Generation method and device of safe keys

A security key and key generation technology, applied in security devices, wireless communications, electrical components, etc., can solve the problems of reducing resource utilization and increasing the delay of the key generation system, and achieve the effect of reducing the amount of calculation

Active Publication Date: 2011-01-05
ZTE CORP
View PDF0 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Obviously, such a key generation method not only reduces resource utili

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Generation method and device of safe keys
  • Generation method and device of safe keys
  • Generation method and device of safe keys

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0058] Embodiment 1: The generation process of the security key is as follows figure 2 As shown, before generating the security key, the communication parties of the network negotiate the interception method of the KDF output string that generates the three keys, and the interception methods should not be the same, that is, the three keys generated are different , Can enhance security, the method includes the following steps:

[0059] Step 201: If the selected encryption algorithm is an empty algorithm, which means that the encryption process is not performed, then K may not be generated RrcEnc And K UpEnc , Then K RrcEnc And K UpEnc Set the two keys directly to 0, go to step 205, if the selected encryption algorithm is not an empty algorithm, go to step 202;

[0060] Step 202: When the selected encryption algorithm is not an empty algorithm, select K RrcInt , K RrcEnc And K UpEnc Two of them are the first key K AS1 And the second key K AS2 , Select for generating K AS1 A...

Embodiment 2

[0078] Embodiment 2: When the selected encryption algorithm is an empty algorithm, the interception of the KDF output string is to intercept the KDF output string with high or low 128 bits. The present invention implements an embodiment of the security key generation method, such as image 3 As shown, including the following steps:

[0079] Step 301: directly set the signaling encryption key and data encryption key to 0, namely K RrcEnc =0, K UpEnc =0;

[0080] Step 302: Construct for generating K RrcInt The KDF string input parameter(S);

[0081] Choose to generate K RrcInt Parameters: P0 RrcInt , L0 RrcInt , P1 RrcInt , L1 RrcInt , FC=0x15, construct K RrcInt The string input parameters of KDF are:

[0082] S=FC||P0 RrcInt ||L0 RrcInt ||P1 RrcInt ||L1 RrcInt ,

[0083] Among them, P0 RrcInt Select according to Table 1, namely P0 RrcInt 0x04, P1 RrcInt Select according to Table 3, L0 RrcInt For P0 RrcInt Length in bytes, L1 RrcInt For P1 RrcInt The byte length, acco...

Embodiment 3

[0089] Embodiment 3: When the selected encryption algorithm is not an empty algorithm, set K RrcEnc And K UpEnc Generated in the process of invoking KDF once, the interception of the KDF output character string adopts the interception of the KDF output character string with high 128 bits or low 128 bits. The present invention implements an embodiment of a security key generation method, such as Figure 4 As shown, including the following steps:

[0090] Step 401: Select for generating K RrcEnc And K UpEnc Each parameter of, and spliced ​​into KDF string input parameters (S1);

[0091] Specifically, select to generate K RrcEnc Parameters: P0 RrcEnc , L0 RrcEnc , P1 RrcEnc , L1 RrcEnc , And used to generate K UpEnc Parameters: P0 UpEnc , L0 UpEnc , P1 UpEnc , L1 UpEnc ; Among them, P0 i Select according to Table 1, P1 i Select according to Table 3, L0 i For P0 i Length in bytes, L1 i For P1 i The byte length, according to Table 1 and Table 3, L0 i , L1 i The value of is 0...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a generation method of safe keys. When the three safe keys of an AS (Access Layer) are generated: if an encryption algorithm is a null algorithm, a signaling integrity protection key is generated by only one calling of a KDF (Key Derivation Function), and a signaling encryption key and a user data encryption key are directly set as 0; if the encryption algorithm is not thenull algorithm, parameters for generating any two keys are combined, and in the process of once calling the KDF, the two keys can be obtained, thus, the three keys can be generated by only twice calling the KDF; and meanwhile, the invention discloses a generation device of the safe keys, and the utilization ratio of key generation resources can be improved and the time delay of the whole key generation system can be reduced through the method or the device.

Description

Technical field [0001] The invention relates to the field of mobile communication security, in particular to a method and device for generating a security key. Background technique [0002] In the Long Term Evolution (LTE, Long Term Evolution) system, the radio resource control (RRC, Radio Resource Control) function of the network is placed on the evolved NodeB (eNB, Evolved NodeB), so the corresponding RRC security protection mechanism will follow Put it in the eNB. Due to the large number of deployed eNBs and the wide distribution area, the network entities between the access layers are highly decentralized both geographically and logically. Operators simply cannot implement secure centralized control over them. Each eNB is located in It is a non-secure area, so each eNB needs to generate a key used for the Access Stratum (AS, Access Stratum) security mechanism between each eNB and each user equipment (UE, User Equipment). [0003] According to the description of the 3GPP TS33....

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04W12/04H04W12/041
Inventor 李静岚
Owner ZTE CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap