Authentication information processing method, terminal and network equipment

Abstract

The embodiment of the invention discloses an authentication information processing method, a terminal and network equipment. The method comprises the following steps that a terminal performs encryption and integrity protection on first indication information containing an error message type based on an encryption key and an integrity key respectively under the condition that network authenticationfails, wherein the encryption key and the integrity key are obtained based on a session root key, the session root key is generated under the condition that the first authentication between the terminal and the first network equipment succeeds, and different error message types correspond to the first indication information in the same format; and the terminal sends the encrypted first indicationinformation to the first network device, wherein the encrypted indication information is sent to the first network device through a second network device.

Description

technical field [0001] The present invention relates to wireless communication technology, in particular to an authentication information processing method, terminal and network equipment. Background technique [0002] In the mobile communication system, user equipment (UE, User Equipment) and the network side are authenticated through an Authentication and Key Agreement (AKA, Authentication and Key Agreement) protocol. The authentication methods between the UE and the network side in the 5G system include the following two authentication methods: 5G-AKA and EAP-AKA′. The former is developed from the authentication protocol Evolved Packet System Authentication and Key Agreement (EPS-AKA, Evolved Packet System-Authentication and Key Agreement) based on Long Term Evolution (LTE, LongTerm Evolution), while the latter is developed from the Internet Engineering Task Force (IETF , The Internet Engineering Task Force) defines an authentication protocol used in a 4G network for a U...

AI Technical Summary

Problems solved by technology

The two authentication methods of 5G-AKA and EAP-AKA′ are subject to correlation attacks because UE may send two different types of error messages when authentication network fails

[0003] In the related technology to solve the association attack, when the UE fails to authenticate the network, the information encrypted by the public key of the trial network is used to indicate the error message type, because this message is encrypted, the attacker cannot get the content of this message, so the attacker cannot launch a correlation attack

However, although this method can solve the problem of correlation attack, it requires operators to deploy public key infrastructure (PKI, Public Key Infrastructure); and this method uses asymmetric algorithm for encryption, which consumes a lot of computing resources, which is very important for It is not applicable to IoT terminals that require a long battery life

Images