Cipher key replacing method, system and device

A key and key group technology, applied in electrical components, wireless communications, security devices, etc., can solve problems such as confusion in integrity verification, user data errors, and failure of UP data to be decrypted correctly.

Inactive Publication Date: 2009-07-15
ZTE CORP
View PDF0 Cites 37 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0017] The first problem is that the keys of the signaling plane are not synchronized. Currently, TS33.401 stipulates that the key pointed to by the eKSI carried by the SMC is used to protect the integrity of the message. Since step 102 starts, all NAS and AS messages are In the state of using the old key encryption and integrity protection, therefore, the NAS SMC in step 104 stipulates to use the new key for integrity protection, but since the old key has been activated, this NAS message must use the old key for encryption and integrity protection. Integrity verification can ensure that the processing of the UE is passed, otherwise the UE will discard the message, causing communication interruption. If the new key and the old key are used to process the message at the same time, there will be confusion in the integrity verification, step 107 the same problem will occur
[0018] The second problem is that the UP key is not synchronized. Specifically, according to TS33.401, after the eNB sends the AS SMC, the downlink RRC and UP data start to be encrypted immediately.
All these processes need a period of time to complete. In this period of time, the user data between the UE and the network is not terminated and will always be transmitted. The UE user plane data can only be encrypted and decrypted with the old key, but at this time The UP data received from the eNB is all encrypted with the new key, so the UE cannot decrypt the received message, which will cause part of the UP data to be unable to be decrypted correctly due to key replacement
Simply put, there is a time difference between the UE and the eNB using the new key for the UP data, resulting in errors in user data and a decrease in communication quality

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Cipher key replacing method, system and device
  • Cipher key replacing method, system and device
  • Cipher key replacing method, system and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0062]In this embodiment, the AS key replacement command message uses the old key group for integrity protection and encryption, the AS key replacement completion message uses the new key for integrity protection or further encryption, and the uplink and downlink UP data and uplink subsequent RRC messages After the AS key replacement complete message, the new key group is used for encryption and decryption. After the AS key replacement command message, the downlink subsequent RRC message starts to use the new key group for encryption and integrity protection. Downlink RRC messages and downlink UP data The time to enable the new key for encryption is different. The encryption of uplink UP data and subsequent uplink RRC messages is after the AS key replacement command is completed.

[0063] figure 2 It is a schematic diagram of the implementation flow of Embodiment 1 of the key replacement method in the running state of the present invention, including the following steps:

[...

Embodiment 2

[0081] In this embodiment, the AS key replacement command message uses the integrity protection and encryption of the old key group, the AS key replacement completion message uses the new key for integrity protection, and the uplink and downlink UP data and subsequent uplink and downlink RRC Encryption with the new key set begins after the Key Replacement Complete message.

[0082] image 3 It is a schematic diagram of the implementation flow of Embodiment 2 of the key replacement method in the running state of the present invention, including the following steps:

[0083] Step 301: the eNB determines to start the key replacement process in the running state;

[0084] Generally, there are three situations that can trigger the key replacement mechanism: ①The PDCP counter reaches the threshold value; ②MME generates a new AKA and changes the root key; ③When the UE switches from other networks to the LTE / SAE network, the MME finds that it and the UE have a common cache key. Amo...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a key replacement method, which comprises: an evolution node point (eNB) sends an AS key replacement command message with the encryption and integration protected by the old key group to the user equipment (UE); the UE processes the AS key replacement command message with the old key group and sends an AS key replacement completion message with the integration protected by the new key to the eNB; then the UE encrypts or decrypts the user plane (UP) data with a new key; the eNB processes the AS key replacement completion message with a new key group and encrypts or decrypts the UP data with the new key. The invention further discloses a key replacement system and the combination equipment thereof. The adoption of the invention can ensure that the key used by the UE and the network user message is synchronous when the key is replaced, thus avoiding user communication data loss caused by asynchronous UE and network key and improving the communication quality of the user.

Description

technical field [0001] The present invention relates to a key replacement technology in a mobile communication system, in particular to a key replacement method, system and device for a user equipment (UE) and a network in a radio resource control (RRC) connection state. Background technique [0002] The access security of the 3rd Generation Partnership Project (3GPP) Long Term Evolution (LTE, Long Term Evolution) system / system architecture evolution (SAE, System Architecture Evolution) adopts a two-layer security architecture, that is, the access layer (AS, The security mechanisms of Access Stratum) and Non-Access Stratum (NAS, Non Access Stratum) are separate, and each has its own independent security context. Wherein, the security context includes: a key, a key identifier, a security algorithm, and a value of an uplink and downlink counter. The AS security context is terminated at the evolved node (eNB, evolved Node B), and the eNB is responsible for generating, establis...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04W12/02H04W12/04H04W12/10
Inventor 张旭武甘露
Owner ZTE CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap