Method, device and system for updating key of general guide architecture

A general guidance architecture and key update technology, applied in security devices, wireless communications, electrical components, etc., can solve the problems of continuous update of validity period, frequent update of Ks_NAF, etc., and achieve the effect of avoiding frequent updates

Inactive Publication Date: 2011-11-09
CHINA MOBILE COMM GRP CO LTD
View PDF1 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0040] The purpose of the present invention is to solve the problem that Ks will be limited to the continuous update of the validity period of Ks_NAF in the GBA key update method, and propose a method, device and system for key update of a general guidance framework to solve the problem that Ks is not expired. Ks_NAF frequent update problem

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, device and system for updating key of general guide architecture
  • Method, device and system for updating key of general guide architecture
  • Method, device and system for updating key of general guide architecture

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0064] Figure 4 It is a flowchart of a GBA key update method according to an embodiment of the present invention. Such as Figure 4 As shown, this embodiment includes:

[0065] Step S102: receiving a Ks_NAF acquisition request;

[0066] Step S104: Obtain key parameters, and generate Ks_NAF according to Ks_NAF=KDF(Ks, preset character string, RAND, IMPI, NAF_Id, key parameters);

[0067] Step S106: save and return Ks_NAF and key parameters;

[0068] In this embodiment, the key parameter may be Ks_NAF validity period or a random number. The aforementioned preset character string may be "gba-me" or "gba-u".

[0069] 1. When the key parameter is the validity period of Ks_NAF, this embodiment specifically includes:

[0070] Step S112: receiving Ks_NAF acquisition request;

[0071] Step S114: Generate Ks_NAF valid period, generate Ks_NAF according to Ks_NAF valid period and pre-stored valid Ks, wherein, Ks_NAF=KDF(Ks, "gba-me", RAND, IMPI, NAF_Id, Ks_NAF valid period);

[0...

Embodiment 2

[0085] Most of the processes in Embodiment 1 are completed in BSF. This embodiment will describe the present invention from the perspective of the entire GBA architecture. Figure 5 It is a flow chart of the GBA key update method in Embodiment 2 of the present invention. Such as Figure 5 As shown, this embodiment includes:

[0086] Step S202: when the UE needs to access the service platform NAF, send the B-TID to the NAF;

[0087] Step S204: NAF locally inquires whether there is Ks_NAF according to B-TID, if it exists, execute step S206, otherwise, execute step S208;

[0088] Step S206: Check whether Ks_NAF is valid, if yes, execute step S220, otherwise, execute step S208, invalid Ks_NAF includes that Ks_NAF is not within the validity period or Ks_NAF needs to be updated according to the security policy of NAF;

[0089] Step S208: NAF sends Ks_NAF acquisition request to BSF according to B-TID, and BSF queries Ks according to B-TID;

[0090] Step S210: BSF judges whether ...

Embodiment 3

[0101] This embodiment provides a timestamp scheme, that is, the key parameter is the validity period of Ks_NAF. In this embodiment, the GBA initialization process is the same as that of the prior art, and the only change is the key update process. Figure 7 It is a flow chart of the GBA key update method in Embodiment 3 of the present invention. Such as Figure 7 As shown, this embodiment includes:

[0102] Step S302: When the UE needs to access the service platform NAF, send the B-TID to the NAF. In order to be compatible with the R8 version, you need to report your own GBA version number to NAF;

[0103] Step S304: NAF locally inquires whether Ks_NAF exists according to B-TID, if Ks_NAF does not exist, execute step S306, otherwise, execute step S320;

[0104] Step S306: NAF sends Ks_NAF acquisition request to BSF according to B-TID;

[0105] Step S308: BSF inquires whether there is a valid Ks according to the B-TID, if yes, execute step S310; otherwise, execute step S3...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method, device and system for updating the key of a general guide architecture. The method for updating the key of the general guide architecture comprises the following steps of: receiving a Ks_NAF (Network Application Function) acquisition request with a BSF (Bootstrapping Server Function); obtaining a key parameter, and generating a Ks_NAF according to the formula that Ks_NAF=KDF(Ks, a preset character string, RAND: random, IMPI:IP Multimedia Private Identity, NAF_ID and the key parameter); storing and returning the Ks_NAF and the key parameter. When the method for updating the key of the general guide architecture disclosed by the invention is used for updating a GBA (Genetic Bootstrapping Architecture) key, frequent updating of Ks which is not out of date is avoided, and the key updating load of the BSF and a service platform is reduced.

Description

technical field [0001] The present invention relates to the technical field of the core network of the communication industry, and in particular to a method, device and system for updating keys of a general guidance framework. Background technique [0002] The GBA (Generic Bootstrapping Architecture, general bootstrapping architecture) defined by 3GPP provides a general mechanism for establishing a shared key between the UE and the server, which is implemented based on the AKA (Authentication and Key Agreement) authentication mechanism. The AKA authentication mechanism is a mutual authentication and key negotiation mechanism used in 2G / 3G networks. GBA makes full use of the advantages of the AKA authentication mechanism to complete the secure boot process of services. [0003] GBA introduces a new network element BSF (Bootstrapping Server Function, self-starting service function network element). Through BSF, AKA is used for key agreement between UE and HSS (Home Subscriber...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04W12/04H04W12/06H04W12/0433
Inventor 彭华熹
Owner CHINA MOBILE COMM GRP CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap