[go: up one dir, main page]

CN1767429A - Mobile communication user certification and key negotiation method - Google Patents

Mobile communication user certification and key negotiation method Download PDF

Info

Publication number
CN1767429A
CN1767429A CN200410088407.0A CN200410088407A CN1767429A CN 1767429 A CN1767429 A CN 1767429A CN 200410088407 A CN200410088407 A CN 200410088407A CN 1767429 A CN1767429 A CN 1767429A
Authority
CN
China
Prior art keywords
authentication
mobile subscriber
network
key
message
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN200410088407.0A
Other languages
Chinese (zh)
Other versions
CN100544249C (en
Inventor
单广玉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Academy of Telecommunications Technology CATT
Original Assignee
Datang Mobile Communications Equipment Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Datang Mobile Communications Equipment Co Ltd filed Critical Datang Mobile Communications Equipment Co Ltd
Priority to CNB2004100884070A priority Critical patent/CN100544249C/en
Publication of CN1767429A publication Critical patent/CN1767429A/en
Application granted granted Critical
Publication of CN100544249C publication Critical patent/CN100544249C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Landscapes

  • Mobile Radio Communication Systems (AREA)

Abstract

This invention relates to a method for mobile communication user certification and cryptographic key negotiation including: carrying out a first Hass operation to random numbers generated by mobile users at the registration stage, utilizing the final Hass value and user ciphered code to generate an information certification code to be sent to the access network, which confirms the reality of the information with the help of attribute network of the user and keeps the Hass value when it is true, carrying out a second Hass operation to the random numbers generated by the access networks to generate an information certification code by the final Hass value to be sent to the user, which confirms the identity of the access network and keeps the Hass value. At the certification and the key negotiation stage, the user and the access network utilize the stored Hass value to certificate to generate a session cryptographic key.

