CN101102552B - Update method and system for service secret key - Google Patents
Update method and system for service secret key Download PDFInfo
- Publication number
- CN101102552B CN101102552B CN200710143661.XA CN200710143661A CN101102552B CN 101102552 B CN101102552 B CN 101102552B CN 200710143661 A CN200710143661 A CN 200710143661A CN 101102552 B CN101102552 B CN 101102552B
- Authority
- CN
- China
- Prior art keywords
- business cipher
- cipher key
- key
- renewal
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The method comprises: 102) the broadcast multicast service center (BM-SC) determines the cycle of updating the service key, generates the updated service key before the service key update validation point and sends the updated service key notice to the terminal; the update service key notice carries a service key ID corresponding to the updated service key; 104) after receiving the service key request message sent by the terminal based on the service key ID, the BM-SC sends down the service key; the terminal saves the obtained updated service key; 106) when the service key goes into effect, the BM-SC uses the updated service key to pack the transmission key and sends it the terminal; 108) the terminal uses the updated service key to decode the packed transmission key.
Description
Technical field
The present invention relates to move the Multimedia Broadcast Multicast Service field, relate to a kind of business cipher key update method and system more specifically.
Background technology
The multi-medium multi-packet broadcasting broadcast service is the new focus of 3G business field.MBMS (Multimedia Broadcast Multicast Service; Multimedia broadcast multicast services) in the System security architecture document renewal of business cipher key is stipulated: business cipher key MSK (MBMS Service Key; MBMS Service Key) must often upgrade to guarantee the fail safe of business tine; When business cipher key will be changed, the active push key was given the registered user, can let the registered user continue the service that the acquisition system provides like this.The active update mode of MSK is to send a MIKEY bag earlier; (the MBMS Service KeyIdentifier of MSK ID wherein; The MBMS Service Key sign) Key Number part (key number sign) is changed to 0x0, informs that user terminal need upgrade current MSK key.
But brought into use the user under the situation of MBMS service, such update mode can go wrong.When some business have a plurality of user's registrations; If business cipher key that should business upgrades; Then needing a plurality of users' of internal trigger more new technological process at one time, is current key owing to what ask after the user terminal triggering, therefore; This triggering should be after key comes into force, otherwise the key that the user obtains must be not upgrade.And, must cause the unexpected increase of data traffic because issuing of business cipher key is point-to-point transmission, cause network congestion.Even it is congested to adopt certain update strategy to control; Such as time-sequencing etc.; Still can cause some using professional registered user because the business cipher key after can not obtaining immediately to upgrade causes deciphering the business tine failure, the disabled situation of short-term takes place in service.
Therefore,, user's bad experience be can cause, the popularization and the development of BroadCast MultiCast Service are unfavorable for if the renewal process of business cipher key can not effectively address the above problem.
Summary of the invention
One or more problems in view of the above; The present invention proposes a kind of business cipher key method for updating and system; This system and method upgrades the time point that comes into force through disassociation service key updating generation and business cipher key; Before the business cipher key renewal comes into force, generate and controlledly issue the business cipher key of renewal, can well address the above problem.
Business cipher key update method according to the present invention mainly may further comprise the steps: S102; Broadcast multicast service center is confirmed the business cipher key update cycle; Before the business cipher key renewal comes into force a little, generate the business cipher key of renewal and the business cipher key of active push renewal and notify, upgrade the business cipher key corresponding service key identification that carrying and upgrading in the business cipher key notice to the terminal.S104, broadcast multicast service center issues the business cipher key of renewal after receiving the request message to business cipher key of initiating according to business key label at the terminal, and the business cipher key of the renewal that obtains is preserved according to upgrading principle in the terminal.S106, under the situation about arriving in the business cipher key entry-into-force time, broadcast multicast service center encapsulates and is handed down to the terminal with the business cipher key that upgrades to transmission security key.S108, the business cipher key of terminal through the renewal of having preserved deciphered the transmission security key of the encapsulation that receives.
Wherein, computing capability and the network capabilities control key according to broadcast multicast service center pushes the time.Broadcast multicast service center is packaged into key packet with transmission security key.The business cipher key update method is used for multimedia broadcast multicast service system.
Business cipher key update system according to the present invention comprises: business cipher key generates and pusher 202; Be used for confirming the business cipher key update cycle; Upgrade business cipher key and the active push that a little generates renewal before that come into force at business cipher key and upgrade the business cipher key notice, carrying and business cipher key corresponding service key identification in the renewal business cipher key notice to the terminal.Transmitting apparatus 204 under the business cipher key, are used for after receiving the request message to business cipher key of initiating according to business key label at the terminal, issuing the business cipher key of renewal, make the terminal preserve the business cipher key of the renewal that obtains according to upgrading principle.Transmission security key encapsulation and following transmitting apparatus 206; Under the situation that is used for arriving in the business cipher key entry-into-force time; Business cipher key with upgrading encapsulates and is handed down to the terminal to transmission security key, the business cipher key that the terminal can be through the renewal of having preserved is deciphered the transmission security key of the encapsulation that receives.
Wherein business cipher key generation and pusher push the time according to the computing capability and the network capabilities control key of broadcast multicast service center.Transmission security key encapsulation and following transmitting apparatus are packaged into key packet with transmission security key.The business cipher key that upgrades comprises business key label.The business cipher key update system is used for multimedia broadcast multicast service system.
Through method and system of the present invention, there is the key that carries out of control to push renewal, avoid a plurality of users to ask to cause network congestion simultaneously.Separate cipher code renewal time and key updating entry-into-force time, the key after making the terminal obtain in advance upgrading when new key comes into force, avoids occurring user's the disabled problem of service short-term.
Description of drawings
Accompanying drawing described herein is used to provide further understanding of the present invention, constitutes the application's a part, and illustrative examples of the present invention and explanation thereof are used to explain the present invention, do not constitute improper qualification of the present invention.In the accompanying drawings:
Fig. 1 is the flow chart according to business cipher key update method of the present invention;
Fig. 2 is the block diagram according to business cipher key update system of the present invention;
Fig. 3 is according to MBMS system applies environment sketch map of the present invention; And
Fig. 4 is the flow chart that upgrades according to MSK business cipher key of the present invention.
Embodiment
With reference to accompanying drawing, specify embodiment of the present invention below.
Fig. 1 is the flow chart according to business cipher key update method of the present invention.As shown in Figure 1, this method may further comprise the steps:
S102; Broadcast multicast service center is confirmed the business cipher key update cycle; Before the business cipher key renewal comes into force a little, generate the business cipher key of renewal and the business cipher key of active push renewal and notify, upgrade the business cipher key corresponding service key identification that the business cipher key notice carries and upgrades to the terminal.
S104, broadcast multicast service center issues the business cipher key of renewal after receiving the request message to business cipher key of initiating according to business key label at the terminal, and the business cipher key of the renewal that obtains is preserved according to upgrading principle in the terminal.
S106, under the situation about arriving in the business cipher key entry-into-force time, broadcast multicast service center encapsulates and is handed down to the terminal with the business cipher key that upgrades to transmission security key.
S108, the business cipher key of terminal through the renewal of having preserved deciphered the transmission security key of the encapsulation that receives.
Wherein, computing capability and the network capabilities control key according to broadcast multicast service center pushes the time.Broadcast multicast service center is packaged into key packet with transmission security key.The business cipher key that upgrades comprises business key label.The business cipher key update method is used for multimedia broadcast multicast service system.
Fig. 2 is the block diagram according to business cipher key update system of the present invention.As shown in Figure 2; This system comprises: business cipher key generates and pusher 202; Be used for confirming the business cipher key update cycle; Before the business cipher key renewal comes into force a little, generate the business cipher key of renewal and the business cipher key of active push renewal and notify, upgrade in the business cipher key notice carrying and business cipher key corresponding service key identification to the terminal.Transmitting apparatus 204 under the business cipher key, are used for after receiving the request message to business cipher key of initiating according to business key label at the terminal, issuing the business cipher key of renewal, make the terminal preserve the business cipher key of the renewal that obtains according to upgrading principle.Transmission security key encapsulation and following transmitting apparatus 206; Under the situation that is used for arriving in the business cipher key entry-into-force time; Business cipher key with upgrading encapsulates and is handed down to the terminal to transmission security key, the business cipher key that the terminal can be through the renewal of having preserved is deciphered the transmission security key of the encapsulation that receives.
Wherein business cipher key generation and pusher push the time according to the computing capability and the network capabilities control key of broadcast multicast service center.Transmission security key encapsulation and following transmitting apparatus are packaged into key packet with transmission security key.The business cipher key that upgrades comprises business key label.The business cipher key update system is used for multimedia broadcast multicast service system.
Fig. 3 is according to MBMS system applies environment sketch map of the present invention.As shown in Figure 3, this is a cover MBMS system, and four part: BM-SC (Broadcast-MulticastService Centre, broadcast multicast service center) platform 302, core net 304, Access Network 306 and terminal 308 are arranged.
Wherein certain professional service of terminal request can be preserved this professional MSK and sign thereof.When MBMS provided the encryption multicast/broadcast of this business, the encrypted content of receiving can be resolved in the terminal, seeks the MSK value that is stored in this locality according to MSK identification index wherein encrypted content is further deciphered.When business cipher key is the MSK renewal, the encrypted content real-time update, the ciphering multimedia content that receive this moment need be deciphered with the key that upgrades in the terminal.
Fig. 4 is the flow chart that upgrades according to MSK business cipher key of the present invention.As shown in Figure 4, the MSK business cipher key upgrades and may further comprise the steps:
S402, business is issued, and confirms the professional MSK key updating cycle.
S404 confirms that cipher code renewal time adds one or more key updating cycle for the service distribution time, confirms that this time point is the key updating entry-into-force time; Promptly arrive this time point, the key after the renewal comes into force, simultaneously; Select time is o'clock between two key updating entry-into-force times; Be the key updating rise time, at this moment between point, generate the business cipher key of following one-period.
S406, after generating business cipher key of following one-period, the business cipher key notice after BM-SC key function module active push is upgraded, (MSKID) is sent to the terminal with the corresponding service key identification, lets the terminal understand business cipher key and upgrades.The Key Number Part of the MSKID that carries (MBMSService Key Identifier, MBMS Service Key sign) upgrades back key for this.
S408, the HTTP request message of MSK is initiated at the terminal, and carries the MSKID of renewal.
S410, BM-SC issue the business cipher key after the renewal.
S412, the corresponding professional more new key that obtains is preserved according to upgrading principle in the terminal.
S414, the business cipher key entry-into-force time arrives, and BM-SC carries out the MIKEY package with new business cipher key to MTK.
S416 issues the MIKEY bag (multicast and broadcast mode) of MTK (MBMS Traffic Key, the MBMS Traffic Key) key after the renewal.
S418, new business cipher key has been stored at the terminal, can in time decipher program stream.
Wherein, for fear of a plurality of key request at a time occurring, at S406, can adopt control key to push time method, promptly computing capability and the network capabilities according to BM-SC sends the request of propelling movement in batches successively.
Under the situation that certain business is used by a large number of users, separate key updating point and key updating entry-into-force time point, before new key comes into force, send and upgrade; Make the user before key comes into force, obtain key; Just can avoid following problem in the new key renewal when coming into force, a large number of users request new key causes network data congested during promptly owing to key updating; The user can not in time obtain key, and it is unavailable to occur service in a short time.
The above is merely the preferred embodiments of the present invention, is not limited to the present invention, and for a person skilled in the art, the present invention can have various changes and variation.All within spirit of the present invention and principle, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (6)
1. a business cipher key update method is characterized in that, may further comprise the steps:
S102; Broadcast multicast service center is confirmed the business cipher key update cycle; Upgrade business cipher key and the said renewal business cipher key of active push that a little generates renewal before that come into force at business cipher key and notify to the terminal, said renewal business cipher key notice carries the business cipher key corresponding service key identification with said renewal; Wherein, said broadcast multicast service center pushes the time according to the computing capability and the network capabilities control key of said broadcast multicast service center; Wherein, said business cipher key upgrades to come into force and a little is the renewal entry-into-force time of said business cipher key;
S104; Said broadcast multicast service center issues the business cipher key of said renewal after receiving the request message to business cipher key of initiating according to said business key label at said terminal, the business cipher key of the said renewal that obtains is preserved according to upgrading principle in said terminal;
S106, under the situation about arriving in the business cipher key entry-into-force time, said broadcast multicast service center encapsulates and is handed down to said terminal with the business cipher key of said renewal to transmission security key; And
S108, the business cipher key of said terminal through the said renewal of having preserved deciphered the transmission security key of the encapsulation that receives.
