Communication method, terminal, network element, system and medium
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- BEIJING XIAOMI MOBILE SOFTWARE CO LTD
- Filing Date
- 2024-09-27
- Publication Date
- 2026-06-05
AI Technical Summary
In 5G systems, non-access stratum signaling only supports communication between user equipment and access and mobility management functions in the core network, and cannot realize direct communication between the UE and other network functions, making it difficult to guarantee communication security and integrity.
By creating or activating a NAS security context between the terminal and the network element, a NAS connection is established, and encryption and integrity protection keys are used to prevent message replay attacks and ensure the confidentiality and integrity of communication.
It achieves a secure NAS connection between the terminal and the network element, ensuring the integrity and confidentiality of messages, preventing message replay attacks, and improving communication security.
Smart Images

Figure CN122162408A_ABST
Abstract
Description
Communication method, terminal, network element, system and medium TECHNICAL FIELD
[0001] The present disclosure relates to the technical field of communication, and particularly relates to a communication method, a terminal, a network element, a system and a medium. BACKGROUND
[0002] Currently, in a 5th Generation Mobile Communication Technology (5G) system, Non-Access Stratum (NAS) signaling (transparent transmission through a Radio access network (RAN) node) only supports communication between a User Equipment (UE) and an Access and Mobility Management Function (AMF) in a core network. Communication between the UE and other NFs can be implemented through AMF relaying.
[0003] SUMMARY
[0004] The present disclosure provides a communication method, a terminal, a network element, a system and a medium.
[0005] According to a first aspect of the present disclosure, a communication method is provided, executed by a terminal, and the method comprises: creating or activating a first NAS security context for a first network element, the first NAS security context corresponding to a second NAS security context, the second NAS security context being created or activated by the first network element for the terminal, the first NAS security context being used by the terminal to protect a NAS connection between the terminal and the first network element.
[0006] According to a second aspect of the present disclosure, a communication method is provided, executed by a first network element, and the method comprises: creating or activating a second NAS security context for a terminal, the second NAS security context corresponding to a first NAS security context, the first NAS security context being created or activated by the terminal for the first network element, the second NAS security context being used by the first network element to protect a NAS connection between the terminal and the first network element.
[0007] According to a third aspect of the embodiments of the present disclosure, a terminal is provided, comprising: a processing module configured to create or activate a first NAS security context for a first network element, the first NAS security context corresponding to a second NAS security context, the second NAS security context being created or activated by the first network element for the terminal, the first NAS security context being used by the terminal to protect a NAS connection between the terminal and the first network element.
[0008] According to a fourth aspect of the embodiments of the present disclosure, a first network element is provided, comprising: a processing module configured to create or activate a second NAS security context for a terminal, the second NAS security context corresponding to a first NAS security context, the first NAS security context being created or activated by the terminal for the first network element, the second NAS security context being used by the first network element to protect a NAS connection between the terminal and the first network element.
[0009] According to a fifth aspect of the embodiments of the present disclosure, a terminal is provided, comprising: one or more processors; and a memory coupled to the processors and having stored therein executable instructions that, as a result of execution by the processors, cause the communication method of the first aspect to be performed.
[0010] According to a sixth aspect of the embodiments of the present disclosure, a first network element is provided, comprising: one or more processors; and a memory coupled to the processors and having stored therein executable instructions that, as a result of execution by the processors, cause the communication method of the second aspect to be performed.
[0011] According to a seventh aspect of the embodiments of the present disclosure, a communication system is provided, comprising a terminal, a first network element and a second network element, wherein the terminal is configured to implement the communication method of the first aspect, and the first network element is configured to implement the communication method of the second aspect.
[0012] According to an eighth aspect of the embodiments of the present disclosure, a storage medium is provided, the storage medium storing instructions that, when executed on a communication device, cause the communication device to perform the communication method of the first aspect or the second aspect.
[0013] According to a ninth aspect of the embodiments of the present disclosure, a computer program product is provided, comprising a computer program and / or instructions, the computer program and / or instructions being executed by a communication device to implement the communication method of the first aspect or the second aspect.
[0014] With the above technical solutions, the NAS connection between the terminal and the first network element can be established, and the integrity and confidentiality of the NAS messages between the terminal and the first network element can be guaranteed, and the message replay attack can be prevented. Attached Figure Description
[0015] To more clearly illustrate the technical solutions in the embodiments of this disclosure, the accompanying drawings required for the description of the embodiments are introduced below. The following drawings are only some embodiments of this disclosure and do not impose specific limitations on the protection scope of this disclosure.
[0016] Figure 1A is an exemplary schematic diagram of the architecture of a communication system provided according to an embodiment of the present disclosure.
[0017] Figure 1B is a schematic diagram of a network element connection according to an embodiment of the present disclosure.
[0018] Figure 1C is a schematic diagram of a distributed NAS connection terminal provided according to an embodiment of the present disclosure.
[0019] Figure 1D is a schematic diagram of a distributed NAS provided according to an embodiment of the present disclosure.
[0020] Figure 1E is a schematic diagram of an encryption algorithm provided according to an embodiment of the present disclosure.
[0021] Figure 1F is a schematic diagram of an integrity algorithm provided according to an embodiment of the present disclosure.
[0022] Figure 2A is an interactive schematic diagram of a communication method according to an embodiment of the present disclosure.
[0023] Figure 2B is a schematic diagram of a NAS security context structure stored in a terminal according to an embodiment of the present disclosure.
[0024] Figure 2C is a schematic diagram of a NAS security context structure stored in a terminal according to an embodiment of the present disclosure.
[0025] Figure 2D is a schematic diagram of a NAS security context structure stored in a first network element according to an embodiment of the present disclosure.
[0026] Figure 2E is an interactive schematic diagram of a communication method according to an embodiment of the present disclosure.
[0027] Figure 2F is a schematic diagram of a NAS security context structure stored in a terminal according to an embodiment of the present disclosure.
[0028] Figure 2G is a schematic diagram of a NAS security context structure stored in a terminal according to an embodiment of the present disclosure.
[0029] Figure 2H is a schematic diagram of a NAS security context structure stored in a first network element according to an embodiment of the present disclosure.
[0030] Figure 2I is an interactive schematic diagram of a communication method according to an embodiment of the present disclosure.
[0031] FIG. 3A is a flow diagram illustrating a communication method according to an embodiment of the present disclosure.
[0032] FIG. 3B is a flow diagram illustrating a communication method according to an embodiment of the present disclosure.
[0033] FIG. 3C is a flow diagram illustrating a communication method according to an embodiment of the present disclosure.
[0034] FIG. 3D is a flow diagram illustrating a communication method according to an embodiment of the present disclosure.
[0035] FIG. 3E is a flow diagram illustrating a communication method according to an embodiment of the present disclosure.
[0036] FIG. 3F is a flow diagram illustrating a communication method according to an embodiment of the present disclosure.
[0037] FIG. 4A is a flow diagram illustrating a communication method according to an embodiment of the present disclosure.
[0038] FIG. 4B is a flow diagram illustrating a communication method according to an embodiment of the present disclosure.
[0039] FIG. 4C is a flow diagram illustrating a communication method according to an embodiment of the present disclosure.
[0040] FIG. 5 is a flow diagram illustrating a communication method according to an embodiment of the present disclosure.
[0041] FIG. 6A is an interaction diagram illustrating a communication method according to an embodiment of the present disclosure.
[0042] FIG. 6B is an interaction diagram illustrating a communication method according to an embodiment of the present disclosure.
[0043] FIG. 6C is an interaction diagram illustrating a communication method according to an embodiment of the present disclosure.
[0044] FIG. 7A is a structural diagram of a terminal according to an embodiment of the present disclosure.
[0045] FIG. 7B is a structural diagram of a first network element according to an embodiment of the present disclosure.
[0046] FIG. 8A is a structural diagram of a communication device according to an embodiment of the present disclosure.
[0047] FIG. 8B is a structural diagram of a chip according to an embodiment of the present disclosure. DETAILED DESCRIPTION
[0048] The embodiments of the present disclosure provide a communication method, a terminal, a network element, a system, and a medium.
[0049] In a first aspect, a communication method is provided. The method is performed by a terminal and includes: creating or activating a first NAS security context for a first network element, the first NAS security context corresponding to a second NAS security context, the second NAS security context being created or activated by the first network element for the terminal, the first NAS security context being used by the terminal to protect a NAS connection between the terminal and the first network element.
[0050] In the above embodiments, the NAS connection between the terminal and the first network element can be established, and the integrity and confidentiality of the NAS messages between the terminal and the first network element can be guaranteed, and the message replay attack can be prevented.
[0051] In some embodiments of the first aspect, the first NAS security context is created or activated for the first network element before sending a first message or after receiving a second message, where the first message is used by the terminal to request the establishment of the NAS connection with the first network element, and the second message is a response to the first message from the first network element.
[0052] In the above embodiments, the timing of creating or activating the first NAS security context for the first network element by the terminal can be before sending the first message or after receiving the second message. The flexibility of creating or activating the first NAS security context for the first network element by the terminal is improved.
[0053] In some embodiments of the first aspect, the first message is sent to the second network element to send the first message or a third message to the first network element through the second network element, the third message being generated based on the first message, or the first message is sent to the first network element.
[0054] In the above embodiments, the terminal can directly send the first message to the first network element, or the terminal can send the first message to the first network element through the second network element.
[0055] In some embodiments of the first aspect, the first NAS security context includes at least one of:
[0056] a NAS connection identifier;
[0057] a security algorithm;
[0058] a key of the first network element;
[0059] a first NAS count, including an uplink NAS count and / or a downlink NAS count;
[0060] a first identifier, a generic identifier of the first NAS security context and a fifth NAS security context, the fifth NAS security context being a NAS security context of a second network element stored on the terminal;
[0061] a second identifier, an identifier of the first NAS security context;
[0062] an encryption protection key;
[0063] an integrity protection key;
[0064] a status item, a value of the status item being a first value, the first value indicating a current state.
[0065] In the above embodiment, the content that the first NAS security context can include is specified.
[0066] With reference to some embodiments of the first aspect, in some embodiments, before sending the first message, the first NAS security context is created or activated for the first network element, including: in a case where the terminal has stored a third NAS security context, changing a value of a status item in the third NAS security context to a first value to obtain the first NAS security context, the third NAS security context being obtained by the terminal changing a value of a status item in the first NAS security context that was created or activated last time to a second value in a case where the terminal releases a NAS connection with the first network element last time, wherein the first value indicates a current state, and the second value indicates a non-current state.
[0067] In some embodiments, in a case where the NAS security context includes the status item, the first NAS security context can be activated or deactivated by changing the state of the NAS security context, which can improve the efficiency of the NAS connection.
[0068] With reference to some embodiments of the first aspect, in some embodiments, before sending the first message, the first NAS security context is created or activated for the first network element, including: in a case where the terminal has not stored a third NAS security context, generating a key of the first network element according to a vertical derivation manner, and setting a value of a first NAS count in the first NAS security context to 0.
[0069] In the above embodiment, in a case where the NAS security context does not include the status item, the key of the first network element can be generated by the vertical derivation manner, and then the first NAS security context is generated, so as to guarantee the security of the NAS connection communication.
[0070] In some embodiments of the first aspect, in some embodiments, after receiving the second message, creating or activating the first NAS security context for the first network element comprises: generating a key of the first network element according to a vertical derivation manner, and setting a value of a first NAS count in the first NAS security context to 0.
[0071] In some embodiments of the first aspect, in some embodiments, the input parameter of the vertical derivation manner comprises at least one of the following:
[0072] an identifier of the terminal;
[0073] an inter-architecture anti-bidding down (ABBA) parameter;
[0074] an identifier of the first network element;
[0075] a key of the second network element;
[0076] a second NAS count determined by a fifth NAS security context, the fifth NAS security context being a NAS security context corresponding to the second network element and stored in the terminal;
[0077] a first random number provided by the terminal;
[0078] a second random number provided by the first network element.
[0079] In the above embodiments, parameters that can be used by the vertical derivation are specified.
[0080] In some embodiments of the first aspect, in some embodiments, the second message is protected by the first network element according to an encryption protection key and / or an integrity protection key in the second NAS security context; and the method further comprises: verifying the second message according to the first NAS security context, and determining whether the NAS connection with the first network element is successfully established.
[0081] In the above embodiments, the terminal verifies the second message according to the first NAS security context, and determines that the NAS connection is successfully established if the verification is successful, and determines that the NAS connection is failed if the verification fails.
[0082] In some embodiments of the first aspect, in some embodiments, after the NAS connection is successfully established, the method comprises: in a case where a fourth message is sent to the first network element, increasing a value of an uplink NAS count in the first NAS security context by 1, wherein the fourth message comprises a first sequence number (SQN), and the first SQN is used by the first network element to update an uplink NAS count in the second NAS security context.
[0083] In the above embodiments, the manner of updating the uplink NAS count is specified.
[0084] With reference to some embodiments of the first aspect, in some embodiments, after the NAS connection is successfully established, the method further comprises: in a case where a fifth message sent by the first network element is received, updating a value of a downlink NAS count in the first NAS security context according to a second SQN in the fifth message.
[0085] In the above embodiments, the manner of updating the downlink NAS count is specified.
[0086] With reference to some embodiments of the first aspect, in some embodiments, the method further comprises: in a case where the NAS connection is released, removing the first NAS security context.
[0087] In the above embodiments, in a case where the first NAS security context does not include the state item, the first NAS security context is deleted after the NAS connection is released.
[0088] With reference to some embodiments of the first aspect, in some embodiments, the method further comprises: in a case where the NAS connection is released, changing a value of the state item in the first NAS security context to a second value to obtain a third NAS security context, the second value indicating a non-current state.
[0089] In the above embodiments, in a case where the first NAS security context includes the state item, the state of the first NAS security context is changed to a non-current state after the NAS connection is released.