Description

Mobile communication user certification and cryptographic key negotiation method
Technical field
The present invention relates to the mobile communication authentication techniques, relate to user and internetwork authentication and session cipher negotiating method in the mobile communication system or rather.
Background technology
Authentification of user in the global system for mobile communications (GSM) and key agreement adopt one way system, promptly have only network authentication user's process, do not have the process of user's authenticating network, network authentication user's one-way process as shown in Figure 1:
Step 11, travelling carriage sends the user and inserts request, comprises the User Identity (IMSI) of travelling carriage in this request;
Step 12, base station sub-system/mobile switching center (BSS/MSC/VLR) receives request, and sends authentication data request to the authentication center (AuC) of home network, comprises the User Identity (IMSI) of travelling carriage in this request;
Step 13, the authentication center of home network (AuC) inquires corresponding key K and produces a random number RA ND according to the User Identity (IMSI) of travelling carriage, and according to key K, random number RA ND, utilizes response generating function A 3() generates the response SRES of expectation and according to key K, random number RA ND, utilizes session key generating function A 8() generates session key K C, to BSS/MSC/VLR return authentication response message, with triple combination RAND, SRES, K CSend to the BSS/MSC/VLR storage;
Step 14, BSS/MSC/VLR takes out random number RA ND and sends to mobile station MS as challenging value;
Step 15, travelling carriage (MS) basis and AuC cipher key shared K, response generating function A 3() and session key generating function A 8(), session key K CWith response XSRES, and response XSRES sent to BSS/MSC/VLR, BSS/MSC/VLR is the SRES of XSRES and storage relatively, if when consistent by authenticating, just can utilize the session key K of negotiation then between travelling carriage (MS) and BSS/MSC/VLR CCarry out session communication.
The problem that network authentication user's one-way process is brought is to prevent go-between's false base station attack, and can't guarantee session key K CFreshness.Because as long as in network, intercepted and captured triple combination RAND, SRES, K C, then this triple combination just can be used down always, K CJust not having freshness can say.
The false base station of go-between is attacked and the freshness problem of session key in order to solve, 3GPP improves the gsm system verification process, increased the authentication of user by message authentication code to network, realize two-way authentication, with prevent old session key by sequence number mechanism and reuse, guarantee the freshness of session key, and increased the generation of Integrity Key.The verification process of 3GPP as shown in Figure 2.Mainly comprise: authentication request; The distribution of Ciphering Key AV and authentication and key agreement three big processes.
Authentication request is finished by step 201, sends service request by user authentication module/mobile device (USIM/ME) to VLR Visitor Location Register (VLR), has comprised User Identity IMSI in this request.
The distribution of Ciphering Key AV from HE/HLR (HE) to VLR (SN) finished to 205 by step 202.
Step 202, VLR sends authentication data request to Home Environment/attaching position register (HE/HLR), has comprised User Identity IMSI in this request;
Step 203, HE/HLR inquires corresponding key K according to User Identity IMSI, produces random number RA ND respectively and produces sequence number SQN; Utilize message authentication function f 1 () to generate message authentication code MAC, MAC=f1K (SQN ‖ RAND ‖ AMF), ‖ wherein is a simple cascade symbol, and AMF is the authentication management territory, is used for the service time of regulation key or is used to specify wherein a cover when using many cover f1 to f5 algorithms; Utilize message authentication function f 2 (), Key generation functions f3 (), f4 (), f5 () to generate XRES value, session key CK, Integrity Key IK and the Anonymity Key AK that supplies the network authentication terminal respectively again, XRES=f2K (RAND), CK=f3K (RAND), IK=f4K (RAND), AK=f5K (RAND); Generate AUTN value (authentication token), AUTN=SQN AK ‖ AMF ‖ MAC for the terminal authentication network; The five-tuple of this RAND, AUTN, XRES, CK, IK closes and constitutes Ciphering Key AV, AV=RAND ‖ XRES ‖ CK ‖ IK ‖ AUTN.For each user, key K has only one, but HLR can produce a plurality of random number RA ND, closes thereby generate a plurality of five-tuples;
Step 204, HE/HLR closes XRES, CK, IK, AUTN and RAND by the verify data response message with a plurality of five-tuples and sends to VLR;
Step 205, VLR stores a plurality of Ciphering Key AV.
Authentication is finished to 213 by step 206 with key agreement.
Step 206, VLR selects one from a plurality of Ciphering Key of storage, the Ciphering Key AV (i) that promptly selects a kind of (being expressed as i) five-tuple to close;
Step 207, VLR sends authentication request to USIM/ME, comprises selected Ciphering Key AV (i) in this authentication request, RAND (i) ‖ AUTN (i);
Step 208, USIM/ME verifies that at first AUTN (i) embodies the terminal authentication network, specific practice is at first to calculate SQN, whether checking SQN in correct scope, calculates XMAC=f1K (SQN ‖ RAND ‖ AMF) then, and the MAC that comprises among XMAC and the AUTN (i) is compared, if it is different, USIM/ME returns user authentication failure to VLR/SGSN, and VLR sends the authentification failure report to HE/HLR, determines to start a new verification process again by VLR.Pass through authentication when consistent.Begin to carry out the operation of network authentication terminal then, use and HE/HLR cipher key shared K and function f 2 (), calculate RES (i) with the RAND (i) that receives;
Step 209, USIM/ME sends authentication response message to VLR, in this response message the RES (i) that calculates is sent to VLR;
Step 210, VLR receives RES (i), and compares with the XRES (i) that stores, and passes through authentication when relatively more consistent;
Step 211, VLR sends to USIM/ME with authentication result;
Step 212, VLR utilizes function f 3 (), f4 (), according to key K, RAND (i) computation key CK (i) and IK (i);
Step 213, USIM/ME utilizes function f 3 (), f4 (), according to key K, RAND (i) computation key CK (i) and IK (i).
In the said process, in order to realize the authentification of user network, 3GPP generates message authentication code MAC according to information such as sequence number SQN, random challenge RAND in HE/HLR, realize authentication by USIM/ME by verifying message authentication code MAC to network, this sequence number SQN is that this integer is every will to be increased progressively once according to certain rules through once authenticating by user and the common integer of safeguarding of network.By sequence number mechanism, prevent the playback of authentication information, thereby guarantee the freshness of the session key of generation.When the sequence number the authentication information that sends to terminal from network is not in terminal acceptable scope, terminal need be initiated the sequence number synchronization process, make that the sequence number of this terminal is reset among the HE/HLR, in order to prevent that sequence number from exposing user's identity and positional information, also needs to generate Anonymity Key sequence number is hidden.
In GSM and 3GPP system, produce verify data and send to the VLR/SGSN of visited network by the AuC of authentication center of home network, by the VLR/SGSN authenticated user, promptly VLR depends on random challenge and the response that AuC produces and comes authenticated user.
In sum, the authentication of gsm system is a unilateral authentication, lacks the authentication of user to network, makes system be subjected to man-in-the-middle attack easily.The 3GPP authentication is complicated sequence number administrative mechanism and verification process with the subject matter of key agreement, makes agreement and system realize going up more complicated.
In addition, when occurring the dispute of using about network between user and the VLR, AuC can't solve this dispute.VLR can't provide the evidence that the user uses network, because when the user does not have accesses network, VLR also can pass through MAP signaling access authentication vector, and these Ciphering Key are the evidences that can not use network as the user.
Along with the development of 3G business, may need the communications status between user and the VLR is authenticated in commercial the application, do not allow to deny.Be similar in the ecommerce, need to guarantee the authentication of transaction each side and the non repudiation of transaction.Therefore, should find a kind of method can not only realize mobile subscriber and internetwork bidirectional identity authentication and key agreement, and can prove the communications status between user and the network, make communicating pair have non repudiation.
Summary of the invention
The objective of the invention is to design a kind of mobile communication user certification and cryptographic key negotiation method, solve in the mobile communication system user and internetwork two-way, unilateral authentication and session key agreement, can prove the communications status of communicating pair, have non repudiation.
The technical scheme that realizes the object of the invention is such: two-way authentification of user of a kind of mobile communication and cryptographic key negotiation method are applied to it is characterized in that between mobile subscriber, visited network and home network:
A. at registration phase,
