Unlock instant, AI-driven research and patent intelligence for your innovation.

Method and system for negotiating new discrimination key

An authentication key and new key technology, which is applied in the field of negotiating new authentication keys, can solve the problems of leaking key data, no remedial measures, leaking root keys, etc.

Active Publication Date: 2007-02-28
CHINA MOBILE COMM GRP CO LTD +1
View PDF0 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] 1. The root key was written by the card dealer, and the staff of the card dealer leaked the root key;
[0007] 2. The root key is written by the operator during operation, and the operator's staff leaked the root key
[0008] 3. The maintenance staff of the Home Location Register / Authentication Center (HLR / AUC) leaked relevant key data
[0011] 2. There are no effective remedies
The problem is that the user has no way of discovering that the root key has been compromised!

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for negotiating new discrimination key
  • Method and system for negotiating new discrimination key
  • Method and system for negotiating new discrimination key

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0101] FIG. 3 is a flowchart of a method for negotiating a new authentication key in Embodiment 1 of the present invention. As shown in Figure 3, the process includes:

[0102] Step 301, the first module generates a random number RAND.

[0103] Step 302: Generate a first new key (NewAK1) and authentication parameters according to the generated random number RAND and the saved first key (AK1), and send the authentication parameters to the authentication agent.

[0104] In this step, NewAK1 can be generated according to RAND and AK1; and the generated authentication parameters include RAND, MAC-A and SXRES, and key update request information.

[0105] Wherein, in this embodiment, MAC-A is generated according to RAND and AK1 stored in the first module, and SXRES is generated according to NewAK1;

[0106] The key update request information may be represented by a bit in RAND, or may also be represented by a bit in MAC-A. When represented by a bit in RAND, the setting of this bi...

Embodiment 2

[0141] In this embodiment, the first module further stores the first serial number SQN1, and the second module further stores the second serial number SQN2; the authentication parameter transmitted by the first module to the authentication agent further includes the first serial number SQN1, And the first module utilizes the serial number in the first module when generating the authentication parameter. The authentication agent further carries SQN1 when sending the authentication request to the second module, that is, carries RAND, MAC-A and SQN1.

[0142] FIG. 5 is a flowchart of a method for negotiating a new authentication key in Embodiment 2 of the present invention. As shown in Figure 5, the process includes:

[0143] Step 501, the first module generates a random number RAND.

[0144] Step 502, generate a first new key (NewAK1) and authentication parameters according to the generated random number RAND, the saved first key (AK1), and the serial number (SQN1), and send t...

Embodiment 3

[0172] In this embodiment, the generated authentication parameters further include an authentication management field AMF.

[0173] FIG. 6 is a flowchart of a method for negotiating a new authentication key in Embodiment 3 of the present invention. As shown in Figure 6, the process includes:

[0174] Step 601, the first module generates a random number RAND.

[0175] Step 602, generate the first new key (NewAK1) and authentication parameters according to the generated random number RAND, the saved first key (AK1), the serial number (SQN1) and the set AMF, and send the authentication parameters to Authentication proxy.

[0176] In this step, NewAK1 can be generated according to RAND and AK1; and the generated authentication parameters include RAND, MAC-A and SXRES, and key update request information.

[0177] Wherein, in the present embodiment, MAC-A is generated according to the random number RAND, AK1, SQN1 and the AMF set in the first module, and SXRES is generated accord...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a method for consulting identification key, which comprises: the first module sends identification parameter to the identification proxy, carried with refresh key request message; the identification proxy sends the identification parameters with refresh key request to the second module; the second module based on the identification program identifies the identification parameters, to generate second new key; then sending the special identification response generated by second new key to the identification proxy; the proxy judges if the special identification response and the special respected response are same, if they are, the identification is succeed, and sending success message to the first module; the first module will confirm the second module responses the refresh key request successfully, to refresh the first key. The invention also discloses a relative system.

Description

technical field [0001] The invention relates to communication security technology, in particular to a method and system for negotiating a new authentication key. Background technique [0002] With the rapid popularization of communication systems and the increasing types of business, especially the demand for data services such as e-commerce and electronic trade, the status of information security in communication systems has become increasingly prominent. The two core issues of information security in communication systems are authentication and encryption. Among them, authentication is the main means to identify the authenticity of communication participants, and safe and effective key negotiation is an important prerequisite for ensuring communication security. [0003] In existing authentication methods, such as AKA (Authentication and Key Agreement) in 3GPP, a fixed root key mechanism is adopted, that is, the root key remains unchanged all the time. This method is sim...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/08H04L29/06
Inventor 刘利军刘斐王正伟杨艳梅陈璟
Owner CHINA MOBILE COMM GRP CO LTD