2. business cipher key update method according to claim 1 is characterized in that said broadcast multicast service center is packaged into key packet with said transmission security key.
3. business cipher key update method according to claim 1 and 2 is characterized in that said method is used for multimedia broadcast multicast service system.
4. a business cipher key update system is characterized in that, comprising:
Business cipher key generates and pusher; Be used for confirming the business cipher key update cycle; Upgrade business cipher key and the said renewal business cipher key of active push that a little generates renewal before that come into force at business cipher key and notify, carry business cipher key corresponding service key identification in the said renewal business cipher key notice with said renewal to the terminal; Said business cipher key generation and pusher push the time according to the computing capability and the network capabilities control key of broadcast multicast service center; Wherein, said business cipher key upgrades to come into force and a little is the renewal entry-into-force time of said business cipher key;
Transmitting apparatus under the business cipher key; Be used for after receiving the request message to business cipher key of initiating according to said business key label at said terminal; Issue the business cipher key of said renewal, make said terminal preserve the business cipher key of the said renewal that obtains according to upgrading principle; And
Transmission security key encapsulation and following transmitting apparatus; Under the situation that is used for arriving in the business cipher key entry-into-force time; Business cipher key with said renewal encapsulates and is handed down to said terminal to transmission security key, the business cipher key that said terminal can be through the said renewal of having preserved is deciphered the transmission security key of the encapsulation that receives.
5. business cipher key update system according to claim 4 is characterized in that, said transmission security key encapsulation and following transmitting apparatus are packaged into key packet with said transmission security key.
6. according to claim 4 or 5 described business cipher key update system, it is characterized in that said business cipher key update system is used for multimedia broadcast multicast service system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200710143661.XA CN101102552B (en) | 2007-08-16 | 2007-08-16 | Update method and system for service secret key |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200710143661.XA CN101102552B (en) | 2007-08-16 | 2007-08-16 | Update method and system for service secret key |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101102552A CN101102552A (en) | 2008-01-09 |
| CN101102552B true CN101102552B (en) | 2012-12-19 |
Family
ID=39036594
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200710143661.XA Expired - Fee Related CN101102552B (en) | 2007-08-16 | 2007-08-16 | Update method and system for service secret key |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101102552B (en) |
Families Citing this family (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101521656B (en) * | 2008-02-26 | 2012-12-19 | 华为技术有限公司 | Method and system for updating cryptographic-key used for encrypting group service |
| CN101621390B (en) * | 2008-07-01 | 2011-10-26 | 中兴通讯股份有限公司 | Protection method and system thereof for data download service in broadcast multicast |
| CN101583131B (en) * | 2009-06-10 | 2012-05-09 | 中兴通讯股份有限公司 | Service key transmission method and system |
| CN102869011B (en) * | 2011-07-05 | 2017-10-03 | 广东纬德信息科技有限公司 | PWS key updating methods, network side equipment and terminal in wireless communication system |
| CN102333280B (en) * | 2011-09-26 | 2018-02-09 | 中兴通讯股份有限公司 | A kind of method, system and the Service Process Server of business cipher key renewal |
| CN102387500B (en) * | 2011-10-25 | 2015-10-28 | 中兴通讯股份有限公司 | A kind of business cipher key management method and system |
| CN103781065B (en) * | 2012-10-25 | 2018-09-07 | 华为终端有限公司 | A kind of group key management method and relevant apparatus and system |
| CN106332073B (en) * | 2015-06-16 | 2019-06-21 | 北京信威通信技术股份有限公司 | A kind of cluster group root key update method |
| CN106936794B (en) * | 2015-12-30 | 2021-01-08 | 阿里巴巴集团控股有限公司 | Method and device for changing secret key and method and device for setting secret key |
| CN111200491A (en) * | 2018-11-20 | 2020-05-26 | 千寻位置网络有限公司 | Key updating method, data decrypting method, device, client and interactive system |
| CN110035396B (en) * | 2019-04-15 | 2021-08-13 | 湖南科大天河通信股份有限公司 | Bluetooth broadcast key updating method, device and system |
| WO2022036600A1 (en) * | 2020-08-19 | 2022-02-24 | Oppo广东移动通信有限公司 | Key update methods, apparatus and devices, and storage medium |
| CN114979962A (en) * | 2021-02-20 | 2022-08-30 | 华为技术有限公司 | Method and device for updating key |
| WO2022257108A1 (en) * | 2021-06-11 | 2022-12-15 | 华为技术有限公司 | Method for updating vehicle-to-everything (v2x) communication key, and communication apparatus |
| CN113757909B (en) * | 2021-11-08 | 2022-02-08 | 国网浙江省电力有限公司绍兴供电公司 | Air conditioner cluster control method based on quantum encryption technology |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1430638A2 (en) * | 2001-09-14 | 2004-06-23 | Koninklijke Philips Electronics N.V. | Usb authentication interface |
| CN1553600A (en) * | 2003-05-29 | 2004-12-08 | 华为技术有限公司 | Method for updating shared key |
| CN1725853A (en) * | 2004-07-21 | 2006-01-25 | 华为技术有限公司 | Method for realizing acquisition of user on-line information |
-
2007
- 2007-08-16 CN CN200710143661.XA patent/CN101102552B/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1430638A2 (en) * | 2001-09-14 | 2004-06-23 | Koninklijke Philips Electronics N.V. | Usb authentication interface |
| CN1553600A (en) * | 2003-05-29 | 2004-12-08 | 华为技术有限公司 | Method for updating shared key |
| CN1725853A (en) * | 2004-07-21 | 2006-01-25 | 华为技术有限公司 | Method for realizing acquisition of user on-line information |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101102552A (en) | 2008-01-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101102552B (en) | Update method and system for service secret key | |
| CN101981864B (en) | Method and apparatus for providing broadcast service using encryption key in a communication system | |
| US8600059B2 (en) | Short message service cipher | |
| CN1845599B (en) | Method for obtaining and updating service key in mobile television service | |
| EP1865650A1 (en) | A method and system for encrypting and decrypting the on demand stream media data in wmv format | |
| RU2530331C2 (en) | Multicast key negotiation method suitable for group calling system and respective system | |
| US8619993B2 (en) | Content protection for OMA broadcast smartcard profiles | |
| KR101465263B1 (en) | Method for security key distrubution in broadcast system and the system therefor | |
| CN102197631A (en) | Method and apparatus for billing and security architecture for venue-cast services | |
| US20130288641A1 (en) | Wireless communication system providing the verification of the network identify | |
| CN104782075B (en) | The security of movement between MBMS device | |
| CN101808286B (en) | Multicast key agreement method and system for clustered system | |
| WO2009069893A1 (en) | Smart card and method for generating response message to be delivered to mobile terminal supporting mobile broadcast, and mobile terminal therefor | |
| CN101217358A (en) | An activation method of digital broadcast service system and digital broadcast service | |
| CN101425862B (en) | Mobile multimedia broadcast service operation management system and method | |
| CN100544429C (en) | A kind of mobile phone TV services content protecting method | |
| CN101621390B (en) | Protection method and system thereof for data download service in broadcast multicast | |
| CN108307324A (en) | A kind of broadcast message safe transmission method and device | |
| CN107644169A (en) | A kind of data guard method and data protection system | |
| CN101267590B (en) | Service unsubscription method and system, mobile terminal, card and service server | |
| CN100354789C (en) | Content group digital copyright protection method and system | |
| CN103427985B (en) | A kind of method that data encryption key is distributed to telecommunication terminal | |
| CN102123390B (en) | Method, device and terminal for processing service keys | |
| CN101990203A (en) | Key agreement method, device and system based on universal self-initializing architecture | |
| CN101267533B (en) | Method, system and mobile terminal for playing program stream at different platform terminals |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20121219 Termination date: 20200816 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |