A message protection method and device

A message and protected technology, which is applied to security devices, secure communication devices, and key distribution, can solve problems such as complexity, initial NAS message processing lag, and affecting terminal device access efficiency, so as to reduce complexity and improve access efficiency , the effect of improving safety

Inactive Publication Date: 2019-05-21
HUAWEI TECH CO LTD
View PDF5 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] In the prior art, in order to improve the security of the initial NAS message in the communication process, the initial NAS message sent by the terminal device to the network device only includes the subscriber permanent identifier (SUPI) and the security capability of the terminal device. When the terminal device After the device receives the NAS SMC message, it performs security protection on other parameters in the initial NAS message, and then sends it to the network device. This implementation method makes the processing of the initial NAS message by the network device relatively lagging behind, which affects the access of terminal devices. efficient, and more complex

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A message protection method and device
  • A message protection method and device
  • A message protection method and device

Examples

Experimental program
Comparison scheme
Effect test

example 1

[0118] Example 1: The terminal device directly generates a symmetric key according to the public key of the storage functional entity and the private key of the terminal device. Optionally, the algorithm for generating the symmetric key may be a key agreement function (keyagreement function, KAF) pre-configured on the terminal device. Optionally, the symmetric key generated in Example 1 may be an encryption key or an integrity protection key, which can be applied when the symmetric key is an encryption key or an integrity protection key; or, optional , the symmetric key generated in Example 1 can be used not only as an encryption key, but also as an integrity protection key, and can be applied to symmetric keys including encryption keys and integrity protection keys, and encryption keys and integrity protection keys In the case of the same protection key; or, optionally, the terminal device can directly generate symmetric key 1 and symmetric key 2 according to the public key o...

example 2

[0119] Example 2: The terminal device generates an intermediate key according to the public key of the storage functional entity and the private key of the terminal device, and then generates a symmetric key according to the intermediate key and a fixed character string. Wherein, the fixed character string may be pre-configured on the terminal device and the network side (such as the storage function entity), or pre-configured on the terminal device or the network side. Specifically, the terminal device and the network side can pre-configure one or more fixed character strings. In the case of pre-configuring multiple fixed character strings, the terminal device can select at least one fixed character string according to a preset algorithm or rule, for example Randomly select at least one fixed character string, or select one or more fixed character strings in some order of priority. Specifically, the fixed string can be "NAS", "INITIAL", "INITIAL NAS", "SUPI", "INITIAL ENC", "...

example 3

[0122] Example 3: The terminal device generates temporary key 1 according to the public key of the storage functional entity and the private key of the terminal device, and then performs further key derivation based on the pre-configured KDF according to temporary key 1 to generate temporary key 2. Optionally, the terminal device directly uses the temporary key 2 as the symmetric key; or, the terminal device truncates the length of the temporary key 1 or the temporary key 2 according to a pre-configured truncated function to meet the pre-configured length, Obtain a symmetric key.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to the technical field of communication, in particular to a message protection method and device, and the method comprises the steps that terminal equipment obtains a protected initial NAS message according to a symmetric key and a first security algorithm, and sends the protected initial NAS message to first network equipment; And a key-related parameter is sent to the second network device, wherein the key-related parameter is used for obtaining the symmetric key. The terminal equipment can perform security protection on the initial NAS message through the symmetric keyand the first security algorithm; Compared with the prior art, while the transmission security of the initial NAS message is improved, the complexity of performing security protection on the initialNAS message is reduced, and the access efficiency of the terminal equipment is improved.

Description

technical field [0001] The present application relates to the technical field of communications, and in particular to a method and device for message protection. Background technique [0002] In long term evolution (long term evolution, LTE), the security protection of the non-access stratum (non-access stratum, NAS) message is activated after the network device sends the NAS security mode command (security mode command, SMC) message to the terminal device, Before the terminal device receives the NAS SMC message sent by the network device, the NAS message transmitted between the terminal device and the network device, such as the initial NAS message, is a message without security protection, so these messages may be tampered with or sniffed by an attacker risks of. [0003] In the prior art, in order to improve the security of the initial NAS message in the communication process, the initial NAS message sent by the terminal device to the network device only includes the sub...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04W12/02H04W12/04H04W12/10H04L29/06H04L9/08H04W12/041H04W12/106
CPCH04L9/08H04W12/02H04W12/04H04W12/10H04L9/40
Inventor 胡力陈璟
Owner HUAWEI TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap