CN101511084B - Authentication and cipher key negotiation method of mobile communication system - Google Patents
Authentication and cipher key negotiation method of mobile communication system Download PDFInfo
- Publication number
- CN101511084B CN101511084B CN2008100577615A CN200810057761A CN101511084B CN 101511084 B CN101511084 B CN 101511084B CN 2008100577615 A CN2008100577615 A CN 2008100577615A CN 200810057761 A CN200810057761 A CN 200810057761A CN 101511084 B CN101511084 B CN 101511084B
- Authority
- CN
- China
- Prior art keywords
- authentication
- sqn
- key
- rand
- vlr
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention provides an authentication and key arranging method in a mobile communication system. A network side and a mobile terminal side use a boot authentication key K kept by both sides respectively, and same random number RAND and a sequence number SQN with 128 bits length for generating a temporary key K*=fxk(RAND,SQN), and use K* for generating MAC and RES respectively to process dual-way authentication of the network side and the mobile terminal side; wherein, fx is a group arithmetic with 128 bits key length; K is the key used by fx arithmetic function. The AKA enhancement authentication method one time one encryption can increase difficulty for decoding the authentication key greatly, accordingly, reduce safe risk of decoding the authentication boot key.
Description
Technical field
The present invention relates to moving communicating field, relate in particular to a kind of authentication and cryptographic key negotiation method of mobile communication system.
Background technology
At 3-G (Generation Three mobile communication system) UMTS (Universal Mobile TelecommunicationsSystem, Universal Mobile Telecommunications System) adopts authentication and key agreement (Authentication and Key Agreement in the access authentication process, be called for short AKA) mechanism, authentication is by portable terminal USIM (Universal Subscriber Identity Module, USIM) card, VLR/SGSN of network side (Visitor Location Register/Service GPRS Supporting Node, Visited Location Registor/GPRS serving GPRS support node) and HLR/AuC finish jointly.The usim card of end side and the HLR/AuC of network side (Home Location Register/Authentication Center, home location register/authentication center) shares KI K, by KI K, end side usim card and network side can authenticate mutually.
As shown in Figure 1, user's access authentication flow process of the prior art comprises following steps:
101: during requests such as portable terminal (Mobile Equipment is called for short ME) initiation network insertion, service access or position renewal, the VLR/SGSN of meeting trigger network side carries out authentication operations;
Comprise the IMSI (International MobileSubscriber Identifier, international mobile subscriber identity) that is used for the identifying user identity in the above-mentioned request message.
102:VLR/SGSN sends the authentication vector request message to HLR/AuC, and request five-tuple authentication vector AV sends IMSI to HLR/AuC simultaneously;
Comprise among the five-tuple authentication vector AV: random number RA ND, Expected Response value XRES, encryption key CK, Integrity Key IK and authentication-tokens AUTN.
103:HLR/AuC generates random number RA ND, searches corresponding KI K according to IMSI, and generates among the five-tuple authentication vector AV according to KI K: Expected Response value XRES, encryption key CK, Integrity Key IK and authentication-tokens AUTN;
Wherein, authentication-tokens AUTN is by SQN (sequence number), and AMF (AuthenticationManagement Field, authentication management territory) and MAC (Message Authentication Code, message authentication code) form.
Fig. 2 is the method schematic diagram of HLR/AuC compute authentication vector in the prior art.Specifically describe as follows:
103A: adopt following formula to calculate AUTN:
AK=f5
K(RAND);
MAC=f1
K(SQN?
HE||RAND||AMF);
103B: adopt following formula to generate AV:
AV=RAND||XRES||CK||IK||AUTN;
XRES=f2
K(RAND);
CK=f3
K(RAND);
IK=f4
K(RAND)。
Above-mentioned SQN
HESequence number for network side; F1, f2, f3, f4, f5 are the algorithmic function of former agreement (3GPP TS33.102V7.1.0 (2006-12) agreement) regulation.
104:HLR/AuC is included in the authentication vector AV that generates in the authentication vector response message and sends to VLR/SGSN;
105:VLR/SGSN preserves Expected Response value XRES, encryption key CK and the Integrity Key IK among the five-tuple authentication vector AV;
106:VLR/SGSN is included in the random number RA ND among the five-tuple authentication vector AV and authentication-tokens AUTN in the subscription authentication request and sends to portable terminal;
107: portable terminal is transmitted to usim card with random number RA ND and the authentication-tokens AUTN that receives; Usim card uses legitimacy and the validity of the inner KI K checking AUTN that preserves;
If it (is that usim card thinks that network is a legitimate network, and SQN that usim card has passed through the authentication of AUTN
HEIn correct scope), then USIM uses KI K and random number RA ND to generate Authentication Response value RES, encryption key CK and Integrity Key IK;
Fig. 3 is that USIM calculates the also method schematic diagram of authentication vector in the prior art.Specifically describe as follows:
107A: calculate AK, checking network side sequence number (SQN
HE) validity;
AK=f5(K,RAND);
107B: calculate XMAC, and whether checking XMAC equals MAC;
XMAC=f1
K(SQN
HE||RAND||AMF);
107C: calculate RES, CK, IK;
RES=f2
K(RAND);
CK=f3
K(RAND);
IK=f4
K(RAND)。
108: portable terminal sends the subscription authentication response message to VLR/SGSN, comprises Authentication Response value RES in this message;
Whether the Authentication Response value RES that 109:VLR/SGSN relatively receives equates with the Expected Response value XRES of preservation, if equate, then network side thinks that usim card is a validated user, thereby finish the mutual authentication process (this is a normal authorizing procedure of AKA, and abnormal conditions are omitted) of mobile terminal side usim card and network side here.
As from the foregoing, usim card and HLP/AuC share single permanent authentication root key K, and calculate by identical authentication root key K during each authentication and generate authentication vector AV.
In the LTE (Long Term Evolution, Long Term Evolution) of 3GPP (3rd Generation Partnership Project, third generation partner program) network, user's access authentication has been inherited original UMTS AKA authentication mechanism.Its key management system adopts hierarchy; be that authentication root key K is the permanent root key; CK and IK are the pair of secret keys that AuC and usim card are consulted in the AKA verification process; and all intermediate key that UE and LTE Access Network and core net are encrypted with integrity protection (comprise Kasme; Knas; Kenb, Krrc, Kup etc.) all obtain by CK and IK deduction.Therefore can reach a conclusion: authentication root key K is the root key that LTE/SAE (System ArchitectureEvolution, System Architecture Evolution) mobile communications network inserts face and chain of command, and it concerns the safety of whole mobile communication system.
No matter UMTS or LTE, this authentication root key remains constant key management mode and has safety defect.The cryptography theory once proved: all cryptographic algorithms, except one-time pad, as long as abundant ciphertext is arranged, in theory all can crack.
Based on the characteristics of present mobile communications network and the insecurity of eating dishes without rice or wine, implement active attack or intercept the RAND and the AUTN that can obtain among the subscription authentication vector AV that core net issues in the air by base station eNB (Node B of evolution).Because root key K remains unchanged, the assailant can eat dishes without rice or wine to obtain a large amount of authentication parameter samples relevant with K, calculates that by algorithm is implemented to attack the security threat of root key K exists all the time when sample space is enough big.
Summary of the invention
Technical problem to be solved by this invention is, overcomes the deficiencies in the prior art, proposes a kind of authentication and cryptographic key negotiation method that improves the mobile communication system of fail safe.
In order to address the above problem, the invention provides a kind of authentication and cryptographic key negotiation method of mobile communication system, when carrying out bi-directional authentification, the root KI K that network side and mobile terminal side use both sides to preserve respectively, and the sequence number SQN that the identical random number RA ND of both sides and length are 128 generates temporary key K
*=fx
K(RAND SQN), and uses K
*Generate MAC and RES respectively, carry out the bi-directional authentification of network side and mobile terminal side;
Wherein, fx is the grouping algorithm of 128 bit cipher key lengths; K is the employed key of fx algorithmic function.
In addition, the described bi-directional authentification operation of network side and mobile terminal side comprises following steps:
A: after receiving the authentication vector request message that the VLR/SGSN of network side sends, the HLR/AuC of network side generates described RAND and K
*
B:HLR/AuC uses K
*Expected Response value XRES and the authentication-tokens AUTN that comprises described MAC among the compute authentication vector AV; And AV sent to VLR/SGSN;
C:VLR/SGSN preserves the XRES among the AV, and the RAND among the AV and AUTN is sent to the USIM of corresponding mobile terminal;
D: the USIM of portable terminal generates K
*, and use K
*MAC among the checking AUTN is proved to be successful the back and uses K
*Generate RES, and RES is sent to VLR/SGSN;
E: after receiving RES, VLR/SGSN compares the XRES of RES and preservation, finishes the authentication to USIM.
In addition, described SQN is SQN
HE|| SQN
HE|| SQN
HEIn 128.
In addition, when carrying out bi-directional authentification, described network side and mobile terminal side all use RAND and the SQN different with bi-directional authentification last time to generate described K at every turn
*
In addition, also comprise among the described AV: encryption key CK and Integrity Key IK;
Among the step B, HLR/AuC also uses K
*Calculate CK and IK;
Among the step C, VLR/SGSN also preserves CK and the IK among the AV;
Among the step D, the USIM of portable terminal also uses K
*Calculate CK and IK.
In addition, among the step D, the USIM of portable terminal is also according to the SQN among the AUTN
HE The sequence number of AK computing network side, and the sequence number of network side verified, if the sequence number of network side is in correct scope, execution in step E '~G ' then:
E ': the USIM of portable terminal adopts following formula to recomputate K
*, and by K
*Calculate AUTS, send AUTS to VLR/SGSN then:
AK=f5
* K(RAND);
MAC-S=f1
* K*(SQN
MS||RAND||AMF);
F ': after receiving heavy synchronization request, VLR/SGSN obtains corresponding RAND, and the heavy synchronization request that will comprise AUTS||RAND sends to HLR/AuC;
G ': after receiving heavy synchronization request, HLR/AuC is by the sequence number SQN of K, end side
MSWith the RAND calculating K
*, checking AUTS carries out heavily simultaneous operation after being proved to be successful.
In addition, described grouping algorithm is 3DES or aes algorithm.
As from the foregoing, with respect to existing AKA authentication mechanism, the AKA of one-time pad of the present invention strengthens method for authenticating can improve the difficulty that KI is decrypted to a great extent, thereby reduces the security risk that the authentication root key is decrypted.
Description of drawings
Fig. 1 is user's access authentication flow process of the prior art;
Fig. 2 is the method schematic diagram of HLR/AuC compute authentication vector in the prior art;
Fig. 3 is that USIM calculates the also method schematic diagram of authentication vector in the prior art;
Fig. 4 is that the AKA of embodiment of the invention one-time pad strengthens the method for authenticating flow chart;
Fig. 5 is that embodiment of the invention HLR/AuC is according to K
*The method schematic diagram of compute authentication vector AV;
Fig. 6 is that embodiment of the invention usim card calculates the also method schematic diagram of authentication vector;
Fig. 7 is the computational methods schematic diagram of the heavy synchronous AUTS of the embodiment of the invention.
Embodiment
Based on above analysis, the AKA that the present invention proposes one-time pad strengthens method for authenticating: when promptly carrying out authentication request, the HLR/AuC of network side will use authentication root key K, random number RA ND and SQN to derive a relatively independent temporary key K at every turn
*, then by K
*Calculate and generate authentication vector AV.
By the cryptography principle as can be known, though K
*Not a fully independently random number, but the existing AKA authentication mechanism of comparing, the AKA of one-time pad of the present invention strengthens method for authenticating can improve the difficulty that KI is decrypted to a great extent, thereby reduces the security risk that the authentication root key is decrypted.
Describe the present invention below in conjunction with drawings and Examples.
Fig. 4 is that the AKA of embodiment of the invention one-time pad strengthens the method for authenticating flow chart, and as shown in Figure 4, this method comprises following steps:
201: when requests such as portable terminal initiation network insertion, service access or position renewal, the authentication operations of MME (Mobile Management Entity, the mobile management entity)/VLR/SGSN of meeting trigger network side;
The IMSI that comprises this mobile phone users in the above-mentioned request message.
202:MME/VLR/SGSN sends the authentication vector request message to HLR/AuC, request five-tuple authentication vector AV;
The IMSI that comprises this mobile phone users in the above-mentioned authentication vector request message.
203:HLR/AuC judges whether that according to the usim card ability of network registry needs execution AKA strengthens authentication calculations:
If usim card is common usim card (promptly not supporting the AKA of one-time pad of the present invention to strengthen the usim card of method for authenticating), operative norm AKA authentication calculations then, this method finishes.
If usim card is for strengthening usim card (promptly supporting the AKA of one-time pad of the present invention to strengthen the usim card of method for authenticating), then at first according to K, random number RA ND and SQN
HE, calculating K
*=fx
K(RAND
SQN), and by K
*Calculate the AUTN among the authentication vector AV, CK, IK and XRES;
SQN is to SQN
HEA kind of conversion, the present invention recommends to adopt SQN=SQN
HE|| SQN
HE|| SQN
HE, get after the SQN conversion wherein 128 (for example preceding 128, SQN
HELength is 48).The present invention does not limit other method of SQN conversion, comprises carrying out various filling modes.
HLR/AuC is according to K
*The concrete grammar of compute authentication vector AV as shown in Figure 5.Specifically describe as follows:
203A: adopt following formula to generate K
*:
Wherein, SQN is to SQN
HEA kind of conversion, in the present embodiment, to SQN
HECarry out as down conversion: SQN
HE|| SQN
HE|| SQN
HE, get wherein 128 after the conversion, for example preceding 128 or back 128 as SQN.
In other embodiments, also can pass through SQN
HEOr SQN
HE|| SQN
HEIt is that 128 mode generates SQN that the filling of carrying out fixed bit makes its length.
In addition, in the present embodiment, use RAND
SQN generates K as the parameter (expressly) of fx
*In other embodiments, can use any 128 the parameters (expressly) among the H (RAND||SQN) to generate K as fx
*Wherein, H represents HASH (Hash) hashing algorithm.
The HASH hashing algorithm can be SHA-1 (Secure Hash Algorithm-1, Secure Hash Algorithm-1) or MD5 (Message Digest 5, informative abstract 5) algorithm.The output of above-mentioned two kinds of hashing algorithms is respectively 160 and 128.
Notice, the HASH hashing algorithm is all exported the value of regular length for the input of random length, therefore, except with the input parameter of RAND||SQN as the HASH hashing algorithm, also can be with RAND and SQN through the value that generates after other conversion input parameter as the HASH hashing algorithm.
The fx algorithm is for supporting the grouping algorithm of 128 bit cipher key lengths, K
*Length be 128.
In addition, the fx grouping algorithm should be suitable for realizing at the usim card end, carry out a secondary key computing required time requirement less than 200ms.
Fx can adopt 3DES (Triple Data Encryption Standard, triple DES), AES international standard algorithms such as (Advanced Encryption Standard, Advanced Encryption Standards).Operator also can adopt autonomous cryptographic algorithm according to security strategy separately.
203B: adopt following formula to generate AUTN:
AK=f5
K(RAND);
MAC=f1
K*(SQN
HE||RAND||AMF);
203C: adopt following formula to generate AV:
AV=RAND||XRES||CK||IK||AUTN;
XRES=f2
K*(RAND);
CK=f3
K*(RAND);
IK=f4
K*(RAND)。
204:HLR/AuC is included in the authentication vector AV that generates in the authentication vector response message and sends to VLR/SGSN;
205:VLR/SGSN preserves the XRES among the authentication vector AV, CK and IK;
206:VLR/SGSN is included in the RAND among the authentication vector AV and AUTN in the subscription authentication request and sends to portable terminal;
207: after portable terminal receives the subscription authentication request, random number RA ND and the authentication-tokens AUTN that receives is transmitted to usim card; The usim card calculating K
*=fx
K(RAND
SQN); MAC among the AUTN and SQN are verified;
If the mac authentication failure, then usim card returns the response message of network authentication failure to portable terminal;
If mac authentication is passed through, the SQN checking is invalid, and then usim card recomputates K
*, use K then
*Calculate AUTS, and return the heavy synchronous response message that comprises AUTS to portable terminal;
Pass through if MAC and SQN all verify, then usim card uses K
*Calculate RES, CK and IK; And return the response message that comprises RES to portable terminal
Fig. 6 is that usim card of the present invention calculates the also method schematic diagram of authentication vector.Specifically describe as follows:
207A: adopt following formula to generate K
*:
AK=f5
K(RAND);
Wherein, SQN is to SQN
HEA kind of conversion, in the present embodiment, to SQN
HECarry out as down conversion: SQN
HE|| SQN
HE|| SQN
HE, get wherein 128 after the conversion, for example preceding 128 as SQN.
207B: calculate XMAC, and whether checking XMAC equals MAC;
XMAC=f1
K*(SQN
HE||RAND||AMF)。
207C: calculate RES, CK, IK;
RES=f2
K*(K
*,RAND);
CK=f3
K*(RAND)。
IK=f4
K*(RAND)。
Fig. 7 is the computational methods schematic diagram of the heavy synchronous AUTS of the embodiment of the invention.Specifically comprise following steps:
207D: according to following formula calculating K
*And AUTS;
Wherein, SQN is to SQN
MSA kind of conversion, in the present embodiment, to SQN
MSCarry out as down conversion: SQN
MS|| SQN
MS|| SQN
MS, get wherein 128 after the conversion, for example preceding 128 as SQN.
AUTS=SQN
MS AK||MAC-S;
AK=f5
* K(RAND);
MAC-S=f1
* K*(SQN
MS||RAND||AMF);
Above-mentioned SQN
MSBe the sequence number of preserving in the end side usim card.
208: portable terminal sends RES or AUTS or failed authentication message according to the response message that usim card returns to VLR/SGSN:
If the mac authentication failure is then directly returned the network authentication failed message to VLR/SGSN;
If mac authentication is passed through, SQN
HEIt is invalid to verify, then sends the heavy synchronization request that comprises AUTS to VLR/SGSN;
If MAC and SQN
HEAll checking is passed through, and then sends the successful Authentication Response that comprises RES to VLR/SGSN.
209: if receive AUTS, then VLR/SGSN searches corresponding RAND;
210:VLR/SGSN sends the heavy synchronization request that comprises AUTS and RAND to HLR/AuC;
After 211:HLR/AuC receives heavy synchronization request, by K, SQN
MSWith receive the RAND calculating K
*, checking AUTS is then according to normal heavy synchronous flow mechanism executable operations.
Claims (7)
1. the authentication of a mobile communication system and cryptographic key negotiation method, it is characterized in that, when carrying out bi-directional authentification, the root KI K that network side and mobile terminal side use both sides to preserve respectively, and the sequence number SQN that the identical random number RA ND of both sides and length are 128 generates temporary key K
*=fx
K(RAND SQN), and uses K
*Generate message authentication code MAC and Authentication Response value RES respectively, carry out the bi-directional authentification of network side and mobile terminal side;
Wherein, fx is the grouping algorithm of 128 bit cipher key lengths; K is the employed key of fx algorithmic function.
2. the method for claim 1 is characterized in that,
3. method as claimed in claim 1 or 2 is characterized in that, the described bi-directional authentification operation of network side and mobile terminal side comprises following steps:
A: after receiving the authentication vector request message that the VLR/SGSN of network side sends, the HLR/AuC of network side generates described RAND and K
*
B:HLR/AuC uses K
*Expected Response value XRES and the authentication-tokens AUTN that comprises described MAC among the compute authentication vector AV; And AV sent to VLR/SGSN;
C:VLR/SGSN preserves the XRES among the AV, and the RAND among the AV and AUTN is sent to the USIM of corresponding mobile terminal;
D: the USIM of portable terminal generates K
*, and use K
*MAC among the checking AUTN is proved to be successful the back and uses K
*Generate RES, and RES is sent to VLR/SGSN;
E: after receiving RES, VLR/SGSN compares the XRES of RES and preservation, finishes the authentication to USIM.
4. method as claimed in claim 1 or 2 is characterized in that, described SQN is SQN
HE‖ SQN
HE‖ SQN
HEIn 128; Wherein, described SQN
HESequence number for network side.
5. method as claimed in claim 1 or 2 is characterized in that, when carrying out bi-directional authentification, described network side and mobile terminal side all use RAND and the SQN different with bi-directional authentification last time to generate described K at every turn
*
6. method as claimed in claim 3 is characterized in that,
Also comprise among the described AV: encryption key CK and Integrity Key IK;
Among the step B, HLR/AuC also uses K* to calculate CK and IK;
Among the step C, VLR/SGSN also preserves CK and the IK among the AV;
Among the step D, the USIM of portable terminal also uses K* to calculate CK and IK.
7. the method for claim 1 is characterized in that, described grouping algorithm is 3DES or aes algorithm.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2008100577615A CN101511084B (en) | 2008-02-15 | 2008-02-15 | Authentication and cipher key negotiation method of mobile communication system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2008100577615A CN101511084B (en) | 2008-02-15 | 2008-02-15 | Authentication and cipher key negotiation method of mobile communication system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101511084A CN101511084A (en) | 2009-08-19 |
CN101511084B true CN101511084B (en) | 2011-05-04 |
Family
ID=41003310
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2008100577615A Active CN101511084B (en) | 2008-02-15 | 2008-02-15 | Authentication and cipher key negotiation method of mobile communication system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN101511084B (en) |
Families Citing this family (21)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102056077B (en) * | 2009-10-29 | 2013-11-06 | ***通信集团公司 | Method and device for applying smart card by key |
CN101835154B (en) * | 2010-04-20 | 2016-03-30 | 中兴通讯股份有限公司 | A kind of method and system setting up the air interface key of enhancing |
CN101860863A (en) * | 2010-05-21 | 2010-10-13 | 中国科学院软件研究所 | Enhanced encryption and integrity protection method |
CN102625308A (en) * | 2011-01-31 | 2012-08-01 | 电信科学技术研究院 | Method, apparatus and system for realization of mutual authentication based on LTE-LAN |
CN103297958B (en) * | 2012-02-22 | 2017-04-12 | 华为技术有限公司 | Security context establishing method, device and system |
CN103179558B (en) * | 2012-09-20 | 2016-06-22 | 中兴通讯股份有限公司 | Group system group exhales encryption implementation method and system |
CN105472764A (en) | 2014-08-20 | 2016-04-06 | 深圳市中兴微电子技术有限公司 | Method of being accessed to LTE (Long Term Evolution) network and electronic device |
SE538304C2 (en) * | 2014-10-09 | 2016-05-03 | Kelisec Ab | Improved installation of a terminal in a secure system |
CN107027117A (en) * | 2016-02-02 | 2017-08-08 | 普天信息技术有限公司 | A kind of method of dynamic generation root key |
CN108235316B (en) | 2016-12-21 | 2019-09-17 | 电信科学技术研究院有限公司 | A kind of method and apparatus that access node group is added |
CN108282780A (en) * | 2017-01-05 | 2018-07-13 | 中兴通讯股份有限公司 | A kind of key transmission method and device |
CN108418679B (en) * | 2017-02-10 | 2021-06-29 | 阿里巴巴集团控股有限公司 | Method and device for processing secret key under multiple data centers and electronic equipment |
CN107466038B (en) * | 2017-06-22 | 2020-08-04 | 宇龙计算机通信科技(深圳)有限公司 | Authentication method and device |
WO2019000171A1 (en) * | 2017-06-26 | 2019-01-03 | Zte Corporation | Methods and computing device for authenticating a user equipment via a home network |
CN108055658B (en) * | 2017-12-09 | 2019-09-03 | 恒宝股份有限公司 | A kind of implementation method and its system of one-card multi-number |
EP3949262A4 (en) * | 2019-03-29 | 2022-03-09 | Telefonaktiebolaget LM Ericsson (publ) | Methods and apparatus relating to authentication of a wireless device |
CN110012467B (en) * | 2019-04-18 | 2022-04-15 | 苏州博联科技有限公司 | Grouping authentication method of narrow-band Internet of things |
CN114513330A (en) * | 2019-04-24 | 2022-05-17 | 华为技术有限公司 | Parameter sending method and device |
CN113038458A (en) * | 2019-12-25 | 2021-06-25 | 中移智行网络科技有限公司 | Data transmission method and system |
CN111107598B (en) * | 2019-12-28 | 2022-04-29 | 深圳市新国都通信技术有限公司 | Method for automatically switching communication module network operators |
CN112564894A (en) * | 2020-11-11 | 2021-03-26 | 杭州浙程科技有限公司 | Method for unlocking passive lock by intelligent key dynamic secret key |
-
2008
- 2008-02-15 CN CN2008100577615A patent/CN101511084B/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN101511084A (en) | 2009-08-19 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101511084B (en) | Authentication and cipher key negotiation method of mobile communication system | |
JP6492115B2 (en) | Encryption key generation | |
JP6732095B2 (en) | Unified authentication for heterogeneous networks | |
KR102112542B1 (en) | Method and system for generating session key using Diffie-Hellman procedure | |
CN101931955B (en) | Authentication method, device and system | |
Farhat et al. | Private identification, authentication and key agreement protocol with security mode setup | |
CN102026184B (en) | Authentication method, authentication system and relevant device | |
CN101867925A (en) | Air interface key processing method and system thereof | |
Farhat et al. | An extended authentication and key agreement protocol of UMTS | |
CN111212424B (en) | Method and system for authenticating UE during interoperation from EPS to 5GS | |
Schoinas | Secure military communications on 3G, 4G and WiMAX | |
WO2018126750A1 (en) | Key delivery method and device | |
Kucharzewski et al. | Mobile identity management system in heterogeneous wireless networks | |
Wang et al. | Research on an improved proposal of 3G security |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant |