Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

An eap-aka'-based method for enhancing the security of the authentication process between network elements of the core network

An EAP-AKA, core network technology, applied in security devices, secure communication devices, and key distribution, can solve problems such as information theft, and achieve the effects of enhanced security, low cost, and low system transformation

Active Publication Date: 2021-05-04
XINGTANG TELECOMM TECH CO LTD +1
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] In view of the above analysis, the present invention aims to provide a method for enhancing the security of the authentication process between network elements of the core network based on EAP-AKA', in order to solve the problem of information being stolen caused by the existing plaintext transmission mode

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • An eap-aka'-based method for enhancing the security of the authentication process between network elements of the core network
  • An eap-aka'-based method for enhancing the security of the authentication process between network elements of the core network
  • An eap-aka'-based method for enhancing the security of the authentication process between network elements of the core network

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0093]Example 1 of the present invention discloses an EAP-AKA '-based core network element interval security enhancement method, including the following steps:

[0094]Visit the network side to send authentication requests;

[0095]The home network side generates authentication vector according to the received authentication request; use the push protection key KT1Encrypt the key information in the authentication vector, and update the authentication vector, and generate an authentication response message; send the authentication response message to the reference network side;

[0096]Visiting the authentication response message of the home network side feedback, calculates the feedback information, determines whether the feedback network is authenticated according to the feedback information; pass, then send a terminal authentication request to the home network side;

[0097]The home network side determines whether the home network side is authenticated according to the terminal authentication...

Embodiment 2

[0100]Embodiment 2 of the present invention discloses an EAP-AKA '-based core network element method for EAP-AKA', the steps are disclosed, and the steps are as follows:

[0101]Receive the authentication request sent by the visiting network side;

[0102]Generate an authentication vector according to the received authentication request;

[0103]Using the push protection key to encrypt the key information in the authentication vector, update the authentication vector, and generate an authentication response message;

[0104]Send the authentication response message to the reference network side to place the feedback information on the network side and generate a terminal authentication request;

[0105]Judging whether the home network side is authenticated according to the terminal authentication request sent by the visiting network side.

[0106]Compared with the prior art, the EAP-AKA '-based core network element inter-AK-AKA's core network element is encrypted using the push protection key to encry...

Embodiment 3

[0107]Embodiment 3 of the present invention, when the authentication method is EAP-AKA ', the following operation is performed inside the home network side:

[0108]Receive the authentication request sent by the AUSF to the network side, and send the authentication request to the UDM;

[0109]UDM generates authentication vector, the authentication vector is RAND || xres || ck '|| IK' || AUTN;

[0110]Use push protection key KT1Encrypt the key information CK '|| IK' to get the encrypted key information (CK '|| IK') ';

[0111]The UDM replaces the CK '|| IK' in the authentication vector to the encrypted key information (CK '|| IK') 'to obtain the protected authentication vector and transmit the protected authentication vector. To AUSF;

[0112]The AUSF receives the protected authentication vector sent by the UDM, using the push protection key KT1The protected authentication vector (CK '|| IK') 'is decrypted;

[0113]AUSF is derived and calculated by EAP security parameters, and also has a SEAF security...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an EAP-AKA'-based method for enhancing the security of an authentication process between network elements of a core network, belongs to the technical field of mobile communications, and solves the problem of information theft caused by plaintext transmission. The steps are as follows: the visited network side sends an authentication request to the home network side; the home network side generates an authentication vector; T1 Encrypt the key information in the authentication vector, generate an authentication response message and send it to the visited network side; the visited network side receives the authentication response message, calculates the feedback information and judges whether the authentication is passed on the visited network side; if passed, sends it to the home network side Terminal authentication request; the home network side judges whether the home network side has passed the authentication according to the terminal authentication request; if passed, use K T2 encryption K SEAF , will encrypt K SEAF Put in the terminal authentication response message and send it to the visited network side; the visited network side receives the terminal authentication response message and uses K T2 Decrypt to get K SEAF . By encrypting the key information transmitted between network elements of the core network, the security of the authentication process between network elements of the core network is enhanced.

Description

Technical field[0001]The present invention relates to the field of mobile communication, and more particularly to an EAP-AKA '-based approval process security enhancement method.Background technique[0002]In the 4G / 5G mobile communication system, the information transmitted between the terminal UE and the access network protects information between the access network and the core network, which is generally protected by IP transmission tunnels, but the core network is different. The information transmitted between the NEs is a clear text, and there is no corresponding protective measures.[0003]For high security requirements, the security of the information between the core network elements must be guaranteed, in particular, sensitive information or security related information (such as distribution key information, etc.).[0004]According to the key fulcritical system of the 4G / 5G mobile communication system, in the user authentication process, the core network doller participating...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04W12/06H04W12/02H04W12/03H04W12/0431H04W12/0433H04L9/08H04W12/041
CPCH04L9/0816H04L9/0822H04L9/0891H04W12/02H04W12/04H04W12/06
Inventor 刘畅叶琅贾云鹤徐彦吏
Owner XINGTANG TELECOMM TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products