A1. the mobile subscriber produces random number R u, and this random number R u is carried out the first Hash operation f MAnd utilize final cryptographic Hash f (Ru), m(Ru) and shared master key K produce message authentication code MACu, will comprise final hash value f m(Ru) carry out identity registration by visited network to home network with the authentication request message of message authentication code MACu, home network is confirmed the authenticity of authentication request message, when message is true, with this final hash value f m(Ru) be kept at visited network, finish based on the authentication of the network of hash chain to the mobile subscriber, M=1,2,3 ..., m;
A2. visited network produces random number R v, and this random number R v is carried out the second Hash operation f NAnd utilize final cryptographic Hash f (Rv), n(Rv) produce message authentication code MACv, will comprise final hash value f n(Rv) the affirmation response message with message authentication code MACv sends to the mobile subscriber, and the mobile subscriber confirms the authenticity of this response message, when message is true, with this final hash value f n(Rv) be kept at the mobile subscriber, finish the authentication to network based on the mobile subscriber of hash chain, N=1,2,3 ..., n;
B. authenticating and the key agreement stage, to the i time authentication and key agreement, 1<=i<=m, 1<=i<=n,
B1. the mobile subscriber is according to the cryptographic Hash f of storage N-i+1(Rv), the verify data f that visited network is sended over N-iVerify that (Rv) determine the authenticity of visited network, the mobile subscriber preserves f behind authentication success N-i(Rv), finish the authentication to network based on the user of hash chain;
B2. visited network is according to the cryptographic Hash f of storage M-i+1(Ru), the verify data f that the user is sended over N-i(Ru) verify, determine the authenticity of mobile subscriber identifier, network is preserved f behind authentication success M-i(Ru), finish based on the authentication of the network of hash chain the user;
B3. mobile subscriber and visited network behind authentication success, utilize f respectively M-i(Ru) the session key CKi and the Integrity Key IKi of the i time authentication of generation and key agreement.
The technical scheme that realizes the object of the invention still is such, and unidirectional authentification of user of a kind of mobile communication and cryptographic key negotiation method are applied to it is characterized in that between mobile subscriber, visited network and home network:
A '. at registration phase,
A1 '. the mobile subscriber produces random number R u, and this random number R u is carried out the first Hash operation f MAnd utilize final cryptographic Hash f (Ru), m(Ru) and shared master key K produce message authentication code MACu, will comprise final hash value f m(Ru) carry out identity registration by visited network to home network with the authentication request message of message authentication code MACu, home network is confirmed the authenticity of authentication request message, when message is true, with this final hash value f m(Ru) be kept at visited network, finish based on the authentication of the network of hash chain to the mobile subscriber, M=1,2,3 ..., m;
A2 '. visited network produces random number R v, and this random number R v is carried out the second Hash operation f NAnd utilize final cryptographic Hash f (Rv), n(Rv) produce message authentication code MACv, will comprise final hash value f n(Rv) the affirmation response message with message authentication code MACv sends to the mobile subscriber, and the mobile subscriber confirms the authenticity of this response message, when message is true, with this final hash value f n(Rv) be kept at the mobile subscriber, finish the authentication to network based on the mobile subscriber of hash chain, N=1,2,3 ..., n;
B '. in authentication and key agreement stage, to the i time authentication and key agreement, 1<=i<=m, visited network is according to the cryptographic Hash f of storage M-i+1(Ru), the verify data f that the mobile subscriber is sended over M-i(Ru) verify, determine the authenticity of mobile subscriber identifier, visited network is preserved f behind authentication success M-i(Ru), finish based on the authentication of the network of hash chain the user; Behind authentication success, mobile subscriber and visited network utilize f M-i(Ru) the session key CKi and the Integrity Key IKi of the i time authentication of generation and key agreement.
The technical scheme that realizes the object of the invention can also be such: unidirectional authentification of user of a kind of mobile communication and cryptographic key negotiation method are applied to it is characterized in that between mobile subscriber, visited network and home network:
A ". at registration phase,
A1 ". the mobile subscriber produces random number R u, and this random number R u is carried out the first Hash operation f MAnd utilize final cryptographic Hash f (Ru), m(Ru) and shared master key K produce message authentication code MACu, will comprise final hash value f m(Ru) carry out identity registration by visited network to home network with the authentication request message of message authentication code MACu, home network is confirmed the authenticity of authentication request message, when message is true, with this final hash value f m(Ru) be kept at visited network, finish based on the authentication of the network of hash chain to the mobile subscriber, M=1,2,3 ..., m;
A2 ". visited network produces random number R v, and this random number R v is carried out the second Hash operation f NAnd utilize final cryptographic Hash f (Rv), n(Rv) produce message authentication code MACv, will comprise final hash value f n(Rv) the affirmation response message with message authentication code MACv sends to the mobile subscriber, and the mobile subscriber confirms the authenticity of this response message, when message is true, with this final hash value f n(Rv) be kept at the mobile subscriber, finish the authentication to network based on the mobile subscriber of hash chain, N=1,2,3 ..., n;
B ". in authentication and key agreement stage, to the i time authentication and key agreement, 1<=i<=n, the mobile subscriber is according to the cryptographic Hash f of storage N-i+1(Rv), the verify data f that visited network is sended over N-iVerify that (Rv) determine the authenticity of visited network, the mobile subscriber preserves f behind authentication success N-i(Rv), finish the authentication to network based on the user of hash chain; Behind authentication success, mobile subscriber and visited network utilize f N-i(Rv) the session key CKi and the Integrity Key IKi of the i time authentication of generation and key agreement.
Mutual authentication method of the present invention comprises based on the network of Hash (Hash) chain to user's authentication with based on the user of the hash chain authentication to network.
Unilateral authentication method of the present invention comprises based on the network of Hash (Hash) chain to user's authentication or based on the user of the hash chain authentication to network.
Wherein based on the authentication of the network of hash chain to the user, specifically refer to: in registration process, the user carries out identity registration by the VLR Visitor Location Register VLR of visited network to the AuC of authentication center of home network, and AuC judges user identity by message authentication function (H ()); In authentication and cipher key agreement process, VLR authenticates the user by Hash chain independently.
Based on the user of the hash chain authentication to network, specifically refer to: in registration process, the user carries out identity according to message authentication function (H ()) to VLR and judges; In authentication and cipher key agreement process, the user is undertaken comparing with being stored in local information (through the cryptographic Hash after upgrading) after the Hash operation by the authentication information to VLR, and visited network is carried out authentication.
In the authentication and cipher key agreement process based on hash chain of the inventive method, the generation of session key (encryption key and Integrity Key) is accompanied by verification process, and each session key that generates all the authentication information with this is relevant.
The message source authentication based on message authentication code of the inventive method, user, AuC, VLR three parts share the message authentication function, the user is by the authenticity of message authentication code MACu to the authentication information of AuC proof submission, and whether AuC is genuine in the user who is claimed the message from the authentication information that VLR forwards according to the message authentication code judgement; VLR proves the authenticity of the authentication information that sends by message authentication code MACv to the user, and the user judges the authenticity of the information that VLR submits to according to message authentication code.
Message authentication function (H ()) needs authenticator and certified person to share key.The user is produced by AuC the authentication information of network among the 3GPP, and based on user and AuC cipher key shared, VLR oneself does not produce message authentication code.And in the inventive method, message authentication between user and the AuC is based on the shared key K between user and the network, message authentication between user and the VLR is based on shared Anonymity Key AK (AK ' of user side is produced according to RAND and K by the user, and the AK of VLR side sends to VLR by AuC).
The inventive method also has the beneficial effect of following several respects except two-way, the unidirectional authentication that can realize user and network:
Obtain the assurance of key freshness by the cryptographic Hash of the random number that produces by the user, guarantee that by sequence number mechanism the key freshness compares, not have the complex process brought because of the management of sequence number, thereby consult to realize simply with 3GPP;
When dispute appears in visited network and user, the evidence (f that the user produces that visited network can provide the user to use network to user's home network M-i(Ru) and MACu), because this evidence is based on random number R u that the user produces and user and home network cipher key shared K and encrypts generation, home network can be verified, and visited network can't oneself produce, so can prove the use of user to network, thus have to a certain degree prevent to deny function;
Because network is finished by two first, second separate hash chains respectively the authentication of network user's authentication and user, carry out easily flexibly two-way authentication to be become unilateral authentication under the situation of two-way authentication not needing.If the user does not need authenticating network, then network side just need not produce hash chain, when authentication only by Network Check user's authentication information, and the user needn't check the authentication information of network.Otherwise if network does not need authenticated user, then user side just need not produce hash chain, when authentication only by the authentication information of customer inspection network, and network needn't be checked user's authentication information.
In a word, the inventive method adopted be different from the prior art scheme, user and network bi-directional, unidirectional authentication and key agreement mechanism, agreement realizes simple and flexible, and have to a certain degree prevent to deny function.
Description of drawings
Fig. 1 is the one-way process block diagram of network authentication user in the gsm system;
Fig. 2 is 3GPP network and user's two-way authentication and a key agreement FB(flow block);
Fig. 3 is the register flow path block diagram of user when roaming into a new accesses network of the inventive method;
Fig. 4 is that the user that works as of the inventive method initiates service request, authentication and key agreement FB(flow block) when visited network requires authenticated user.
Fig. 5 be the inventive method based on the network of Hash (Hash) chain unilateral authentication FB(flow block) to the user;
Fig. 6 be the inventive method based on the user of Hash (Hash) chain unilateral authentication FB(flow block) to network.
Embodiment
The precondition of carrying out certificate scheme of the present invention comprises:
Master key K, Key generation functions f share in mobile subscriber and home network authentication center (AuC) 3(), f 4(), f 5(), message authentication function H ();
The VLR Visitor Location Register of mobile subscriber and visited network (VLR) is shared hash function f (), message authentication function H (), Key generation functions f 3' (), f 4' ();
The mobile subscriber, VLR and AuC can produce random number separately, and the table of random numbers that the user is produced is shown Ru, and the table of random numbers that VLR is produced is shown Rv and the table of random numbers that AuC is produced is shown RAND.
Above-mentioned condition also can be expressed as: in mobile subscriber's side master key K is arranged, Key generation functions f 3(), f 4(), f 5(), f 3' (), f 4' (), message authentication function H () and hash function f () produce random number R u; In visited network (VLR) side hash function f (), message authentication function H () and Key generation functions f are arranged 3' (), f 4' (), produce random number R v; Home network (AuC) side has master key K, Key generation functions f 3(), f 4(), f 5(), message authentication function H () produces random number RA ND.
Master key K that shares between mobile subscriber and the AuC and message authentication function H () are used for the message authentication between mobile subscriber and the AuC; Cipher key shared produces function f between mobile subscriber and the AuC 3() is used to generate encryption key seed CK; Cipher key shared produces function f between user and the AuC 4() is used to generate Integrity Key seed IK; Cipher key shared produces function f between user and the AuC 5() is used to generate Anonymity Key AK.
Cipher key shared produces function f between user and the VLR 3' () be used to generate the air-interface encryption ciphering key Ki of corresponding the i time authentication request; Cipher key shared produces function f between user and the VLR 4' () be used to generate the air interface Integrity Key IKi of corresponding the i time authentication request.
The mutual authentication of user of the inventive method and network and key agreement are divided into two stages execution; Registration phase and authentication phase.
When the user roams into a new accesses network, at first need to register, registration process is as shown in Figure 3; After finishing registration, when the user initiated service request, visited network required authenticated user, and identifying procedure as shown in Figure 4.
Referring to Fig. 3, the user roams into a new visited network (perhaps when all cryptographic Hash of the hash chain that produces are all finished using) beginning registration process, finishes the registration of mobile subscriber at home network.
Step 31, the mobile subscriber produces random number R u, and producing length is the hash chain of m, calculates f M(Ru) (M=1,2,3 ..., m), promptly calculate f 1(Ru), f 2(Ru) ..., f mAnd produce a time stamp T imeStamp that the mobile subscriber is current (Ru); Then, according to international mobile subscriber identifier (IMSI), f n(Ru) and TimeStamp, generate MSGu and user's message authentication code MACu, MSGu=IMSI ‖ f n(Ru) ‖ TimeStamp, (K MSGu), and sends to MSGu and MACu the VLR of visited network to MACu=H;
Step 32, the VLR of visited network sends to MSGu and MACu the AuG of home network.In the registration process, VLR does not authenticate the mobile subscriber, just authentication information is issued mobile subscriber's home network, by after the home network authentication result being returned.
Step 33 after the AuC of home network receives MSGu and MACu message, at first according to the MSGu that receives, is calculated XMACu, and XMACu=H (K, MSGu); Whether checking MACu that receives and the XMACu that calculates equates then, if equate, in allowed limits whether the time stamp T imeStamp that reexamines among the MSGu that receives (stab relatively with the AuC current time, judge between the two in allowed limits) every whether, if then mobile subscriber's identity is legal, by the authentication of network to the user.
As seen, judge whether mobile subscriber identifier is legal, still control by home network AuG.
The AuC of home network produces a random number RA ND, according to random number RA ND and shared master key K, utilizes Key generation functions f 3, f 4, f 5Generate encryption key seed CK, Integrity Key seed IK and Anonymity Key AK respectively:
CK=f 3(K,RAND);
IK=f 4(K,RAND);
AK=f 5(K,RAND)。
The AuC of home network is with MSGh=IMSI ‖ f m(Ru) ‖ RAND ‖ CK ‖ IK ‖ AK sends to the VLR of visited network by confirming response message.Why will send RAND, be that the mobile subscriber could generate this several keys after having known RAND because the mobile subscriber need be according to the RAND of AuC generation when producing CK, IK and AK.
Step 34, after the VLR of visited network received the affirmation response message MSGh of AuC, VLR incited somebody to action IMSI, f wherein m(Ru), CK, IK and AK preserve, selecting random number R v to produce own length is the 2nd Hash chain of n, calculating f N(Rv) (N=1,2,3 ..., n), promptly calculate f 1(Rv), f 2(Rv) ..., f n(Rv), obtain to confirm response message, comprise MSGv and message authentication code MACv:
MSGv=RAND‖f n(Rv)‖TimeStamp;
MACv=H(AK,MSGv)。
The VLR of visited network will confirm response message MSGv and MACv, send to the mobile subscriber, and the TimeStamp among the MSGv is the current timestamp of VLR.
After the mobile subscriber receives and confirms response message MSGv and MACv, at first produce AK '=f5 (K according to the RAND in the MSGv message, RAND), calculate then XMACv=H (AK ', MSGv), whether the MACv in the response message that checking is received equates with the XMACv that calculates, if equate, in allowed limits in allowed limits more whether the TimeStamp that reexamines reception (stab with mobile subscriber's current time), if think that then this affirmation response message is from real VLR, by the authentication of user, with the f among the MSG v to network n(Rv) storage.According to RAND and master key K, produce encryption key seed CK and Integrity Key seed IK then:
CK=f 3(K,RAND);
IK=f 4(K,RAND)。
So far, the mobile subscriber finishes in the AuG of home network registration.
In registration process, by AuC the mobile subscriber is carried out authentication, the mobile subscriber then carries out authentication to VLR.Through the mobile subscriber of AuC authentication, VLR no longer carries out authentication to it, directly confirms as validated user.The mutual authentication process that this three party is realized shows that in the registration process, VLR does not authenticate the user, but authentication information is directly issued the AuC of mobile subscriber's home network, after the AuC authentication by home network the result is returned VLR.If the authentification of user that home network returns is correct, then the mobile subscriber is at authentication and key agreement during the stage, the f in the authentication information that authentication for the first time and key agreement begin to submit to m(Ru) just can be used as after Service Ticket during customer access network, just participate in having authenticated without AuC.
After registration, the VLR side of visited network has been stored the final hash value f of a hash chain computing m(Ru), mobile subscriber's side has been stored the final hash chain f of the 2nd hash chain computing n(Rv).
Referring to Fig. 4, authentication and cipher key agreement process.After registration was finished, when the user initiated service request, the VLR of visited network required authenticated user, began authentication and cipher key agreement process.Suppose that this authentication request is the i time (1<=i<=n, 1<=i<=m).
Step 41, for the i time authentication request, the VLR of visited network produces authentication request message, comprises the verify data MSGvi=f of network in this request message N-i(Rv), send it to the user.
Step 42 after the mobile subscriber receives the authentication request message of visited network VLR, obtains the verify data f of VLR from this message N-i(Rv), utilize the hash function f () that shares to calculate f (f N-i(Rv)), and checking whether with the f of storage N-i+1(Rv) equate,, think that then VLR is legal, f if equate N-i(Rv) preserve, and with the user authentication data that produces as authentication response message MSGui=f M-i(Ru) issue the VLR of visited network.
Step 43, the VLR of visited network receives MSGui=f M-i(Ru) after, utilize the hash function f () that shares to calculate f (f M-i(Ru)), and checking whether with the f of its storage M-i+1Equate that (Ru) if equate that then authentification of user passes through, VLR will preserve f M-iAnd send the result of authentication success to the user (Ru).
Step 44,45, behind the authentication success, mobile subscriber and visited network VLR calculate encryption key seed CK, Integrity Key seed IK and the above-mentioned f of storage according to when registration M-i(Ru) generate air-interface encryption ciphering key Ki and the air interface Integrity Key Iki that this session needs:
CKi=f 3’(CK,f m-i(Ru));
IKi=f 4’(IK,f m-i(Ru))。
Therefore, in authentication phase, only judge by Hash chain independently: the local resource that can use VLR through the mobile subscriber of AuC authentication by the VLR of visited network., be two-way authentication and the key agreement between VLR and mobile subscriber also promptly in authentication and key agreement stage.
Referring to Fig. 5, be the inventive method based on the network of Hash (Hash) chain unilateral authentication FB(flow block) to the user, but omitted to mobile subscriber's authenticating step and based on the mobile subscriber of hash chain the authenticating step of network (being need to prove: no matter be two-way authentication or unilateral authentication that registration phase is finished based on the network of hash chain, the inventive method all must be done two-way authentication at registration phase, and the step 31 in the promptly necessary execution graph 3 is to 34).
For based on the network of Hash (Hash) chain unilateral authentication process to the user, registration phase also need finish based on the network of hash chain to mobile subscriber's authenticating step (step 31 among Fig. 3,32,33) with based on the network of hash chain authenticating step (step 34 among Fig. 3) to the mobile subscriber.But general description is: the mobile subscriber produces random number R u, and this random number R u is carried out the first Hash operation f MAnd utilize final cryptographic Hash f (Ru), m(Ru) and shared master key K produce message authentication code MACu, will comprise final hash value f m(Ru) carry out identity registration by visited network to home network with the authentication request message of message authentication code MACu, home network is confirmed the authenticity of authentication request message, when message is true, with this final hash value f m(Ru) be kept at visited network, finish based on the authentication of the network of hash chain to the mobile subscriber, M=1,2,3 ..., m; Visited network produces random number R v, and this random number R v is carried out the second Hash operation f NAnd utilize final cryptographic Hash f (Rv), n(Rv) produce message authentication code MACv, will comprise final hash value f n(Rv) the affirmation response message with message authentication code MACv sends to the mobile subscriber, and the mobile subscriber confirms the authenticity of this response message, when message is true, with this final hash value f n(Rv) be kept at the mobile subscriber, finish the authentication to network based on the mobile subscriber of hash chain, N=1,2,3 ..., n.
In authentication and key agreement stage, to the i time authentication and key agreement, 1<=i<=m.
Step 51, visited network VLR sends user authentication request message to the mobile subscriber;
Step 52 receives the mobile subscriber of user authentication request message, produces user authentication data MSGui=f M-i(Ru) issue the VLR of visited network.
Step 53, the VLR of visited network receives MSGui=f M-1(Ru) after, utilize the hash function f () that shares to calculate f (f M-i(Ru)), and checking whether with the f of its storage M-i+1Equate that (Ru) if equate that then authentification of user passes through, VLR will preserve f M-iAnd send the result of authentication success to the user (Ru).
Step 54,55, behind the authentication success, mobile subscriber and visited network VLR calculate encryption key seed CK, Integrity Key seed IK and the above-mentioned f of storage according to when registration M-i(Ru) generate air-interface encryption ciphering key Ki and the air interface Integrity Key Iki that this session needs:
CKi=f 3’(CK,f m-i(Ru));
IKi=f 4’(IK,f m-i(Ru))。
But step 51 to 55 general description are: visited network is according to the cryptographic Hash f of storage M-i+1(Ru), the verify data f that the mobile subscriber is sended over M-i(Ru) verify, determine the authenticity of mobile subscriber identifier, visited network is preserved f behind authentication success M-i(Ru), finish based on the authentication of the network of hash chain the user; Behind authentication success, mobile subscriber and visited network utilize f M-i(Ru) the session key CKi and the Integrity Key IKi of the i time authentication of generation and key agreement.
Referring to Fig. 6, be the inventive method based on the user of Hash (Hash) chain unilateral authentication FB(flow block) to network.But omitted to mobile subscriber's authenticating step and based on the mobile subscriber of hash chain the authenticating step of network (being need to prove: no matter be two-way authentication or unilateral authentication that registration phase is finished based on the network of hash chain, the inventive method all must be done two-way authentication at registration phase, and the step 31 in the promptly necessary execution graph 3 is to 34).
For based on the user of Hash (Hash) chain unilateral authentication process to network, registration phase also need finish based on the network of hash chain to mobile subscriber's authenticating step (step 31 among Fig. 3,32,33) with based on the network of hash chain authenticating step (step 34 among Fig. 3) to the mobile subscriber.
In authentication and key agreement stage, to the i time authentication and key agreement, 1<=i<=n.
Step 61, the mobile subscriber sends the network authentication request message to visited network VLR;
Step 62 receives the visited network VLR of network authentication request message, produces user authentication data MSGvi=f N-i(Rv) issue the mobile subscriber;
Step 63 after the mobile subscriber receives the authentication request message of visited network VLR, obtains the verify data f of VLR from this message N-i(Rv), utilize the hash function f () that shares to calculate f (f N-i(Rv)), and checking whether with the f of storage N-j+1(Rv) equate,, think that then VLR is legal, f if equate N-i(Rv) preserve, and send the result of authentication success to visited network.
Step 64,65, behind the authentication success, mobile subscriber and visited network VLR calculate encryption key seed CK, Integrity Key seed IK and the above-mentioned f of storage according to when registration N-i(Rv) generate air-interface encryption ciphering key Ki and the air interface Integrity Key Iki that this session needs:
CKi=f 3’(CK,f n-i(Rv));
IKi=f 4’(IK,f n-i(Rv))。
But step 61 to 65 general description are: the mobile subscriber is according to the cryptographic Hash f of storage N-i+1(Rv), the verify data f that visited network is sended over N-iVerify that (Rv) determine the authenticity of visited network, the mobile subscriber preserves f behind authentication success N-i(Rv), finish the authentication to network based on the user of hash chain; Behind authentication success, mobile subscriber and visited network utilize f N-i(Rv) the session key CKi and the Integrity Key IKi of the i time authentication of generation and key agreement.
In the practical application, the recurrent unilateral authentication that is two-way authentication or network to the user, the user does not generally use the unilateral authentication of network.
Two-way authentication of the present invention at registration phase, is carried out authentication by the AuC of home network to the mobile subscriber, by the mobile subscriber VLR of visited network is carried out authentication, and on the VLR of mobile subscriber and visited network storage hash chain separately; In authentication phase and key agreement stage, be the VLR and the mobile subscriber's of visited network two-way authentication, the network that is based on the hash chain is to mobile subscriber's authentication with based on the mobile subscriber of the hash chain authentication to network.
Unilateral authentication of the present invention, at registration phase, by the AuC of home network the mobile subscriber is carried out authentication, and on the VLR of visited network storage hash chain, with by the mobile subscriber VLR of visited network is carried out authentication, and on the mobile subscriber storage hash chain; In authentication phase and key agreement stage, be the unilateral authentication of the VLR of visited network to the mobile subscriber, be based on of the authentication of the network of hash chain to the mobile subscriber.
Unilateral authentication of the present invention, at registration phase, by the AuC of home network the mobile subscriber is carried out authentication, and on the VLR of visited network storage hash chain, with by the mobile subscriber VLR of visited network is carried out authentication, and on the mobile subscriber storage hash chain; In authentication phase and key agreement stage, be the VLR of visited network and mobile subscriber's unilateral authentication, be based on the authentication of the mobile subscriber of hash chain to network.

Claims (13)

1. mobile communication subscriber two-way authentication and cryptographic key negotiation method are applied to it is characterized in that between mobile subscriber, visited network and home network:
A. at registration phase,
A1. the mobile subscriber produces random number R u, and this random number R u is carried out the first Hash operation f MAnd utilize final cryptographic Hash f (Ru), m(Ru) and shared master key K produce message authentication code MACu, will comprise final hash value f m(Ru) carry out identity registration by visited network to home network with the authentication request message of message authentication code MACu, home network is confirmed the authenticity of authentication request message, when message is true, with this final hash value f m(Ru) be kept at visited network, finish based on the authentication of the network of hash chain to the mobile subscriber, M=1,2,3 ..., m;
A2. visited network produces random number R v, and this random number R v is carried out the second Hash operation f NAnd utilize final cryptographic Hash f (Rv), n(Rv) produce message authentication code MACv, will comprise final hash value f n(Rv) the affirmation response message with message authentication code MACv sends to the mobile subscriber, and the mobile subscriber confirms the authenticity of this response message, when message is true, with this final hash value f n(Rv) be kept at the mobile subscriber, finish the authentication to network based on the mobile subscriber of hash chain, N=1,2,3 ..., n;
B. authenticating and the key agreement stage, to the i time authentication and key agreement, 1<=i<=m, 1<=i<=n,
B1. the mobile subscriber is according to the cryptographic Hash f of storage N-i+1(Rv), the verify data f that visited network is sended over N-1Verify that (Rv) determine the authenticity of visited network, the mobile subscriber preserves f behind authentication success N-1(Rv), finish the authentication to network based on the user of hash chain;
B2. visited network is according to the cryptographic Hash f of storage M-i+1(Ru), the verify data f that the user is sended over M-i(Ru) verify, determine the authenticity of mobile subscriber identifier, network is preserved f behind authentication success M-i(Ru), finish based on the authentication of the network of hash chain the user;
B3. mobile subscriber and visited network behind authentication success, utilize f respectively M-i(Ru) the session key CKi and the Integrity Key IKi of the i time authentication of generation and key agreement.
2. method according to claim 1 is characterized in that in the described steps A 1, produces message authentication code MACu and comprises: utilize IMSI, f m(Ru), the TimeStamp cascade generates MSGu, MSGu=IMSI ‖ f m(Ru) ‖ TimeStamp; Utilize the message authentication function to generate message authentication code MACu, and MACu=H (K, MSGu), IMSI is the international mobile subscriber identifier, TimeStamp is the current timestamp of mobile subscriber.
3. method according to claim 2 is characterized in that in the described steps A 1, and home network is confirmed the authenticity of authentication request message, comprising:
Home network utilizes message authentication function calculation message authentication code XMACu, and XMACu=H (K, MSGu);
Relatively whether the XMACu of Ji Suaning is consistent with the MACu of reception, continues to carry out following step when consistent;
In allowed limits whether the TimeStamp that inspection receives be to confirm that then authentication request message is true.
4. method according to claim 2, it is characterized in that: described authentication request message is carried out identity registration by visited network to home network, be described MSGu and MACu to be sent to visited network, by visited network this MSGu and MACu sent to home network again by the mobile subscriber.
5. method according to claim 1 is characterized in that home network is with final hash value f in the described steps A 1 m(Ru) be kept at visited network, comprise:
Home network produces a random number RA ND;
Generate and confirm response message MSG h, MSG h=IMSI ‖ f m(Ru) ‖ RAND ‖ CK ‖ IK ‖ AK, IMSI is the international mobile subscriber identifier, CK, IK, AK are respectively encryption key seed, Integrity Key seed, Anonymity Key;
Home network is with MSG hSending to visited network preserves.
6. method according to claim 5 is characterized in that: described encryption key seed CK, Integrity Key seed IK and Anonymity Key AK, utilize Key generation functions separately to generate CK=f respectively 3(K, RAND), IK=f 4(K, RAND), AK=f 5(K, RAND).
7. method according to claim 1 is characterized in that in the described steps A 2, produces message authentication code MACv and comprises: utilize RAND, f n(Rv), the TimeStamp cascade generates MSGv, MSGv=RAND ‖ f nRv) ‖ TimeStamp; Utilize the message authentication function to generate message authentication code MACv, and MACv=H (AK, MSGv), RAND, AK are random number and the Anonymity Key that comes from home network, TimeStamp stabs the current time of visited network.
8. method according to claim 7 is characterized in that the mobile subscriber confirms the authenticity of response message, comprising in the described steps A 2:
The mobile subscriber takes out RAND from described MSGv, utilize the Anonymity Key generating function to produce Anonymity Key AK ', and AK '=f5 (K, RAND);
The mobile subscriber utilizes message authentication function calculation XMACv, and XMACv=H (AK ', MSGv);
Relatively whether the XMACv of Ji Suaning is consistent with the MACv of reception, continues to carry out following step when consistent;
In allowed limits whether the TimeStamp that inspection receives be the authenticity of then confirming response message, and utilize encryption key seed generating function, Integrity Key seed generating function to generate encryption key seed CK and Integrity Key seed IK, CK=f respectively 3(K, RAND), IK=f 4(K, RAND).
9. method according to claim 1 is characterized in that among the described step B1, the mobile subscriber comprises the authentication of visited network:
Visited network produces authentication request message and also sends to the mobile subscriber, and what comprise the network authentication user in this request message recognizes correction data MSGvi=f N-i(Rv);
The mobile subscriber utilizes shared hash function to calculate f (f N-i(Rv));
Compare f (f N-i(Rv)) with the f that stores N-i+1(Rv) whether consistent, f N-i+1(Rv) be meant the mobile subscriber according to the Rv in the registration process, the cryptographic Hash of preserving through i-1 authentication back is sent to mobile subscriber's data by visited network when being i-1 success identity, and upgrading described cryptographic Hash during unanimity is f N-i(Rv).
10. method according to claim 1 is characterized in that among the described step B2, visited network comprises mobile subscriber's authentication:
The mobile subscriber is with verify data MSGui=f M-i(Ru) send to visited network;
The hash function that the visited network utilization is shared calculates f (f M-i(Ru));
F (the f of Ji Suaning relatively M-i(Ru)) with the f that stores M-i+1(Ru) whether consistent, f M-i+1(Ru) be meant visited network according to the Ru in the registration process, the cryptographic Hash of preserving through i-1 authentication back is sent to the data of visited network by the mobile subscriber when being i-1 success identity, and upgrading described cryptographic Hash during unanimity is f M-i(Ru).
11. method according to claim 10, it is characterized in that among the described step B3, air-interface encryption key generating function and air interface Integrity Key generating function that mobile subscriber and visited network utilization are shared generate session key CKi and Integrity Key IKi, CKi=f respectively 3' (CK, f M-i(Ru)), IKi=f 4' (IK, f M-i(Ru)), CK, IK are kept at encryption key seed, Integrity Key seed on mobile subscriber and the visited network simultaneously at registration phase.
12. unidirectional authentification of user of mobile communication and cryptographic key negotiation method are applied to it is characterized in that between mobile subscriber, visited network and home network:
A '. at registration phase,
A1 '. the mobile subscriber produces random number R u, and this random number R u is carried out the first Hash operation f MAnd utilize final cryptographic Hash f (Ru), m(Ru) and shared master key K produce message authentication code MACu, will comprise final hash value f m(Ru) carry out identity registration by visited network to home network with the authentication request message of message authentication code MACu, home network is confirmed the authenticity of authentication request message, when message is true, with this final hash value f m(Ru) be kept at visited network, finish based on the authentication of the network of hash chain to the mobile subscriber, M=1,2,3 ..., m;
A2 '. visited network produces random number R v, and this random number R v is carried out the second Hash operation f NAnd utilize final cryptographic Hash f (Rv), n(Rv) produce message authentication code MACv, will comprise final hash value f n(Rv) the affirmation response message with message authentication code MACv sends to the mobile subscriber, and the mobile subscriber confirms the authenticity of this response message, when message is true, with this final hash value f n(Rv) be kept at the mobile subscriber, finish the authentication to network based on the mobile subscriber of hash chain, N=1,2,3 ..., n;
B '. in authentication and key agreement stage, to the i time authentication and key agreement, 1<=i<=m, visited network is according to the cryptographic Hash f of storage M-i+1(Ru), the verify data f that the mobile subscriber is sended over M-i(Ru) verify, determine the authenticity of mobile subscriber identifier, visited network is preserved f behind authentication success M-i(Ru), finish based on the authentication of the network of hash chain the user; Behind authentication success, mobile subscriber and visited network utilize f M-i(Ru) the session key CKi and the Integrity Key IKi of the i time authentication of generation and key agreement.
13. unidirectional authentification of user of mobile communication and cryptographic key negotiation method are applied to it is characterized in that between mobile subscriber, visited network and home network:
A ". at registration phase,
A1 ". the mobile subscriber produces random number R u, and this random number R u is carried out the first Hash operation f MAnd utilize final cryptographic Hash f (Ru), m(Ru) and shared master key K produce message authentication code MACu, will comprise final hash value f m(Ru) carry out identity registration by visited network to home network with the authentication request message of message authentication code MACu, home network is confirmed the authenticity of authentication request message, when message is true, with this final hash value f m(Ru) be kept at visited network, finish based on the authentication of the network of hash chain to the mobile subscriber, M=1,2,3 ..., m;
A2 ". visited network produces random number R v, and this random number R v is carried out the second Hash operation f NAnd utilize final cryptographic Hash f (Rv), n(Rv) produce message authentication code MACv, will comprise final hash value f n(Rv) the affirmation response message with message authentication code MACv sends to the mobile subscriber, and the mobile subscriber confirms the authenticity of this response message, when message is true, with this final hash value f n(Rv) be kept at the mobile subscriber, finish the authentication to network based on the mobile subscriber of hash chain, N=1,2,3 ..., n;
B ". in authentication and key association, merchant's stage, to the i time authentication and key association, merchant, 1<=i<=n, the mobile subscriber is according to the cryptographic Hash f of storage N-i+1(Rv), the verify data f that visited network is sended over N-iVerify that (Rv) determine the authenticity of visited network, the mobile subscriber preserves f behind authentication success N-i(Rv), finish the authentication to network based on the user of hash chain; Behind authentication success, mobile subscriber and visited network utilize f N-i(Rv) the session key CKi and the Integrity Key IKi of the i time authentication of generation and key agreement.
CNB2004100884070A 2004-10-29 2004-10-29 Mobile communication user certification and cryptographic key negotiation method Expired - Fee Related CN100544249C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNB2004100884070A CN100544249C (en) 2004-10-29 2004-10-29 Mobile communication user certification and cryptographic key negotiation method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNB2004100884070A CN100544249C (en) 2004-10-29 2004-10-29 Mobile communication user certification and cryptographic key negotiation method

Publications (2)

Publication Number Publication Date
CN1767429A true CN1767429A (en) 2006-05-03
CN100544249C CN100544249C (en) 2009-09-23

Family

ID=36743055

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2004100884070A Expired - Fee Related CN100544249C (en) 2004-10-29 2004-10-29 Mobile communication user certification and cryptographic key negotiation method

Country Status (1)

Country Link
CN (1) CN100544249C (en)

Cited By (34)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008009183A1 (en) * 2006-07-13 2008-01-24 Shanghai Jiaotong University Password remotely authentication method based on the intelligent card and an intelligent card, a server and system thereof
WO2009067901A1 (en) * 2007-11-08 2009-06-04 China Iwncomm Co., Ltd. A method of one-way access authentication
WO2009076811A1 (en) * 2007-12-14 2009-06-25 Huawei Technologies Co., Ltd. A method, a system, a client and a server for key negotiating
CN101056166B (en) * 2007-05-28 2010-04-21 北京飞天诚信科技有限公司 A method for improving the data transmission security
CN101127764B (en) * 2007-09-11 2010-06-02 神州亿品科技有限公司 Method, authentication module and system for secure playing of audio and video
CN101784048A (en) * 2009-01-21 2010-07-21 中兴通讯股份有限公司 Method and system for dynamically updating identity authentication and secret key agreement of secret key
CN101547340B (en) * 2008-03-25 2010-12-15 中国科学院软件研究所 Undeniable charging method for video-on-demand system
CN101938741A (en) * 2009-06-30 2011-01-05 大唐移动通信设备有限公司 Method, system and device for mutual authentication
JP2011507363A (en) * 2007-12-14 2011-03-03 西安西電捷通無線網絡通信有限公司 Entity two-way authentication method and system
CN101617351B (en) * 2007-01-19 2011-06-22 三菱电机株式会社 Cryptogram generating device, cryptogram communication system, and group parameter generating device
CN102378170A (en) * 2010-08-27 2012-03-14 中国移动通信有限公司 Method, device and system of authentication and service calling
CN101741555B (en) * 2008-11-12 2012-07-04 中兴通讯股份有限公司 Method and system for identity authentication and key agreement
CN101350721B (en) * 2007-07-20 2012-08-08 华为技术有限公司 Network system, network access method and network appliance
CN102792312A (en) * 2010-03-10 2012-11-21 德国捷德有限公司 Method for authenticating a portable data carrier
CN103259768A (en) * 2012-02-17 2013-08-21 中兴通讯股份有限公司 Method, system and device of message authentication
CN103475643A (en) * 2013-08-22 2013-12-25 北京宏基恒信科技有限责任公司 Key updating method and system of dynamic token, dynamic token and authentication server
CN103647653A (en) * 2013-12-24 2014-03-19 深圳国微技术有限公司 Certification and key agreement method between devices
CN103701797A (en) * 2013-12-23 2014-04-02 江苏物联网研究发展中心 Light-weight node and gateway two-way identity authentication method
CN104243409A (en) * 2013-06-14 2014-12-24 中国普天信息产业股份有限公司 Terminal-to-terminal data transmission method
CN105227309A (en) * 2014-06-17 2016-01-06 上海崴澜网络科技有限公司 For the encryption method of internet-of-things terminal and high in the clouds communication
CN105556892A (en) * 2013-05-09 2016-05-04 韦恩加油系统有限公司 Systems and methods for secure communication
CN106332061A (en) * 2015-06-23 2017-01-11 中兴通讯股份有限公司 OTA bootstrap processing method and terminal equipment
CN106330430A (en) * 2016-08-29 2017-01-11 江苏高网信息科技有限公司 Third-party mobile payment method based on NTRU
WO2017096599A1 (en) * 2015-12-10 2017-06-15 深圳市大疆创新科技有限公司 Secure communication system, method, and device
CN107682152A (en) * 2017-10-31 2018-02-09 洛阳师范学院 A kind of group key agreement method based on symmetric cryptography
CN108260102A (en) * 2018-01-04 2018-07-06 西南交通大学 The car-ground communication Non-Access Stratum authentication methods of LTE-R based on allograph
CN108781366A (en) * 2016-03-10 2018-11-09 华为技术有限公司 Authentication mechanism for 5g technologies
CN109474927A (en) * 2017-09-08 2019-03-15 中国电信股份有限公司 Information interacting method, home network, user terminal and information interaction system
CN110858968A (en) * 2018-08-23 2020-03-03 刘高峰 Client registration method, device and system
US10873464B2 (en) 2016-03-10 2020-12-22 Futurewei Technologies, Inc. Authentication mechanism for 5G technologies
CN113615124A (en) * 2019-03-29 2021-11-05 瑞典爱立信有限公司 Methods and apparatus related to authentication of wireless devices
CN114430324A (en) * 2022-01-02 2022-05-03 西安电子科技大学 Online fast authentication method based on hash chain
CN115022879A (en) * 2022-05-11 2022-09-06 西安电子科技大学 Enhanced Beidou user terminal access authentication method and system based on location key
CN116569516A (en) * 2020-09-30 2023-08-08 中兴通讯股份有限公司 Method for preventing leakage of authentication serial number of mobile terminal

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102014386B (en) * 2010-10-15 2012-05-09 西安西电捷通无线网络通信股份有限公司 Entity authentication method and system based on symmetric cryptographic algorithm
CN104954130B (en) 2014-03-31 2019-08-20 西安西电捷通无线网络通信股份有限公司 A kind of method for authenticating entities and device
CN104270378B (en) * 2014-10-14 2018-07-03 天津理工大学 A kind of method that Replay Attack is resisted based on the adaptively selected agreement of early warning mechanism
GB2569130B (en) 2017-12-05 2020-11-04 Ali Musallam Ibrahim Method and system for sharing an item of media content
CN115767527A (en) * 2022-10-19 2023-03-07 中电信数智科技有限公司 Improved 5G message RCS access authentication IMS-AKA mechanism for balancing safety and efficiency

Cited By (61)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008009183A1 (en) * 2006-07-13 2008-01-24 Shanghai Jiaotong University Password remotely authentication method based on the intelligent card and an intelligent card, a server and system thereof
CN101617351B (en) * 2007-01-19 2011-06-22 三菱电机株式会社 Cryptogram generating device, cryptogram communication system, and group parameter generating device
CN101056166B (en) * 2007-05-28 2010-04-21 北京飞天诚信科技有限公司 A method for improving the data transmission security
CN101350721B (en) * 2007-07-20 2012-08-08 华为技术有限公司 Network system, network access method and network appliance
CN101127764B (en) * 2007-09-11 2010-06-02 神州亿品科技有限公司 Method, authentication module and system for secure playing of audio and video
CN101159639B (en) * 2007-11-08 2010-05-12 西安西电捷通无线网络通信有限公司 One-way access authentication method
JP2011504318A (en) * 2007-11-08 2011-02-03 西安西▲電▼捷通▲無▼綫▲網▼絡通信股▲分▼有限公司 One-way access authentication method
US8578164B2 (en) 2007-11-08 2013-11-05 China Iwncomm Co., Ltd. Method of one-way access authentication
RU2454811C2 (en) * 2007-11-08 2012-06-27 Чайна Ивнкомм Ко., Лтд. Method of authentication with one-sided access
WO2009067901A1 (en) * 2007-11-08 2009-06-04 China Iwncomm Co., Ltd. A method of one-way access authentication
JP2011507363A (en) * 2007-12-14 2011-03-03 西安西電捷通無線網絡通信有限公司 Entity two-way authentication method and system
WO2009076811A1 (en) * 2007-12-14 2009-06-25 Huawei Technologies Co., Ltd. A method, a system, a client and a server for key negotiating
US8417955B2 (en) 2007-12-14 2013-04-09 China Iwncomm Co., Ltd. Entity bidirectional authentication method and system
CN101547340B (en) * 2008-03-25 2010-12-15 中国科学院软件研究所 Undeniable charging method for video-on-demand system
CN101741555B (en) * 2008-11-12 2012-07-04 中兴通讯股份有限公司 Method and system for identity authentication and key agreement
CN101784048A (en) * 2009-01-21 2010-07-21 中兴通讯股份有限公司 Method and system for dynamically updating identity authentication and secret key agreement of secret key
CN101784048B (en) * 2009-01-21 2014-01-01 中兴通讯股份有限公司 Method and system for dynamically updating identity authentication and secret key agreement of secret key
CN101938741A (en) * 2009-06-30 2011-01-05 大唐移动通信设备有限公司 Method, system and device for mutual authentication
CN102792312A (en) * 2010-03-10 2012-11-21 德国捷德有限公司 Method for authenticating a portable data carrier
US8966275B2 (en) 2010-03-10 2015-02-24 Giesecke & Devrient Gmbh Method for authenticating a portable data carrier
CN102792312B (en) * 2010-03-10 2015-12-02 德国捷德有限公司 For verifying the method for portable data medium
CN102378170A (en) * 2010-08-27 2012-03-14 中国移动通信有限公司 Method, device and system of authentication and service calling
CN102378170B (en) * 2010-08-27 2014-12-10 中国移动通信有限公司 Method, device and system of authentication and service calling
CN103259768B (en) * 2012-02-17 2018-06-19 中兴通讯股份有限公司 A kind of message authentication method, system and device
CN103259768A (en) * 2012-02-17 2013-08-21 中兴通讯股份有限公司 Method, system and device of message authentication
CN105556892B (en) * 2013-05-09 2021-07-06 韦恩加油系统有限公司 System and method for secure communication
US11127001B2 (en) 2013-05-09 2021-09-21 Wayne Fueling Systems Llc Systems and methods for secure communication
CN105556892A (en) * 2013-05-09 2016-05-04 韦恩加油系统有限公司 Systems and methods for secure communication
CN104243409A (en) * 2013-06-14 2014-12-24 中国普天信息产业股份有限公司 Terminal-to-terminal data transmission method
CN103475643A (en) * 2013-08-22 2013-12-25 北京宏基恒信科技有限责任公司 Key updating method and system of dynamic token, dynamic token and authentication server
CN103701797A (en) * 2013-12-23 2014-04-02 江苏物联网研究发展中心 Light-weight node and gateway two-way identity authentication method
CN103701797B (en) * 2013-12-23 2017-01-25 江苏物联网研究发展中心 Light-weight node and gateway two-way identity authentication method
CN103647653B (en) * 2013-12-24 2016-08-24 深圳国微技术有限公司 A kind of authentication between devices and cryptographic key negotiation method
CN103647653A (en) * 2013-12-24 2014-03-19 深圳国微技术有限公司 Certification and key agreement method between devices
CN105227309A (en) * 2014-06-17 2016-01-06 上海崴澜网络科技有限公司 For the encryption method of internet-of-things terminal and high in the clouds communication
CN105227309B (en) * 2014-06-17 2019-01-08 上海崴澜网络科技有限公司 Encryption method for internet-of-things terminal and cloud communication
CN106332061B (en) * 2015-06-23 2019-11-05 南京中兴软件有限责任公司 It eats dishes without rice or wine to guide setting processing method and terminal device
CN106332061A (en) * 2015-06-23 2017-01-11 中兴通讯股份有限公司 OTA bootstrap processing method and terminal equipment
WO2017096599A1 (en) * 2015-12-10 2017-06-15 深圳市大疆创新科技有限公司 Secure communication system, method, and device
US10833853B2 (en) 2015-12-10 2020-11-10 SZ DJI Technology Co., Ltd. Method and device for secure communication
US11700131B2 (en) 2016-03-10 2023-07-11 Futurewei Technologies, Inc. Authentication mechanism for 5G technologies
CN113411308B (en) * 2016-03-10 2022-04-12 华为技术有限公司 Communication method, device and storage medium
CN108781366A (en) * 2016-03-10 2018-11-09 华为技术有限公司 Authentication mechanism for 5g technologies
CN113411308A (en) * 2016-03-10 2021-09-17 华为技术有限公司 Authentication mechanism for 5G technology
US10873464B2 (en) 2016-03-10 2020-12-22 Futurewei Technologies, Inc. Authentication mechanism for 5G technologies
CN108781366B (en) * 2016-03-10 2021-05-18 华为技术有限公司 Authentication mechanism for 5G technology
US12166897B2 (en) 2016-03-10 2024-12-10 Futurewei Technologies, Inc. Authentication mechanism for 5G technologies
CN106330430B (en) * 2016-08-29 2019-08-20 江苏高网信息科技有限公司 A kind of third party's method of mobile payment based on NTRU
CN106330430A (en) * 2016-08-29 2017-01-11 江苏高网信息科技有限公司 Third-party mobile payment method based on NTRU
CN109474927A (en) * 2017-09-08 2019-03-15 中国电信股份有限公司 Information interacting method, home network, user terminal and information interaction system
CN107682152B (en) * 2017-10-31 2020-12-22 洛阳师范学院 A Group Key Agreement Method Based on Symmetric Cipher
CN107682152A (en) * 2017-10-31 2018-02-09 洛阳师范学院 A kind of group key agreement method based on symmetric cryptography
CN108260102B (en) * 2018-01-04 2020-06-02 西南交通大学 Proxy signature-based non-access stratum authentication method for LTE-R vehicle-ground communication
CN108260102A (en) * 2018-01-04 2018-07-06 西南交通大学 The car-ground communication Non-Access Stratum authentication methods of LTE-R based on allograph
CN110858968A (en) * 2018-08-23 2020-03-03 刘高峰 Client registration method, device and system
CN113615124A (en) * 2019-03-29 2021-11-05 瑞典爱立信有限公司 Methods and apparatus related to authentication of wireless devices
CN113615124B (en) * 2019-03-29 2024-04-16 瑞典爱立信有限公司 Methods and apparatus relating to authentication of wireless devices
CN116569516A (en) * 2020-09-30 2023-08-08 中兴通讯股份有限公司 Method for preventing leakage of authentication serial number of mobile terminal
CN114430324A (en) * 2022-01-02 2022-05-03 西安电子科技大学 Online fast authentication method based on hash chain
CN115022879A (en) * 2022-05-11 2022-09-06 西安电子科技大学 Enhanced Beidou user terminal access authentication method and system based on location key
CN115022879B (en) * 2022-05-11 2023-11-21 西安电子科技大学 Enhanced Beidou user terminal access authentication method and system based on location key

Also Published As

Publication number Publication date
CN100544249C (en) 2009-09-23

Similar Documents

Publication Publication Date Title
CN1767429A (en) Mobile communication user certification and key negotiation method
CN1298194C (en) Radio LAN security access method based on roaming key exchange authentication protocal
CN1659922A (en) Method and system for challenge-response user authentication
CN1310476C (en) Method for building session connection to wireless local network user
CN1315268C (en) Method for authenticating users
CN1859093A (en) Method for verifying user terminal in IP multimedia subsystem
CN101032142A (en) Means and methods for signal sign-on access to service network through access network
CN101052033A (en) Certifying and key consulting method and its device based on TTP
WO2017201809A1 (en) Communication method and system for terminal
CN1444835A (en) Authentication in mobile communications network
CN1475091A (en) Integrity protection during initial user registration in telecommunication networks
CN101039311A (en) Identification web page service network system and its authentication method
CN1929371A (en) Method for negotiating key share between user and peripheral apparatus
CN1870808A (en) Key updating method
CN103491540A (en) Wireless local area network two-way access authentication system and method based on identity certificates
CN1914848A (en) Key management for network elements
CN101640887A (en) Authentication method, communication device and communication system
CN1700699A (en) Method and mobile terminal providing signature key for digitally signing, authenticating or encrypting data
CN101047505A (en) Method and system for setting safety connection in network application PUSH service
CN1767430A (en) Authentication method
CN101064606A (en) System, apparatus and method for authentication
CN101990201B (en) Method, system and device for generating general bootstrapping architecture (GBA) secret key
CN101052032A (en) Business entity certifying method and device
CN1977559A (en) Method and system for protecting information exchanged during communication between users
CN104602229B (en) A kind of efficient initial access authentication method for WLAN and 5G combination network application scenarios

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
ASS Succession or assignment of patent right

Owner name: INST OF TELECOMMUNICATION SCIENCE AND TECHNOLGOY

Free format text: FORMER OWNER: DATANG MOBILE COMMUNICATION EQUIPMENT CO., LTD.

Effective date: 20110620

C41 Transfer of patent application or patent right or utility model
COR Change of bibliographic data

Free format text: CORRECT: ADDRESS; FROM: 100083 NO. 40, XUEYUAN ROAD, HAIDIAN DISTRICT, BEIJING TO: 100191 NO. 40, XUEYUAN ROAD, HAIDIAN DISTRICT, BEIJING

TR01 Transfer of patent right

Effective date of registration: 20110620

Address after: 100191 Haidian District, Xueyuan Road, No. 40,

Patentee after: CHINA ACADEMY OF TELECOMMUNICATIONS TECHNOLOGY

Address before: 100083 No. 40, Haidian District, Beijing, Xueyuan Road

Patentee before: DATANG MOBILE COMMUNICATIONS EQUIPMENT Co.,Ltd.

CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20090923

Termination date: 20211029