CN104539428B - Dynamic reconfiguration method in a kind of cluster coded communication - Google Patents
Dynamic reconfiguration method in a kind of cluster coded communication Download PDFInfo
- Publication number
- CN104539428B CN104539428B CN201410839894.3A CN201410839894A CN104539428B CN 104539428 B CN104539428 B CN 104539428B CN 201410839894 A CN201410839894 A CN 201410839894A CN 104539428 B CN104539428 B CN 104539428B
- Authority
- CN
- China
- Prior art keywords
- group
- key
- terminal
- kmc
- location register
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The present invention relates to dynamic reconfiguration method in a kind of cluster coded communication, it specifically includes following step:Step 1: initiate group information updating;Step 2: obtain the cipher key sets that terminal-pair answers group;Step 3: KMC KMC judges that the group whether terminal is registered and updated whether there is, and the group key for issuing according to judged result the terminal gives home location register PHR;Step 4: the cipher key sets for needing the group information and group updated are handed down to dispatch server PDS, dispatch server PDS call terminals by home location register PHR, and group information updating message is sent to terminal by base station;Step 5: terminal will postback response after group information updating;Step 6: sending key updating message to terminal, the crypto module of terminal is verified the key updating message received, is proved to be successful, then completes group key renewal, and postback response message to terminal;Step 7: terminal sends key updating response message by base station to dispatch server PDS.Realize that encrypted set is exhaled by this method.
Description
Technical field
The present invention relates to dynamic reconfiguration method in communication technical field, more particularly to a kind of cluster coded communication.
Background technology
Dynamic reorganization is a very important function in group system.The dispatching desk that dynamic reorganization allows to authorize passes through
Eat dishes without rice or wine to add interim phone group to mobile terminal dynamic, without reprograming mobile terminal.The dispatching desk of mandate
Group membership can be called in into another group from a group, and this change can reflect immediately by way of increasing or be mobile
Onto mobile terminal.Dynamic reorganization function allows to establish and dismisses interim group.Such as:Because hot job, by two differences
The group occasional combination of tissue after the completion of task, then dismisses this group set up temporarily into a group.
But when group system carries out encrypted word group calling communication, due to different groups of member(Terminal)The voice encryption used
Key is different, even if group membership is called in another group by dispatching desk from a group, the member newly added can not with currently organize
Other members carry out secret telephony, cause dynamic reorganization under encrypted word state to fail, therefore need to add to new during terminal dynamic reorganization
The member that enters carries out dynamic key updating, and newcomer obtains the key currently organized, and ensures after dynamic reorganization that newcomer can be with
All members in group realize encrypted word intercommunication, so as to complete the dynamic reorganization of terminal.
Dynamic reorganization of the prior art exhales realization general as shown in Application No. 200710090877.8, and it is mainly wrapped
Include three following steps:(1), group system adds terminal into trunked call, and issued to the terminal added by group
The working key of group key encryption;(2)The terminal added carries out packet key synchronization, obtains group key;(3), added
Terminal by group key to by group key encrypt working key be decrypted to obtain working key, to add group
Group calling.Wherein the most key step is(2)The synchronization of group key, but be specifically how the synchronous patent is not carried out
Description, the group key issued when synchronous are plaintext or ciphertextIf in plain text, group key can easily be stolen,
The safety that encrypted word group is exhaled can not be ensured.If ciphertext, group key be how encipherment protectionThis method is not supported newly simultaneously
Increase group to distribute the group key of dispatching desk cipher machine.
The content of the invention
Group key be present for dynamic reconfiguration method of the prior art and be difficult to synchronization, it is difficult to realize that terminal encryption group is exhaled
Dynamic reorganization technical problem, the invention discloses dynamic reconfiguration method in a kind of cluster coded communication.
The purpose of the present invention is realized by following technical proposals:
Dynamic reconfiguration method in a kind of cluster coded communication, it specifically includes following step:
Step 1: dispatch server PDS knows that terminal needs to carry out group information updating, scheduling from home location register PHR
Server PDS sends message to home location register PHR, initiates group information updating;
Step 2: home location register PHR carries out interacting message with KMC KMC, KMC KMC is notified
The terminal number of restructuring and corresponding group number;
Step 3: KMC KMC judges that the group whether terminal is registered and updated whether there is, and according to
The group key of the terminal after encryption and signature is handed down to home location register PHR by judged result;
Step 4: the cipher key sets for needing the group information and group updated are handed down to scheduling clothes by home location register PHR
Be engaged in device PDS, dispatch server PDS call terminals, and sends group information updating message to terminal by base station;
Step 5: terminal, by after group information updating, postbacking group information updating to dispatch server PDS by base station should
Answer;
Step 6: dispatch server PDS sends key updating message by base station to terminal, terminal is by key updating information
Crypto module is issued, the crypto module of terminal is verified to the key updating message received, is proved to be successful, then it is close to decrypt group
Key, completes the renewal of group key, and postbacks response message and give dispatch server PDS;
Step 7: dispatch server PDS informs that home location register PHR updates result by message.
Further, above-mentioned steps three are specially:
When the terminal has been registered, while the group updated is existing, then KMC KMC deposits directly to ownership
The key of the device PHR groups, KMC KMC record terminal numbers and the corresponding relation of the group;
When the terminal has been registered, but the group updated is a brand-new group, then KMC KMC is regenerated close
Home location register PHR, KMC KMC record terminal numbers and the corresponding relation of the group are given after key;
When the terminal is unregistered, then mistake is returned to home location register PHR.
Further, issued after group key being encrypted using symmetry algorithm, its encryption key is entered by terminal
Derived from during net certification.
Further, above-mentioned group key tape serial number.
Further, the above method also includes KMC KMC to the group key progress hash fortune after encryption
Calculate, then Hash Value is signed, its signature key is KMC KMC private key.
Further, the above method is also included when the group of renewal is a brand-new group, and KMC KMC is by group
Group key is transmitted to dispatching desk cipher machine by dispatch server PDS.
Further, above-mentioned dispatch server PDS is transmitted to the group key of dispatching desk cipher machine by encryption, label
Name, hash and serial number mechanism are protected, and wherein encryption key is signed by being derived from during dispatching desk cipher machine networking certification
Key is KMC KMC private key.
Further, the verification process in above-mentioned steps six is specially:First by KMC KMC public key
Checking signature, then the key updating information to receiving is decrypted, then verify serial number, if being satisfied by condition, terminal it is close
Code module completes group key renewal, and postbacks response message to terminal.
Further, the above method also includes:Dispatch server PDS informs that home location register PHR updates by message
As a result, if it is successful, home location register PHR is updated the data in storehouse and accordingly indicated, unless there is change in group, next time will not again more
Newly.
Technical scheme more than, the present invention have following beneficial effect:The present invention both supports existed
Group updating, also support newly-increased group.For already present group, KMC can be directly to terminal distribution group key;It is right
In newly-increased group, as long as terminal is distributed telephone numbers on KMC(Registration), then KMC can regenerate group automatically to newly-increased group
Key, and online distribution is carried out, and support to distribute the group key of dispatching desk cipher machine.
Data encryption is used in the distribution of group key(Using symmetry algorithm), signature verification(Using asymmetric calculation
Method), the mechanism such as hash and serial number prevent group key data to be stolen, palm off, distort and reset.Ensure group key number
According to confidentiality, legitimacy, integrality, uniqueness.
Brief description of the drawings
Fig. 1 is dynamic reorganization system construction drawing in cluster coded communication.
Fig. 2 is the flow chart of dynamic reconfiguration method in cluster coded communication.
Embodiment
Describe the embodiment of the present invention in detail with reference to Figure of description.
Dynamic reorganization system construction drawing in cluster coded communication as shown in Figure 1.Group system is encrypted to be encrypted eventually by cluster
End(Cryptography built module), base station sub-system(BSS), scheduler subsystem(DSS)Composition, scheduler subsystem(DSS)Include adjusting again
Spend server(PDS), home location register(PHR), scheduling proxy server(DAS), dispatching desk cipher machine and KMC
(KMC).
PDS is call flow main Control point, is responsible for cluster voice flow and collects and distribute and generate the functions such as charging.PHR is responsible for
The registration management of group and member, service authority discriminating, statistics and the billing function that user is provided.DAS control scheduling broker visitors
Family end(DAC)Access and operation, interacted with PDS/PHR, perform dispatcher operation, wherein, DAC is that keeper and dispatcher enter
Row management and the operating desk of scheduling.KMC and PHR interfaces, are responsible for cipher machine(Crypto module)User's registration, be just filled with and close
Key management, realize that the functions such as key are ruined in user's registration, key and parameter injection, automatic on-line distribution, remote control.Dispatching desk cipher machine with
DAC pairings use, and are responsible for the enciphering/deciphering of the crypto module data of DAC and terminal.
The flow chart of dynamic reconfiguration method in cluster coded communication as shown in Figure 2.The invention discloses a kind of cluster to add
Dynamic reconfiguration method in close communication, it specifically includes following step:
Step 1: dispatch server PDS knows that terminal needs to carry out group information updating, scheduling from home location register PHR
Server PDS sends message to home location register PHR, initiates group information updating;
Step 2: home location register PHR carries out interacting message with KMC KMC, KMC KMC is notified
The terminal number of restructuring and corresponding group number, to obtain the cipher key sets that the terminal-pair answers group;
Step 3: KMC KMC judges that the group whether terminal is registered and updated whether there is, and according to sentencing
The group key that disconnected result issues the terminal gives home location register PHR;
Wherein, specific deterministic process is as follows:
If the terminal has been distributed telephone numbers(Registration), while the group updated is existing(I.e. group key there is also), then it is close
Key administrative center KMC is directly to the key of the home location register PHR groups, KMC KMC record terminal number and the group
The corresponding relation of group;
If the terminal has been distributed telephone numbers(Registration), but the group updated is a brand-new group, then KMC KMC is heavy
Home location register PHR, KMC KMC record terminal numbers and the corresponding relation of the group are given after newly-generated key;
If the terminal user number is not put(It is unregistered), then mistake is returned to home location register PHR(It is abnormal to solve method:
The terminal user number is artificially infused in KMC KMC);
Further, in order to ensure the safety of group key issued, group key is encrypted protection(Such as using pair
Claim algorithm, group key is encrypted by such as AES, 3DES), while group key can prevent from being stolen with tape serial number
And playback.Wherein encryption key during terminal networking certification by deriving from, and each terminal is different, and key derivation mechanism can be based on
Diffie-Hellman protocol realizations.
Further, KMC KMC carries out hash computing to the group key after encryption, then Hash Value is entered
Row signature(Using asymmetric arithmetic ECC)To ensure the legitimacy of key updating, prevent group key fresh information be tampered and
Personation.Signature key is KMC KMC private key.
Further, if newly-increased group, KMC KMC also need group key passing through dispatch service
Device PDS is transmitted to dispatching desk cipher machine, to ensure that dispatching desk can be with the group user encrypted word intercommunication.The group key issued
Protected based on the mechanism such as encryption, signature, hash, serial number.Encryption key during dispatching desk cipher machine networking certification by sending
It is raw(Derivation mechanism is identical with terminal networking), signature key is KMC KMC private key.
Step 4: the cipher key sets for needing the group information and group updated are handed down to scheduling clothes by home location register PHR
Be engaged in device PDS, dispatch server PDS call terminals, and sends group information updating message to terminal by base station;
Step 5: terminal, by after group information updating, postbacking group information updating to dispatch server PDS by base station should
Answer;
Step 6: dispatch server PDS sends key updating message by base station to terminal, terminal is by key updating information
Crypto module is issued, the crypto module of terminal is verified to the key updating message received, is proved to be successful, then it is close to complete group
Key updates, and postbacks response message to terminal;
The detailed process wherein verified is:Signed first by KMC KMC public key verifications, then to receiving
Key updating information is decrypted, then verifies serial number, if being satisfied by condition, the crypto module of terminal completes group key more
Newly, and response message is postbacked to terminal;
Step 7: terminal sends key updating response message by base station to dispatch server PDS.
If newly-increased group, then dispatch server PDS also sends key updating request to dispatching desk cipher machine;Adjust
Platform cipher machine is spent to sign first by KMC public key verifications, then the key updating information to receiving is decrypted, then verify flowing water
Number, if being satisfied by condition, dispatching desk cipher machine completes group key renewal, postbacks response message and gives dispatch server PDS.
The above method also includes:Dispatch server PDS informs that home location register PHR updates result by message, if into
Work(, home location register PHR, which is updated the data in storehouse, accordingly to be indicated, unless there is change in group, will not be updated again next time.
The present invention had both supported existing group updating, also supported newly-increased group.For already present group, KMC
Can be directly to terminal distribution group key;For newly-increased group, as long as terminal is distributed telephone numbers on KMC(Registration), then KMC can
To regenerate group key automatically to newly-increased group, and online distribution is carried out, and support the group to dispatching desk cipher machine
Key is distributed.
Data encryption is used in the distribution of group key(Using symmetry algorithm), signature verification(Using asymmetric calculation
Method), the mechanism such as hash and serial number prevent group key data to be stolen, palm off, distort and reset.Ensure group key number
According to confidentiality, legitimacy, integrality, uniqueness.
The coefficient and parameter gone out given in the above embodiments, it is available to those skilled in the art to realize or use
The present invention's, the present invention, which does not limit, only takes foregoing disclosed numerical value, without departing from the present invention in the case of the inventive idea, this
The technical staff in field can make various modifications or adjustment to above-described embodiment, thus protection scope of the present invention is not upper
State embodiment to be limited, and should be the maximum magnitude for meeting the inventive features that claims are mentioned.
Claims (9)
1. dynamic reconfiguration method in a kind of cluster coded communication, it specifically includes following step:
Step 1: dispatch server PDS knows that terminal needs to carry out group information updating, dispatch service from home location register PHR
Device PDS sends message to home location register PHR, initiates group information updating;
Step 2: home location register PHR carries out interacting message, notice KMC KMC restructuring with KMC KMC
Terminal number and corresponding group number;
Step 3: KMC KMC judges that the group whether terminal is registered and updated whether there is, and according to judgement
As a result the group key of the terminal after encryption and signature is handed down to home location register PHR;
Step 4: the cipher key sets for needing the group information and group updated are handed down to dispatch server by home location register PHR
PDS, dispatch server PDS call terminals, and group information updating message is sent to terminal by base station;
Step 5: terminal postbacks group information updating response by base station by after group information updating to dispatch server PDS;
Step 6: dispatch server PDS sends key updating message by base station to terminal, terminal issues key updating information
Crypto module, the crypto module of terminal is verified to the key updating message received, is proved to be successful, is then decrypted group key,
The renewal of group key is completed, and postbacks response message and gives dispatch server PDS;
Step 7: dispatch server PDS informs that home location register PHR updates result by message.
2. dynamic reconfiguration method in cluster coded communication as claimed in claim 1, it is characterised in that the step 3 is specially:
When the terminal has been registered, while the group updated is existing, then KMC KMC is directly to home location register
The key of the PHR groups, KMC KMC record terminal numbers and the corresponding relation of the group;
When the terminal has been registered, but the group updated is a brand-new group, then after KMC KMC regenerating keys
Give home location register PHR, KMC KMC record terminal numbers and the corresponding relation of the group;
When the terminal is unregistered, then mistake is returned to home location register PHR.
3. dynamic reconfiguration method in cluster coded communication as described in claim 1 or 2, it is characterised in that using symmetry algorithm
Issued after group key is encrypted, its encryption key during terminal networking certification by deriving from.
4. dynamic reconfiguration method in cluster coded communication as described in claim 1 or 2, it is characterised in that the group key
Tape serial number.
5. dynamic reconfiguration method in cluster coded communication as described in claim 1 or 2, it is characterised in that methods described is also wrapped
Include KMC KMC and hash computing is carried out to the group key after encryption, then Hash Value is signed, its signature key
For KMC KMC private key.
6. dynamic reconfiguration method in cluster coded communication as described in claim 1 or 2, it is characterised in that methods described is also wrapped
Include when the group of renewal is a brand-new group, group key is transmitted to tune by KMC KMC by dispatch server PDS
Spend platform cipher machine.
7. dynamic reconfiguration method in cluster coded communication as claimed in claim 6, it is characterised in that the dispatch server PDS
The group key for being transmitted to dispatching desk cipher machine is protected by encryption, signature, hash and serial number mechanism, wherein encrypting
For key by being derived from during dispatching desk cipher machine networking certification, signature key is KMC KMC private key.
8. dynamic reconfiguration method in cluster coded communication as claimed in claim 7, it is characterised in that testing in the step 6
Card process is specially:Signed first by KMC KMC public key verifications, then the key updating information to receiving is carried out
Decryption, then serial number is verified, if being satisfied by condition, the crypto module of terminal completes group key renewal, and postbacks response and disappear
Cease to terminal.
9. dynamic reconfiguration method in cluster coded communication as claimed in claim 8, it is characterised in that methods described also includes:Adjust
Degree server PDS informs that home location register PHR updates result by message, if it is successful, home location register PHR updates the data storehouse
In accordingly indicate, unless there is change in group, will not update again next time.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410839894.3A CN104539428B (en) | 2014-12-30 | 2014-12-30 | Dynamic reconfiguration method in a kind of cluster coded communication |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410839894.3A CN104539428B (en) | 2014-12-30 | 2014-12-30 | Dynamic reconfiguration method in a kind of cluster coded communication |
Publications (2)
Publication Number | Publication Date |
---|---|
CN104539428A CN104539428A (en) | 2015-04-22 |
CN104539428B true CN104539428B (en) | 2017-11-21 |
Family
ID=52854899
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410839894.3A Active CN104539428B (en) | 2014-12-30 | 2014-12-30 | Dynamic reconfiguration method in a kind of cluster coded communication |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN104539428B (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109218015B (en) * | 2017-07-05 | 2021-08-06 | 普天信息技术有限公司 | Multi-group selection short message encryption transmission method and device |
CN108664814B (en) * | 2018-05-16 | 2021-12-28 | 东南大学 | Group data integrity verification method based on agent |
CN109450621B (en) * | 2018-10-12 | 2021-06-18 | 广州杰赛科技股份有限公司 | Information verification method and device of equipment |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1708147A (en) * | 2004-06-11 | 2005-12-14 | 华为技术有限公司 | Method and system for realizing concentration service to dynamic establish user group |
CN101022608A (en) * | 2006-02-15 | 2007-08-22 | 中兴通讯股份有限公司 | CDMA standard group system key distributuion and dynamic updating method |
CN101136742A (en) * | 2007-04-09 | 2008-03-05 | 中兴通讯股份有限公司 | Packet key synchronization, updating, and calibration method |
CN101137123A (en) * | 2007-04-09 | 2008-03-05 | 中兴通讯股份有限公司 | Encrypted group calling, individual calling, and dynamic restructuring call implementing method of cluster system |
WO2014026626A1 (en) * | 2012-08-16 | 2014-02-20 | 中兴通讯股份有限公司 | Method, system, and terminal for communication between cluster system encryption terminal and encryption module |
CN103856330A (en) * | 2012-12-03 | 2014-06-11 | 北京信威通信技术股份有限公司 | Cluster group calling key distribution method based on asymmetric encryption system |
-
2014
- 2014-12-30 CN CN201410839894.3A patent/CN104539428B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1708147A (en) * | 2004-06-11 | 2005-12-14 | 华为技术有限公司 | Method and system for realizing concentration service to dynamic establish user group |
CN101022608A (en) * | 2006-02-15 | 2007-08-22 | 中兴通讯股份有限公司 | CDMA standard group system key distributuion and dynamic updating method |
CN101136742A (en) * | 2007-04-09 | 2008-03-05 | 中兴通讯股份有限公司 | Packet key synchronization, updating, and calibration method |
CN101137123A (en) * | 2007-04-09 | 2008-03-05 | 中兴通讯股份有限公司 | Encrypted group calling, individual calling, and dynamic restructuring call implementing method of cluster system |
WO2014026626A1 (en) * | 2012-08-16 | 2014-02-20 | 中兴通讯股份有限公司 | Method, system, and terminal for communication between cluster system encryption terminal and encryption module |
CN103856330A (en) * | 2012-12-03 | 2014-06-11 | 北京信威通信技术股份有限公司 | Cluster group calling key distribution method based on asymmetric encryption system |
Also Published As
Publication number | Publication date |
---|---|
CN104539428A (en) | 2015-04-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108510270B (en) | Mobile transfer method with safe quantum | |
CN101771699A (en) | Method and system for improving SaaS application security | |
CN108667791B (en) | Identity authentication method | |
CN101772024B (en) | User identification method, device and system | |
CN101464932B (en) | Cooperation method and system for hardware security units, and its application apparatus | |
US8230218B2 (en) | Mobile station authentication in tetra networks | |
WO2013134927A1 (en) | Transport layer security-based key delivery method, smart meter reading terminal and server | |
CN107769913A (en) | A kind of communication means and system based on quantum UKey | |
CN107820239A (en) | Information processing method and device | |
CN102036230A (en) | Method for implementing local route service, base station and system | |
US10367793B2 (en) | Secure data exchange method between a communication device and a service provider based on asymmetric public key handling and encryption using hardware key, and communication device and system implementing the same | |
CN103179514B (en) | A kind of mobile phone safety group's distribution method and device of sensitive information | |
CN102111681B (en) | Key system for digital television broadcast condition receiving system | |
CN106888092A (en) | Information processing method and device | |
CN101635924A (en) | CDMA port-to-port encryption communication system and key distribution method thereof | |
CN112507296B (en) | User login verification method and system based on blockchain | |
CN104539428B (en) | Dynamic reconfiguration method in a kind of cluster coded communication | |
CN101562519B (en) | Digital certificate management method of user packet communication network and user terminal for accessing into user packet communication network | |
CN105681253B (en) | Data encryption and transmission method, equipment, gateway in centralized network | |
CN108650096A (en) | A kind of industrial field bus control system | |
CN113595725B (en) | Communication system and communication method based on quantum key card arrangement | |
CN109586899A (en) | Signaling manipulation and its indicating means, device and computer storage medium | |
CN101646172B (en) | Method and device for generating key in distributed MESH network | |
CN101420687A (en) | Identity verification method based on mobile terminal payment | |
CN106358159A (en) | Shared channel management method and system of broadband cluster system, terminals and base station |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |