UMTS authenticating vector generating method based on service network label

Abstract

First, the method calculates intermediate quantity MK,MK=KNID according to formula, where K is cipher key shared by home network and user, NID is as ID of service network with length equal to 128bit. When service network is circuit-switching domain, lower 40 bit of NID are location area indication LAI, and higher 88 bit are zero. When service network is packet switching domain, lower 48 bit of NID are route area indication RAI, and higher 80 bit are zero. Then, using f1 algorithm calculates MAC in AUTH being as one of quintuple of UMTS authentication vectors. The invention can raise security intensity of UMTS network access authentication, being suitable to third generation of mobile communication system.

Description

technical field

[0001] The invention relates to a method for generating an authentication vector required for access authentication in a universal mobile communication system (UMTS). Background technique

[0002] UMTS is an optional standard of the third generation mobile communication system, which adopts a two-way authentication mode. When a user (UE) accesses the UMTS, the legality and reliability of the network can be authenticated, thereby enhancing the security of the wireless network.

[0003] In the current 3GPP security standard (3GPP TS33.102), the service network (SN) proves the legitimacy of the network to the UE by providing a legal authentication vector quintuple (RAND, XRES, CK, IK, AUTH). The authentication vector is based on the key K shared by the UE and the home network (HN), and does not contain any SN information. Therefore, through the current authentication scheme, the UE can authenticate the legitimacy of the HN and the SN, but it cannot guarantee t...

Images