Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A Security Enhancement Method Based on EAP-AKA 'for Inter-Network Element Authentication Process in Core Network

An EAP-AKA, core network technology, applied to security devices, secure communication devices, and key distribution, can solve problems such as information theft, and achieve the effects of enhanced security, low push protection, and low cost

Active Publication Date: 2018-12-28
XINGTANG TELECOMM TECH CO LTD +1
View PDF4 Cites 23 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In view of the above analysis, the present invention aims to provide a method for enhancing the security of the authentication process between network elements of the core network based on EAP-AKA', in order to solve the problem of information being stolen caused by the existing plaintext transmission mode

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Security Enhancement Method Based on EAP-AKA 'for Inter-Network Element Authentication Process in Core Network
  • A Security Enhancement Method Based on EAP-AKA 'for Inter-Network Element Authentication Process in Core Network
  • A Security Enhancement Method Based on EAP-AKA 'for Inter-Network Element Authentication Process in Core Network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0093] Embodiment 1 of the present invention discloses a method for enhancing security of an authentication process between network elements of a core network based on EAP-AKA', comprising the following steps:

[0094] The visited network side sends an authentication request to the home network side;

[0095] The home network side generates an authentication vector according to the received authentication request; uses the push protection key K T1 Encrypting the key information in the authentication vector, updating the authentication vector, and generating an authentication response message; sending the authentication response message to the visited network side;

[0096] The visited network side receives the authentication response message fed back by the home network side, calculates the feedback information, and judges whether the authentication on the visited network side passes the authentication according to the feedback information; if passed, sends a terminal authenti...

Embodiment 2

[0100] Embodiment 2 of the present invention discloses an EAP-AKA'-based method for enhancing the security of the authentication process between network elements of the core network applied to the home network side, and the steps are as follows:

[0101] Receive the authentication request sent by the visited network side;

[0102] Generate an authentication vector according to the received authentication request;

[0103] Encrypt the key information in the authentication vector by using the push protection key, update the authentication vector, and generate an authentication response message;

[0104] Sending the authentication response message to the visited network side, so that the visited network side calculates feedback information and generates a terminal authentication request;

[0105] According to the terminal authentication request sent by the visited network side, it is judged whether the home network side has passed the authentication.

[0106] Compared with the ...

Embodiment 3

[0107] Embodiment 3 of the present invention discloses that when the authentication method is EAP-AKA', the following operations are performed inside the home network side:

[0108] The AUSF receives the authentication request sent by the visited network side, and sends the authentication request to the UDM;

[0109] UDM generates an authentication vector, and the authentication vector is RAND||XRES||CK'||IK'||AUTN;

[0110] Protect key K with push T1 Encrypt the key information CK’||IK’ to obtain the encrypted key information (CK’||IK’)’;

[0111] UDM replaces the CK'||IK' in the authentication vector with the encrypted key information (CK'||IK')', obtains the protected authentication vector, and sends the protected authentication vector to AUSF;

[0112] AUSF receives the protected authentication vector sent by UDM, and pushes the protection key K T1 Decrypt (CK'||IK')' in the protected authentication vector;

[0113] AUSF conducts the derivation and calculation of EAP ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a method based on EAP-AKA 'core network element authentication process security enhancement and belongs to the field of mobile communication technology, and solves the problemthat information is stolen caused by plaintext transmission. The method comprises the following steps: a visiting network side sends an authentication request to a home network side; the home networkside generates an authentication vector; the key information in the authentication vector is encrypted by KT1, and an authentication response message is generated and sent to the visiting network side. The visiting network side receives the authentication response message, calculates the feedback information and judges whether the visiting network side passes the authentication. Sending a terminal authentication request to the home network side; the home network side judges whether the home network side passes the authentication according to the terminal authentication request. By encryptingKSEAF with KT2, the encrypted KSEAF is put into the terminal authentication response message and sent to the visiting network side; the visiting network side receives the terminal authentication response message and decrypts it with KT2 to obtain KSEAF. By encrypting the key information transmitted between the network elements of the core network, the security of the authentication process betweenthe network elements of the core network is enhanced.

Description

technical field [0001] The invention relates to the technical field of mobile communication, in particular to an EAP-AKA'-based method for enhancing the security of an authentication process between network elements of a core network. Background technique [0002] In the 4G / 5G mobile communication system, the information transmitted between the terminal UE and the access network is protected by the air interface protection mechanism, and the information transmitted between the access network and the core network is generally protected by an IP transmission tunnel, but the core network is different. The information transmitted between network elements is transmitted in plain text, and no corresponding protection measures are provided. [0003] For application scenarios with high security requirements, the security of information transmitted between core network elements must be guaranteed, especially sensitive information or security-related information (such as derived key i...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04W12/06H04W12/02H04W12/04H04L9/08H04W12/041
CPCH04L9/0816H04L9/0822H04L9/0891H04W12/02H04W12/04H04W12/06
Inventor 刘畅叶琅贾云鹤徐彦吏
Owner XINGTANG TELECOMM TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products