period, and delete the corresponding association relationship of the user token that has passed the validity period in time according to the validity period. The specific cleaning mechanism is not described here.

Step 503. The guiding service server BSF sends a registration response message to the user terminal, where the registration response message is a registration success response message and includes the user token.

Step 504. The user terminal receives the registration response message sent by the bootstrap service server BSF and performs corresponding operations.

The user terminal receives a registration response message sent by the bootstrap service server BSF, where the registration response message is a registration success response message.

The user terminal performs corresponding operations according to the registration response message, including:

If the registration response message is a registration success response message, the user token in the registration success response message is obtained, and the user token is passed to the third-party application client corresponding to the NAF_Id, and the third-party application client is based on the user token. card, will be able to achieve authentication and authentication to the third-party application server.

Otherwise, the process ends.

In the process of the above embodiment, a user token is generated for the third-party application client running in the user terminal. The effects include: firstly, the user token is automatically obtained for the third-party application client, which reduces the input operation of the end user and improves the user experience; secondly, the user token can be used for the third-party application client. The third-party application client authenticates the corresponding third-party application server, thereby improving the user experience; thirdly, when used for authentication and authentication, the user token does not need to perform encryption calculations and other operations, so it is more convenient to use. Applicable to some lightweight application clients (such as HTML5 and JavaScript-based client programs); in the fourth aspect, since the bootstrap service server BSF determines that the security authentication of the user terminal is successful, it generates a third-party application client Instead of generating the application key in response to the B-TID submitted by the third-party application server, the user token is used to effectively solve the first defect in the background art.

8. Embodiment 5 of the method for client registration and key sharing based on GBA

Please refer to FIG. 6 , which shows a flowchart of Embodiment 5 of the GBA-based client registration and key sharing method provided by the present invention, and the method can be used in the implementation environment shown in FIG. 1 . As a more preferred embodiment provided by Embodiment 2 of the GBA-based client registration and key sharing method, this embodiment further implements the authorization confirmation process of the terminal user.

The following steps of the method are based on the second embodiment of the GBA-based client registration and key sharing method, and are applied after the user terminal transmits the NAF_Id to the bootstrap service server BSF, and the bootstrap service server BSF determines that the security authentication is successful, and Before the process of guiding the service server BSF to provide the registration information including the third-party user ID and the user key for the third-party application client running in the user terminal (that is, before step 301), it specifically includes the following steps:

Step a. Guide the service server BSF to send an application authorization request message to the user terminal.

The application authorization request message may include:

Or/and the name of the third-party application, which is the name used to identify the third-party application client and the third-party application server, and the corresponding relationship between the NAF_Id and the name of the third-party application is pre-stored on the guidance service server BSF, and the guidance service server BSF Find and obtain the corresponding third-party application name in the corresponding relationship according to the NAF_Id.

Or/and the mobile user name, this name is the name used to identify the mobile user, the corresponding relationship between IMPI and the mobile user name is pre-stored on the guiding service server BSF, and the guiding service server BSF searches and obtains in this corresponding relationship according to the IMPI The corresponding mobile user name. The IMPI is obtained by the guidance service server BSF according to the B-TID: after the GBA initialization process, the corresponding relationship between the B-TID and the IMPI is stored on the guidance service server BSF, that is, the corresponding IMPI can be searched and obtained according to the B-TID, and the guidance service The server BSF searches and obtains the corresponding IMPI in the corresponding relationship according to the B-TID.

Correspondingly, the user terminal receives the application authorization request message sent by the bootstrap service server BSF.

Step b. The user terminal displays an application authorization verification interface.

After receiving the application authorization request message sent by the guidance service server BSF, the user terminal invokes and displays the application authorization verification interface to ask the terminal user whether to authorize the third-party application.

On the displayed application authorization verification interface, the third-party application name or/and mobile user name included in the application authorization request message can be displayed, specifically:

The name of the third-party application, the names of the third-party application client and the third-party application server to be authorized;

Mobile user name, the name of the mobile user to be authorized.

After the application authorization verification interface is displayed, the end user can input authorization information indicating confirmation of authorization or cancellation of authorization.

Optionally, on the displayed application authorization verification interface, a security verification code input box may also be included to ask the terminal user to input the security verification code. The security verification code is used to further verify the authorization of the terminal user. Accordingly, the corresponding relationship between the B-TID and the security verification code is pre-stored on the guidance service server BSF.

Step c. The user terminal receives the authorization information input by the terminal user in the application authorization verification interface.

According to the displayed application authorization verification interface, the user inputs (including triggering) authorization information indicating confirmation of authorization or cancellation of authorization in the interface. Correspondingly, the user terminal receives the authorization information input by the user in the application authorization verification interface.

Step d. The user terminal sends an application authorization response message to the guidance service server BSF, where the application authorization response message is an application authorization confirmation message or an application authorization cancellation message.

The user terminal performs corresponding operations according to the authorization information input by the terminal user, including:

If the authorization information is the authorization information indicating the authorization confirmation, the application authorization response message sent by the user terminal to the bootstrap service server BSF is the application authorization confirmation message.

Optionally, if the displayed application authorization verification interface also includes a security verification code input box, and the authorization message input by the terminal user received by the user terminal includes the security verification code, then the user terminal authorizes the application sent by the guiding service server BSF. The confirmation message also includes the security verification code.

If the authorization information is authorization information indicating cancellation of authorization, the application authorization response message sent by the user terminal to the guidance service server BSF is an application authorization cancellation message.

Step e. Guide the service server BSF to receive the application authorization response message sent by the user terminal and perform corresponding operations.

The bootstrap service server BSF receives an application authorization response message sent by the user terminal, where the application authorization response message is an application authorization response message indicating confirmation of authorization or cancellation of authorization.

Guide the service server BSF to perform corresponding operations according to the application authorization response message, including:

If the application authorization response message is an application authorization confirmation message, continue to perform the subsequent steps, that is, continue to perform the process of instructing the service server BSF to provide the user terminal with the registration information and services provided for the third-party application client.

Optionally, the corresponding relationship between the B-TID and the security verification code is pre-stored on the guiding service server BSF, and if the application authorization confirmation message received by the guiding service server BSF includes the security verification code, then the guiding service server BSF is based on the B-TID. TID searches and obtains the corresponding security verification code in the corresponding relationship, and compares whether the two security verification codes are consistent: if they are consistent, continue to perform the next steps; if they are inconsistent, end the process and do not perform the subsequent steps.

If the application authorization response message is an application authorization cancellation message, the process ends, and subsequent steps are not performed.

The method provided in this embodiment, on the basis of the first embodiment of the GBA-based client registration and key sharing method, adds a process of allowing the terminal user to verify authorization. By adding this process, it is possible to further confirm the authenticity of the client registration information. The authorization of the terminal user is provided to avoid authorization of unnecessary third-party application clients due to misoperation and other reasons, thereby effectively solving the second defect in the background technology, that is, third-party applications on the same user terminal in the GBA architecture. The client can easily calculate the problem of the client application key of other third-party applications.

This embodiment can also be combined with Embodiment 3 of the GBA-based client registration and key sharing method to form a new embodiment, that is, the method steps of this embodiment are applied to the user terminal to transfer the NAF_Id to the guidance service server BSF, and the guidance service After the server BSF determines that the security authentication is successful, and before the application guides the service server BSF to provide the third-party application client running in the user terminal with the application key (ie, before step 401 ), the specific process will not be repeated.

This embodiment can also be combined with Embodiment 4 of the GBA-based client registration and key sharing method to form a new embodiment, that is, the method steps of this embodiment are applied to the user terminal to transfer the NAF_Id to the guidance service server BSF, and the guidance service After the server BSF determines that the security authentication is successful, and before the application guides the service server BSF to provide the third-party application client running in the user terminal with the user token (ie, before step 501 ), the specific process will not be repeated.

It should be noted that the terms "comprising", "comprising", "transmitting", "sending" or any other variation herein are intended to encompass non-exclusive inclusion such that a process, method, product of a series of elements is included Or the system may include not only those elements, but may also include other elements not expressly listed, or may also include elements inherent to such a process, method, product, or system.

The terms "first," "second," "third," etc., if present, are used only to distinguish between similar objects, and are not used to describe a particular order or precedence. It is to be understood that the data so used may be interchanged under appropriate circumstances such that the embodiments described herein can be practiced in sequences other than those illustrated or described herein.

The above-mentioned serial numbers of the embodiments of the present invention are only for description, and do not represent the advantages or disadvantages of the embodiments.

The method, apparatus and system of the present invention can be implemented in many ways. For example, the methods, apparatus, and systems of the present invention may be implemented in software, hardware, firmware, or any combination of software, hardware, and firmware. The above-described order of the steps of the method is for illustration only, and the steps of the method of the present invention are not limited to the order specifically described above unless specifically stated otherwise. Furthermore, in some embodiments, the present invention can also be implemented as programs recorded in a recording medium, the programs comprising machine-readable instructions for implementing the methods according to the present invention. Thus, the present invention also covers a recording medium storing a program for executing the method according to the present invention.

The above are only preferred embodiments of the present invention, and are not intended to limit the scope of the present invention. Any equivalent structure or equivalent process transformation made by using the contents of the description and drawings of the present invention, or directly or indirectly applied in other related technical fields , are similarly included in the scope of patent protection of the present invention.

Claims (10)

1. client registration and key sharing method based on GBA, is characterized in that, is applied in the user terminal that runs the third-party application client, described method comprises: Execute the GBA initialization process, obtain the B-TID and generate the first master key Ks; Encrypting the first verification information based on the first master key Ks to generate a first encrypted value, the first verification information is the same as the value of the second verification information generated by the bootstrap service server BSF; sending the B-TID and the first encrypted value to the bootstrap service server BSF; Receive registration information and services provided by the bootstrap service server BSF, where the registration information and services are provided after the bootstrap service server BSF verifies that the first encrypted value is valid. 2. The method according to claim 1, wherein the generating the first encrypted value by encrypting the first verification information based on the first master key Ks comprises: A first authentication key is generated based on the first master key Ks, wherein the generation method of the first authentication key is consistent with the generation method of the bootstrap service server BSF to generate the second authentication key, so that the The value of the first authentication key is the same as that of the second authentication key generated by the bootstrap service server BSF; Generating the first verification information, wherein the generation method of the first verification information is consistent with the generation method of the guidance service server BSF to generate the second verification information, so that the first verification information is consistent with the guidance service server BSF. The value of the second verification information generated by the service server BSF is the same; The first authentication information is encrypted based on the first authentication key to generate a first encrypted value. 3. The method according to claim 1, wherein the method further comprises: Before receiving the registration information and services provided by the guidance service server BSF, passing the NAF_Id to the guidance service server BSF, where the NAF_Id is the identifier of the third-party application client; The registration information and services are the registration information and services provided by the guidance service server BSF for the third-party application client. 4. client registration and key sharing method based on GBA, is characterized in that, is applied in guiding service server BSF, and described method comprises: After successfully performing the GBA initialization process with the user terminal, receive the B-TID and the first encrypted value sent by the user terminal; Obtain the corresponding second master key Ks according to the B-TID; Verifying the first encrypted value based on the second master key Ks and second verification information, the second verification information being the same as the value of the first verification information generated by the user terminal; If it is verified that the first encrypted value is valid, registration information and services are provided to the user terminal. 5. The method according to claim 4, wherein the verifying the first encrypted value based on the second master key Ks and the second verification information comprises: A second authentication key is generated based on the second master key Ks, wherein the generation method of the second authentication key is consistent with the generation method of the user terminal to generate the first authentication key, so that the second authentication key is generated The authentication key is the same as the value of the first authentication key generated by the user terminal; The second verification information is generated, wherein the generation method of the second verification information is consistent with the generation method of the user terminal to generate the first verification information, so that the second verification information is the same as that generated by the user terminal. The value of the first verification information is the same; The first encrypted value is verified based on the second authentication key and the second verification information. 6. The method according to claim 4, wherein the method further comprises: Before providing registration information and services to the user terminal, obtain the NAF_Id delivered by the user terminal, where the NAF_Id is an identifier of a third-party application client running in the user terminal; The registration information and services provided to the user terminal are the registration information and services provided to the third-party application client. 7. GBA-based client registration and key sharing device, wherein the device is applied in a user terminal running a third-party application client, comprising: a memory, a processor, and the processor is used to run the memory The stored program, which executes when the program runs, comprises the method of any one of claims 1 to 3. 8. GBA-based client registration and key sharing device, characterized in that, the device is applied to a boot service server BSF, including: a memory, a processor, and the processor is used to run a program stored in the memory, and the The execution of the program when the program is executed includes the method of any one of claims 4 to 7. 9. GBA-based client registration and key sharing system, characterized in that the system comprises: a user terminal and a guidance service server BSF; the user terminal comprising the apparatus of claim 7; The bootstrap service server BSF comprises the apparatus of claim 8 . 10. A storage medium, wherein a program is stored in the storage medium, and the program is used to implement the method according to any one of claims 1 to 3; or/and, the program is used for Implementation includes the method of any of claims 4-7.

Images