Key distribution and reception method, key management center, and first and second network elements
What is Al technical title?
Al technical title is built by PatSnap Al team. It summarizes the technical point description of the patent document.
A technology for key management center and key distribution, which is applied in the fields of first and second network elements, key management center, key distribution and receiving methods, and can solve problems such as poor security
Active Publication Date: 2017-03-08
HUAWEI TECH CO LTD
View PDF4 Cites 6 Cited by
Summary
Abstract
Description
Claims
Application Information
AI Technical Summary
This helps you quickly interpret patents by identifying the three key elements:
Problems solved by technology
Method used
Benefits of technology
Problems solved by technology
Although segmented encryption is more flexible, because intermediate nodes can obtain the plaintext of communication data, they cannot resist eavesdropping attacks on communication data, so the security of segmented encryption is poor
Method used
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more
Image
Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
Click on the blue label to locate the original text in one second.
Reading with bidirectional positioning of images and text.
Smart Image
Examples
Experimental program
Comparison scheme
Effect test
example 1
[0204] Example 1: KMS2 obtains the second random number and / or the NAF key of the second network element, and sends the second random number and / or the NAF key of the second network element to KMS1. KMS1 receives the second random number and / or the NAF key of the second network element sent by KMS2.
[0205] KMS1 calculates at least one of the identity, the time used to indicate the validity period of the service key, the sequence number, the random number determined by KMS1, the NAF key of the first network element, and the second random number and / or when the NAF key of the second network element is an argument of the preset key derivation function, the dependent variable of the preset key derivation function, and the service key is the dependent variable.
[0206] For example, K=KDF(key, ID), or, K=KDF(key, time), or, K=KDF(key, SN), or, K=KDF(key1, key2), where key and key2 includes the second random number and / or the NAF key of the second network element, ID is a set of...
example 3
[0208] Example 3: KMS1 and KMS2 negotiate the service key through DH key negotiation.
[0209] The method of DH key agreement is an existing technology, and will not be repeated here.
[0210] Example 4: KMS1 and KMS2 obtain the negotiation parameters through the DH key negotiation method, and KMS1 calculates the dependent variable of the preset key derivation function when the negotiation parameter is one of the independent variables of the preset key derivation function, so The service key includes the dependent variable.
[0211] A preset key derivation function is set in KMS1. When obtaining the arguments of the preset key derivation function, the negotiation parameter obtained through the DH key negotiation method is used as one of the arguments, and other arguments of the preset key derivation function are not limited here , for example, the other independent variable may be a random number determined by KMS1.
[0212] After all the independent variables of the preset...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
PUM
Login to view more
Abstract
The embodiment of the invention discloses a key distribution and reception method, a key management center, and first and second network elements. The key distribution and reception method disclosed by the embodiment comprises the steps: a first key management center obtains information of an NAF key of the first network element and the NAF key of the first network element, the information of the NAF key of the first network element being the information necessary for obtaining the NAF key of the first network element; the first key management center obtains a service key, the service key being used for performing encryption and / or integrity protection on communication data when the first network element communicates with the second network element; the first key management center performs encryption and / or integrity protection on the service key by adopting the NAF key of the first network element and generates a first safety protection parameter; and the first key management center sends a first GBA (Generic Bootstrapping Architecture) push message to the first network element, wherein the first GBA push message carries the first safety protection parameter and the information of the NAF key of the first network element. The embodiment can prevent data from suffering from eavesdropping attack in a transmission process.
Description
technical field [0001] The present invention relates to the technical field of mobile communication, in particular to a key distribution and reception method, a key management center, and first and second network elements. Background technique [0002] In the existing mobile communication security architecture, the security protection of data from the network element to the Internet is in the form of hop-by-hop, that is, the protection is completed in the form of segmented encryption. Moreover, in the existing 2G / 3G / 4G mobile architecture, the communication data between end-to-end is also encrypted in segments. Although segmented encryption is more flexible, because the intermediate node can obtain the plaintext of the communication data, it cannot resist the eavesdropping attack of the communication data, so the security of the segmented encryption method is poor. [0003] For example, see figure 1 , figure 1 It is a schematic diagram of the protocol stack architecture o...
Claims
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more
Application Information
Patent Timeline
Application Date:The date an application was filed.
Publication Date:The date a patent or application was officially published.
First Publication Date:The earliest publication date of a patent with the same application number.
Issue Date:Publication date of the patent grant document.
PCT Entry Date:The Entry date of PCT National Phase.
Estimated Expiry Date:The statutory expiry date of a patent right according to the Patent Law, and it is the longest term of protection that the patent right can achieve without the termination of the patent right due to other reasons(Term extension factor has been taken into account ).
Invalid Date:Actual expiry date is based on effective date or publication date of legal transaction data of invalid patent.
Login to view more 
Login to view more