A 5g AKA-based authentication process security enhancement method between core network elements

A core network and security technology, applied in security devices, electrical components, wireless communications, etc., to solve problems such as information theft

Active Publication Date: 2021-06-08
XINGTANG TELECOMM TECH CO LTD +1
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In view of the above analysis, the present invention aims to provide a 5G AKA-based method for enhancing the security of the authentication process between network elements of the core network to solve the problem of information theft caused by the existing plaintext transmission method

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A 5g AKA-based authentication process security enhancement method between core network elements
  • A 5g AKA-based authentication process security enhancement method between core network elements
  • A 5g AKA-based authentication process security enhancement method between core network elements

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 2

[0095] Embodiment 2 of the present invention discloses a 5G AKA-based authentication process security enhancement method between network elements of the core network, which is applied to the home network side, such as figure 2 As shown, the steps are as follows:

[0096] Receive the authentication request sent by the visited network side;

[0097] Generate an authentication vector according to the received authentication request;

[0098] Encrypt the key information in the authentication vector by using the push protection key, update the authentication vector, and generate an authentication response message;

[0099] Sending the authentication response message to the visited network side, so that the visited network side calculates feedback information and generates a terminal authentication request;

[0100] According to the terminal authentication request sent by the visited network side, it is judged whether the home network side has passed the authentication.

[0101] C...

Embodiment 3

[0102] Embodiment 3 of the present invention discloses that when the authentication method is 5G AKA, the following operations are performed inside the home network side, wherein the network elements on the home network side include AUSF and UDM:

[0103] The AUSF receives the authentication request sent by the visited network side, and sends the authentication request to the UDM;

[0104] UDM generates a 5G home authentication vector, and the 5G home authentication vector is RAND||XRES*||K AUSF ||AUTN, where, RAND (random number), XRES (Expected Response, expected response), K AUSF (AUSF security key), AUTN (Authentication Token, authentication token), AUTN contains serial number, AMF and MAC fields;

[0105] Protect key K with push T1 (Push protection key between AUSF and UDM) to AUSF security key K AUSF Encrypt to get the encrypted AUSF security key K AUSF ';

[0106] UDM assigns the K in the 5G home authentication vector AUSF Replaced with the encrypted AUSF security...

Embodiment 8

[0157] Embodiment 8 of the present invention discloses the encrypted transmission process of key information between network elements of the core network when the authentication method is 5G AKA, as shown in image 3 As shown, the steps are as follows:

[0158] Step S1: According to the 3GPP standard process, SEAF receives the registration of the terminal user UE, sends an authentication request to the network element AUSF on the home network side of the terminal user, and sends SUPI (Subscription Permanent Identifier, registered user permanent identification code) and service network name ( SN name) and other information are sent to AUSF;

[0159] Step S2: According to the 3GPP standard procedure, the AUSF sends the authentication request information to the UDM;

[0160] Step S3: UDM generates an authentication vector and encrypts the key information in it:

[0161] Step S3-1: According to the 3GPP standard process, the 5G home authentication vector generated by UDM include...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a 5G AKA-based method for enhancing the security of the authentication process between network elements of the core network, which belongs to the field of mobile communication technology, and solves the problem of key information such as keys and user identities being stolen due to the existing plaintext transmission method question. A 5G AKA-based security enhancement method for the authentication process between network elements of the core network, applied to the home network side, the steps are as follows: receive the authentication request sent by the visited network side; generate an authentication vector according to the received authentication request ; Use the push protection key to encrypt the key information in the authentication vector, update the authentication vector, and generate an authentication response message; send the authentication response message to the visited network side, so that the visited network side calculates the feedback information And generate a terminal authentication request; judge whether the home network side has passed the authentication according to the terminal authentication request sent by the visited network side. By encrypting the key information transmitted between the network elements of the core network, the security of the authentication process between the network elements of the core network is effectively enhanced.

Description

technical field [0001] The present invention relates to the technical field of mobile communication, in particular to a 5G AKA-based method for enhancing the security of an authentication process between network elements of a core network. Background technique [0002] In the 4G / 5G mobile communication system, the information transmitted between the terminal UE and the access network is protected by the air interface protection mechanism, and the information transmitted between the access network and the core network is generally protected by an IP transmission tunnel, but the core network is different. The information transmitted between network elements is transmitted in plain text, and no corresponding protection measures are provided. [0003] For application scenarios with high security requirements, the security of information transmitted between core network elements must be guaranteed, especially sensitive information or security-related information (such as derived ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04W12/04H04W12/06H04W12/03H04W12/041
CPCH04W12/04H04W12/06
Inventor 刘畅叶琅贾云鹤徐彦吏
Owner XINGTANG TELECOMM TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap