WO2021103772A1

WO2021103772A1 - Data transmission method and apparatus

Info

Publication number: WO2021103772A1
Application number: PCT/CN2020/116374
Authority: WO
Inventors: 欧锻灏
Original assignee: 华为技术有限公司
Priority date: 2019-11-30
Filing date: 2020-09-21
Publication date: 2021-06-03
Also published as: CN112887971A; CN112887971B

Abstract

Embodiments of the present application provide a data transmission method and apparatus. The method comprises: a core network device may transmit, to a base station, a base station private key corresponding to a base station public key; and when transmitting a broadcast message to a UE, the base station obtains signature information by means of a base station private key signature, and carries the signature information and the base station public key in the broadcast message and transmits to the UE. By carrying, in the broadcast message, the signature information, which uses the base station private key signature, and the base station public key, the UE can verify, according to the signature information and the base station public key, whether the message is from a legitimate base station, so as to refuse the operation of a pseudo base station, and the base station public key is carried in the broadcast message and transmitted to the UE, and thus, the prevent invention can avoid the problem that the UE is unavailable caused because the pseudo base station intentionally transmits a large number of waste public keys to deplete the storage resource of the UE.

Description

数据传输方法和装置Data transmission method and device

本申请要求于2019年11月30日提交中国专利局、申请号为201911208412.3、申请名称为“数据传输方法和装置”的中国专利申请的优先权，其全部内容通过引用结合在本申请中。This application claims the priority of a Chinese patent application filed with the Chinese Patent Office, the application number is 201911208412.3, and the application name is "Data Transmission Method and Device" on November 30, 2019, the entire content of which is incorporated into this application by reference.

技术领域Technical field

本申请涉及通信技术，尤其涉及一种数据传输方法和装置。This application relates to communication technology, and in particular to a data transmission method and device.

背景技术Background technique

基站和用户设备(User equipment，UE)之间通过空口通信，一方面，UE通过空口发送给基站的信息中，除了用核心网(Core network，CN)公钥加密的预认证信息外，还包括需要基站感知的路由信息(例如切片信息或者UE能力信息等)，需要基站感知的路由信息目前没有做加密，在空口中是明文传输，该需要基站感知的路由信息可能会遭受篡改，从而威胁UE或者运营商的安全。另一方面，UE无法识别广播消息是来自伪基站还是合法基站，从而可能会遭受伪基站的攻击。因此，需要安全机制保证UE和基站之间空口通信的安全性。The base station and user equipment (User equipment, UE) communicate through the air interface. On the one hand, the information sent by the UE to the base station through the air interface includes pre-authentication information encrypted with the core network (Core network, CN) public key. The routing information that needs to be sensed by the base station (such as slice information or UE capability information, etc.). The routing information that needs to be sensed by the base station is currently not encrypted. It is transmitted in plain text on the air interface. The routing information that needs to be sensed by the base station may be tampered with, thereby threatening the UE. Or the safety of the operator. On the other hand, the UE cannot identify whether the broadcast message is from a pseudo base station or a legitimate base station, and may be attacked by the pseudo base station. Therefore, a security mechanism is needed to ensure the security of the air interface communication between the UE and the base station.

发明内容Summary of the invention

本申请实施例提供一种数据传输方法和装置，使得UE能够识别伪基站，避免伪基站对UE的非法操作。The embodiments of the present application provide a data transmission method and device, so that a UE can identify a pseudo base station and avoid illegal operations of the pseudo base station on the UE.

本申请第一方面提供一种数据传输方法，包括：基站向核心网设备请求基站公钥对应的基站私钥，所述基站向UE发送广播消息，所述广播消息中包括签名信息和所述基站公钥，所述签名信息是所述基站通过所述基站私钥签名得到的。The first aspect of the present application provides a data transmission method, including: a base station requests a base station private key corresponding to a base station public key from a core network device, the base station sends a broadcast message to the UE, and the broadcast message includes signature information and the base station The public key, and the signature information is obtained by the base station through the base station's private key signature.

一方面，本申请中将PKG功能集成在了已有的核心网设备中，例如UDM网元，该核心网设备会生成一对主公钥MPK和主私钥MSK，主私钥安全地存储在该核心网设备中，主公钥安全地发放给UE。该核心网设备对认证通过的合法基站，根据其身份标识颁发对应的基站私钥，基站和该核心网设备可以复用基站和核心网之间已有的认证方式进行双向认证，避免了重复建设。On the one hand, in this application, the PKG function is integrated into existing core network equipment, such as UDM network elements. The core network equipment will generate a pair of master public key MPK and master private key MSK, and the master private key is securely stored in In the core network equipment, the master public key is securely issued to the UE. The core network device issues the corresponding base station private key to the legal base station that has passed the authentication according to its identity. The base station and the core network device can reuse the existing authentication method between the base station and the core network for mutual authentication, avoiding repeated construction .

另一方面，基站通过在广播消息中携带使用基站私钥签名的签名信息和基站公钥，使得UE根据该签名信息和基站公钥能够验证消息是否来自合法基站，从而拒绝伪基站的操作，将基站公钥携带在广播消息中发送给UE，能够避免伪基站故意发送海量垃圾公钥耗尽UE的存储资源，导致UE不可用，On the other hand, the base station carries the signature information signed with the base station private key and the base station public key in the broadcast message, so that the UE can verify whether the message comes from a legitimate base station based on the signature information and the base station public key, thereby rejecting the operation of the pseudo base station, The base station public key is carried in a broadcast message and sent to the UE, which can prevent the pseudo base station from deliberately sending massive garbage public keys to exhaust the storage resources of the UE and cause the UE to be unavailable.

一种示例性的方式中，所述广播消息中包括第一重放参数，所述第一重放参数用于UE验证所述广播消息是否为重放消息。In an exemplary manner, the broadcast message includes a first replay parameter, and the first replay parameter is used by the UE to verify whether the broadcast message is a replay message.

基站通过在广播消息中携带重放参数，使得UE能够识别接收到的广播消息是合法基站发送的，还是伪基站发送的重放消息，从而能够避免重放攻击。The base station carries replay parameters in the broadcast message, so that the UE can identify whether the received broadcast message is sent by a legitimate base station or a replay message sent by a pseudo base station, thereby avoiding replay attacks.

一种示例性的方式中，所述方法还包括：In an exemplary manner, the method further includes:

所述基站接收UE发送的所述广播消息的响应消息，所述广播消息的响应消息中包括第一加密信息，所述第一加密信息是所述UE根据所述基站公钥和存储的主公钥对第一信息加密得到的；The base station receives the response message of the broadcast message sent by the UE, and the response message of the broadcast message includes first encryption information, and the first encryption information is the UE according to the base station public key and the stored master public key. The key is obtained by encrypting the first information;

所述基站使用所述基站私钥对所述第一加密信息进行解密，所述基站私钥是所述核心网设备根据所述基站公钥和主私钥生成的，所述主公钥和所述主私钥是所述核心网设备生成的一对秘钥；The base station uses the base station private key to decrypt the first encrypted information. The base station private key is generated by the core network device according to the base station public key and the master private key. The master private key is a pair of secret keys generated by the core network device;

如果所述基站使用所述基站私钥对所述第一加密信息解密失败，则所述基站丢弃所述广播消息的响应消息。If the base station fails to decrypt the first encrypted information using the base station private key, the base station discards the response message of the broadcast message.

UE可以使用基站公钥和主公钥对广播消息的响应消息中需要基站感知的信息进行加密，可以保证该需要基站感知的信息的安全性，从而避免了由于该需要基站感知的信息被泄露，造成用户或者运营商的损失。基站接收到广播消息的响应消息后，根据基站私钥对加密信息进行解密得到需要感知的信息。The UE can use the base station public key and the master public key to encrypt the information that needs to be sensed by the base station in the response message of the broadcast message, which can ensure the security of the information that needs to be sensed by the base station, thereby avoiding the leakage of the information that needs to be sensed by the base station. Cause losses to users or operators. After receiving the response message of the broadcast message, the base station decrypts the encrypted information according to the base station private key to obtain the information that needs to be sensed.

一种示例性的方式中，所述广播消息的响应消息中包括第二重放参数，所述方法还包括：In an exemplary manner, the response message of the broadcast message includes the second replay parameter, and the method further includes:

所述基站根据所述第二重放参数验证所述广播消息的响应消息是否为重放消息；Verifying, by the base station, whether the response message of the broadcast message is a replay message according to the second replay parameter;

所述基站使用所述基站私钥对所述第一加密信息进行解密，包括：The decryption of the first encrypted information by the base station using the base station private key includes:

当验证所述广播消息的响应消息不是重放消息时，所述基站使用所述基站私钥对所述第一加密信息进行解密。When verifying that the response message of the broadcast message is not a replay message, the base station uses the base station private key to decrypt the first encrypted information.

所述方法还包括：当验证所述广播消息的响应消息是重放消息时，所述基站丢弃所述广播消息的响应消息。The method further includes: when verifying that the response message of the broadcast message is a replay message, the base station discards the response message of the broadcast message.

UE通过在广播消息的响应消息中携带重放参数，使得基站能够识别接收到的广播消息的响应消息是合法UE发送的，还是其他设备发送的重放消息，从而能够避免重放攻击。The UE carries replay parameters in the response message of the broadcast message, so that the base station can identify whether the response message of the received broadcast message is sent by a legitimate UE or a replay message sent by other devices, thereby avoiding replay attacks.

一种示例性的方式中，所述基站从所述核心网设备获取到所述基站私钥后，不存储所述基站私钥。In an exemplary manner, after the base station obtains the base station private key from the core network device, the base station private key is not stored.

由于基站与PKG相比资源有限，基站私钥存储在基站中可能会有泄露的风险，该方式中基站不需要保存基站私钥，而是每次动态请求基站私钥，降低了基站私钥泄露的风险，并且节省了基站的存储资源。As the base station has limited resources compared with PKG, the base station private key stored in the base station may have the risk of leakage. In this method, the base station does not need to save the base station private key, but dynamically requests the base station private key every time, which reduces the leakage of the base station private key. It also saves the storage resources of the base station.

一种示例性的方式中，所述基站向核心网设备请求基站公钥对应的基站私钥，包括：In an exemplary manner, the base station requesting the base station private key corresponding to the base station public key from the core network device includes:

所述基站向所述核心网设备发送第一请求消息，所述第一请求消息中包括所述基站公钥；Sending, by the base station, a first request message to the core network device, where the first request message includes the base station public key;

所述基站接收所述核心网设备发送的所述第一请求消息的响应消息，所述第一请求的响应消息中包括所述基站私钥。The base station receives a response message of the first request message sent by the core network device, and the response message of the first request includes the base station private key.

一种示例性的方式中，所述基站公钥包括基站身份标识和所述基站公钥的有效期。In an exemplary manner, the base station public key includes a base station identity and a validity period of the base station public key.

一种示例性的方式中，所述基站公钥包括基站身份标识。In an exemplary manner, the base station public key includes a base station identity identifier.

一种示例性的方式中，当所述基站公钥包括基站身份标识时，所述第一加密信息是所述UE根据所述基站公钥、所述主公钥以及第一时间信息加密得到的，所述第一时间信息与所述UE加密时的当前时间戳以及第一时间间隔相关；所述基站私钥是所述核心网设备根据所述基站公钥、所述主私钥以及第二时间信息生成的，所述第二时间信息与所述核心网设备生成所述基站私钥时的当前时间戳以及所述第一时间间隔相关。In an exemplary manner, when the base station public key includes a base station identity, the first encryption information is obtained by the UE encrypted according to the base station public key, the master public key, and first time information The first time information is related to the current timestamp and the first time interval when the UE is encrypted; the base station private key is the core network device according to the base station public key, the master private key, and the second time interval. When time information is generated, the second time information is related to the current timestamp when the core network device generates the base station private key and the first time interval.

一种示例性的方式中，所述核心网设备为统一数据管理UDM网元。In an exemplary manner, the core network device is a unified data management UDM network element.

一种示例性的方式中，所述基站与核心网设备基于互联网安全协议IPsec进行身份认证。In an exemplary manner, the base station and the core network device perform identity authentication based on the Internet security protocol IPsec.

本申请第二方面提供一种数据传输方法，包括：UE接收基站发送的广播消息，所述广播消息中包括签名信息和基站公钥，所述签名信息是所述基站通过基站私钥签名得到的，所述基站私钥是核心网设备发送给所述基站的；所述UE根据保存的主公钥、所述基站公钥和所述签名信息验证所述广播消息是否来自合法基站，所述主公钥是所述核心网设备为所述UE生成的；当所述广播消息来自合法基站时，所述UE对所述广播消息进行处理；当所述广播消息不是来自合法基站时，所述UE丢弃所述广播消息。The second aspect of the present application provides a data transmission method, including: a UE receives a broadcast message sent by a base station, the broadcast message includes signature information and a base station public key, and the signature information is obtained by the base station through the base station private key signature The base station private key is sent to the base station by the core network equipment; the UE verifies whether the broadcast message comes from a legitimate base station according to the stored master public key, the base station public key, and the signature information. The public key is generated by the core network equipment for the UE; when the broadcast message comes from a legal base station, the UE processes the broadcast message; when the broadcast message does not come from a legal base station, the UE The broadcast message is discarded.

一种示例性的方式中，所述广播消息中包括第一重放参数，所述UE根据保存的主公钥、所述基站公钥和所述签名信息验证所述广播消息是否来自合法基站，包括：In an exemplary manner, the broadcast message includes the first playback parameter, and the UE verifies whether the broadcast message comes from a legitimate base station according to the saved master public key, the base station public key, and the signature information, include:

所述UE根据所述第一重放参数验证所述广播消息是否为重放消息；Verifying, by the UE, whether the broadcast message is a replay message according to the first replay parameter;

所述UE根据所述主公钥和所述基站公钥对所述签名信息进行验证；The UE verifies the signature information according to the master public key and the base station public key;

当验证所述广播消息不是重放消息，且根据所述主公钥和所述基站公钥对所述签名信息验证成功时，确定所述广播消息来自合法基站。When it is verified that the broadcast message is not a replay message, and the signature information is successfully verified according to the master public key and the base station public key, it is determined that the broadcast message comes from a legitimate base station.

一种示例性的方式中，还包括：In an exemplary manner, it further includes:

当所述广播消息来自合法基站时，所述UE向所述基站发送所述广播消息的响应消息，所述广播消息的响应消息中包括第一加密信息，所述第一加密信息是所述UE根据所述基站公钥和所述主公钥对第一信息加密得到的。When the broadcast message comes from a legitimate base station, the UE sends a response message of the broadcast message to the base station. The response message of the broadcast message includes first encryption information, and the first encryption information is the UE Obtained by encrypting the first information according to the base station public key and the master public key.

一种示例性的方式中，所述广播消息的响应消息中还包括第二重放参数，所述第二重放参数用于所述基站验证所述广播消息的响应消息是否为重放消息。In an exemplary manner, the response message of the broadcast message further includes a second replay parameter, and the second replay parameter is used by the base station to verify whether the response message of the broadcast message is a replay message.

一种示例性的方式中，所述基站公钥包括基站身份标识和所述基站公钥的有效期；所述UE根据保存的主公钥、所述基站公钥和所述签名信息验证所述广播消息是否来自合法基站，包括：In an exemplary manner, the base station public key includes a base station identity and the validity period of the base station public key; the UE verifies the broadcast according to the stored master public key, the base station public key, and the signature information. Whether the message comes from a legitimate base station, including:

所述UE验证所述基站公钥的有效期是否有效；The UE verifies whether the validity period of the base station public key is valid;

当所述基站公钥的有效期有效时，所述UE根据所述主公钥和所述基站公钥对所述签名信息进行验证；When the validity period of the base station public key is valid, the UE verifies the signature information according to the master public key and the base station public key;

根据所述签名信息的验证结果确定所述广播消息是否来自合法基站。Determine whether the broadcast message comes from a legal base station according to the verification result of the signature information.

一种示例性的方式中，所述基站公钥包括基站身份标识，所述UE根据保存的主公钥、所述基站公钥和所述签名信息验证所述广播消息是否来自合法基站，包括：In an exemplary manner, the base station public key includes a base station identity, and the UE verifies whether the broadcast message comes from a legitimate base station according to the stored master public key, the base station public key, and the signature information, including:

所述UE根据所述主公钥、所述基站公钥以及第三时间信息对所述签名信息进行验证，所述第三时间信息与所述UE的当前时间戳以及第一时间间隔相关；The UE verifies the signature information according to the master public key, the base station public key, and third time information, where the third time information is related to the current timestamp and the first time interval of the UE;

当所述基站公钥包括基站身份标识时，所述第一加密信息可以是所述UE根据所述基站公钥、所述主公钥以及第一时间信息对所述第一信息加密得到的，所述第一时间信息与所述UE加密时的当前时间戳以及所述第一时间间隔相关。When the base station public key includes a base station identity, the first encryption information may be obtained by the UE encrypting the first information according to the base station public key, the master public key, and first time information, The first time information is related to the current timestamp when the UE is encrypted and the first time interval.

一种示例性的方式中，所述核心网设备为UDM网元。In an exemplary manner, the core network device is a UDM network element.

本申请第二方面提供的方法的有益效果，参照第一方面中对应内容的有益效果的描述，这里不再赘述。For the beneficial effects of the method provided in the second aspect of the present application, refer to the description of the beneficial effects of the corresponding content in the first aspect, which will not be repeated here.

本申请第三方面提供一种数据传输方法，还包括：核心网设备接收基站发送的请求消息，所述请求消息中包括所述基站的基站公钥；所述核心网设备根据所述基站公钥和主私钥生成所述基站公钥对应的基站私钥；所述核心网设备向所述基站发送所述基站私钥。A third aspect of the present application provides a data transmission method, further comprising: a core network device receives a request message sent by a base station, the request message includes the base station public key of the base station; the core network device according to the base station public key The base station private key corresponding to the base station public key is generated with the master private key; the core network device sends the base station private key to the base station.

一种示例性的方式中，所述方法还包括：所述核心网设备生成秘钥对，所述秘钥对包括主公钥和所述主私钥；所述核心网设备存储所述主私钥，所述主公钥被安全地发放给用户设备UE。In an exemplary manner, the method further includes: the core network device generates a secret key pair, the secret key pair includes a master public key and the master private key; the core network device stores the master private key Key, the master public key is securely issued to the user equipment UE.

一种示例性的方式中，所述核心网设备为UDM网元，所述UDM网元与所述基站进行身份认证后，UDM网元才会为基站颁发基站私钥。In an exemplary manner, the core network device is a UDM network element, and only after the UDM network element performs identity authentication with the base station, the UDM network element issues a base station private key to the base station.

本申请中将PKG功能集成在了已有的核心网设备中，例如UDM网元，该核心网设备会生成一对主公钥MPK和主私钥MSK，主私钥安全地存储在该核心网设备中，主公钥安全地发放给UE。该核心网设备对认证通过的合法基站，根据其身份标识颁发对应的基站私钥，基站和该核心网设备可以复用基站和核心网之间已有的认证方式进行双向认证，避免了重复建设。In this application, the PKG function is integrated into existing core network equipment, such as UDM network elements. The core network equipment will generate a pair of master public key MPK and master private key MSK, and the master private key is securely stored in the core network. In the device, the master public key is securely issued to the UE. The core network device issues the corresponding base station private key to the legal base station that has passed the authentication according to its identity. The base station and the core network device can reuse the existing authentication method between the base station and the core network for mutual authentication, avoiding repeated construction .

本申请第四方面提供一种基站，包括：A fourth aspect of the present application provides a base station, including:

获取模块，用于向核心网设备请求基站公钥对应的基站私钥，所述基站与核心网设备已通过身份认证；An obtaining module, configured to request the base station private key corresponding to the base station public key from the core network device, and the base station and the core network device have passed identity authentication;

签名模块，用于根据所述基站私钥进行签名得到签名信息；The signature module is used to sign according to the private key of the base station to obtain signature information;

发送模块，还用于向UE发送广播消息，所述广播消息中包括所述签名信息和所述基站公钥。The sending module is also used to send a broadcast message to the UE, and the broadcast message includes the signature information and the base station public key.

一种示例性的方式中，还包括接收模块和解密模块；In an exemplary manner, it further includes a receiving module and a decrypting module;

所述接收模块，用于接收UE发送的所述广播消息的响应消息，所述广播消息的响应消息中包括第一加密信息，所述第一加密信息是所述UE根据所述基站公钥和存储的主公钥对第一信息加密得到的；The receiving module is configured to receive a response message of the broadcast message sent by the UE, the response message of the broadcast message includes first encryption information, and the first encryption information is the UE according to the base station public key and The stored master public key is obtained by encrypting the first information;

所述解密模块用于：使用所述基站私钥对所述第一加密信息进行解密，所述基站私钥是所述核心网设备根据所述基站公钥和主私钥生成的，所述主公钥和所述主私钥是所述核心网设备生成的一对秘钥；当所述基站使用所述基站私钥对所述第一加密信息解密失败时，丢弃所述广播消息的响应消息。The decryption module is configured to decrypt the first encrypted information using the base station private key, the base station private key is generated by the core network device according to the base station public key and the master private key, and the master The public key and the master private key are a pair of secret keys generated by the core network device; when the base station fails to decrypt the first encrypted information using the base station private key, the response message of the broadcast message is discarded .

一种示例性的方式中，所述广播消息的响应消息中包括第二重放参数，还包括验证模块，所述验证模块用于：根据所述第二重放参数验证所述广播消息的响应消息是否为重放消息；In an exemplary manner, the response message of the broadcast message includes a second replay parameter, and further includes a verification module configured to: verify the response of the broadcast message according to the second replay parameter Whether the message is a replay message;

所述解密模块具体用于：当所述验证模块验证所述广播消息的响应消息不是重放消息时，使用所述基站私钥对所述第一加密信息进行解密。The decryption module is specifically configured to use the base station private key to decrypt the first encrypted information when the verification module verifies that the response message of the broadcast message is not a replay message.

一种示例性的方式中，所述解密模块还用于：当所述验证模块验证所述广播消息的响应消息是重放消息时，丢弃所述广播消息的响应消息。In an exemplary manner, the decryption module is further configured to: when the verification module verifies that the response message of the broadcast message is a replay message, discard the response message of the broadcast message.

一种示例性的方式中，所述获取模块从所述核心网设备获取到所述基站私钥后，不存储所述基站私钥。In an exemplary manner, after the obtaining module obtains the base station private key from the core network device, the base station private key is not stored.

一种示例性的方式中，所述获取模块具体用于：向所述核心网设备发送第一请求消息，所述第一请求消息中包括所述基站公钥；接收所述核心网设备发送的所述第一请求消息的响应消息，所述第一请求的响应消息中包括所述基站私钥。In an exemplary manner, the acquiring module is specifically configured to: send a first request message to the core network device, where the first request message includes the base station public key; and receive a message sent by the core network device The response message of the first request message, and the response message of the first request includes the base station private key.

一种示例性的方式中，所述基站公钥包括基站身份标识。相应的，所述第一加密信息是所述UE根据所述基站公钥、所述主公钥以及第一时间信息加密得到的，所述第一时间信息与所述UE加密时的当前时间戳以及第一时间间隔相关；所述基站私钥是所述核心网设备根据所述基站公钥、所述主私钥以及第二时间信息生成的，所述第二时间信息与所述核心网设备生成所述基站私钥时的当前时间戳以及所述第一时间间隔相关。In an exemplary manner, the base station public key includes a base station identity identifier. Correspondingly, the first encryption information is obtained by the UE encrypted according to the base station public key, the master public key, and first time information, and the first time information is the same as the current timestamp when the UE was encrypted And the first time interval; the base station private key is generated by the core network device according to the base station public key, the master private key, and second time information, and the second time information is related to the core network device The current timestamp when the base station private key is generated is related to the first time interval.

本申请第五方面提供一种UE，包括：A fifth aspect of the present application provides a UE, including:

接收模块，用于接收基站发送的广播消息，所述广播消息中包括签名信息和基站公钥，所述签名信息是所述基站通过基站私钥签名得到的，所述基站私钥是核心网设备发送给所述基站的；The receiving module is used to receive a broadcast message sent by a base station, the broadcast message includes signature information and a base station public key, the signature information is obtained by the base station through the base station private key signature, and the base station private key is a core network device Sent to the base station;

验证模块，用于所述UE根据保存的主公钥、所述基站公钥和所述签名信息验证所述广播消息是否来自合法基站，所述主公钥是所述核心网设备为所述UE生成的；当所述广播消息不是来自合法基站时，丢弃所述广播消息。The verification module is used for the UE to verify whether the broadcast message comes from a legitimate base station according to the saved master public key, the base station public key, and the signature information, and the master public key is that the core network device is the UE Generated; when the broadcast message is not from a legitimate base station, discard the broadcast message.

一种示例性的方式中，所述广播消息中包括第一重放参数，所述验证模块具体用于：In an exemplary manner, the broadcast message includes the first replay parameter, and the verification module is specifically configured to:

根据所述第一重放参数验证所述广播消息是否为重放消息；Verifying whether the broadcast message is a replay message according to the first replay parameter;

根据所述主公钥和所述基站公钥对所述签名信息进行验证；Verify the signature information according to the master public key and the base station public key;

加密模块，用于当所述广播消息来自合法基站时，根据所述基站公钥和所述主公钥对第一信息加密得到第一加密信息；An encryption module, configured to encrypt first information according to the base station public key and the master public key to obtain first encrypted information when the broadcast message comes from a legal base station;

发送模块，用于向所述基站发送所述广播消息的响应消息，所述广播消息的响应消息中包括所述第一加密信息。The sending module is configured to send a response message of the broadcast message to the base station, and the response message of the broadcast message includes the first encryption information.

一种示例性的方式中，所述基站公钥包括基站身份标识和所述基站公钥的有效期；所述验证模块具体用于：验证所述基站公钥的有效期是否有效，当所述基站公钥的有效期有效时，根据所述主公钥和所述基站公钥对所述签名信息进行验证，根据所述签名信息的验证结果确定所述广播消息是否来自合法基站。In an exemplary manner, the base station public key includes a base station identity and the validity period of the base station public key; the verification module is specifically configured to verify whether the validity period of the base station public key is valid, when the base station public key When the validity period of the key is valid, the signature information is verified according to the master public key and the base station public key, and it is determined whether the broadcast message comes from a legitimate base station according to the verification result of the signature information.

一种示例性的方式中，所述基站公钥包括基站身份标识；所述验证模块具体用于：根据所述主公钥、所述基站公钥以及第三时间信息对所述签名信息进行验证，所述第三时间信息与所述UE的当前时间戳以及第一时间间隔相关，根据所述签名信息的验证结果确定所述广播消息是否来自合法基站。In an exemplary manner, the base station public key includes a base station identity; the verification module is specifically configured to: verify the signature information according to the master public key, the base station public key, and third time information The third time information is related to the current time stamp of the UE and the first time interval, and it is determined whether the broadcast message comes from a legitimate base station according to a verification result of the signature information.

当所述基站公钥包括基站身份标识的情况下，所述第一加密信息可以是所述UE根据所述基站公钥、所述主公钥以及第一时间信息对所述第一信息加密得到的，所述第一时间信息与所述UE加密时的当前时间戳以及所述第一时间间隔相关。When the base station public key includes a base station identity, the first encryption information may be obtained by the UE encrypting the first information according to the base station public key, the master public key, and first time information Yes, the first time information is related to the current timestamp when the UE was encrypted and the first time interval.

本申请第六方面提供一种核心网设备，包括：A sixth aspect of this application provides a core network device, including:

接收模块，接收基站发送的请求消息，所述请求消息中包括所述基站的基站公钥；A receiving module to receive a request message sent by a base station, where the request message includes the base station public key of the base station;

生成模块，用于根据所述基站公钥和主私钥生成所述基站公钥对应的基站私钥；A generating module, configured to generate a base station private key corresponding to the base station public key according to the base station public key and the master private key;

发送模块，用于向所述基站发送所述基站私钥。The sending module is used to send the base station private key to the base station.

一种示例性的方式中，还包括存储模块；In an exemplary manner, it further includes a storage module;

所述生成模块，还用于生成秘钥对，所述秘钥对包括主公钥和所述主私钥；The generating module is also used to generate a secret key pair, the secret key pair including a master public key and the master private key;

所述存储模块，用于存储所述主私钥，所述主公钥被安全地发放给用户设备UE。The storage module is used to store the master private key, and the master public key is securely issued to the user equipment UE.

本申请第七方面提供一种一种基站，包括处理器、存储器和收发器，所述存储器用于存储指令，所述收发器用于和其他设备通信，所述处理器用于执行所述存储器中存储的指令，以使所述基站执行如本申请第一方面以及第一方面的任一可能实现方式提供的方法。A seventh aspect of the present application provides a base station, including a processor, a memory, and a transceiver. The memory is used to store instructions, the transceiver is used to communicate with other devices, and the processor is used to execute storage in the memory. , So that the base station executes the method provided in the first aspect of the present application and any possible implementation manner of the first aspect.

本申请第八方面提供一种UE，包括处理器、存储器和收发器，所述存储器用于存储指令，所述收发器用于和其他设备通信，所述处理器用于执行所述存储器中存储的指令，以使所述UE执行如本申请第二方面以及第二方面的任一可能实现方式提供的方法。An eighth aspect of the present application provides a UE, including a processor, a memory, and a transceiver. The memory is used to store instructions, the transceiver is used to communicate with other devices, and the processor is used to execute instructions stored in the memory. , So that the UE executes the method provided in the second aspect of the present application and any possible implementation manner of the second aspect.

本申请第九方面提供一种核心网设备，包括处理器、存储器和收发器，所述存储器用于存储指令，所述收发器用于和其他设备通信，所述处理器用于执行所述存储器中存储的指令，以使所述核心网设备执行如本申请第三方面以及第三方面的任一可能实现方式提供的方法。A ninth aspect of the present application provides a core network device, including a processor, a memory, and a transceiver. The memory is used to store instructions, the transceiver is used to communicate with other devices, and the processor is used to execute storage in the memory. , So that the core network device executes the method provided in the third aspect and any possible implementation manner of the third aspect of the present application.

本申请第十方面提供一种计算机可读存储介质，所述计算机可读存储介质存储有指令，当所述指令被执行时，使得计算机执行如本申请第一方面以及第一方面的任一可能实现方式提供的方法。The tenth aspect of the present application provides a computer-readable storage medium, the computer-readable storage medium stores instructions, and when the instructions are executed, the computer executes the first aspect and any one of the first aspect of the present application. The method provided by the implementation method.

本申请第十一方面提供一种计算机可读存储介质，所述计算机可读存储介质存储有指令，当所述指令被执行时，使得计算机执行如本申请第二方面以及第二方面的任一可能实现方式提供的方法。The eleventh aspect of the present application provides a computer-readable storage medium, the computer-readable storage medium stores instructions, and when the instructions are executed, the computer executes any one of the second aspect and the second aspect of the present application. It is possible to implement the method provided by the method.

本申请第十二方面提供一种计算机可读存储介质，所述计算机可读存储介质存储有指令，当所述指令被执行时，使得计算机执行如本申请第三方面以及第三方面的任一可能实现方式提供的方法。A twelfth aspect of the present application provides a computer-readable storage medium, the computer-readable storage medium stores instructions, and when the instructions are executed, the computer executes any one of the third aspect and the third aspect of the present application. It is possible to implement the method provided by the method.

本申请第十三方面提供一种计算机程序产品，所述计算机程序产品包括指令，当所述指令被执行时，使得计算机执行如本申请第一方面以及第一方面的任一可能实现方式提供的方法。A thirteenth aspect of the present application provides a computer program product. The computer program product includes instructions. When the instructions are executed, the computer executes the first aspect of the present application and any one of the possible implementation manners of the first aspect. method.

本申请第十四方面提供一种计算机程序产品，所述计算机程序产品包括指令，当所述指令被执行时，使得计算机执行如本申请第二方面以及第二方面的任一可能实现方式提供的方法。The fourteenth aspect of the present application provides a computer program product. The computer program product includes instructions. When the instructions are executed, the computer executes the second aspect of the present application and any possible implementation of the second aspect. method.

本申请第十五方面提供一种计算机程序产品，所述计算机程序产品包括指令，当所述指令被执行时，使得计算机执行如本申请第三方面以及第三方面的任一可能实现方式提供的方法。The fifteenth aspect of the present application provides a computer program product. The computer program product includes instructions. When the instructions are executed, the computer executes the third aspect of the present application and any possible implementation manner of the third aspect. method.

本申请第十六方面提供一种芯片上***或***芯片，所述芯片上***或***芯片可应用于基站，所述芯片上***或***芯片包括：至少一个通信接口，至少一个处理器，至少一个存储器，所述通信接口、存储器和处理器通过总线互联，所述处理器通过执行所述存储器中存储的指令，使得所述基站可执行如本申请第一方面以及第一方面的任一可能实现方式提供的方法。The sixteenth aspect of the present application provides a system-on-chip or system-on-chip, which can be applied to a base station, and the system-on-chip or system-on-chip includes: at least one communication interface, at least one processor, and at least A memory, the communication interface, the memory, and the processor are interconnected by a bus, and the processor executes the instructions stored in the memory so that the base station can execute any one of the first aspect and the first aspect of the application The method provided by the implementation method.

本申请第十七方面提供一种芯片上***或***芯片，所述芯片上***或***芯片可应用于UE，所述芯片上***或***芯片包括：至少一个通信接口，至少一个处理器，至少一个存储器，所述通信接口、存储器和处理器通过总线互联，所述处理器通过执行所述存储器中存储的指令，使得所述UE执行如本申请第二方面以及第二方面的任一可能实现方式提供的方法。The seventeenth aspect of the present application provides a system-on-chip or system-on-chip, the system-on-chip or system-on-chip can be applied to UE, and the system-on-chip or system-on-chip includes: at least one communication interface, at least one processor, and at least A memory, the communication interface, the memory, and the processor are interconnected by a bus, and the processor executes the instructions stored in the memory to enable the UE to execute any possible implementation of the second aspect and the second aspect of the present application The method provided by the method.

本申请第十八方面提供一种芯片上***或***芯片，所述芯片上***或***芯片可应用于核心网设备，所述芯片上***或***芯片包括：至少一个通信接口，至少一个处理器，至少一个存储器，所述通信接口、存储器和处理器通过总线互联，所述处理器通过执行所述存储器中存储的指令，使得所述核心网执行如本申请第三方面以及第三方面的任一可能实现方式提供的方法。An eighteenth aspect of the present application provides a system on a chip or a system chip, which can be applied to a core network device, and the system on a chip or a system chip includes: at least one communication interface and at least one processor , At least one memory, the communication interface, the memory, and the processor are interconnected through a bus, and the processor executes the instructions stored in the memory to make the core network execute any of the third and third aspects of the present application. A method provided by a possible implementation.

本申请实施例提供的数据传输方法和装置，通过将PKG功能集成到核心网设备中，例如，UDM网元中，基站与核心网设备可以复用二者之间已有的认证机制进行身份认证，在通过身份认证之后，核心网设备可以向基站发送基站公钥对应的基站私钥，基站在向UE发送广播消息时，通过基站私钥签名得到签名信息，将签名信息和基站公钥携带在广播消息中发送给UE。通过在广播消息中携带使用基站私钥签名的签名信息和基站公钥，使得UE根据该签名信息和基站公钥能够验证消息是否来自合法基站，从而拒绝伪基站的操作，将基站公钥携带在广播消息中发送给UE，能够避免伪基站故意发送海量垃圾公钥耗尽UE的存储资源，导致UE不可用，并且本实施例中核心网设备具有PKG功能，从而使得基站能够复用与核心网设备之间的身份认证方式，不需要单独设计与PKG的认证。The data transmission method and device provided by the embodiments of this application integrate the PKG function into the core network equipment, for example, in the UDM network element, the base station and the core network equipment can reuse the existing authentication mechanism between the two for identity authentication After passing the identity authentication, the core network device can send the base station private key corresponding to the base station public key to the base station. When the base station sends a broadcast message to the UE, it obtains the signature information through the base station private key signature, and carries the signature information and the base station public key in The broadcast message is sent to the UE. By carrying the signature information signed with the base station private key and the base station public key in the broadcast message, the UE can verify whether the message comes from a legitimate base station based on the signature information and the base station public key, thereby rejecting the operation of the pseudo base station and carrying the base station public key in The broadcast message is sent to the UE, which can prevent the pseudo base station from deliberately sending massive garbage public keys to exhaust the storage resources of the UE, causing the UE to be unavailable, and the core network equipment in this embodiment has the PKG function, so that the base station can reuse the core network The identity authentication method between devices does not require a separate design for authentication with PKG.

附图说明Description of the drawings

图1为5G网络架构的一种示意图；Figure 1 is a schematic diagram of a 5G network architecture;

图2为本申请实施例一提供的数据传输方法的流程图；FIG. 2 is a flowchart of a data transmission method provided in Embodiment 1 of this application;

图3为本申请实施例二提供的数据传输方法的流程图；FIG. 3 is a flowchart of the data transmission method provided in the second embodiment of this application;

图4为本申请实施例三提供的数据传输方法的信令流程图；4 is a signaling flowchart of the data transmission method provided in Embodiment 3 of this application;

图5为本申请实施例四提供的基站的一种结构示意图；FIG. 5 is a schematic structural diagram of a base station provided in Embodiment 4 of this application;

图6为本申请实施例五提供的UE的一种结构示意图；FIG. 6 is a schematic structural diagram of a UE provided in Embodiment 5 of this application;

图7为本申请实施六提供的核心网设备的一种结构示意图；FIG. 7 is a schematic diagram of a structure of a core network device provided by implementation six of this application;

图8为本申请实施例七提供的基站的一种结构示意图；FIG. 8 is a schematic structural diagram of a base station provided in Embodiment 7 of this application;

图9为本申请实施例八提供的UE的结构示意图；FIG. 9 is a schematic structural diagram of a UE provided in Embodiment 8 of this application;

图10为本申请实施例九提供的核心网设备的结构示意图。FIG. 10 is a schematic structural diagram of a core network device provided in Embodiment 9 of this application.

具体实施方式Detailed ways

本申请实施例提供一种数据传输方法，本申请实施例的方法可以应用在5G网络中，但不限于5G网络中，随着通信***的演进，本申请的方法还可能应用在未来通信***中或者下一代移动通信***中。The embodiment of the application provides a data transmission method. The method of the embodiment of the application can be applied to a 5G network, but is not limited to a 5G network. With the evolution of communication systems, the method of this application may also be applied to future communication systems Or in the next generation mobile communication system.

5G网络也称为新无线通信***、新接入技术(New Radio，简称NR)。5G网络包括接入网(access network，简称AN)和核心网。The 5G network is also called a new wireless communication system and a new access technology (New Radio, NR for short). The 5G network includes an access network (AN for short) and a core network.

图1为5G网络架构的一种示意图，如图1所示，5G***中的接入网可以是无线接入网(radio access network，简称(R)AN)，5G***中的(R)AN设备可以由多个5G-(R)AN节点组成，该5G-(R)AN节点可以包括：新空口基站(NR nodeB，简称gNB)、新一代演进型基站(NG-eNB)、中心单元(central unit，简称CU)和分布式单元(distributed unit，简称DU)分离形态的gNB等)、收发点(transmission receive point，简称TRP)、传输点(transmission point，简称TP)、无线保真(WIreless-Fidelity，简称WiFi)网络的接入点(access point，简称AP)或其它节点。Figure 1 is a schematic diagram of the 5G network architecture. As shown in Figure 1, the access network in the 5G system can be a radio access network (radio access network, (R)AN for short), and (R)AN in the 5G system The device can be composed of multiple 5G-(R)AN nodes. The 5G-(R)AN nodes can include: new air interface base station (NR nodeB, gNB for short), next-generation evolved base station (NG-eNB), and central unit ( Central unit (CU) and distributed unit (DU) separated form gNB, etc.), transmission receiving point (TRP), transmission point (TP), wireless fidelity (WIreless) -Fidelity, WiFi for short) access point (AP for short) or other nodes of the network.

5G网络的核心网包括接入和移动性管理功能(Access and Mobility Management Function，简称AMF)网元、会话管理功能(Session Management Function，简称SMF)网元、用户面功能(User Plane Function，简称UPF)网元、策略控制功能(Policy Control Function，简称PCF)网元、应用功能(Application Function，简称AF)网元、统一数据管理(unified data management，简称UDM)网元、鉴权服务器功能(Authentication Server Function，简称AUSF)网元、网络切片选择功能(Network Slice Selection Function，进程NSSF)网元等多个功能单元。The core network of the 5G network includes Access and Mobility Management Function (AMF) network elements, Session Management Function (SMF) network elements, and User Plane Function (UPF) ) Network element, Policy Control Function (PCF) network element, Application Function (AF) network element, Unified data management (UDM) network element, Authentication server function (Authentication) Server Function, abbreviated as AUSF) network element, network slice selection function (Network Slice Selection Function, process NSSF) network element and other functional units.

AMF主要负责移动性管理、接入管理等服务。SMF网元主要负责会话管理、终端设备的地址管理和分配、动态主机配置协议功能、用户面功能的选择和控制等。UPF网元主要负责对外连接到数据网络(data network，简称DN)以及用户面的数据包路由转发、报文过滤、执行QoS控制相关功能等。PCF网元主要负责为网络行为管理提供统一的策略框架、提供控制面功能的策略规则、获取与策略决策相关的注册信息等。AUSF主要负责对终端设备的认证功能等。UDM网元主要负责对网络中资源、用户和业务进行管理，UDM可以采用多种方式自动的发现数据中心和灾备中心部署的存储、网络、安全和服务器等设备；并对这些设备进行自动的识别和归类，将设备的相关配置和状态信息同步到UDM中进行统一的管理和监控。AMF is mainly responsible for services such as mobility management and access management. SMF network elements are mainly responsible for session management, address management and allocation of terminal devices, dynamic host configuration protocol functions, selection and control of user plane functions, etc. The UPF network element is mainly responsible for externally connecting to a data network (data network, DN for short) and user plane data packet routing and forwarding, message filtering, and performing QoS control related functions. The PCF network element is mainly responsible for providing a unified policy framework for network behavior management, providing policy rules for control plane functions, and obtaining registration information related to policy decisions. AUSF is mainly responsible for the authentication function of terminal equipment. UDM network elements are mainly responsible for the management of resources, users and services in the network. UDM can automatically discover the storage, network, security, and server equipment deployed in the data center and disaster recovery center in a variety of ways; and automatically perform these equipment Identify and classify, synchronize the relevant configuration and status information of the device to UDM for unified management and monitoring.

需要说明的是，这些功能单元可以独立工作，也可以组合在一起实现某些控制功能，如对终端设备的接入鉴权、安全加密、位置注册等接入控制和移动性管理功能，以及用户面传输路径的建立、释放和更改等会话管理功能。It should be noted that these functional units can work independently, or they can be combined to achieve certain control functions, such as access control and mobility management functions such as access authentication, security encryption, location registration for terminal equipment, and user Session management functions such as the establishment, release, and modification of the surface transmission path.

5G网络中各功能单元之间可以通过下一代网络(next generation，简称NG)接口进行通信，如：终端设备可以通过NG接口1(简称N1)与AMF进行控制面消息的传输，(R)AN设备可以通过NG接口3(简称N3)与UPF网元建立用户面数据传输通道，(R)AN设备可以通过NG接口2(简称N2)与AMF建立控制面信令连接，UPF网元可以通过NG接口4(简称N4)与SMF网元进行信息交互，AMF可以通过NG接口11(简称N11)与SMF网元进行信息交互，SMF网元可以通过NG接口7(简称N7)与PCF网元进行信息交互，UDM通过接口8(简称N8)与AMF交互，UDM通过接口10(简称N10)与SMF网元交互。The functional units in the 5G network can communicate through the next generation network (NG) interface. For example, the terminal device can transmit control plane messages with the AMF through the NG interface 1 (N1), (R)AN The device can establish a user plane data transmission channel with UPF network element through NG interface 3 (abbreviated as N3), (R)AN device can establish control plane signaling connection with AMF via NG interface 2 (abbreviated as N2), and UPF network element can use NG Interface 4 (N4 for short) exchanges information with SMF network elements. AMF can exchange information with SMF network elements through NG interface 11 (N11 for short). SMF network elements can exchange information with PCF network elements through NG interface 7 (N7 for short). For interaction, UDM interacts with AMF through interface 8 (abbreviated as N8), and UDM interacts with SMF network element through interface 10 (abbreviated as N10).

需要说明的是，5G网络的核心网的网元除了图1中所示功能单元之外，还可以包括其他功能单元。It should be noted that, in addition to the functional units shown in FIG. 1, the network elements of the core network of the 5G network may also include other functional units.

本申请实施例涉及到UE也称为终端设备，可以是：手机、电脑，还可以为蜂窝电话、无绳电话、会话发起协议(session initiation protocol，简称SIP)电话、智能电话、个人数字助理(personal digital assistant，简称PDA)、电脑、膝上型计算机、手持式通信设备、手持式计算设备、卫星无线设备、无线调制解调器卡、电视机顶盒(set top box，简称STB)、车载设备、可穿戴设备(例如智能手表、智能手环、智能眼镜)、智能家居设备、用于在无线***上进行通信的其它设备等。The embodiments of this application involve UEs, which are also called terminal devices, which can be mobile phones, computers, cellular phones, cordless phones, session initiation protocol (SIP) phones, smart phones, and personal digital assistants (personal digital assistants). digital assistant, PDA for short), computers, laptop computers, handheld communication devices, handheld computing devices, satellite wireless devices, wireless modem cards, TV set top boxes (STB for short), in-vehicle devices, wearable devices ( Such as smart watches, smart bracelets, smart glasses), smart home devices, other devices used to communicate on wireless systems, etc.

UE和基站之间的空口通信需要保证安全，一方面，UE需要识别基站发送的消息是来自合法基站还是伪基站，现有技术中，UE无法识别基站来自合法基站还是伪基站，因此即使伪基站广播欺骗消息，UE也只能接受请求。例如，伪基站可以不断地向UE发送身份识别请求(Identity Request)，UE不断的响应用户隐藏标识(Subscription concealed identifier，SUCI)或者全局唯一的临时标识(globally unique temporary identity，GUTI)，从而导致手机电力消耗。伪基站还可以向UE发起拒绝服务(Denial of Service，DoS)攻击或者分布式拒绝服务攻击(Distributed denial of service attack，DDoS)，导致UE无法响应正常的业务。The air interface communication between the UE and the base station needs to be secure. On the one hand, the UE needs to identify whether the message sent by the base station is from a legitimate base station or a pseudo base station. In the prior art, the UE cannot identify whether the base station is from a legitimate base station or a pseudo base station. When spoofing messages are broadcast, the UE can only accept requests. For example, the pseudo base station can continuously send an identity request (Identity Request) to the UE, and the UE continuously responds to the user's subscription concealed identifier (SUCI) or globally unique temporary identity (GUTI), which causes the mobile phone power consumption. The pseudo base station can also initiate a denial of service (Denial of Service, DoS) attack or a distributed denial of service attack (DDoS) to the UE, causing the UE to fail to respond to normal services.

另一方面，UE给基站发送消息时是通过空口明文传输的，空口传输的信息有可能被从篡改或者被窃取。UE通过空口发送给基站的信息中，除了用核心网公钥加密的预认证信息外，还包括需要基站感知的路由信息，例如切片信息和UE能力(capability)信息，切片信息用于基站选择AMF网元，UE能力信息用于基站识别UE能力，这部分需要基站感知的路由信息目前没有做加密，在空口中是明文传输。空口传输过程中，如果切片信息遭受篡改，有可能对AMF网元发起DDoS，而如果UE能力信息泄露，可能会威胁UE的隐私安全。On the other hand, when the UE sends a message to the base station, it is transmitted in plain text over the air interface, and the information transmitted over the air interface may be tampered with or stolen. The information sent by the UE to the base station via the air interface includes not only the pre-authentication information encrypted with the core network public key, but also routing information that needs to be sensed by the base station, such as slice information and UE capability information. The slice information is used by the base station to select AMF For network elements, UE capability information is used by the base station to identify the UE capability. This part of the routing information that needs to be sensed by the base station is currently not encrypted, and is transmitted in clear text over the air interface. During the air interface transmission, if the slice information is tampered with, DDoS may be initiated to the AMF network element, and if the UE capability information is leaked, the privacy of the UE may be threatened.

UE要识别广播消息是否来自合法基站，可以由合法基站用私钥签名广播消息，然后发给UE，UE用基站的公钥验证广播消息。如果验证通过，表明广播消息来自合法基站，如果验证不通过，则说明广播消息来自伪基站。该方法的前提是需要确保公钥和私钥对是合法的，如果采用传统的非对称密码算法，例如RSA秘钥生成算法，由于RSA密钥生成算法是公开的，任何人都可以生成一对可以签名验证通过的公钥和私钥对。为了保证RSA公私钥对的合法性，一个方法是在出厂时由厂家在UE和基站上分别预置这对公钥和私钥。但是，UE在使用前无法确定具体将跟哪个基站通信，即使知道所有基站公钥，UE也要花费存储资源去存储和管理大量可能接入基站的公钥。The UE needs to identify whether the broadcast message comes from a legal base station. The legal base station can sign the broadcast message with a private key and then send it to the UE. The UE uses the base station's public key to verify the broadcast message. If the verification is passed, it means that the broadcast message is from a legitimate base station. If the verification is not passed, it means that the broadcast message is from a pseudo base station. The premise of this method is to ensure that the public and private key pairs are legal. If traditional asymmetric cryptographic algorithms, such as the RSA key generation algorithm, are used, since the RSA key generation algorithm is public, anyone can generate a pair The public key and private key pair that passed the signature verification can be signed. In order to ensure the legitimacy of the RSA public-private key pair, one method is to preset the pair of public and private keys on the UE and the base station respectively by the manufacturer before leaving the factory. However, the UE cannot determine which base station it will communicate with before use. Even if it knows the public keys of all base stations, the UE has to spend storage resources to store and manage a large number of public keys that may be connected to the base station.

基于身份的加密(Identity Based Encryption，简称IBE)方案可以解决以上问题，在IBE方案中，基站在申请私钥时需要通过PKG的身份认证才可以拿到合法私钥，并不是任何人都可以通过公开算法生成的。因此，只需要在UE中预置一个主公钥，在PKG中预置主公钥和主私钥，PKG负责为所有基站生成合法私钥。The Identity-Based Encryption (IBE) solution can solve the above problems. In the IBE solution, the base station needs to pass the identity authentication of the PKG when applying for the private key to get the legal private key, and not everyone can pass it. Generated by public algorithms. Therefore, only one master public key needs to be preset in the UE, and the master public key and the master private key are preset in the PKG, and the PKG is responsible for generating legal private keys for all base stations.

一种IBE方法如下：基站将自己的公钥携带在广播消息中发送给UE，基站公钥是基站根据基站ID和有效期生成。UE接收到基站公钥后存储基站公钥，基站经PKG通过身份认证后，向PKG请求基站公钥对应的私钥，基站公钥对应的私钥是PKG基于基站公钥和主私钥生成，PKG生成一对主公钥和主私钥，主私钥由PKG保存，主公钥被安全地颁发给了UE。基站采用有效的私钥签名广播消息后，将广播消息发送给UE，UE接收广播消息后，根据存储的基站公钥和PKG生成的主公钥一起验证广播消息中的签名信息是否来自合法基站，如果签名信息来自合法基站，则UE接收该广播消息，并通过空口向基站回复该广播消息的响应。An IBE method is as follows: the base station carries its own public key in a broadcast message and sends it to the UE, and the base station public key is generated by the base station according to the base station ID and the validity period. After receiving the base station public key, the UE stores the base station public key. After the base station passes the identity authentication by the PKG, it requests the PKG for the private key corresponding to the base station public key. The private key corresponding to the base station public key is generated by the PKG based on the base station public key and the master private key. The PKG generates a pair of a master public key and a master private key. The master private key is saved by the PKG, and the master public key is securely issued to the UE. After the base station uses a valid private key to sign the broadcast message, it sends the broadcast message to the UE. After the UE receives the broadcast message, it verifies whether the signature information in the broadcast message comes from a legitimate base station according to the stored base station public key and the master public key generated by the PKG. If the signature information comes from a legitimate base station, the UE receives the broadcast message and replies to the base station with a response to the broadcast message through the air interface.

但是，上述IBE方法中依然存在以下问题：(1)PKG与5G网络独立部署，需要伪基站和PKG重新设计认证机制。(2)基站在广播消息前，需要将基站公钥发送给UE存储，伪基站可能会向UE发起大量无用基站公钥，以耗尽UE的存储资源，导致UE不可用。(3)基站在公钥有效期内，需要存储对应的基站私钥。由于基站与PKG相比，基站的资源有限，不能很好的保护基站私钥，存储在基站中的基站私钥存在泄露的风险。(4)UE与基站的空口通信缺乏防重放机制，基站签名的广播消息可能被非法基站重复利用。(5)UE发送给基站的需要基站感知的信息，由于需要基站感知，所以不能利用核心网公钥进行加密传输，需要基站感知的信息通过明文传输，会导致信息的泄露或者篡改。However, the following problems still exist in the above-mentioned IBE method: (1) PKG and 5G network are deployed independently, which requires pseudo base stations and PKG to redesign the authentication mechanism. (2) Before broadcasting the message, the base station needs to send the base station public key to the UE for storage. The pseudo base station may initiate a large number of useless base station public keys to the UE to exhaust the storage resources of the UE and make the UE unavailable. (3) The base station needs to store the corresponding base station private key during the validity period of the public key. Since the base station has limited resources compared with the PKG, the base station private key cannot be well protected, and the base station private key stored in the base station may be leaked. (4) The air interface communication between the UE and the base station lacks an anti-replay mechanism, and the broadcast message signed by the base station may be reused by illegal base stations. (5) The information sent by the UE to the base station that needs to be sensed by the base station cannot be encrypted and transmitted with the core network public key because it needs to be sensed by the base station. The information that needs to be sensed by the base station is transmitted in plain text, which may lead to information leakage or tampering.

为了解决现有技术的问题，本申请实施例提供一种基站和UE之间的数据传输方法，基站对发送给UE的广播消息进行签名，以使得UE根据签名验证广播消息是否来自合法基站，UE对发送给基站的消息进行加密，以防止消息中携带的信息被篡改。In order to solve the problems of the prior art, an embodiment of the present application provides a data transmission method between a base station and a UE. The base station signs a broadcast message sent to the UE so that the UE can verify whether the broadcast message comes from a legitimate base station according to the signature. Encrypt the message sent to the base station to prevent the information contained in the message from being tampered with.

本申请实施例中，基站用于进行签名的基站私钥由核心网设备下发，该核心网设备具有IBE能力，可实现PKG功能，该核心网设备可以是5G核心网中的UDM网元，还可以是5G核心网中的其他网元，本申请不对此进行限制。当然，该核心网设备不限于5G网络的核心网网元，还可以是其他网络的核心网网元，例如，长期演进***(Long Term Evolution，LTE)核心网的网元。In the embodiment of this application, the base station private key used by the base station for signing is issued by the core network device, which has IBE capability and can realize the PKG function. The core network device may be a UDM network element in a 5G core network. It may also be other network elements in the 5G core network, which is not limited in this application. Of course, the core network equipment is not limited to the core network element of the 5G network, but may also be the core network element of other networks, for example, the element of the Long Term Evolution (LTE) core network.

本申请实施例中，该具有PKG功能的核心网设备会生成一对主公钥MPK和主私钥MSK，主私钥安全地存储在该核心网设备中，主公钥安全地发放给UE，例如，在UE出厂之前将主公钥预置在UE。该核心网设备对认证通过的合法基站，根据其身份标识颁发对应的基站私钥，基站和该核心网设备可以复用基站和核心网之间已有的认证方式进行双向认证，避免了重复建设。基于第三代合作伙伴计划(3rd Generation Partnership Project，3GPP)的5G网络中，基站和5G核心网中的核心网设备可以基于互联网安全协议(Internet Protocol Security，IPsec)进行身份认证，基于IPsec的身份认证为双向认证。可以理解，随着网络的演进或者不同，基站和核心网设备的身份认证方式会相应变化。In the embodiment of this application, the core network device with PKG function generates a pair of master public key MPK and master private key MSK. The master private key is securely stored in the core network device, and the master public key is securely issued to the UE. For example, the master public key is preset in the UE before the UE leaves the factory. The core network device issues the corresponding base station private key to the legal base station that has passed the authentication according to its identity. The base station and the core network device can reuse the existing authentication method between the base station and the core network for mutual authentication, avoiding repeated construction . In the 5G network based on the 3rd Generation Partnership Project (3rd Generation Partnership Project, 3GPP), base stations and core network devices in the 5G core network can perform identity authentication based on Internet Protocol Security (IPsec) and identity based on IPsec Authentication is mutual authentication. It can be understood that as the network evolves or is different, the identity authentication methods of base stations and core network equipment will change accordingly.

图2为本申请实施例一提供的数据传输方法的流程图，如图1所示，本实施例的方法包括以下步骤：FIG. 2 is a flowchart of the data transmission method provided in Embodiment 1 of this application. As shown in FIG. 1, the method in this embodiment includes the following steps:

S101、基站向核心网设备请求基站公钥对应的基站私钥。S101: The base station requests the base station private key corresponding to the base station public key from the core network device.

基站与核心网设备先进行身份认证，在互相确认身份之后，基站才可以向核心网设备请求基站私钥。通常情况下，基站或者核心网设备在设备初始化时，二者之间才需要进行身份认证。The base station and the core network device perform identity authentication first, and after mutual confirmation of the identities, the base station can request the base station private key from the core network device. Normally, when the base station or the core network equipment is initialized, the identity authentication between the two is required.

基站可以向核心网设备发送第一请求消息，该第一请求消息用于请求基站公钥对应的私钥，该第一请求消息中包括基站公钥，该基站公钥是基站生成的。第一请求消息可以是已有的消息，也可以为新定义的消息。The base station may send a first request message to the core network device, where the first request message is used to request a private key corresponding to the base station public key, and the first request message includes the base station public key, and the base station public key is generated by the base station. The first request message may be an existing message or a newly defined message.

一种可选方式中，该基站公钥由基站身份标识和基站公钥的有效期组成，基站公钥的有效期可以为一个时间段，在该有效期内，基站或者UE使用基站公钥进行签名或者加密。另一种可选方式中，该基站公钥由基站身份标识组成，该基站公钥不包括基站公钥的有效期。In an optional manner, the base station public key consists of the base station identity and the validity period of the base station public key. The validity period of the base station public key can be a period of time. During the validity period, the base station or UE uses the base station public key to sign or encrypt . In another optional manner, the base station public key is composed of a base station identity, and the base station public key does not include the validity period of the base station public key.

核心网设备接收到第一请求消息后，根据第一请求中包括的基站公钥和本地保存的主私钥生成基站私钥，并将基站私钥携带在第一请求消息的响应消息中发送给基站。After receiving the first request message, the core network device generates the base station private key according to the base station public key included in the first request and the locally stored master private key, and carries the base station private key in the response message of the first request message and sends it to Base station.

当基站公钥由基站身份标识和基站公钥的有效期组成的情况下，核心网设备根据基站公钥和本地保存的主私钥生成基站私钥。当基站公钥为基站身份标识的情况下，核心网设备根据基站公钥、本地保存的主公钥以及第二时间信息生成的。When the base station public key is composed of the base station identity and the validity period of the base station public key, the core network device generates the base station private key according to the base station public key and the master private key stored locally. When the base station public key is the identity of the base station, the core network device generates it according to the base station public key, the master public key stored locally, and the second time information.

第二时间信息与核心网设备的当前时间戳以及第一时间间隔相关，第一时间间隔可以由核心网设备自己确定，并通知给UE和基站。第一时间间隔也可以由***规定好预置在基站、UE以及核心网设备中。该方案中核心网设备生成基站私钥的方法类似于基于时间的一次性密码算法(Time-based One-time Password algorithm，TOTP)，TOTP是基于散列的消息认证码(HMAC)的示例，它使用加密哈希函数将密钥与当前时间戳组合在一起以生成一次性密码。由于网络延迟和不同步时钟可能导致密码接收者必须尝试一系列可能的时间来进行身份验证，因此时间戳通常以30秒的间隔增加，从而减少了潜在的搜索空间。The second time information is related to the current timestamp of the core network device and the first time interval. The first time interval may be determined by the core network device itself and notified to the UE and the base station. The first time interval may also be specified by the system and preset in the base station, UE, and core network equipment. In this solution, the core network equipment generates the base station private key similar to the time-based one-time password algorithm (TOTP). TOTP is an example of hash-based message authentication code (HMAC). Use a cryptographic hash function to combine the key with the current timestamp to generate a one-time password. Since network delays and unsynchronized clocks may cause the password recipient to have to try a series of possible times for authentication, the timestamp is usually increased at 30-second intervals, thereby reducing the potential search space.

核心网设备可以通过如下公式计算得到第二时间信息：TC＝floor(timestamp/T)，其中，TC表示第二时间信息，floor表示向下取整运算，timestamp表示核心网设备的当前时间戳，T表示第一时间间隔。Timestamp为一个变量，核心网设备根据当前时间戳计算基站私钥，T的取值可以根据实际情况设置，例如，可以为30ms、60ms、30分钟、1小时等等。The core network device can calculate the second time information through the following formula: TC=floor(timestamp/T), where TC represents the second time information, floor represents the round-down operation, and timestamp represents the current timestamp of the core network device, T represents the first time interval. Timestamp is a variable. The core network device calculates the base station private key according to the current timestamp. The value of T can be set according to the actual situation, for example, it can be 30ms, 60ms, 30 minutes, 1 hour, and so on.

可以理解，上述公式只是举例说明，还可以通过其他方式计算第二时间信息，例如通过对timestamp/T向上取整运算得到第二时间信息，或者，通过其他能够对timestamp/T进行运算得到整数TC的方法，本实施例不对此进行限制。It can be understood that the above formula is only an example, and the second time information can also be calculated in other ways, for example, the second time information can be obtained by rounding timestamp/T up, or the integer TC can be obtained by performing other operations on timestamp/T. The method is not limited in this embodiment.

核心网设备在生成基站公钥对应的基站私钥后，可以将基站私钥携带在第一请求消息的响应消息中发送给基站。After generating the base station private key corresponding to the base station public key, the core network device may carry the base station private key in the response message of the first request message and send it to the base station.

本实施例中，基站可以在以下情况下，向核心网设备请求基站私钥：In this embodiment, the base station may request the base station private key from the core network device in the following situations:

(1)在基站公钥由基站身份标识和基站公钥的有效期组成的情况下，当基站需要向UE发送广播消息之前，基站先判断基站公钥的有效期是否有效。示例性的，基站判断当前时间是否在基站公钥的有效期内，如果当前时间在基站公钥的有效期内，则确定基站公钥的有效期有效，如果当前时间不在基站公钥的有效期内，则确定基站公钥的有效期无效。(1) In the case where the base station public key consists of the base station identity and the validity period of the base station public key, before the base station needs to send a broadcast message to the UE, the base station first judges whether the validity period of the base station public key is valid. Exemplarily, the base station judges whether the current time is within the validity period of the base station public key, if the current time is within the validity period of the base station public key, then the validity period of the base station public key is determined to be valid, and if the current time is not within the validity period of the base station public key, it is determined The validity period of the base station public key is invalid.

在基站公钥的有效期无效的情况下，基站向核心网设备请求新的基站私钥，具体的，基站生成基站公钥的新的有效期，基站身份标识和基站公钥的新的有效期组成新的基站公钥，核心网设备根据新的基站公钥为基站生成对应的新的基站私钥，并返回给基站。When the validity period of the base station public key is invalid, the base station requests a new base station private key from the core network equipment. Specifically, the base station generates a new validity period for the base station public key, and the base station identity and the new validity period for the base station public key form a new The base station public key, the core network device generates a corresponding new base station private key for the base station according to the new base station public key, and returns it to the base station.

在基站公钥的有效期有效的情况下，基站从内存中读取基站私钥，基站内存中存储的基站私钥，可能由于内存替换算法被替换掉，如果基站能够从内存中读取到基站私钥，则使用该基站私钥对广播消息进行签名，如果基站从内存中无法读取到基站私钥，则基站向核心网设备请求新的基站私钥。When the validity period of the base station public key is valid, the base station reads the base station private key from the memory, and the base station private key stored in the base station memory may be replaced due to the memory replacement algorithm. If the base station can read the base station private key from the memory The base station private key is used to sign the broadcast message. If the base station cannot read the base station private key from the memory, the base station requests a new base station private key from the core network device.

(2)在基站公钥由基站身份标识组成的情况下，当基站需要向UE发送广播消息之前，基站根据当前时间戳与第一时间间隔计算得到第四时间信息，将该第四时间信息与本地保存的第五时间信息进行比较，其中，第五时间信息是基站接收到核心网设备发送的基站私钥时，根据当前时间戳与第一时间间隔计算得到的，当第四时间信息与第五时间信息相同时，则说明基站私钥有效，当第四时间信息和第五时间信息不相同时，则说明基站私钥无效，基站向核心网设备请求新的基站私钥。其中，第四时间信息和第五时间信息的生成方式参照前述第二时间信息的生成方式，这里不再赘述。(2) In the case that the base station public key is composed of the base station identity, before the base station needs to send a broadcast message to the UE, the base station calculates the fourth time information according to the current timestamp and the first time interval, and compares the fourth time information with The fifth time information stored locally is compared, where the fifth time information is calculated according to the current timestamp and the first time interval when the base station receives the base station private key sent by the core network device. When the fourth time information is compared with the first time interval 5. When the time information is the same, it indicates that the base station private key is valid. When the fourth time information and the fifth time information are not the same, it indicates that the base station private key is invalid, and the base station requests a new base station private key from the core network device. Wherein, the manner of generating the fourth time information and the fifth time information refers to the manner of generating the second time information, which will not be repeated here.

(3)基站周期性向核心网设备请求基站私钥。(3) The base station periodically requests the base station private key from the core network equipment.

(4)当基站有广播消息发送时，动态向核心网设备请求基站私钥，该方式中，基站每次从核心网设备获取到基站私钥后，不需要存储基站私钥。前述三种方式中，基站从核心网设备获取到基站私钥后，需要存储基站私钥。由于基站与PKG相比资源有限，基站私钥存储在基站中可能会有泄露的风险，该方式中基站不需要保存基站私钥，而是每次动态请求基站私钥，降低了基站私钥泄露的风险，并且节省了基站的存储资源。(4) When the base station sends a broadcast message, it dynamically requests the base station private key from the core network device. In this manner, the base station does not need to store the base station private key every time it obtains the base station private key from the core network device. In the foregoing three methods, after the base station obtains the base station private key from the core network device, it needs to store the base station private key. As the base station has limited resources compared with PKG, the base station private key stored in the base station may have the risk of leakage. In this method, the base station does not need to save the base station private key, but dynamically requests the base station private key every time, which reduces the leakage of the base station private key. It also saves the storage resources of the base station.

S102、基站向UE发送广播消息，该广播消息中包括签名信息和基站公钥，该签名信息是基站通过基站私钥签名得到的。S102. The base station sends a broadcast message to the UE. The broadcast message includes signature information and the base station public key. The signature information is obtained by the base station through the base station private key signature.

可以理解，基站在基站公钥的有效期内，使用的基站私钥都是相同，同样，基站在第一时间间隔内使用的基站私钥也是相同的，第一时间间隔也可以理解为基站公钥的有效期，只是第一时间间隔不需要在基站向核心网设备请求基站私钥时携带。It can be understood that the base station private key used by the base station during the validity period of the base station public key is the same. Similarly, the base station private key used by the base station in the first time interval is also the same, and the first time interval can also be understood as the base station public key The validity period of is only the first time interval does not need to be carried when the base station requests the base station private key from the core network device.

基站根据基站私钥对发送的广播信息进行签名，将签名信息和基站公钥都携带在广播消息中发送给UE，其中，签名信息用于UE验证基站的合法性，基站公钥用于UE对发送给基站的响应消息进行加密。可以理解，广播消息中除了签名信息和基站公钥，还携带有业务信息，业务信息随广播消息的类型不同而有所变化，本实施例中广播消息可以为基站和UE之间已存在的任何需要通过广播方式发送的消息。The base station signs the broadcast information sent according to the base station private key, carries both the signature information and the base station public key in the broadcast message and sends it to the UE. The signature information is used for the UE to verify the legitimacy of the base station, and the base station public key is used for the UE to pair The response message sent to the base station is encrypted. It can be understood that in addition to the signature information and the base station public key, the broadcast message also carries service information. The service information varies with the type of the broadcast message. In this embodiment, the broadcast message can be any existing information between the base station and the UE. Messages that need to be sent by broadcast.

本实施例中，基站将基站公钥携带在广播消息中发送给UE，UE不需要花费资源存储基站公钥，避免了伪基站故意发送海量非法基站公钥给UE，以耗尽UE的存储资源，导致UE不可用。In this embodiment, the base station carries the base station public key in a broadcast message and sends it to the UE. The UE does not need to spend resources to store the base station public key, which prevents the pseudo base station from deliberately sending a large number of illegal base station public keys to the UE to exhaust the storage resources of the UE. , Causing the UE to be unavailable.

可选的，该广播消息中包括第一重放参数，第一重放参数用于UE验证广播消息是否为重放消息，其中，第一重放参数可以是时间戳、随机数或者序列号。基站每次发送广播消息都会携带重放参数，且每次携带的重放参数不同，UE通过重放参数确定是否发生重放攻击(Replay Attacks)。Optionally, the broadcast message includes a first replay parameter, and the first replay parameter is used by the UE to verify whether the broadcast message is a replay message, where the first replay parameter may be a timestamp, a random number, or a sequence number. Each time the base station sends a broadcast message, it carries replay parameters, and the replay parameters carried each time are different. The UE determines whether a replay attack (Replay Attacks) occurs through the replay parameters.

重放攻击又称重播攻击、回放攻击，是指攻击者发送一个目的主机已接收过的包，来达到欺骗***的目的，主要用于身份认证过程，破坏认证的正确性。重放攻击可以由发起者，也可以由拦截并重发该数据的敌方进行。攻击者利用网络监听或者其他方式盗取认证凭据，之后再把它重新发给认证服务器。本实施例中，伪基站可以截获经过合法基站签名的广播消息，然后重复发送给UE，以耗尽UE资源，基站通过在广播消息中携带重放参数，使得UE能够识别接收到的广播消息是合法基站发送的，还是伪基站发送的重放消息。Replay attack, also known as replay attack or playback attack, refers to the attacker sending a packet that the destination host has received to achieve the purpose of deceiving the system. It is mainly used in the identity authentication process to destroy the correctness of the authentication. The replay attack can be carried out by the initiator or the enemy who intercepts and retransmits the data. The attacker uses network monitoring or other methods to steal the authentication credential, and then resend it to the authentication server. In this embodiment, the pseudo base station can intercept the broadcast message signed by the legitimate base station, and then repeatedly send it to the UE to exhaust the UE resources. The base station carries replay parameters in the broadcast message so that the UE can identify whether the received broadcast message is What is sent by the legitimate base station is the replay message sent by the pseudo base station.

S103、基站接收UE发送的广播消息的响应消息，该广播消息的响应消息中包括第一加密信息，该第一加密信息是UE根据基站公钥和存储的主公钥对第一信息加密得到的。S103. The base station receives a response message of the broadcast message sent by the UE, where the response message of the broadcast message includes first encryption information, and the first encryption information is obtained by the UE encrypting the first information according to the base station public key and the stored master public key .

步骤S103为可选步骤，UE接收到广播消息后，可能不会向基站返回广播消息的响应消息，UE接收到广播消息后，根据广播消息的类型或者包括的业务内容确定是否需要向基站返回广播消息的响应消息。Step S103 is an optional step. After the UE receives the broadcast message, it may not return the response message of the broadcast message to the base station. After receiving the broadcast message, the UE determines whether it needs to return the broadcast message to the base station according to the type of the broadcast message or the included service content. The response message of the message.

UE加密第一信息使用的基站公钥是基站通过广播消息发送的基站公钥，主公钥是具有PKG功能的核心网设备生成并颁发给UE的。The base station public key used by the UE to encrypt the first information is the base station public key sent by the base station through a broadcast message, and the master public key is generated and issued to the UE by a core network device with a PKG function.

S104、基站使用基站私钥对第一加密信息进行解密。S104. The base station uses the base station private key to decrypt the first encrypted information.

当基站公钥由基站身份标识和有效期组成时，UE使用基站公钥和主公钥对广播消息的响应消息中第一信息进行加密得到第一加密信息，第一信息可以为需要基站感知的信息，例如切片信息和UE能力信息，通过对第一信息进行加密，可以保证第一信息的安全性。基站接收到广播消息的响应消息后，根据基站私钥对第一加密信息进行解密。When the base station public key consists of the base station identity and the validity period, the UE uses the base station public key and the master public key to encrypt the first information in the response message of the broadcast message to obtain the first encrypted information. The first information may be information that needs to be sensed by the base station For example, slice information and UE capability information, by encrypting the first information, the security of the first information can be guaranteed. After receiving the response message of the broadcast message, the base station decrypts the first encrypted information according to the base station private key.

当基站公钥为基站身份标识时，UE使用基站公钥、主公钥以及第一时间信息对第一信息进行加密得到第一加密信息，其中，第一时间信息与UE加密时的当前时间戳以及第一时间间隔相关，UE可以使用与第二时间信息相同的方式计算得到第一时间信息，这里不再赘述。When the base station public key is the base station identity, the UE uses the base station public key, the master public key, and the first time information to encrypt the first information to obtain the first encrypted information, where the first time information is the current timestamp when the UE was encrypted As for the first time interval, the UE can calculate the first time information in the same manner as the second time information, which will not be repeated here.

基站接收到广播消息的响应消息后，根据当前时间戳与第一时间间隔计算得到第六时间信息，将该第六时间信息与本地保存的第五时间信息进行比较，其中，第五时间信息是基站接收到核心网设备发送的基站私钥时，根据当前时间戳与第一时间间隔计算得到的，当第六时间信息与第五时间信息相同时，则说明基站私钥有效，使用该基站私钥对第一加密信息进行解码。当第六时间信息和第五时间信息不相同时，则说明基站私钥无效，基站向核心网设备请求新的基站私钥，使用新的基站私钥对第一加密信息进行解密。其中，第六时间信息和第五时间信息的生成方式参照前述第二时间信息的生成方式，这里不再赘述。After receiving the response message of the broadcast message, the base station calculates the sixth time information according to the current timestamp and the first time interval, and compares the sixth time information with the fifth time information stored locally, where the fifth time information is When the base station receives the base station private key sent by the core network equipment, it is calculated based on the current timestamp and the first time interval. When the sixth time information is the same as the fifth time information, it means that the base station private key is valid and the base station private key is used. The key decodes the first encrypted information. When the sixth time information and the fifth time information are not the same, it means that the base station private key is invalid. The base station requests a new base station private key from the core network device, and uses the new base station private key to decrypt the first encrypted information. Wherein, the manner of generating the sixth time information and the fifth time information refers to the manner of generating the second time information described above, which will not be repeated here.

如果基站使用基站私钥对第一加密信息解密失败，则基站丢弃该广播消息的响应消息。如果基站使用基站私钥对第一加密信息解密成功，则对该广播消息的响应消息进行处理。If the base station fails to decrypt the first encrypted information using the base station private key, the base station discards the response message of the broadcast message. If the base station uses the base station private key to successfully decrypt the first encrypted information, the response message of the broadcast message is processed.

可选的，该广播消息的响应消息中包括第二重放参数，基站根据第二重放参数验证广播消息的响应消息是否为重放消息，其中，第二重放参数可以是时间戳、随机数或者序列号。第二重放参数和第一重放参数可以相同，也可以不同，例如，第一重放参数为时间戳，第二重放参数为随机数，即基站和UE使用不同的重放参数验证对端发送的消息是否为重放消息。或者，第一重放参数和第二重放参数均为时间戳，即基站和UE使用相同的重放参数验证对端发送的消息是否为重放消息。Optionally, the response message of the broadcast message includes a second replay parameter, and the base station verifies whether the response message of the broadcast message is a replay message according to the second replay parameter, where the second replay parameter may be a timestamp or random Number or serial number. The second replay parameter and the first replay parameter may be the same or different. For example, the first replay parameter is a timestamp, and the second replay parameter is a random number, that is, the base station and the UE use different replay parameters to verify the pair Whether the message sent by the terminal is a replay message. Alternatively, the first replay parameter and the second replay parameter are both timestamps, that is, the base station and the UE use the same replay parameter to verify whether the message sent by the opposite end is a replay message.

当验证广播消息的响应消息是重放消息时，基站丢弃广播消息的响应消息。当验证广播消息的响应消息不是重放消息时，基站使用基站私钥对第一加密信息进行解密。When verifying that the response message of the broadcast message is a replay message, the base station discards the response message of the broadcast message. When verifying that the response message of the broadcast message is not a replay message, the base station uses the base station private key to decrypt the first encrypted information.

本实施例中，基站可以先验证广播消息的响应消息是否为重放消息，当确认广播消息的响应消息不是重放消息时，进一步使用基站私钥对第一加密信息进行解密。如果确认广播消息的响应消息是重放消息，则丢弃广播消息的响应消息，不需要对第一加密信息进行解密了。In this embodiment, the base station may first verify whether the response message of the broadcast message is a replay message, and when it is confirmed that the response message of the broadcast message is not a replay message, the base station private key is further used to decrypt the first encrypted information. If it is confirmed that the response message of the broadcast message is a replay message, the response message of the broadcast message is discarded, and the first encrypted information does not need to be decrypted.

可选的，基站也可以先对第一加密信息进行解密，如果解密成功，则进一步根据第二重放参数验证验证广播消息的响应消息是否为重放消息，如果解密失败，则丢失广播消息的响应消息，不验证广播消息的响应消息是否为重放消息。Optionally, the base station may also decrypt the first encrypted information first. If the decryption is successful, it further verifies whether the response message of the broadcast message is a replay message according to the second replay parameter. If the decryption fails, the information of the broadcast message is lost. The response message does not verify whether the response message of the broadcast message is a replay message.

或者，基站同时进行以下操作：验证广播消息的响应消息是否为重放消息，以及对第一加密信息进行解密，如果验证广播消息的响应消息不是重放消息，且对第一加密信息解密成功，则对广播消息的响应消息进行处理，否则丢失广播消息的响应消息。Or, the base station performs the following operations at the same time: verifying whether the response message of the broadcast message is a replay message, and decrypting the first encrypted information, if it is verified that the response message of the broadcast message is not a replay message, and the first encrypted information is successfully decrypted, The response message of the broadcast message is processed, otherwise the response message of the broadcast message is lost.

本实施例中，基站向核心网设备请求基站公钥对应的基站私钥，基站向UE发送广播消息，广播消息中包括签名信息和基站公钥，签名信息是基站通过基站私钥签名得到的。通过在广播消息中携带使用基站私钥签名的签名信息和基站公钥，使得UE根据该签名信息和基站公钥能够验证消息是否来自合法基站，从而拒绝伪基站的操作，将基站公钥携带在广播消息中发送给UE，能够避免伪基站故意发送海量垃圾公钥耗尽UE的存储资源，导致UE不可用，并且本实施例中核心网设备具有PKG功能，从而使得基站能够复用与核心网设备之间的身份认证方式，不需要单独设计与PKG的认证。In this embodiment, the base station requests the base station private key corresponding to the base station public key from the core network device, and the base station sends a broadcast message to the UE. The broadcast message includes signature information and the base station public key. The signature information is obtained by the base station through the base station private key signature. By carrying the signature information signed with the base station private key and the base station public key in the broadcast message, the UE can verify whether the message comes from a legitimate base station based on the signature information and the base station public key, thereby rejecting the operation of the pseudo base station and carrying the base station public key in The broadcast message is sent to the UE, which can prevent the pseudo base station from deliberately sending massive garbage public keys to exhaust the storage resources of the UE, causing the UE to be unavailable, and the core network equipment in this embodiment has the PKG function, so that the base station can reuse the core network The identity authentication method between devices does not require a separate design for authentication with PKG.

图3为本申请实施例二提供的数据传输方法的流程图，实施例一主要从基站角度描述该数据传输方法，本实施例从UE角度描述该数据传输方法，如图3所示，本实施例的方法包括以下步骤：FIG. 3 is a flowchart of the data transmission method provided in the second embodiment of the application. The first embodiment mainly describes the data transmission method from the perspective of the base station, and this embodiment describes the data transmission method from the UE perspective. As shown in FIG. 3, this embodiment The example method includes the following steps:

步骤S201、UE接收基站发送的广播消息，该广播消息中包括签名信息和基站公钥，该签名信息是基站通过基站私钥签名得到的，基站私钥是核心网设备发送给基站的。Step S201: The UE receives a broadcast message sent by a base station. The broadcast message includes signature information and a base station public key. The signature information is obtained by the base station through the base station private key signature, and the base station private key is sent to the base station by the core network device.

步骤S202、UE根据保存的主公钥、广播消息中包括的基站公钥和签名信息验证广播消息是否来自合法基站。Step S202: The UE verifies whether the broadcast message comes from a legitimate base station according to the stored master public key, the base station public key included in the broadcast message, and the signature information.

主公钥是核心网设备为UE生成的，可以在UE出厂时预置在UE中。由于签名信息是基站使用基站私钥签名的，而基站私钥是根据基站公钥和主私钥生成的，如果广播消息没有被篡改，那广播消息中的签名信息与UE通过主公钥和基站公钥签名得到的签名信息一致。如果广播消息被篡改了，那么UE通过主公钥和基站公钥得到的签名信息与广播消息中包的签名信息不一致。The master public key is generated by the core network device for the UE, and can be preset in the UE when the UE leaves the factory. Since the signature information is signed by the base station using the base station private key, and the base station private key is generated based on the base station public key and the master private key, if the broadcast message has not been tampered with, the signature information in the broadcast message and the UE pass the master public key and the base station. The signature information obtained by the public key signature is consistent. If the broadcast message is tampered with, the signature information obtained by the UE through the master public key and the base station public key is inconsistent with the signature information contained in the broadcast message.

可选的，基站公钥由基站身份标识和有效期组成，或者，基站公钥由基站身份标识组成。Optionally, the base station public key consists of the base station identity and the validity period, or the base station public key consists of the base station identity.

当基站公钥由基站身份标识和有效期组成时，基站接收到广播消息后，先从基站公钥中获取基站公钥的有效期，根据当前时间以及基站公钥的有效期判断基站公钥的有效期是否有效，如果基站公钥的有效期有效，则使用基站公钥和主公钥对签名信息进行验证，根据签名信息的验证结果确定广播消息是否来自合法基站。如果签名信息验证成功，则确定广播消息来自合法基站。如果签名信息验证失败，则确定广播消息不是来自合法基站。如果基站公钥的有效期无效，则不需要验证签名信息，确定广播消息不是来自合法基站。When the base station public key consists of the base station identity and the validity period, after the base station receives the broadcast message, it first obtains the validity period of the base station public key from the base station public key, and judges whether the validity period of the base station public key is valid according to the current time and the validity period of the base station public key If the validity period of the base station public key is valid, the base station public key and the master public key are used to verify the signature information, and it is determined whether the broadcast message comes from a legitimate base station according to the verification result of the signature information. If the verification of the signature information is successful, it is determined that the broadcast message comes from a legitimate base station. If the verification of the signature information fails, it is determined that the broadcast message does not come from a legitimate base station. If the validity period of the base station public key is invalid, there is no need to verify the signature information, and it is determined that the broadcast message is not from a legitimate base station.

当基站公钥为基站身份标识时，基站接收到广播消息后，根据当前时间戳以及第一时间间隔生成第三时间信息，根据主公钥、基站公钥以及第三时间信息对签名信息进行验证。如果签名信息验证成功，则确定广播消息来自合法基站。如果签名信息验证失败，则确定广播消息不是来自合法基站。When the base station public key is the base station identity, after receiving the broadcast message, the base station generates third time information according to the current timestamp and the first time interval, and verifies the signature information according to the master public key, base station public key, and third time information . If the verification of the signature information is successful, it is determined that the broadcast message comes from a legitimate base station. If the verification of the signature information fails, it is determined that the broadcast message does not come from a legitimate base station.

当广播消息来自合法基站时，执行步骤S203，当广播消息不是来自合法基站时，UE丢失广播消息。When the broadcast message comes from a legal base station, step S203 is executed. When the broadcast message is not from a legal base station, the UE loses the broadcast message.

可选的，广播消息中包括第一重放参数，第一重放参数用于验证广播消息是否为重放消息。相应的，UE根据主公钥、基站公钥、第一重放参数以及签名信息验证广播消息是否来自合法基站。UE根据第一重放参数验证广播消息是否为重放消息，根据主公钥和基站公钥对签名信息进行验证，当验证广播消息不是重放消息，且根据主公钥和基站公钥对签名信息验证成功时，确定广播消息来自合法基站，否则，确定广播消息不是来自合法基站。Optionally, the broadcast message includes a first replay parameter, and the first replay parameter is used to verify whether the broadcast message is a replay message. Correspondingly, the UE verifies whether the broadcast message comes from a legal base station according to the master public key, the base station public key, the first playback parameter, and the signature information. The UE verifies whether the broadcast message is a replay message according to the first replay parameter, and verifies the signature information according to the master public key and the base station public key. When it is verified that the broadcast message is not a replay message, it signs according to the master public key and the base station public key When the information verification is successful, it is determined that the broadcast message comes from a legal base station; otherwise, it is determined that the broadcast message does not come from a legal base station.

一种方式中，UE先根据第一重放参数验证广播消息是否为重放消息，当广播消息不是重放消息时，UE进一步根据主公钥和基站公钥对签名信息进行验证，当签名信息验证成功时，确定广播消息来自合法基站。当签名信息验证失败时，或者，广播消息是重放消息时，确定广播消息不是来自合法基站。当广播消息是重放消息时，UE不需要对签名信息进行验证，即可确定广播消息不是来自合法基站。In one method, the UE first verifies whether the broadcast message is a replay message according to the first replay parameter. When the broadcast message is not a replay message, the UE further verifies the signature information according to the master public key and the base station public key. When the verification is successful, it is determined that the broadcast message comes from a legitimate base station. When the verification of the signature information fails, or when the broadcast message is a replay message, it is determined that the broadcast message does not come from a legitimate base station. When the broadcast message is a replay message, the UE does not need to verify the signature information to determine that the broadcast message does not come from a legitimate base station.

另一种方式中，UE先根据主公钥和基站公钥对签名信息进行验证，当签名信息验证成功时，进一步根据第一重放参数验证广播消息是否为重放消息，当广播消息不是重放消息时，确定广播消息来自合法基站。当广播消息是重放消息时，或者，签名信息验证失败时，确定广播消息不是来自合法基站。当签名信息验证失败时，UE不需要进一步判断广播消息是否为重放消息，即可确定广播消息不是来自合法基站。In another method, the UE first verifies the signature information according to the master public key and the base station public key. When the signature information is successfully verified, it further verifies whether the broadcast message is a replay message according to the first replay parameter. When the broadcast message is not a replay message, When broadcasting a message, make sure that the broadcast message comes from a legitimate base station. When the broadcast message is a replay message, or when the verification of the signature information fails, it is determined that the broadcast message does not come from a legitimate base station. When the verification of the signature information fails, the UE does not need to further determine whether the broadcast message is a replay message, and can determine that the broadcast message does not come from a legitimate base station.

又一种方式中，UE同时执行以下操作：根据第一重放参数验证广播消息是否为重放消息，根据基站公钥和主公钥对签名信息进行验证，当广播消息不是重放消息，且签名信息验证成功时，确定广播消息来自合法基站。In another way, the UE performs the following operations at the same time: verify whether the broadcast message is a replay message according to the first replay parameter, verify the signature information according to the base station public key and the master public key, when the broadcast message is not a replay message, and When the signature information is successfully verified, it is determined that the broadcast message comes from a legitimate base station.

S203、当广播消息来自合法基站时，UE根据基站公钥和主公钥对第一信息进行加密得到第一加密信息。S203: When the broadcast message comes from a legal base station, the UE encrypts the first information according to the base station public key and the master public key to obtain the first encrypted information.

第一信息可以为需要基站感知的信息，例如切片信息和UE能力信息。UE可以通过基站公钥和主公钥对广播消息中需要基站感应的信息进行加密，避免该需要基站感应的信息被篡改，造成运营商的损害和/或危害UE的隐私安全。The first information may be information that needs to be sensed by the base station, such as slice information and UE capability information. The UE can use the base station public key and the master public key to encrypt the information that needs to be sensed by the base station in the broadcast message to prevent the information that needs to be sensed by the base station from being tampered with, causing damage to the operator and/or endangering the privacy of the UE.

在基站公钥由基站身份标识和基站公钥的有效期组成的情况下，UE使用主公钥和广播消息中包括的基站公钥对第一信息进行加密得到第一加密信息。在基站公钥包括基站身份标识的情况下，UE根据当前时间戳以及所述第一时间间隔确定第一时间信息，根据基站公钥、主公钥以及第一时间信息对第一信息加密得到第一加密信息。In the case that the base station public key consists of the base station identity and the validity period of the base station public key, the UE uses the master public key and the base station public key included in the broadcast message to encrypt the first information to obtain the first encrypted information. In the case that the base station public key includes the base station identity, the UE determines the first time information according to the current timestamp and the first time interval, and encrypts the first information according to the base station public key, the master public key, and the first time information to obtain the first time information. One encrypted information.

步骤S203为可选步骤，UE接收到广播消息后，如果需要向基站返回广播消息的响应消息，则对第一信息进行加密，如果不需要向基站返回广播消息的响应消息，则对广播消息进行正常的处理流程。Step S203 is an optional step. After the UE receives the broadcast message, if it needs to return the response message of the broadcast message to the base station, encrypt the first information, and if it does not need to return the response message of the broadcast message to the base station, perform the broadcast message. Normal processing flow.

S204、UE向基站发送广播消息的响应消息，广播消息的响应消息中包括第一加密信息。S204. The UE sends a response message of the broadcast message to the base station, where the response message of the broadcast message includes the first encryption information.

可以理解，本实施例中，UE只对需要基站感知的第一信息采用基站公钥和主公钥进行加密，对于广播消息的响应消息中的其他信息仍然按照现有的方式处理即可，例如，UE使用核心网公钥对预认证信息加密。It can be understood that in this embodiment, the UE only uses the base station public key and the master public key to encrypt the first information that needs to be sensed by the base station, and other information in the response message of the broadcast message can still be processed in the existing manner, for example, , UE uses the core network public key to encrypt the pre-authentication information.

可选的，广播消息的响应消息中包括第二重放参数，第二重放参数用于基站验证广播消息的响应消息是否为重放消息。其中，该第二重放参数可以是时间戳、随机数或者序列号。Optionally, the response message of the broadcast message includes a second replay parameter, and the second replay parameter is used by the base station to verify whether the response message of the broadcast message is a replay message. Wherein, the second playback parameter may be a timestamp, a random number, or a sequence number.

本实施例中，UE接收基站发送的广播消息，广播消息中包括签名信息和基站公钥，签名信息是基站通过基站私钥签名得到的，基站私钥是核心网设备发送给基站的，UE根据保存的主公钥、广播消息中包括的基站公钥和签名信息验证广播消息是否来自合法基站，主公钥是核心网设备为UE生成的，当广播消息不是来自合法基站时，UE丢弃广播消息。基站通过在广播消息中携带签名信息和基站公钥，使得UE根据该签名信息和基站公钥能够验证广播消息是否来自合法基站，从而拒绝伪基站的操作，将基站公钥携带在广播消息中发送给UE，能够避免伪基站故意发送海量垃圾公钥耗尽UE的存储资源，导致UE不可用。In this embodiment, the UE receives the broadcast message sent by the base station. The broadcast message includes signature information and the base station public key. The signature information is obtained by the base station through the base station private key signature. The base station private key is sent by the core network device to the base station. The saved master public key, base station public key included in the broadcast message, and signature information verify whether the broadcast message comes from a legal base station. The master public key is generated by the core network device for the UE. When the broadcast message does not come from a legal base station, the UE discards the broadcast message . The base station carries the signature information and the base station public key in the broadcast message, so that the UE can verify whether the broadcast message comes from a legitimate base station based on the signature information and the base station public key, thereby rejecting the operation of the pseudo base station, and carrying the base station public key in the broadcast message to send For the UE, it is possible to prevent the pseudo base station from deliberately sending massive garbage public keys to exhaust the storage resources of the UE and cause the UE to be unavailable.

图4为本申请实施例三提供的数据传输方法的信令流程图，本实施例以核心网设备为UDM网元为例进行说明，基站公钥由基站身份标识和有效期组成，如图4所示，本实施例的方法包括以下步骤：Figure 4 is a signaling flow chart of the data transmission method provided in the third embodiment of the application. This embodiment takes the core network equipment as an UDM network element as an example for description. The base station public key consists of the base station identity and the validity period, as shown in Figure 4 As shown, the method of this embodiment includes the following steps:

S301、UDM网元生成主公钥和主私钥，保存主私钥，将主公钥发放给UE。S301. The UDM network element generates a master public key and a master private key, saves the master private key, and issues the master public key to the UE.

S302、基站和UDM网元基于Ipsec进行身份认证。In S302, the base station and the UDM network element perform identity authentication based on Ipsec.

其中，步骤S301和S302在执行时并没有先后顺序，UDM网元可以采用已有的任何方式生成主公钥和主私钥，本实施例不对此进行限制。Wherein, steps S301 and S302 are executed in no order. The UDM network element can generate the master public key and the master private key in any existing manner, which is not limited in this embodiment.

S303、基站向UDM网元发送第一请求消息，第一请求消息中包括基站公钥。S303. The base station sends a first request message to the UDM network element, where the first request message includes the base station public key.

第一请求消息用于请求基站公钥对应的基站私钥，该基站公钥由基站身份标识和有效期组成。UDM网元接收到第一请求消息后，根据基站公钥和本地存储的主私钥为基站生成基站私钥，将基站私钥携带在第一请求消息的响应消息中发送给基站。The first request message is used to request the base station private key corresponding to the base station public key, and the base station public key is composed of the base station identity and the validity period. After receiving the first request message, the UDM network element generates a base station private key for the base station according to the base station public key and the locally stored master private key, carries the base station private key in the response message of the first request message and sends it to the base station.

可以理解，基站并不是直接和UDM网元进行信息交互，基站发送给UDM网元的消息会通过AMF网元透传给UDM网元，同样UDM网元发送给基站的消息也会经过AMF网元透传。It can be understood that the base station does not directly exchange information with the UDM network element. The message sent by the base station to the UDM network element will be transparently transmitted to the UDM network element through the AMF network element. Similarly, the message sent by the UDM network element to the base station will also pass through the AMF network element. Penetrate.

S304、UDM网元向基站发送第一请求消息的响应消息，第一请求消息的响应消息中包括基站私钥。S304. The UDM network element sends a response message of the first request message to the base station, where the response message of the first request message includes the base station private key.

基站接收到基站私钥后，可以将基站私钥存储在内存中。After the base station receives the base station private key, it can store the base station private key in the memory.

S305、基站判断基站公钥的有效期是否有效。S305: The base station judges whether the validity period of the base station public key is valid.

当基站需要广播业务消息之后，先判断基站公钥的有效期是否有效，如果基站公钥的有效期有效，则执行S306，如果基站公钥的有效期无效，则执行S307。When the base station needs to broadcast the service message, it first determines whether the validity period of the base station public key is valid. If the validity period of the base station public key is valid, execute S306; if the validity period of the base station public key is invalid, execute S307.

S306、基站生成新的基站公钥，根据新的基站公钥向UDM网元请求新的基站公钥对应的基站私钥。S306. The base station generates a new base station public key, and requests the UDM network element for the base station private key corresponding to the new base station public key according to the new base station public key.

具体的，基站先生成新的有效期，根据基站身份标识和新的有效期生成新的基站公钥，通过上述S303和S304的方式向UDM网元根据新的基站公钥对应的基站私钥。步骤S306之后执行步骤S307。Specifically, the base station first generates a new validity period, generates a new base station public key according to the base station identity and the new validity period, and sends the base station private key corresponding to the new base station public key to the UDM network element through the above S303 and S304 methods. Step S307 is executed after step S306.

S307、基站使用基站私钥生成签名信息。S307: The base station uses the base station private key to generate signature information.

S308、基站向UE发送广播消息，广播消息中包括签名信息、基站公钥和第一重放参数。S308. The base station sends a broadcast message to the UE. The broadcast message includes signature information, the base station public key, and the first playback parameter.

基站使用基站私钥对广播消息进行签名，将签名信息、基站公钥和第一重放参数携带在广播消息中发送。The base station uses the base station private key to sign the broadcast message, carries the signature information, the base station public key, and the first playback parameter in the broadcast message and sends it.

S309、UE根据保存的主公钥、基站公钥、签名信息和第一重放参数验证广播消息是否来自合法基站。S309. The UE verifies whether the broadcast message comes from a legal base station according to the stored master public key, base station public key, signature information, and first playback parameter.

当广播消息来自合法基站时，UE执行步骤S310，当广播消息不是来自合法基站时，UE丢弃广播消息。When the broadcast message comes from a legal base station, the UE executes step S310. When the broadcast message is not from a legal base station, the UE discards the broadcast message.

S310、UE根据基站公钥和主公钥对第一信息加密得到的第一加密信息。S310. First encrypted information obtained by the UE encrypting the first information according to the base station public key and the master public key.

S311、UE向基站发送广播消息的响应消息，广播消息的响应消息中包括第一加密信息和第二重放参数。S311. The UE sends a response message of the broadcast message to the base station, where the response message of the broadcast message includes the first encryption information and the second playback parameter.

S312、基站根据第二重放参数判断广播消息的响应消息是否为重放消息，当广播消息的响应消息不是重放消息时，使用基站私钥解密第一加密信息。S312: The base station judges whether the response message of the broadcast message is a replay message according to the second replay parameter, and when the response message of the broadcast message is not a replay message, the base station private key is used to decrypt the first encrypted information.

本实施例的具体实现方式参照实施例一和实施例二的相关描述，这里不再赘述。For the specific implementation of this embodiment, refer to the related descriptions of Embodiment 1 and Embodiment 2, which will not be repeated here.

图5为本申请实施例四提供的基站的一种结构示意图，如图5所示，本实施例提供的基站包括：FIG. 5 is a schematic structural diagram of a base station provided in Embodiment 4 of this application. As shown in FIG. 5, the base station provided in this embodiment includes:

获取模块11，用于向核心网设备请求基站公钥对应的基站私钥；The obtaining module 11 is used to request the base station private key corresponding to the base station public key from the core network device;

签名模块12，用于根据所述基站私钥进行签名得到签名信息；The signature module 12 is used for signing according to the private key of the base station to obtain signature information;

发送模块13，用于向UE发送广播消息，所述广播消息中包括所述签名信息和所述基站公钥。The sending module 13 is configured to send a broadcast message to the UE, and the broadcast message includes the signature information and the base station public key.

一种示例性的方式中，还包括接收模块14和解密模块15。In an exemplary manner, a receiving module 14 and a decrypting module 15 are further included.

所述接收模块14，用于接收UE发送的所述广播消息的响应消息，所述广播消息的响应消息中包括第一加密信息，所述第一加密信息是所述UE根据所述基站公钥和存储的主公钥对第一信息加密得到的。The receiving module 14 is configured to receive a response message of the broadcast message sent by the UE. The response message of the broadcast message includes first encryption information, and the first encryption information is the UE according to the base station public key. It is obtained by encrypting the first information with the stored master public key.

所述解密模块15用于：使用所述基站私钥对所述第一加密信息进行解密，所述基站私钥是所述核心网设备根据所述基站公钥和主私钥生成的，所述主公钥和所述主私钥是所述核心网设备生成的一对秘钥；当使用所述基站私钥对所述第一加密信息解密失败时，丢弃所述广播消息的响应消息。The decryption module 15 is configured to decrypt the first encrypted information using the base station private key, the base station private key is generated by the core network device according to the base station public key and the master private key, The master public key and the master private key are a pair of secret keys generated by the core network device; when the base station private key is used to decrypt the first encrypted information, the response message of the broadcast message is discarded.

一种示例性的方式中，所述广播消息的响应消息中包括第二重放参数。所述基站还可以包括验证模块，所述验证模块用于根据所述第二重放参数验证所述广播消息的响应消息是否为重放消息。所述解密模块15具体用于：当所述验证模块验证所述广播消息的响应消息不是重放消息时，使用所述基站私钥对所述第一加密信息进行解密。In an exemplary manner, the response message of the broadcast message includes the second replay parameter. The base station may further include a verification module configured to verify whether the response message of the broadcast message is a replay message according to the second replay parameter. The decryption module 15 is specifically configured to use the base station private key to decrypt the first encrypted information when the verification module verifies that the response message of the broadcast message is not a replay message.

所述解密模块15还用于：当所述验证模块验证所述广播消息的响应消息是重放消息时，丢弃所述广播消息的响应消息。The decryption module 15 is further configured to: when the verification module verifies that the response message of the broadcast message is a replay message, discard the response message of the broadcast message.

一种示例性的方式中，所述获取模块11从所述核心网设备获取到所述基站私钥后，不存储所述基站私钥。In an exemplary manner, after obtaining the base station private key from the core network device, the obtaining module 11 does not store the base station private key.

一种示例性的方式中，所述获取模块11具体用于：向所述核心网设备发送第一请求消息，所述第一请求消息中包括所述基站公钥；接收所述核心网设备发送的所述第一请求消息的响应消息，所述第一请求的响应消息中包括所述基站私钥。In an exemplary manner, the acquiring module 11 is specifically configured to: send a first request message to the core network device, where the first request message includes the base station public key; and receive a message sent by the core network device The response message of the first request message includes the private key of the base station.

一种示例性的方式中，所述基站公钥包括基站身份标识；相应的，所述第一加密信息是所述UE根据所述基站公钥、所述主公钥以及第一时间信息加密得到的，所述第一时间信息与所述UE加密时的当前时间戳以及第一时间间隔相关；所述基站私钥是所述核心网设备根据所述基站公钥、所述主私钥以及第二时间信息生成的，所述第二时间信息与所述核心网设备生成所述基站私钥时的当前时间戳以及所述第一时间间隔相关。In an exemplary manner, the base station public key includes a base station identity; correspondingly, the first encryption information is obtained by the UE encrypted according to the base station public key, the master public key, and first time information , The first time information is related to the current timestamp and the first time interval when the UE was encrypted; the base station private key is the core network device according to the base station public key, the master private key, and the first time interval; 2. Time information generated, the second time information is related to the current timestamp when the core network device generates the base station private key and the first time interval.

本实施例的基站，可用于执行上述方法实施例一至三中任一实施例中基站执行的方法步骤，具体实现方式和技术效果类似，这里不再赘述。The base station in this embodiment can be used to execute the method steps performed by the base station in any one of the foregoing method embodiments 1 to 3. The specific implementation manner and technical effect are similar, and details are not described herein again.

图6为本申请实施例五提供的UE的一种结构示意图，如图6所示，本实施例提供的UE包括：FIG. 6 is a schematic structural diagram of a UE provided in Embodiment 5 of this application. As shown in FIG. 6, the UE provided in this embodiment includes:

接收模块21，用于接收基站发送的广播消息，所述广播消息中包括签名信息和基站公钥，所述签名信息是所述基站通过基站私钥签名得到的，所述基站私钥是核心网设备发送给所述基站的；The receiving module 21 is configured to receive a broadcast message sent by a base station. The broadcast message includes signature information and a base station public key. The signature information is obtained by the base station by signing the base station private key, and the base station private key is the core network. Sent by the device to the base station;

验证模块22，用于所述UE根据保存的主公钥、所述基站公钥和所述签名信息验证所述广播消息是否来自合法基站，所述主公钥是所述核心网设备为所述UE生成的；当所述广播消息不是来自合法基站时，丢弃所述广播消息。The verification module 22 is used for the UE to verify whether the broadcast message comes from a legal base station according to the stored master public key, the base station public key, and the signature information, and the master public key is that the core network device is the Generated by the UE; when the broadcast message is not from a legitimate base station, the broadcast message is discarded.

一种示例性的方式中，所述广播消息中包括第一重放参数，所述验证模块22具体用于：根据所述第一重放参数验证所述广播消息是否为重放消息，根据所述主公钥和所述基站公钥对所述签名信息进行验证，当验证所述广播消息不是重放消息，且根据所述主公钥和所述基站公钥对所述签名信息验证成功时，确定所述广播消息来自合法基站。In an exemplary manner, the broadcast message includes a first replay parameter, and the verification module 22 is specifically configured to: verify whether the broadcast message is a replay message according to the first replay parameter; The master public key and the base station public key verify the signature information, when it is verified that the broadcast message is not a replay message, and the signature information is successfully verified according to the master public key and the base station public key To determine that the broadcast message comes from a legitimate base station.

一种示例性的方式中，可选的，还包括：加密模块23和发送模块24。In an exemplary manner, optionally, it further includes: an encryption module 23 and a sending module 24.

加密模块23，用于当所述广播消息来自合法基站时，根据所述基站公钥和所述主公钥对第一信息加密得到第一加密信息；The encryption module 23 is configured to encrypt the first information according to the base station public key and the master public key to obtain the first encrypted information when the broadcast message comes from a legal base station;

发送模块24，用于向所述基站发送所述广播消息的响应消息，所述广播消息的响应消息中包括所述第一加密信息。The sending module 24 is configured to send a response message of the broadcast message to the base station, and the response message of the broadcast message includes the first encryption information.

一种示例性的方式中，所述基站公钥包括基站身份标识和所述基站公钥的有效期；所述验证模块22具体用于：验证所述基站公钥的有效期是否有效；当所述基站公钥的有效期有效时，根据所述主公钥和所述基站公钥对所述签名信息进行验证；根据所述签名信息的验证结果确定所述广播消息是否来自合法基站。In an exemplary manner, the base station public key includes a base station identity and the validity period of the base station public key; the verification module 22 is specifically configured to: verify whether the validity period of the base station public key is valid; when the base station When the validity period of the public key is valid, the signature information is verified according to the master public key and the base station public key; and it is determined whether the broadcast message comes from a legitimate base station according to the verification result of the signature information.

一种示例性的方式中，所述基站公钥包括基站身份标识；所述验证模块22具体用于：根据所述主公钥、所述基站公钥以及第三时间信息对所述签名信息进行验证，所述第三时间信息与所述UE的当前时间戳以及第一时间间隔相关；根据所述签名信息的验证结果确定所述广播消息是否来自合法基站。In an exemplary manner, the base station public key includes a base station identity; the verification module 22 is specifically configured to: perform the signature information on the signature information according to the master public key, the base station public key, and third time information. It is verified that the third time information is related to the current timestamp of the UE and the first time interval; it is determined whether the broadcast message comes from a legitimate base station according to the verification result of the signature information.

当所述基站公钥包括基站身份标识时，可选的，所述第一加密信息是所述UE根据所述基站公钥、所述主公钥以及第一时间信息对所述第一信息加密得到的，所述第一时间信息与所述UE加密时的当前时间戳以及所述第一时间间隔相关。When the base station public key includes a base station identity, optionally, the first encryption information is that the UE encrypts the first information according to the base station public key, the master public key, and first time information Obtained, the first time information is related to the current timestamp when the UE was encrypted and the first time interval.

本实施例的UE，可用于执行上述方法实施例中UE执行的方法步骤，具体实现方式和技术效果类似，这里不再赘述。The UE in this embodiment can be used to execute the method steps performed by the UE in the foregoing method embodiment. The specific implementation manner and technical effect are similar, and details are not described herein again.

图7为本申请实施六提供的核心网设备的一种结构示意图，该核心网设备例如可以为UDM网元，如图7所示，本实施例提供的核心网设备包括：Fig. 7 is a schematic structural diagram of the core network device provided in the sixth embodiment of the application. The core network device may be, for example, a UDM network element. As shown in Fig. 7, the core network device provided in this embodiment includes:

接收模块31，用于接收基站发送的请求消息，所述请求消息中包括所述基站的基站公钥；The receiving module 31 is configured to receive a request message sent by a base station, where the request message includes the base station public key of the base station;

生成模块32，用于根据所述基站公钥和主私钥生成所述基站公钥对应的基站私钥；The generating module 32 is configured to generate a base station private key corresponding to the base station public key according to the base station public key and the master private key;

发送模块33，用于向所述基站发送所述基站私钥。The sending module 33 is configured to send the base station private key to the base station.

可选的，所述核心网设备还包括存储模块。所述生成模块，还用于生成秘钥对，所述秘钥对包括主公钥和所述主私钥；所述存储模块，用于存储所述主私钥，所述主公钥被安全地发放给用户设备UE。Optionally, the core network device further includes a storage module. The generating module is also used to generate a secret key pair, the secret key pair includes a master public key and the master private key; the storage module is used to store the master private key, and the master public key is secured To the user equipment UE.

本实施例的核心网设备，可用于执行上述方法实施例中核心网设备执行的方法步骤，具体实现方式和技术效果类似，这里不再赘述。The core network device of this embodiment can be used to execute the method steps performed by the core network device in the foregoing method embodiment. The specific implementation manner and technical effect are similar, and details are not described herein again.

以上各个模块或单元都可以通过软件、硬件或软件硬件结合的方式来实现，例如，上述图6中的验证模块22和加密模块23可以都基于软件实现。Each of the above modules or units may be implemented by software, hardware, or a combination of software and hardware. For example, the verification module 22 and the encryption module 23 in FIG. 6 may be implemented based on software.

本申请中，“通过软件实现”是指处理器读取并执行存储在存储器中的程序指令来实现上述模块或单元所对应的功能，其中，处理器是指具有执行程序指令功能的处理电路，包括但不限于以下至少一种：中央处理单元(central processing unit，CPU)、微处理器、数字信号处理器(digital signal processing，DSP)、微控制器(microcontroller unit，MCU)、或人工智能处理器等各类能够运行程序指令的处理电路。在另一些实施例中，处理器还可以包括其他处理功能的电路(如用于硬件加速的硬件电路、总线和接口电路等)。处理器可以以集成芯片的形式呈现，例如，以处理功能仅包括执行软件指令功能的集成芯片的形式呈现，或者还可以以SoC(system on a chip，片上***)的形式呈现，即在一个芯片上，除了包括能够运行程序指令的处理电路(通常被称为“核”)外，还包括其他用于实现特定功能的硬件电路(可以是基于ASIC、FPGA实现)，相应的，处理功能除了包括执行软件指令功能外，还可以包括各种硬件加速功能(如AI计算、编解码、压缩解压等)。In this application, "implemented by software" means that the processor reads and executes the program instructions stored in the memory to implement the functions corresponding to the above-mentioned modules or units, where the processor refers to a processing circuit that has the function of executing program instructions, Including but not limited to at least one of the following: central processing unit (CPU), microprocessor, digital signal processing (DSP), microcontroller (microcontroller unit, MCU), or artificial intelligence processing Various types of processing circuits capable of running program instructions. In other embodiments, the processor may also include circuits for other processing functions (such as hardware circuits for hardware acceleration, buses, and interface circuits, etc.). The processor can be presented in the form of an integrated chip, for example, in the form of an integrated chip whose processing function only includes the function of executing software instructions, or it can also be presented in the form of SoC (system on a chip, system on chip), that is, on a chip Above, in addition to the processing circuit (usually called "core") that can run program instructions, it also includes other hardware circuits for implementing specific functions (which can be based on ASIC or FPGA). Correspondingly, the processing functions include In addition to the function of executing software instructions, various hardware acceleration functions (such as AI calculation, encoding and decoding, compression and decompression, etc.) can also be included.

本申请中，“通过硬件实现”是指通过不具有程序指令处理功能的硬件处理电路来实现上述模块或者单元的功能，该硬件处理电路可以通过分立的硬件元器件组成，也可以是集成电路。为了减少功耗、降低尺寸，通常会采用集成电路的形式来实现。硬件处理电路可以包括ASIC(application-specific integrated circuit，专用集成电路)，或者PLD(programmable logic device，可编程逻辑器件)；其中，PLD又可包括FPGA(field programmable gate array，现场可编程门阵列)、CPLD(complex programmable logic device，复杂可编程逻辑器件)等等。这些硬件处理电路可以是单独封装的一块半导体芯片，也可以跟其他电路(如CPU、DSP)集成在一起后封装成一个半导体芯片。例如，可以将ASIC与CPU集成在一起组成SoC，并单独封装成一个芯片，或者也可以将FPGA与CPU集成在一起组成SoPC(system on a programmable chip，可编程片上***)。In this application, "implemented by hardware" means that the functions of the above-mentioned modules or units are realized by a hardware processing circuit that does not have program instruction processing functions. The hardware processing circuit can be composed of discrete hardware components or integrated circuits. In order to reduce power consumption and size, it is usually implemented in the form of integrated circuits. The hardware processing circuit can include ASIC (application-specific integrated circuit), or PLD (programmable logic device, programmable logic device); among them, PLD can also include FPGA (field programmable gate array, field programmable gate array) , CPLD (complex programmable logic device, complex programmable logic device) and so on. These hardware processing circuits can be a separately packaged semiconductor chip, or can be integrated with other circuits (such as CPU, DSP) and packaged into a semiconductor chip. For example, ASIC and CPU can be integrated together to form a SoC and packaged separately into a chip, or FPGA and CPU can also be integrated together to form SoPC (system on a programmable chip, programmable system on chip).

需要说明的是，本申请在通过软件、硬件或者软件硬件结合的方式实现时，可以使用不同的软件、硬件，并不限定只使用一种软件或者硬件。例如，其中，其中一个模块或者单元可以使用CPU来实现，另一个模块或者单元可以使用DSP来实现。同理，当使用硬件实现时，其中一个模块或者单元可以使用ASIC来实现，另一个模块或者单元可以使用FPGA实现。当然，也不限定部分或者所有的模块或者单元使用同一种软件(如都通过CPU)或者同一种硬件(如都通过ASIC)来实现。此外，对于本领域技术人员，可以知道，软件通常来说灵活性更好，但性能不如硬件，而硬件正好相反，因此，本领域技术人员可以结合实际需求来选择软件或者硬件或者两者结合的形式来实现。It should be noted that when this application is implemented through software, hardware, or a combination of software and hardware, different software and hardware can be used, and it is not limited to use only one type of software or hardware. For example, one of the modules or units can be implemented by using a CPU, and the other module or unit can be implemented by using a DSP. Similarly, when using hardware implementation, one of the modules or units can be implemented using ASIC, and the other module or unit can be implemented using FPGA. Of course, part or all of the modules or units are not limited to use the same kind of software (for example, all through a CPU) or the same kind of hardware (for example, all through an ASIC). In addition, for those skilled in the art, it can be known that software is generally more flexible, but its performance is not as good as hardware, and hardware is just the opposite. Therefore, those skilled in the art can choose software or hardware or a combination of both according to actual needs. Form to achieve.

图8为本申请实施例七提供的基站的一种结构示意图，如图8所示，该基站400包括：处理器41、存储器42和收发器43，所述存储器42用于存储指令，所述收发器43用于和其他设备通信，所述处理器41用于执行所述存储器中存储的指令，以使所述基站400执行如上述方法实施例中基站执行的方法。FIG. 8 is a schematic structural diagram of a base station provided in Embodiment 7 of the application. As shown in FIG. 8, the base station 400 includes a processor 41, a memory 42 and a transceiver 43. The memory 42 is used to store instructions. The transceiver 43 is used to communicate with other devices, and the processor 41 is used to execute instructions stored in the memory, so that the base station 400 executes the method performed by the base station in the foregoing method embodiment.

图9为本申请实施例八提供的UE的结构示意图，如图9所示，该UE 500包括：处理器51、存储器52和收发器53，所述存储器52用于存储指令，所述收发器53用于和其他设备通信，所述处理器51用于执行所述存储器中存储的指令，以使所述UE 500执行如上述方法实施例中UE执行的方法。FIG. 9 is a schematic structural diagram of a UE provided in Embodiment 8 of this application. As shown in FIG. 9, the UE 500 includes: a processor 51, a memory 52, and a transceiver 53, the memory 52 is used to store instructions, and the transceiver 53 is used to communicate with other devices, and the processor 51 is used to execute instructions stored in the memory, so that the UE 500 executes the method executed by the UE in the foregoing method embodiment.

图10为本申请实施例九提供的核心网设备的结构示意图，如图10所示，该核心网设备600包括：处理器61、存储器62和收发器63，所述存储器62用于存储指令，所述收发器63用于和其他设备通信，所述处理器61用于执行所述存储器中存储的指令，以使所述核心网设备600执行如上述方法实施例中核心网设备执行的方法。FIG. 10 is a schematic structural diagram of a core network device provided by Embodiment 9 of this application. As shown in FIG. 10, the core network device 600 includes a processor 61, a memory 62, and a transceiver 63. The memory 62 is used to store instructions. The transceiver 63 is used to communicate with other devices, and the processor 61 is used to execute instructions stored in the memory, so that the core network device 600 executes the method performed by the core network device in the foregoing method embodiment.

本申请实施例十提供一种计算机可读存储介质，所述计算机可读存储介质存储有指令，当所述指令被执行时，使得计算机执行如上述方法实施例中基站执行的方法。The tenth embodiment of the present application provides a computer-readable storage medium, the computer-readable storage medium stores instructions, and when the instructions are executed, the computer executes the method executed by the base station in the foregoing method embodiment.

本申请实施例十一提供一种计算机可读存储介质，所述计算机可读存储介质存储有指令，当所述指令被执行时，使得计算机执行如上述方法实施例中UE执行的方法。The eleventh embodiment of the present application provides a computer-readable storage medium, the computer-readable storage medium stores instructions, and when the instructions are executed, the computer executes the method performed by the UE in the foregoing method embodiment.

本申请实施例十二提供一种计算机可读存储介质，所述计算机可读存储介质存储有指令，当所述指令被执行时，使得计算机执行如上述方法实施例中核心网设备执行的方法。The twelfth embodiment of the present application provides a computer-readable storage medium that stores instructions, and when the instructions are executed, the computer executes the method performed by the core network device in the foregoing method embodiment.

本领域技术人员能够领会，结合本申请公开描述的各种说明性逻辑框、模块和算法步骤所描述的功能可以硬件、软件、固件或其任何组合来实施。如果以软件来实施，那么各种说明性逻辑框、模块、和步骤描述的功能可作为一或多个指令或代码在计算机可读媒体上存储或传输，且由基于硬件的处理单元执行。计算机可读媒体可包含计算机可读存储媒体，其对应于有形媒体，例如数据存储媒体，或包括任何促进将计算机程序从一处传送到另一处的媒体(例如，根据通信协议)的通信媒体。以此方式，计算机可读媒体大体上可对应于(1)非暂时性的有形计算机可读存储媒体，或(2)通信媒体，例如信号或载波。数据存储媒体可为可由一或多个计算机或一或多个处理器存取以检索用于实施本申请中描述的技术的指令、代码和/或数据结构的任何可用媒体。计算机程序产品可包含计算机可读媒体。Those skilled in the art can understand that the functions described in combination with the various illustrative logical blocks, modules, and algorithm steps described in the disclosure of this application can be implemented by hardware, software, firmware, or any combination thereof. If implemented in software, the functions described by various illustrative logical blocks, modules, and steps can be stored or transmitted as one or more instructions or codes on a computer-readable medium and executed by a hardware-based processing unit. The computer-readable medium may include a computer-readable storage medium, which corresponds to a tangible medium, such as a data storage medium, or a communication medium that includes any medium that facilitates the transfer of a computer program from one place to another (for example, according to a communication protocol) . In this manner, a computer-readable medium may generally correspond to (1) a non-transitory tangible computer-readable storage medium, or (2) a communication medium, such as a signal or carrier wave. Data storage media may be any available media that can be accessed by one or more computers or one or more processors to retrieve instructions, codes, and/or data structures for implementing the techniques described in this application. The computer program product may include a computer-readable medium.

作为实例而非限制，此类计算机可读存储媒体可包括RAM、ROM、EEPROM、CD-ROM或其它光盘存储装置、磁盘存储装置或其它磁性存储装置、快闪存储器或可用来存储指令或数据结构的形式的所要程序代码并且可由计算机存取的任何其它媒体。并且，任何连接被恰当地称作计算机可读媒体。举例来说，如果使用同轴缆线、光纤缆线、双绞线、数字订户线(DSL)或例如红外线、无线电和微波等无线技术从网站、服务器或其它远程源传输指令，那么同轴缆线、光纤缆线、双绞线、DSL或例如红外线、无线电和微波等无线技术包含在媒体的定义中。但是，应理解，所述计算机可读存储媒体和数据存储媒体并不包括连接、载波、信号或其它暂时媒体，而是实际上针对于非暂时性有形存储媒体。如本文中所使用，磁盘和光盘包含压缩光盘(CD)、激光光盘、光学光盘、数字多功能光盘(DVD)和蓝光光盘，其中磁盘通常以磁性方式再现数据，而光盘利用激光以光学方式再现数据。以上各项的组合也应包含在计算机可读媒体的范围内。By way of example and not limitation, such computer-readable storage media may include RAM, ROM, EEPROM, CD-ROM or other optical disk storage devices, magnetic disk storage devices or other magnetic storage devices, flash memory, or structures that can be used to store instructions or data Any other media that can be accessed by the computer in the form of desired program code. And, any connection is properly termed a computer-readable medium. For example, if you use coaxial cable, fiber optic cable, twisted pair, digital subscriber line (DSL), or wireless technologies such as infrared, radio, and microwave to transmit instructions from a website, server, or other remote source, then the coaxial cable Wire, fiber optic cable, twisted pair, DSL, or wireless technologies such as infrared, radio, and microwave are included in the definition of media. However, it should be understood that the computer-readable storage media and data storage media do not include connections, carrier waves, signals, or other temporary media, but are actually directed to non-transitory tangible storage media. As used herein, magnetic disks and optical discs include compact discs (CD), laser discs, optical discs, digital versatile discs (DVD), and blu-ray discs. Disks usually reproduce data magnetically, while optical discs use lasers to reproduce data optically. data. Combinations of the above should also be included in the scope of computer-readable media.

可通过例如一或多个数字信号处理器(DSP)、通用微处理器、专用集成电路(ASIC)、现场可编程逻辑阵列(FPGA)或其它等效集成或离散逻辑电路等一或多个处理器来执行指令。因此，如本文中所使用的术语“处理器”可指前述结构或适合于实施本文中所描述的技术的任一其它结构中的任一者。另外，在一些方面中，本文中所描述的各种说明性逻辑框、模块、和步骤所描述的功能可以提供于经配置以用于编码和解码的专用硬件和/或软件模块内，或者并入在组合编解码器中。而且，所述技术可完全实施于一或多个电路或逻辑元件中。It can be processed by, for example, one or more digital signal processors (DSP), general-purpose microprocessors, application-specific integrated circuits (ASIC), field programmable logic arrays (FPGA) or other equivalent integrated or discrete logic circuits. To execute instructions. Therefore, the term "processor" as used herein may refer to any of the foregoing structure or any other structure suitable for implementing the techniques described herein. In addition, in some aspects, the functions described by the various illustrative logical blocks, modules, and steps described herein may be provided in dedicated hardware and/or software modules configured for encoding and decoding, or combined Into the combined codec. Moreover, the technology may be fully implemented in one or more circuits or logic elements.

本申请的技术可在各种各样的装置或设备中实施，包含无线手持机、集成电路(IC)或一组IC(例如，芯片组)。本申请中描述各种组件、模块或单元是为了强调用于执行所揭示的技术的装置的功能方面，但未必需要由不同硬件单元实现。实际上，如上文所描述，各种单元可结合合适的软件和/或固件组合在编码解码器硬件单元中，或者通过互操作硬件单元(包含如上文所描述的一或多个处理器)来提供。The technology of this application can be implemented in a variety of devices or devices, including wireless handsets, integrated circuits (ICs), or a set of ICs (for example, chipsets). Various components, modules, or units are described in this application to emphasize the functional aspects of the device for implementing the disclosed technology, but they do not necessarily need to be implemented by different hardware units. In fact, as described above, various units can be combined with appropriate software and/or firmware in the codec hardware unit, or by interoperating hardware units (including one or more processors as described above). provide.

以上所述，仅为本申请示例性的具体实施方式，但本申请的保护范围并不局限于此，任何熟悉本技术领域的技术人员在本申请揭露的技术范围内，可轻易想到的变化或替换，都应涵盖在本申请的保护范围之内。因此，本申请的保护范围应该以权利要求的保护范围为准。The above are only exemplary specific implementations of this application, but the protection scope of this application is not limited to this. Any person skilled in the art can easily think of changes or changes within the technical scope disclosed in this application. Replacement shall be covered within the scope of protection of this application. Therefore, the protection scope of this application should be subject to the protection scope of the claims.

Claims

一种数据传输方法，其特征在于，包括：A data transmission method, characterized in that it comprises:

基站向核心网设备请求基站公钥对应的基站私钥；The base station requests the core network device for the base station private key corresponding to the base station public key;

所述基站向用户设备UE发送广播消息，所述广播消息中包括签名信息和所述基站公钥，所述签名信息是所述基站通过所述基站私钥签名得到的。The base station sends a broadcast message to the user equipment UE, the broadcast message includes signature information and the base station public key, and the signature information is obtained by the base station by signing the base station private key.
根据权利要求1所述的方法，其特征在于，所述广播消息中包括第一重放参数，所述第一重放参数用于UE验证所述广播消息是否为重放消息。The method according to claim 1, wherein the broadcast message includes a first replay parameter, and the first replay parameter is used by the UE to verify whether the broadcast message is a replay message.
根据权利要求1或2所述的方法，其特征在于，还包括：The method according to claim 1 or 2, further comprising:

所述基站接收UE发送的所述广播消息的响应消息，所述广播消息的响应消息中包括第一加密信息，所述第一加密信息是所述UE根据所述基站公钥和存储的主公钥对第一信息加密得到的；The base station receives the response message of the broadcast message sent by the UE, and the response message of the broadcast message includes first encryption information, and the first encryption information is the UE according to the base station public key and the stored master public key. The key is obtained by encrypting the first information;

所述基站使用所述基站私钥对所述第一加密信息进行解密，所述基站私钥是所述核心网设备根据所述基站公钥和主私钥生成的，所述主公钥和所述主私钥是所述核心网设备生成的一对秘钥；The base station uses the base station private key to decrypt the first encrypted information. The base station private key is generated by the core network device according to the base station public key and the master private key. The master private key is a pair of secret keys generated by the core network device;

如果所述基站使用所述基站私钥对所述第一加密信息解密失败，则所述基站丢弃所述广播消息的响应消息。If the base station fails to decrypt the first encrypted information using the base station private key, the base station discards the response message of the broadcast message.
根据权利要求3所述的方法，其特征在于，所述广播消息的响应消息中包括第二重放参数，所述方法还包括：The method according to claim 3, wherein the response message of the broadcast message includes a second playback parameter, and the method further comprises:

所述基站根据所述第二重放参数验证所述广播消息的响应消息是否为重放消息；Verifying, by the base station, whether the response message of the broadcast message is a replay message according to the second replay parameter;

所述基站使用所述基站私钥对所述第一加密信息进行解密，包括：The decryption of the first encrypted information by the base station using the base station private key includes:

当验证所述广播消息的响应消息不是重放消息时，所述基站使用所述基站私钥对所述第一加密信息进行解密。When verifying that the response message of the broadcast message is not a replay message, the base station uses the base station private key to decrypt the first encrypted information.
根据权利要求4所述的方法，其特征在于，当验证所述广播消息的响应消息是重放消息时，所述基站丢弃所述广播消息的响应消息。The method according to claim 4, wherein when verifying that the response message of the broadcast message is a replay message, the base station discards the response message of the broadcast message.
根据权利要求1-5任一项所述的方法，其特征在于，所述基站向所述核心网设备请求基站公钥对应的基站私钥，包括：The method according to any one of claims 1-5, wherein the request by the base station from the core network device for the base station private key corresponding to the base station public key comprises:

所述基站向所述核心网设备发送第一请求消息，所述第一请求消息中包括所述基站公钥；Sending, by the base station, a first request message to the core network device, where the first request message includes the base station public key;

所述基站接收所述核心网设备发送的所述第一请求消息的响应消息，所述第一请求的响应消息中包括所述基站私钥。The base station receives a response message of the first request message sent by the core network device, and the response message of the first request includes the base station private key.
根据权利要求1-6任一项所述的方法，其特征在于，所述基站公钥包括基站身份标识和所述基站公钥的有效期。The method according to any one of claims 1-6, wherein the base station public key includes a base station identity and a validity period of the base station public key.
一种数据传输方法，其特征在于，包括：A data transmission method, characterized in that it comprises:

用户设备UE接收基站发送的广播消息，所述广播消息中包括签名信息和基站公钥，所述签名信息是所述基站通过基站私钥签名得到的，所述基站私钥是核心网设备发送给所述基站的；The user equipment UE receives the broadcast message sent by the base station. The broadcast message includes signature information and the base station public key. The signature information is obtained by the base station by signing the base station private key, and the base station private key is sent to the core network equipment. Of the base station;

所述UE根据保存的主公钥、所述基站公钥和所述签名信息验证所述广播消息是否来自合法基站，所述主公钥是所述核心网设备为所述UE生成的；The UE verifies whether the broadcast message comes from a legal base station according to the stored master public key, the base station public key, and the signature information, and the master public key is generated by the core network device for the UE;

当所述广播消息不是来自合法基站时，所述UE丢弃所述广播消息。When the broadcast message is not from a legitimate base station, the UE discards the broadcast message.
根据权利要求8所述的方法，其特征在于，所述广播消息中包括第一重放参数，所述UE根据保存的主公钥、所述基站公钥和所述签名信息验证所述广播消息是否来自合法基站，包括：The method according to claim 8, wherein the broadcast message includes a first playback parameter, and the UE verifies the broadcast message according to the stored master public key, the base station public key, and the signature information Whether from a legitimate base station, including:

所述UE根据所述第一重放参数验证所述广播消息是否为重放消息；Verifying, by the UE, whether the broadcast message is a replay message according to the first replay parameter;

所述UE根据所述主公钥和所述基站公钥对所述签名信息进行验证；The UE verifies the signature information according to the master public key and the base station public key;

当所述UE验证所述广播消息不是重放消息，且根据所述主公钥和所述基站公钥对所述签名信息验证成功时，确定所述广播消息来自合法基站。When the UE verifies that the broadcast message is not a replay message, and successfully verifies the signature information according to the master public key and the base station public key, it is determined that the broadcast message comes from a legitimate base station.
根据权利要求8或9所述的方法，其特征在于，所述方法还包括：The method according to claim 8 or 9, wherein the method further comprises:

当所述广播消息来自合法基站时，所述UE向所述基站发送所述广播消息的响应消息，所述广播消息的响应消息中包括第一加密信息，所述第一加密信息是所述UE根据所述基站公钥和所述主公钥对第一信息加密得到的。When the broadcast message comes from a legitimate base station, the UE sends a response message of the broadcast message to the base station. The response message of the broadcast message includes first encryption information, and the first encryption information is the UE Obtained by encrypting the first information according to the base station public key and the master public key.
根据权利要求10所述的方法，其特征在于，所述广播消息的响应消息中还包括第二重放参数，所述第二重放参数用于所述基站验证所述广播消息的响应消息是否为重放消息。The method according to claim 10, wherein the response message of the broadcast message further includes a second replay parameter, and the second replay parameter is used by the base station to verify whether the response message of the broadcast message is To replay the message.
根据权利要求8-11中任一项所述的方法，其特征在于，所述基站公钥包括基站身份标识和所述基站公钥的有效期；The method according to any one of claims 8-11, wherein the base station public key includes a base station identity and the validity period of the base station public key;

所述UE根据保存的主公钥、所述基站公钥和所述签名信息验证所述广播消息是否来自合法基站，包括：The UE verifying whether the broadcast message comes from a legal base station according to the stored master public key, the base station public key, and the signature information includes:

所述UE验证所述基站公钥的有效期是否有效；The UE verifies whether the validity period of the base station public key is valid;

当所述基站公钥的有效期有效时，所述UE根据所述主公钥和所述基站公钥对所述签名信息进行验证；When the validity period of the base station public key is valid, the UE verifies the signature information according to the master public key and the base station public key;

根据所述签名信息的验证结果确定所述广播消息是否来自合法基站。Determine whether the broadcast message comes from a legal base station according to the verification result of the signature information.
一种数据传输方法，其特征在于，还包括：A data transmission method is characterized in that it further includes:

核心网设备接收基站发送的请求消息，所述请求消息中包括所述基站的基站公钥；The core network device receives a request message sent by the base station, where the request message includes the base station public key of the base station;

所述核心网设备根据所述基站公钥和主私钥生成所述基站公钥对应的基站私钥；Generating, by the core network device, the base station private key corresponding to the base station public key according to the base station public key and the master private key;

所述核心网设备向所述基站发送所述基站私钥。The core network device sends the base station private key to the base station.
根据权利要求12所述的方法，其特征在于，还包括：The method according to claim 12, further comprising:

所述核心网设备生成秘钥对，所述秘钥对包括主公钥和所述主私钥；Generating a secret key pair by the core network device, the secret key pair including a master public key and the master private key;

所述核心网设备存储所述主私钥，所述主公钥被安全地发放给用户设备UE。The core network device stores the master private key, and the master public key is securely issued to the user equipment UE.
一种基站，其特征在于，包括：A base station, characterized in that it comprises:

获取模块，用于向核心网设备请求基站公钥对应的基站私钥；The obtaining module is used to request the base station private key corresponding to the base station public key from the core network device;

签名模块，用于根据所述基站私钥进行签名得到签名信息；The signature module is used to sign according to the private key of the base station to obtain signature information;

发送模块，用于向用户设备UE发送广播消息，所述广播消息中包括所述签名信息和所述基站公钥。The sending module is configured to send a broadcast message to the user equipment UE, the broadcast message including the signature information and the base station public key.
根据权利要求15所述的基站，其特征在于，所述广播消息中包括第一重放参数，所述第一重放参数用于UE验证所述广播消息是否为重放消息。The base station according to claim 15, wherein the broadcast message includes a first replay parameter, and the first replay parameter is used by the UE to verify whether the broadcast message is a replay message.
根据权利要求15或16所述的基站，其特征在于，还包括：The base station according to claim 15 or 16, further comprising:

接收模块，用于接收UE发送的所述广播消息的响应消息，所述广播消息的响应消息中包括第一加密信息，所述第一加密信息是所述UE根据所述基站公钥和存储的主公钥对第一信息加密得到的；The receiving module is configured to receive a response message of the broadcast message sent by the UE. The response message of the broadcast message includes first encryption information, and the first encryption information is stored by the UE according to the base station public key and Obtained by encrypting the first information with the master public key;

解密模块，用于使用所述基站私钥对所述第一加密信息进行解密，所述基站私钥是所述核心网设备根据所述基站公钥和主私钥生成的，所述主公钥和所述主私钥是所述核心网设备生成的一对秘钥；当使用所述基站私钥对所述第一加密信息解密失败时，丢弃所述广播消息的响应消息。The decryption module is configured to decrypt the first encrypted information using the base station private key, the base station private key is generated by the core network device according to the base station public key and the master private key, and the master public key And the master private key are a pair of secret keys generated by the core network device; when the base station private key is used to decrypt the first encrypted information, the response message of the broadcast message is discarded.
根据权利要求17所述的基站，其特征在于，所述广播消息的响应消息中包括第二重放参数，还包括：The base station according to claim 17, wherein the response message of the broadcast message includes the second replay parameter, and further includes:

验证模块，用于根据所述第二重放参数验证所述广播消息的响应消息是否为重放消息；A verification module, configured to verify whether the response message of the broadcast message is a replay message according to the second replay parameter;

所述解密模块具体用于：The decryption module is specifically used for:

当所述验证模块验证所述广播消息的响应消息不是重放消息时，使用所述基站私钥对所述第一加密信息进行解密。When the verification module verifies that the response message of the broadcast message is not a replay message, the base station private key is used to decrypt the first encrypted information.
根据权利要求18所述的基站，其特征在于，所述解密模块还用于：当所述验证模块验证所述广播消息的响应消息是重放消息时，丢弃所述广播消息的响应消息。The base station according to claim 18, wherein the decryption module is further configured to: when the verification module verifies that the response message of the broadcast message is a replay message, discard the response message of the broadcast message.
根据权利要求15-19任一项所述的基站，其特征在于，所述获取模块具体用于：The base station according to any one of claims 15-19, wherein the acquiring module is specifically configured to:

向所述核心网设备发送第一请求消息，所述第一请求消息中包括所述基站公钥；Sending a first request message to the core network device, where the first request message includes the base station public key;

接收所述核心网设备发送的所述第一请求消息的响应消息，所述第一请求的响应消息中包括所述基站私钥。Receiving a response message of the first request message sent by the core network device, where the response message of the first request includes the base station private key.
根据权利要求15-20任一项所述的基站，其特征在于，所述基站公钥包括基站身份标识和所述基站公钥的有效期。The base station according to any one of claims 15-20, wherein the base station public key includes a base station identity and a validity period of the base station public key.
一种用户设备UE，其特征在于，包括：A user equipment UE is characterized in that it includes:

接收模块，用于接收基站发送的广播消息，所述广播消息中包括签名信息和基站公钥，所述签名信息是所述基站通过基站私钥签名得到的，所述基站私钥是核心网设备发送给所述基站的；The receiving module is used to receive a broadcast message sent by a base station, the broadcast message includes signature information and a base station public key, the signature information is obtained by the base station through the base station private key signature, and the base station private key is a core network device Sent to the base station;

验证模块，用于根据保存的主公钥、所述基站公钥和所述签名信息验证所述广播消息是否来自合法基站，所述主公钥是所述核心网设备为所述UE生成的；当所述广播消息不是来自合法基站时，丢弃所述广播消息。A verification module, configured to verify whether the broadcast message comes from a legal base station according to the saved master public key, the base station public key, and the signature information, and the master public key is generated by the core network device for the UE; When the broadcast message is not from a legitimate base station, the broadcast message is discarded.
根据权利要求22所述的UE，其特征在于，所述广播消息中包括第一重放参数，所述验证模块具体用于：The UE according to claim 22, wherein the broadcast message includes a first playback parameter, and the verification module is specifically configured to:

根据所述第一重放参数验证所述广播消息是否为重放消息；Verifying whether the broadcast message is a replay message according to the first replay parameter;

根据所述主公钥和所述基站公钥对所述签名信息进行验证；Verify the signature information according to the master public key and the base station public key;

当验证所述广播消息不是重放消息，且根据所述主公钥和所述基站公钥对所述签名信息验证成功时，确定所述广播消息来自合法基站。When it is verified that the broadcast message is not a replay message, and the signature information is successfully verified according to the master public key and the base station public key, it is determined that the broadcast message comes from a legitimate base station.
根据权利要求22或23所述的UE，其特征在于，还包括：The UE according to claim 22 or 23, further comprising:

加密模块，用于当所述广播消息来自合法基站时，根据所述基站公钥和所述主公钥对第一信息加密得到第一加密信息；An encryption module, configured to encrypt first information according to the base station public key and the master public key to obtain first encrypted information when the broadcast message comes from a legal base station;

发送模块，用于向所述基站发送所述广播消息的响应消息，所述广播消息的响应消息中包括所述第一加密信息。The sending module is configured to send a response message of the broadcast message to the base station, and the response message of the broadcast message includes the first encryption information.
根据权利要求24所述的UE，其特征在于，所述广播消息的响应消息中还包括第二重放参数，所述第二重放参数用于所述基站验证所述广播消息的响应消息是否为重放消息。The UE according to claim 24, wherein the response message of the broadcast message further includes a second replay parameter, and the second replay parameter is used by the base station to verify whether the response message of the broadcast message is To replay the message.
根据权利要求22-25中任一项所述的UE，其特征在于，所述基站公钥包括基站身份标识和所述基站公钥的有效期，所述验证模块具体用于：The UE according to any one of claims 22-25, wherein the base station public key includes a base station identity and a validity period of the base station public key, and the verification module is specifically configured to:

验证所述基站公钥的有效期是否有效；Verifying whether the validity period of the base station public key is valid;

当所述基站公钥的有效期有效时，根据所述主公钥和所述基站公钥对所述签名信息进行验证；When the validity period of the base station public key is valid, verify the signature information according to the master public key and the base station public key;

根据所述签名信息的验证结果确定所述广播消息是否来自合法基站。Determine whether the broadcast message comes from a legal base station according to the verification result of the signature information.
一种核心网设备，其特征在于，还包括：A core network device is characterized in that it further includes:

接收模块，用于接收基站发送的请求消息，所述请求消息中包括所述基站的基站公钥；A receiving module, configured to receive a request message sent by a base station, where the request message includes the base station public key of the base station;

生成模块，用于根据所述基站公钥和主私钥生成所述基站公钥对应的基站私钥；A generating module, configured to generate a base station private key corresponding to the base station public key according to the base station public key and the master private key;

发送模块，用于向所述基站发送所述基站私钥。The sending module is used to send the base station private key to the base station.
根据权利要求27所述的设备，其特征在于，还包括存储模块；The device according to claim 27, further comprising a storage module;

所述生成模块，还用于生成秘钥对，所述秘钥对包括主公钥和所述主私钥；The generating module is also used to generate a secret key pair, the secret key pair including a master public key and the master private key;

所述存储模块，用于存储所述主私钥，所述主公钥被安全地发放给用户设备UE。The storage module is used to store the master private key, and the master public key is securely issued to the user equipment UE.