Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and user equipment for detecting degradation attack

A user equipment and degradation technology, applied in the field of communication, can solve the problems of not knowing the eNB, unable to judge whether the RRC/UP security algorithm list has been modified, low intensity, etc., and achieve the effect of preventing harm

Inactive Publication Date: 2009-10-07
HUAWEI TECH CO LTD
View PDF0 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0014] In the above-mentioned existing UE and eNB negotiation process of RRC security algorithm and UP security algorithm, in the first step, if the eNB obtains the list of RRC / UP security algorithms allowed by the system from the source eNB through the X2 interface, if the source eNB has been compromised by an attacker , the eNB obtains the list of RRC / UP security algorithms allowed by the system may be modified, resulting in the RRC / UP security algorithm selected by the eNB is a low-strength algorithm, making it easier for attackers to break through further, which will cause degradation attacks
[0015] However, the UE does not know whether the eNB obtains the list of RRC / UP security algorithms allowed by the system through the X2 interface or the S1 interface. Degradation attack exists

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and user equipment for detecting degradation attack
  • Method and user equipment for detecting degradation attack
  • Method and user equipment for detecting degradation attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0038] In this embodiment, handover occurs between eNBs within the same access network EUTRAN, and the MME also changes.

[0039] Please refer to image 3 As shown, the specific process of this embodiment is:

[0040] Step 301, the source eNB decides to initiate a handover

[0041] Step 302, the source eNB sends a handover request (Handover Required) message to the source MME.

[0042] Step 303, the source MME sends a handover preparation request (Forward RelocationRequest) message to the target MME, and the handover preparation request message carries a list of security algorithms supported by the UE (including a list of NAS / RRC / UP algorithms), a list of security algorithms allowed by the system (including a list of NAS algorithms) / RRC / UP algorithm list), the currently selected security algorithm list (including NAS / RRC / UP algorithm list).

[0043] Step 304, the target MME sends a handover preparation request (Handover Request) message to the target eNB, and the handover ...

Embodiment 2

[0059] Embodiment 2: In this embodiment, handover occurs between eNBs within the same access network EUTRAN, and the MME also changes.

[0060] Please refer to Figure 4 As shown, this embodiment is similar to the first embodiment, and in terms of the specific process, steps 401-407 are the same as steps 301-307 in the first embodiment, and the difference starts from step 408.

[0061] Step 408, the target MME (via the source MME / source eNB) sends a separate integrity-protected NAS SMC (NAS Security Mode Command, NAS security mode command) message to the UE, and the integrity-protected NAS SMC message carries the configuration on the target MME The list of RRC / UP security algorithms allowed by the system.

[0062] In step 409, the UE returns a NAS SMC (NAS Security Mode Complete, NAS security mode complete) message to the target MME.

[0063] Step 410, the target MME sends a handover preparation response (Forward RelocationResponse) message to the source MME, the handover pr...

Embodiment 3

[0072] Embodiment 3: Switching from 2G / 3G to EUTRAN, switching between access network entities in different access networks, and changes in core network entities.

[0073] Please refer to Figure 5 As shown, the main difference between the present embodiment and the first embodiment is:

[0074] 1. In step 503, the source SGSN (the core network entity in the 2G / 3G network) sends a handover preparation request (Forward Relocation Request) message to the target MME, and the handover preparation request message only carries a list of security algorithms supported by the UE (including NAS / RRC / UP algorithm list).

[0075] 2. In step 507, the target MME selects an appropriate NAS security algorithm according to the list of NAS security algorithms supported by the UE, the list of NAS security algorithms allowed by the system on the target MME, and the list of supported NAS security algorithms configured on the target MME. Since the source SGSN only sends the list of security algor...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention provides a method for detecting degradation attack, which comprises the following steps: after a target mobile management entity MME receives switching preparation request information, wireless resource control, such as an RRC integrity protection and encryption algorithm list and a user plane UP encryption algorithm list, which are permitted by a system of the target mobile management entity MME are sent to user equipment UE; and the UE detects if the degradation attack exists according to the RRC integrity protection and encryption algorithm list and the user plane UP encryption algorithm list permitted by the system. The embodiment of the invention also provides the user equipment UE which can find out if the degradation attack exists during the mobile network switching of the embodiment, thereby preventing networks still operating during the degradation attack so as to effectively prevent the switching process and the network entity being further injured.

Description

technical field [0001] The present invention relates to the field of communications, in particular to a method for detecting degradation attacks and user equipment. Background technique [0002] Please refer to figure 1 As shown, the existing 3GPP (3rd Generation Partnership Project) wireless network is divided into two parts: a 3GPP radio access network and a core network. [0003] EUTRAN (Evolved Universal Terrestrial Radio Access Network): a future evolved LTE (Long Term Evolved Radio Access Network) access network, including eNodeB (evolved Node B, hereinafter referred to as eNB). [0004] The core network corresponding to the future evolved LTE access network is called SAE (System Architecture Evolution), including MME (Mobility Management Entity), SAE GW (SAE Gateway) / PDN GW (Packet Domain Network Gateway) / HSS (Home Network Subscriber server) and other entities. [0005] In order to ensure the security of network communication in the future evolution, the user equip...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04W12/04H04W12/10H04W12/03H04W12/122
Inventor 何承东
Owner HUAWEI TECH CO LTD