[0090] With reference to some embodiments of the first aspect, in some embodiments, the first message is protected according to the first NAS security context.
[0091] With reference to some embodiments of the first aspect, in some embodiments, the first message is unprotected or is protected according to a fifth NAS security context, the fifth NAS security context being a NAS security context corresponding to a second network element.
[0092] With reference to some embodiments of the first aspect, in some embodiments, the first message comprises at least one of:
[0093] a sequence number SQN;
[0094] the first identifier;
[0095] the second identifier;
[0096] an identifier of the terminal;
[0097] The first random number provided by the terminal.
[0098] In the above embodiments, by carrying the above information in the first message, the first network element and the second network element can be facilitated to perform subsequent operations.
[0099] In a second aspect, the embodiments of the present disclosure provide a communication method, performed by a first network element, the method comprising: creating or activating a second NAS security context for a terminal, the second NAS security context corresponding to a first NAS security context, the first NAS security context being created or activated by the terminal for the first network element, the second NAS security context being used to protect a NAS connection between the terminal and the first network element.
[0100] In some embodiments of the second aspect, before the creating or activating the second NAS security context for the terminal, the method further comprises: receiving a first message, the first message being used by the terminal to request to establish the NAS connection with the first network element; and wherein the first NAS security context is created or activated by the terminal before sending the first message or after receiving a second message, the second message being a response to the first message by the first network element.
[0101] In some embodiments of the second aspect, the receiving the first message comprises: receiving the first message sent by the terminal; or receiving the first message or a third message sent by a second network element, the third message being generated by the second network element according to the received first message.
[0102] In some embodiments of the second aspect, the second NAS security context comprises at least one of:
[0103] an identifier of the terminal;
[0104] a NAS connection identifier;
[0105] a security algorithm;
[0106] a key of the first network element;
[0107] a first NAS count, comprising an uplink NAS count and / or a downlink NAS count;
[0108] a first identifier, being a common identifier of the second NAS security context and a fifth NAS security context, the fifth NAS security context being a NAS security context of a corresponding second network element stored on the terminal;
[0109] a second identifier, being an identifier of the second NAS security context;
[0110] an encryption protection key;
[0111] integrity protection key;
[0112] a status item, a value of the status item being a first value, the first value indicating a current state.
[0113] In some embodiments of the second aspect, the creating or activating the second NAS security context for the terminal comprises:
[0114] in a case where the fourth NAS security context is stored on the first network element, changing a state of the fourth NAS security context to a first value to obtain the second NAS security context, the fourth NAS security context being obtained by changing a value of a status item in the second NAS security context that was created or activated last time to a second value in a case where the first network element releases a NAS connection last time, the first value indicating a current state, and the second value indicating a non-current state.
[0115] In some embodiments of the second aspect, the creating or activating the second NAS security context for the terminal comprises: in a case where the fourth NAS security context is not stored on the first network element, requesting the second network element to generate a key of the first network element; receiving the key of the first network element and the security algorithm returned by the second network element, and setting a value of a first NAS count in the second NAS security context to 0.
[0116] In some embodiments of the second aspect, the method further comprises: obtaining at least one of the following from a third message sent by the second network element:
[0117] the first identifier;
[0118] the second identifier;
[0119] the security algorithm;
[0120] the key of the first network element.
[0121] In some embodiments of the second aspect, the key of the first network element is generated by the second network element according to a vertical derivation manner, and input parameters of the vertical derivation manner comprise at least one of:
[0122] an identifier of the terminal;
[0123] an inter-architecture anti-bidding down ABBA parameter;
[0124] an identifier of the first network element;
[0125] a key of the second network element;
[0126] a second NAS count determined from a sixth NAS security context, the sixth NAS security context being a NAS security context corresponding to the terminal stored in the second network element;
[0127] a first random number provided by the terminal;
[0128] a second random number provided by the first network element.
[0129] In some embodiments of the second aspect, the method further comprises: sending a second message to the terminal, the second message being protected according to a cipher protection key and / or an integrity protection key in the second NAS security context, the second message being a response of the first network element to the first message.
[0130] In some embodiments of the second aspect, after the NAS connection establishment is successful, the method comprises: in a case where a fourth message sent by the terminal is received, updating a value of an uplink NAS count in the second NAS security context according to a first sequence number (SQN) in the fourth signaling.
[0131] In some embodiments of the second aspect, after the NAS connection establishment is successful, the method comprises: in a case where a fifth message is sent to the terminal, increasing a value of a downlink NAS count in the second NAS security context by 1, wherein the fifth message comprises a second SQN, and the second SQN is used by the terminal to update a downlink NAS count in the first NAS security context.
[0132] In some embodiments of the second aspect, the method further comprises: in a case where the NAS connection is released, removing the second NAS security context.
[0133] In some embodiments of the second aspect, the method further comprises: in a case where the NAS connection is released, changing a value of a state item in the second NAS security context to a second value to obtain a fourth NAS security context, the second value indicating a non-current state.
[0134] In some embodiments of the second aspect, the first message comprises at least one of: a sequence number (SQN);
[0135] the first identifier;
[0136] the second identifier;
[0137] an identifier of the terminal;
[0138] a first random number provided by the terminal;
[0139] In a third aspect, the embodiments of the present disclosure provide a terminal, which comprises at least one of a transceiver module and a processing module; wherein the terminal is configured to perform the optional implementation manners of the first aspect.
[0140] In a fourth aspect, the embodiments of the present disclosure provide a first network element, which comprises at least one of a transceiver module and a processing module; wherein the first network element is configured to perform the optional implementation manners of the second aspect.
[0141] In a fifth aspect, the embodiments of the present disclosure provide a terminal, which comprises one or more processors; wherein the terminal is configured to perform the optional implementation manners of the first aspect.
[0142] In a sixth aspect, the embodiments of the present disclosure provide a first network element, which comprises one or more processors; wherein the first network element is configured to perform the optional implementation manners of the second aspect.
[0143] In a seventh aspect, the embodiments of the present disclosure provide a communication system, which comprises a terminal, a first network element and a second network element; wherein the terminal is configured to perform the method described in the optional implementation manners of the first aspect, and the first network element is configured to perform the method described in the optional implementation manners of the second aspect.
[0144] In an eighth aspect, the embodiments of the present disclosure provide a storage medium, which stores instructions, when the instructions are run on a communication device, causing the communication device to perform the method described in the optional implementation manners of the first aspect and / or the second aspect.
[0145] In a ninth aspect, the embodiments of the present disclosure provide a program product, which, when executed by a communication device, causes the communication device to perform the method described in the optional implementation manners of the first aspect and / or the second aspect.
[0146] In a tenth aspect, the embodiments of the present disclosure provide a computer program, which, when run on a computer, causes the computer to perform the method described in the optional implementation manners of the first aspect and / or the second aspect.
[0147] In an eleventh aspect, the embodiments of the present disclosure provide a chip or chip system. The chip or chip system comprises processing circuitry configured to perform the method described in the optional implementation manners of the first aspect and / or the second aspect.
[0148] It can be understood that the terminal, the first network element, the second network element, the communication device, the communication system, the storage medium, the program product, the computer program, the chip or the chip system are all configured to perform the method provided by the embodiments of the present disclosure. Therefore, the beneficial effects they can achieve can refer to the beneficial effects in the corresponding method, which will not be described here.
[0149] The embodiments of the present disclosure provide a communication method, a terminal, a network element, a system and a medium. In some embodiments, the communication method and the information processing method, the NAS connection method not based on SMC, and the like can be replaced with each other, the communication device and the information processing device, the NAS connection device not based on SMC, and the like can be replaced with each other, and the communication system and the information processing system, the NAS connection system not based on SMC, and the like can be replaced with each other.
[0150] The embodiments of the present disclosure are not exhaustive, but only illustrate some embodiments, and are not specific limitations on the protection scope of the present disclosure. In the case of no contradiction, each step in an embodiment can be implemented as an independent embodiment, and the steps can be combined arbitrarily, for example, the scheme after removing some steps in an embodiment can also be implemented as an independent embodiment, and the order of the steps in an embodiment can be exchanged arbitrarily, in addition, the optional implementation manners in an embodiment can be combined arbitrarily; in addition, the embodiments can be combined arbitrarily, for example, some or all steps of different embodiments can be combined arbitrarily, and an embodiment can be combined with the optional implementation manners of other embodiments.
[0151] In the embodiments of the present disclosure, the terms and / or descriptions between the embodiments are consistent and can be referred to each other if there is no special description and logical conflict, and the technical features in different embodiments can be combined to form new embodiments according to their inherent logical relationship.
[0152] The terms used in the embodiments of the present disclosure are only for the purpose of describing the specific embodiments, and not as a limitation on the present disclosure.
[0153] In the embodiments of the present disclosure, unless otherwise specified, the elements expressed in singular form, such as "one", "a", "the", "above", "said", "preceding", "this", and the like, can represent "one and only one", or "one or more", "at least one", and the like. For example, in the case of using articles such as "a", "an", "the" in English, the noun after the article can be understood as singular expression, or as plural expression.
[0154] In the embodiments of the present disclosure, "a plurality of" means two or more.
[0155] In some embodiments, the terms "at least one of", "one or more", "a plurality of", "multiple", and the like can be replaced with each other.
[0156] In some embodiments, the description of "at least one of A, B", "A and / or B", "one of A or B", "at least one of A or B", "at least one of A and B", "A or B in different cases", "A in one case and B in another case", "A in response to one case and B in response to another case", and the like, can include the following technical solutions according to the case: in some embodiments, A (A is executed regardless of B); in some embodiments, B (B is executed regardless of A); in some embodiments, A and B are selectively executed (A and B are selected from A and B); in some embodiments, A and B (A and B are executed). When there are more branches of A, B, C, and the like, the above is similar.
[0157] In some embodiments, the description of "A or B" and the like can include the following technical solutions according to the case: in some embodiments, A (A is executed regardless of B); in some embodiments, B (B is executed regardless of A); in some embodiments, A and B are selectively executed (A and B are selected from A and B). When there are more branches of A, B, C, and the like, the above is similar.
[0158] The prefix words "first", "second", and the like in the embodiments of the present disclosure are only used to distinguish different description objects, and do not constitute a limitation on the position, order, priority, quantity, or content of the description objects. The description of the description object should refer to the description in the context of the claims or embodiments, and should not be limited by the prefix word. For example, the description object is "field", and the ordinal words before "field" in "first field" and "second field" do not limit the position or order between "fields". "First" and "second" do not limit whether the "fields" they modify are in the same message, nor do they limit the order of "first field" and "second field". For another example, the description object is "level", and the ordinal words before "level" in "first level" and "second level" do not limit the priority between "levels". For another example, the quantity of the description object is not limited by the ordinal word, and can be one or more. For example, "first device", where the quantity of "device" can be one or more. In addition, the objects modified by different prefix words can be the same or different, for example, the description object is "device", and "first device" and "second device" can be the same device or different devices, and their types can be the same or different. For another example, the description object is "information", and "first information" and "second information" can be the same information or different information, and their contents can be the same or different.
[0159] In some embodiments, "including A", "containing A", "for indicating A", "carrying A", can be interpreted as directly carrying A, or indirectly indicating A.
[0160] In some embodiments, the terms “in response to,” “in response to determining,” “in the event that,” “when,” “if,” “upon,” and the like can be replaced with each other.
[0161] In some embodiments, the terms “greater than,” “greater than or equal to,” “not less than,” “more than,” “more than or equal to,” “not less than,” “higher than,” “higher than or equal to,” “not lower than,” “above,” and the like can be replaced with each other, and the terms “less than,” “less than or equal to,” “not greater than,” “less than,” “less than or equal to,” “not more than,” “lower than,” “lower than or equal to,” “not higher than,” “below,” and the like can be replaced with each other.
[0162] In some embodiments, an apparatus and the like can be interpreted as an entity, and can also be interpreted as virtual, and the name thereof is not limited to the name described in the embodiments, and the terms “apparatus,” “equipment,” “device,” “circuit,” “network element,” “node,” “function,” “unit,” “section,” “system,” “network,” “chip,” “chip system,” “entity,” “subject,” and the like can be replaced with each other.
[0163] In some embodiments, “network” can be interpreted as an apparatus (for example, an access network device, a core network device, and the like) included in the network.
[0164] In some embodiments, the terms “access network device (AN device),” “radio access network device (RAN device),” “base station (BS),” “radio base station,” “fixed station,” “node,” “access point,” “transmission point (TP),” “reception point (RP),” “transmission / reception point (TRP),” “panel,” “antenna panel,” “antenna array,” “cell,” “macro cell,” “small cell,” “femto cell,” “pico cell,” “sector,” “cell group,” “serving cell,” “carrier,” “component carrier,” “bandwidth part (BWP),” and the like can be used interchangeably.
[0165] In some embodiments, the terms "terminal," "terminal device," "user equipment (UE)," "user terminal," "mobile station (MS)," "mobile terminal (MT)," "subscriber station," "mobile unit," "subscriber unit," "wireless unit," "remote unit," "mobile device," "wireless device," "wireless communication device," "remote device," "mobile subscriber station," "access terminal," "mobile terminal," "wireless terminal," "remote terminal," "handset," "user agent," "mobile client," "client," and so on can be replaced with each other.
[0166] In some embodiments, the access network device, the core network device, or the network device can be replaced with a terminal. For example, the embodiments of the present disclosure can also be applied to a structure in which communication between the access network device, the core network device, or the network device and the terminal is replaced with communication between a plurality of terminals (e.g., device-to-device (D2D), vehicle-to-everything (V2X), etc.). In this case, the terminal can also be configured to have all or part of the functions of the access network device. In addition, the terms "uplink," "downlink," and the like can also be replaced with terms corresponding to the inter-terminal communication (e.g., "side"). For example, the uplink channel, the downlink channel, and the like can be replaced with the side channel, and the uplink, the downlink, and the like can be replaced with the sidelink.
[0167] In some embodiments, the terminal can be replaced with the access network device, the core network device, or the network device. In this case, the access network device, the core network device, or the network device can also be configured to have all or part of the functions of the terminal.
[0168] In some embodiments, obtaining data, information, and the like can comply with laws and regulations of the country where the location is situated.
[0169] In some embodiments, data, information, and the like can be obtained after obtaining consent of the user.
[0170] In addition, each element, each row, or each column in the table of the embodiments of the present disclosure can be implemented as an independent embodiment, and any combination of any element, any row, or any column can also be implemented as an independent embodiment.
[0171] FIG. 1A is a schematic diagram of an architecture of a communication system according to an embodiment of the present disclosure. As shown in FIG. 1A, the communication system 100 can include a terminal 101 and a network device 102. The network device 102 includes a first network element 1021 and / or a second network element 1022.
[0172] In some embodiments, the terminal 101 includes at least one of a mobile phone, a wearable device, an Internet of Things device, a communication-capable automobile, a smart automobile, a tablet computer (Pad), a wireless transceiver-enabled computer, a virtual reality (VR) terminal device, an augmented reality (AR) terminal device, a wireless terminal device in industrial control, a wireless terminal device in self-driving, a wireless terminal device in remote medical surgery, a wireless terminal device in a smart grid, a wireless terminal device in transportation safety, a wireless terminal device in a smart city, a wireless terminal device in a smart home, and the like, but is not limited thereto.
[0173] In some embodiments, the network device 102 can include at least one of an access network device and a core network device.
[0174] Optionally, the network device 102 is an access network device. Optionally, the access network device is at least one of a node or device that accesses a terminal to a wireless network, and can include at least one of an evolved NodeB (eNB) in a 5G communication system, a next generation eNB (ng-eNB), a next generation NodeB (gNB), a node B (NB), a home node B (HNB), a home evolved node B (HeNB), a wireless backhaul device, a radio network controller (RNC), a base station controller (BSC), a base transceiver station (BTS), a base band unit (BBU), a mobile switching center, a base station in a 6G communication system, an Open RAN, a Cloud RAN, a base station in other communication systems, an access node in a Wi-Fi system, but is not limited thereto.
[0175] In some embodiments, the network device 102 is a base station. Optionally, the base station is at least one of a macro base station, a micro base station (also known as a small station), a relay station, an access point, a 5G base station or a future base station, a satellite, a Transmitting and Receiving Point (TRP), a Transmitting Point (TP), a mobile switching center, or other devices that perform a base station function in a communication system, etc., and the embodiments of the present disclosure are not limited thereto. For convenience of description, in all embodiments of the present disclosure, devices that provide wireless communication functions for terminal devices are collectively referred to as network devices or base stations.
[0176] In some embodiments, the network device 102 is a core network device. Optionally, the core network device can be one device including all or part of a first network element, a second network element, etc., or can be a plurality of devices or device groups including all or part of the first network element, the second network element, etc. The network element can be virtual or physical. The core network includes at least one of an Evolved Packet Core (EPC), a 5G Core Network (5GCN), a 6G Core Network (6GCN), a Next Generation Core (NGC), etc.
[0177] In some embodiments, the first network element 1021 can be any NF of the core network except the second network element.
[0178] In some embodiments, the second network element 1022 is a relevant network element responsible for guaranteeing the safe access of users to the network. For example, the second network element is a network element with the function of managing access and mobility, such as an Access and Mobility Management Function (AMF), or a network element with the function of authentication and authorization, such as an Authentication Server Function (AUSF), or a network element with the function of managing security context and deriving keys, such as a Security Anchor Function (SEAF), the name is not limited to this, and it can also be other network elements that implement similar functions.
[0179] In some embodiments, the technical solutions of the present disclosure can be applied to the Open RAN architecture, at this time, the interfaces between or within the access network devices involved in the embodiments of the present disclosure can become internal interfaces of the Open RAN, and the processes and information interactions between these internal interfaces can be realized through software or programs.
[0180] In some embodiments, the access network device can be composed of a central unit (CU) and a distributed unit (DU), where the CU can also be referred to as a control unit. The CU-DU structure can split the protocol layers of the access network device, and some of the functions of the protocol layers are controlled by the CU, and the remaining or all of the functions of the protocol layers are distributed in the DU and controlled by the CU. However, this is not limited.
[0181] It can be understood that the communication system described in the embodiments of the present disclosure is for more clearly illustrating the technical solutions of the embodiments of the present disclosure, and does not constitute a limitation on the technical solutions proposed in the embodiments of the present disclosure. It can be known by those skilled in the art that, as the system architecture evolves and new business scenarios appear, the technical solutions proposed in the embodiments of the present disclosure are also applicable to similar technical problems.
[0182] The following embodiments of the present disclosure can be applied to the communication system 100 shown in FIG. 1A or part of the subjects, but are not limited thereto. The subjects shown in FIG. 1A are illustrative, and the communication system can include all or part of the subjects in FIG. 1A, or other subjects other than those in FIG. 1A. The number and form of each subject is arbitrary, each subject can be physical or virtual, the connection relationship between each subject is illustrative, each subject can not be connected or can be connected, and the connection can be in any manner, can be direct connection or indirect connection, can be wired connection or wireless connection.
[0183] Embodiments of the present disclosure can be applied to Long Term Evolution (LTE), LTE-Advanced (LTE-A), LTE-Beyond (LTE-B), SUPER 3G, IMT-Advanced, 4th generation mobile communication system (4G), 5th generation mobile communication system (5G), 5G New Radio (NR), 6th generation mobile communication system (6G), Future Radio Access (FRA), New-Radio Access Technology (RAT), New Radio (NR), New radio access (NX), Future generation radio access (FX), Global System for Mobile communications (GSM (registered trademark)), CDMA2000, Ultra Mobile Broadband (UMB), IEEE 802.11 (Wi-Fi (registered trademark)), IEEE 802.16 (WiMAX (registered trademark)), IEEE 802.20, Ultra-WideBand (UWB), Bluetooth (Bluetooth (registered trademark)), Public Land Mobile Network (PLMN) network, Device-to-Device (D2D) system, Machine to Machine (M2M) system, Internet of Things (IoT) system, Vehicle-to-Everything (V2X), system using other communication methods, next-generation system expanded based on them, or the like. Further, a plurality of systems can be applied in combination (for example, combination of LTE or LTE-A and 5G, or the like).
[0184] In some embodiments, as described in the white paper “The 6G Architecture Landscape” published by 5GPPP, the new 6G architecture should support streamlined network functions (NFs) that are more efficient in terms of capacity, coverage, signaling overhead, scalability, and energy consumption, among others. Dependencies between NFs can cause unnecessary complexity and even delays. The number of dependencies and processing points can be reduced by redesigning the network functions. One way to improve the 6G architecture is to increase the possibility of direct signaling between NFs to eliminate potential bottlenecks. Currently, many services require information to be transferred from one New Generation Radio Access Network (NG-RAN) node to another through the 5GC. In the 5GC, the information is transferred through limited AMF relays or even without the involvement of the AMF. To simplify such transfers, the introduction of Service-Based Interfaces (SBI) will allow these information to be exchanged directly between NG-RAN NFs without going through the AMF. See, e.g., FIG. IB. In FIG. IB, the Location Management Function (LMF), Network Repository Function (NRF), Policy Control Function (PCF), Unified Data Management (UDM), UE Radio Capability Management Function (UCMF), Session Management Function (SMF), Network Data Analytics Function (NWDAF), Network Exposure Function (NEF), User Plane Function (UPF), and Data Network (DN) are network elements in the Core Network (CN) for implementing different functions. Nlmf, Nnrf, Namf, Npcf, Nsmf, Nudm, Nnwdaf, Nucmf, Nnef, Nran, Nl, N2, N3, N4, and N6 are interface sequence numbers.
[0185] In some embodiments, if the RAN evolves to be service-based, it means that the RAN node can be a consumer or producer of other network functions besides the AMF. In the current 5G system, NAS signaling (transmitted transparently through the RAN node) only supports communication between the UE and the AMF in the core network. If the RAN can evolve to communicate directly with other core network functions (NFs) without going through the AMF, it means that NAS signaling needs to be supported between the UE and other core NFs besides the AMF. Therefore, a 6G architecture with multiple NAS instances as shown in FIG. 1C and FIG. 1D can be enabled so that the RAN node can communicate directly with any core NF through a service-based interface, and the UE can communicate directly with any core NF using NAS signaling. However, the existing NAS COUNT mechanism can not be able to support the multi-NAS architecture. It should be explained that the NAS COUNT is one of the inputs of the integrity algorithm and the encryption algorithm for each NAS signaling, as shown in FIG. 1E and FIG. 1F. In FIG. 1F, MAC-I / NAS-MAC represents the message authentication code calculated by the sender using the integrity algorithm NIA. XMAC-I / XNAS-MAC represents the expected message authentication code calculated by the receiver on the received message.
[0186] In some embodiments, the NAS COUNT contains two parts of values:
[0187] 1. 8-bit NAS SQN (sequence number) contained in the NAS message in clear text. This corresponds to the least significant 8 bits of the NAS COUNT.
[0188] 2. 16-bit NAS OVERFLOW maintained and synchronized as much as possible between the UE and the AMF. This corresponds to the most significant 16 bits of the NAS COUNT.
[0189] In some embodiments, the processing of the NAS OVERFLOW and the NAS COUNT of the incoming message by the receiving entity is as follows:
[0190] If the entity receives a message whose received NAS SQN is higher than its stored NAS SQN value, it shall estimate the NAS COUNT used by the sender as (STORED NAS OVERFLOW) || (RECEIVE NAS SQN) and shall verify the integrity protected message under this assumption. If the integrity verification is successful, the receiving entity shall accept the message and update its STORED NAS SQN to be equal to the RECEIVE NAS SQN; otherwise, it shall reject the message.
[0191] If the message received by the entity is a message with a receive NAS SQN less than or equal to its stored NAS SQN value, the sending entity should be estimated to use the NAS count as (STORED NAS OVERFLOW + 1) || (RECEIVE NAS SQN), and the integrity-protected message should be verified under this assumption. If the integrity verification is successful, the receiving entity should accept the message, update its STORED NAS SQN to equal the RECEIVE NAS SQN, and increase its STORED NAS OVERFLOW; otherwise, it will reject the message.
[0192] In some embodiments, the existing NAS COUNT is only maintained in the AMF and the UE, i.e. other NFs do not store the corresponding NAS COUNT for sending / receiving NAS signaling. If there is no correct NAS COUNT, the NAS signaling will be rejected by the receiver. This will affect the traffic of the NAS connection between the UE and other NFs. Therefore, how to enhance the NAS COUNT mechanism to support the multi-NAS architecture in 6G is a difficult problem.
[0193] In view of this, the embodiments of the present disclosure propose a communication method, a terminal, a network element, a system and a medium. At least all NFs can maintain NAS COUNT respectively to protect and verify NAS signaling.
[0194] Before the embodiments of the present disclosure are described in detail, it should be explained that the following embodiments of the present disclosure are exemplarily described taking the second network element 1022 including at least one of the AMF, the SEAF and the AUSF, and the first network element 1021 being any NF in the core network except the second network element as an example.
[0195] Figure 2A is an interaction diagram illustrating a communication method according to an embodiment of the present disclosure. In the embodiment of Figure 2A, the NAS security context includes a state item. The relationship between similar terms in the embodiment of Figure 2A is explained as follows: the NAS security context between the terminal and the first network element in the current state stored at the terminal side is referred to as the first NAS security context. The NAS security context between the terminal and the first network element in the current state stored at the first network element side is referred to as the second NAS security context. The first NAS security context and the second NAS security context correspond to each other, and the state of the first NAS security context and the second NAS security context is the current state. The first NAS security context and the second NAS security context correspond to each other means that, for the NAS connection between the terminal and the first network element, the terminal side uses the first NAS security context to protect the NAS connection, and correspondingly, the first network element side uses the second NAS security context to protect the NAS connection. The first NAS security context and the second NAS security context can have one or more same items. For example, the first NAS security context and the second NAS security context have the same NAS connection identifier (the connection identifier includes 3GPP access and non-3GPP access). For example, the first NAS security context and the second NAS security context have the same security algorithm. For example, the first NAS security context and the second NAS security context have the same encryption protection key or integrity protection key, etc. It is worth noting that the NAS count in the first NAS security context and the second NAS security context can be asynchronous in a short time due to poor network state, etc.
[0196] In some embodiments, if the state of the first NAS security context is changed to a non-current state, the third NAS security context is obtained. Similarly, if the state of the second NAS security context is changed to a non-current state, the fourth NAS security context is obtained. That is, the NAS security context between the terminal and the first network element in the non-current state stored at the terminal side is referred to as the third NAS security context. The NAS security context between the terminal and the first network element in the non-current state stored at the first network element side is referred to as the fourth NAS security context. The third NAS security context and the fourth NAS security context correspond to each other, and the state of the third NAS security context and the fourth NAS security context is the non-current state.
[0197] In the embodiment of Figure 2A, the NAS security context stored at the terminal side can refer to Figure 2B and Figure 2C, and the NAS security context stored at the first network element side can refer to Figure 2D.
[0198] As shown in FIG. 2B, the NAS security context stored at the terminal side can include at least one of the NAS security context corresponding to the second network element (AMF / AUSF / SEAF), the first NAS security context, and the NAS security context corresponding to the second network element (i.e., the fifth NAS security context) and the common identifier KSI of the first NAS security context. Among them, the NAS security context corresponding to the second network element includes at least one of the NAS connection identifier, the security algorithm, the state item, the key of the first network element, the uplink NAS count, the downlink NAS count, the integrity protection key, and the encryption protection key. The first NAS security context includes at least one of the NAS connection identifier, the security algorithm, the state item, the key of the first network element, the uplink NAS count, the downlink NAS count, the integrity protection key, and the encryption protection key.
[0199] As shown in FIG. 2C, the NAS security context stored at the terminal side can include at least one of the NAS security context corresponding to the second network element (AMF / AUSF / SEAF) and the first NAS security context. Among them, the NAS security context corresponding to the second network element includes at least one of the NAS connection identifier, the security algorithm, the state item, the key of the first network element, the context identifier (KSI AMF / SEAF / AUSF ), the uplink NAS count, the downlink NAS count, the integrity protection key, and the encryption protection key. The first NAS security context includes at least one of the NAS connection identifier, the security algorithm, the state item, the key of the first network element, the context identifier (KSI NF ), the uplink NAS count, the downlink NAS count, the integrity protection key, and the encryption protection key.
[0200] As shown in FIG. 2D, the NAS security context stored at the first network element side can include the second NAS security context. The second NAS security context includes at least one of the UE identifier, the NAS connection identifier, the security algorithm, the state item, the key of the first network element, the context identifier (KSI / KSI NF ), the uplink NAS count, the downlink NAS count, the integrity protection key, and the encryption protection key.
[0201] As shown in FIG. 2A, the embodiments of the present disclosure relate to a communication method performed by the communication system 100, and the communication method of FIG. 2A includes the following steps:
[0202] Step S2101, the terminal 101 creates or activates the first NAS security context for the first network element 1021.
[0203] It should be noted that the number of the first network elements is one or more. If the number of the first network elements is more than one, the terminal can create or activate one first NAS security context for each of the first network elements. Different first network elements correspond to different first NAS security contexts.
[0204] In some embodiments, the terminal can create or activate the first NAS security context for the first network element before sending the first message, i.e., step S2102.
[0205] In some embodiments, the first NAS security context created or activated by the terminal for the first network element corresponds to the second NAS security context created or activated by the first network element for the terminal. The first NAS security context is stored on the terminal, and the second NAS security context is stored on the first network element. The first NAS security context is used for the terminal side to protect the NAS connection between the terminal and the first network element. The second NAS security context is used for the first network element side to protect the NAS connection between the terminal and the first network element.
[0206] In some embodiments, the first NAS security context includes at least one of the following:
[0207] a NAS connection identifier;
[0208] a security algorithm;
[0209] a key K of the first network element NF ;
[0210] a first NAS count, including an uplink NAS count and / or a downlink NAS count;
[0211] a first identifier KSI, which is a common identifier of the first NAS security context and a NAS security context corresponding to the second network element;
[0212] a second identifier KSI NF , which is an identifier of the first NAS security context;
[0213] an encryption protection key K NF_ENC ;
[0214] an integrity protection key K NF_INT ;
[0215] a state item, a value of the state item being a first value, the first value indicating a current state.
[0216] For example, the first NAS security context includes a security algorithm, a first NAS count, an encryption protection key, an integrity protection key, and a state item.
[0217] For example, the first NAS security context includes a NAS connection identifier, a security algorithm, a first key for the first network element, a first NAS count, a first identifier, an encryption protection key, an integrity protection key, and a status item.
[0218] For example, the first NAS security context includes a NAS connection identifier, a security algorithm, a first key of the first network element, a first NAS count, a second identifier, an encryption protection key, an integrity protection key, and a status item.
[0219] In some embodiments, a third NAS security context may be stored on the terminal. If a third NAS security context is stored on the terminal, the value of a status item in the third NAS security context is changed to a first value to obtain a first NAS security context.
[0220] It should be explained that the third NAS security context is obtained by changing the value of the status item in the first NAS security context that was previously created or activated to the second value when the terminal releases the NAS connection with the first network element. The second value indicates a non-current state.
[0221] For example, the terminal changes the state of the third NAS security context, such as changing the state from a non-current state to the current state. The third NAS security context contains K. NF and K NF_INT / K NF_ENC This can be reused for the current NAS connection establishment. That is to say, in this case, terminal derivation of K is not required. NF and K NF_INT / K NF_ENC of.
[0222] In some embodiments, the terminal may determine the existence of a third NAS security context by: the terminal determining the availability of a KSI (for the second network element) or a KSI. NF Retrieve whether a third NAS security context corresponding to the first network element is stored. If using KSI... NF Then the terminal according to KSI NF The NF code portion identifies whether a third NAS security context corresponding to the first network element is stored. NF code = NF type or NF instance ID.
[0223] It should be explained that KSI is a generic identifier for the NAS security context corresponding to the second network element and the NAS security context corresponding to the first network element. NF It is the identifier of the NAS security context corresponding to the second network element.
[0224] KSI is not available on the terminal. NF In this case, the terminal can generate KSINF . Wherein, KSI NF may share the same value as KSI AMF / SEAF / AUSF may be derived from KSI AMF / SEAF / AUSF , for example, KSI NF = NF instance ID / NF type: KSI AMF / SEAF / AUSF .
[0225] In some embodiments, in the case that the third NAS security context is not stored on the terminal, or in the case that KSI / KSI NF is not available on the terminal, the terminal can generate the key of the first network element according to the vertical derivation manner, and set the value of the first NAS count in the first NAS security context to 0 in the case that a new key of the first network element is generated. In this case, it can be understood as creating the first NAS security context.
[0226] In some embodiments, the input parameters of the vertical derivation manner used by the terminal include at least one of the following:
[0227] an identifier of the terminal (such as IMSI or NAI or GCI or GLI or GPSI or SUPI or SUCI);
[0228] an ABBA parameter;
[0229] an identifier of the first network element (such as the type of the first network element or the instance ID of the first network element);
[0230] a key of the second network element (such as K AUSF / K SEAF / K AMF );
[0231] a second NAS count determined by the fifth NAS security context;
[0232] a first random number provided by the terminal;
[0233] a second random number provided by the first network element.
[0234] For example, the input parameters of the vertical derivation manner are: the identifier of the terminal, the ABBA parameter, the identifier of the first network element, and the key of the second network element.
[0235] For example, the input parameters of the vertical derivation manner are: the identifier of the terminal, the ABBA parameter, the identifier of the first network element, the key of the second network element, and the second NAS count.
[0236] In some embodiments, the terminal can know the relationship between the network element and the service, the key of the second network element, the identifier of the network element corresponding to each service, and the like in the process of network access. The terminal can determine the first network element that wants to establish a NAS connection according to the service required by the terminal. In other embodiments, the terminal can be preconfigured with the relationship between the network element and the service, the identifier of the network element corresponding to each service, and the like.
[0237] In some embodiments, the key of the second network element is a root key of communication between the terminal and the second network element, and the second network element is, for example, AUSF / SEAF / AMF. AUSF / K SEAF / K AMF The obtaining method can refer to related technologies.
[0238] In some embodiments, the key of the second network element in the input parameter of the vertical derivation mode can be obtained by the terminal in the process of accessing the network. In some embodiments, the key of the second network element can be determined from the NAS security context corresponding to the second network element stored on the terminal.
[0239] In some embodiments, the encryption protection key and / or the integrity protection key in the first NAS security context are derived according to the key K NF of the first network element. It should be explained that K NF is a root key of communication between the terminal and the first network element, and is derived vertically from the key of the second network element. K NF_INT is an integrity protection key derived from K NF . K NF_ENC is an encryption protection key derived from K NF .
[0240] In step S2102, the terminal 101 sends a first message to the second network element 1022.
[0241] In some embodiments, the second network element receives the first message. For example, the second network element receives the first message sent by the terminal.
[0242] In some embodiments, the first message is used for the terminal to request to establish a NAS connection with the first network element. The first message can be transmitted to the first network element through the second network element.
[0243] In some embodiments, the name of the first message is not limited, which is, for example, initial NAS signaling, NAS connection request, and the like.
[0244] In some embodiments, the first message sent after step S2101 can be protected according to the first NAS security context. For example, at least part of the content in the first message is protected according to the first NAS security context.
[0245] In some embodiments, the first message comprises at least one of:
[0246] a sequence number SQN;
[0247] a first identifier;
[0248] a second identifier;
[0249] an identifier of the terminal;
[0250] a first random number provided by the terminal.
[0251] For example, the first message comprises the first identifier and the identifier of the terminal.
[0252] For example, the first message comprises the second identifier and the identifier of the terminal.
[0253] For example, the first message comprises the first / second identifier and the first random number provided by the terminal.
[0254] For example, the first message comprises the first / second identifier and the sequence number SQN.
[0255] In some embodiments, the uplink NAS count and the downlink NAS count each comprises a corresponding sequence number SQN. The SQN in the first message can be the UL NAS SQN.
[0256] In step S2103, the second network element 1022 sends the first message or the third message to the first network element 1021.
[0257] In some embodiments, the first network element receives the first message or the third message sent by the second network element. The third message is generated by the second network element based on the first message.
[0258] In some embodiments, the third message comprises the original first message or the processed first message, such as the third message generated after the first message is revised or adjusted by the second network element, or the new message generated by the second network element based on the content of the first message after decoding. For example, the third message comprises one or more fields in the first message, and can optionally comprise one or more fields supplemented or adjusted by the second network element; as long as the first message or the third message can enable the first network element to learn that the terminal requests to establish the NAS connection with the first network element, the embodiments of the present application do not limit this.
[0259] In some embodiments, the first message can comprise an identifier of the first network element (such as an instance ID or type of the first network element). In this way, it is convenient for the second network element to send the first message or the third message to the first network element.
[0260] In some embodiments, the third message comprises at least one of the first identifier, the second identifier, the security algorithm, and the key of the first network element. Optionally, the first identifier, the second identifier, the security algorithm, and the key of the first network element can all be generated or determined by the second network element. Optionally, the first identifier and the second identifier can also be provided by the terminal in the first message. In this way, the first network element can obtain at least one of the following from the third message sent by the second network element:
[0261] the first identifier;
[0262] the second identifier;
[0263] the security algorithm;
[0264] the key of the first network element.
[0265] For example, the third message comprises the first identifier or the second identifier.
[0266] For example, the third message comprises the first identifier, the security algorithm, and the key of the first network element.
[0267] For example, the third message comprises the second identifier, the security algorithm, and the key of the first network element.
[0268] For example, the third message comprises the security algorithm and the key of the first network element.
[0269] The first identifier, the second identifier, the security algorithm, and the key of the first network element are used by the first network element to generate a NAS security context between the terminal and the first network element (i.e., the second NAS security context on the side of the first network element).
[0270] It should be explained that the first identifier (KSI) is used to identify the NAS security context between the terminal and the first network element (i.e., the first NAS security context on the side of the terminal / the second NAS security context on the side of the first network element) and the NAS security context corresponding to the second network element (i.e., the fifth NAS security context stored by the terminal corresponding to the second network element / the sixth NAS security context stored by the second network element corresponding to the terminal). The second identifier (KSI NF ) is used to identify the NAS security context between the terminal and the first network element (i.e., the first NAS security context on the side of the terminal / the second NAS security context on the side of the first network element).
[0271] It should be noted that the KSI can be a common identifier of the NAS security context between the terminal and the second network element and the NAS security context between the terminal and the first network element. In some embodiments, the KSI AMF / SEAF / AUSF and the KSI NFThe values of KSI NF may be the same or different, for example KSI AMF / SEAF / AUSF may be derived from KSI AMF / SEAF / AUSF may be mapped to KSI NF, , i.e. KSI NF = NF instance ID / NF type: KSI AMF / SEAF / AUSF .
[0272] In some embodiments, the third message is equivalent to the first message, i.e. the second network element is a relay node between the terminal and the first network element, and the second network element only has the function of forwarding, so that the second network element sends the third message to the first network element in the case of receiving the first message sent by the terminal, and the third message is the first message forwarded by the second network element to the first network element.
[0273] In some embodiments, steps S2102 and S2103 can be omitted. The terminal 101 can directly send the first message to the first network element 1021, and the first network element receives the first message protected by the first NAS security context sent by the terminal.
[0274] Step S2104, the first network element 1021 creates or activates a second NAS security context for the terminal 101.
[0275] It should be noted that the number of terminals is one or more. In the case of multiple terminals, the first network element can create or activate a second NAS security context for each terminal, and different terminals correspond to different second NAS security contexts.
[0276] In some embodiments, the first network element creates or activates a second NAS security context for the terminal in the case of receiving the first message or the third message.
[0277] In some embodiments, the second NAS security context includes at least one of the following:
[0278] The identifier of the terminal;
[0279] The NAS connection identifier;
[0280] The security algorithm;
[0281] The key of the first network element;
[0282] The first NAS count, including the uplink NAS count and / or the downlink NAS count;
[0283] The first identifier is a common identifier of the second NAS security context and the NAS security context corresponding to the second network element;
[0284] The second identifier is an identifier of the second NAS security context;
[0285] encryption protection key;
[0286] integrity protection key;
[0287] a status item, a value of the status item being a first value, the first value indicating a current state.
[0288] In an example, the second NAS security context includes the security algorithm, the first NAS COUNT, the encryption protection key, the integrity protection key, and the status item.
[0289] In an example, the second NAS security context includes the NAS connection identifier, the security algorithm, the first key of the first network element, the first NAS COUNT, the first identifier, the encryption protection key, the integrity protection key, and the status item.
[0290] In an example, the second NAS security context includes the NAS connection identifier, the security algorithm, the first key of the first network element, the first NAS COUNT, the second identifier, the encryption protection key, the integrity protection key, and the status item.
[0291] In an example, the identifier of the terminal in the second NAS security context can be obtained by the first network element from the first / third message.
[0292] In some embodiments, the first network element, upon receiving the first / third message, can retrieve whether the first network element stores a corresponding fourth NAS security context according to the first identifier or the second identifier in the received first message / third message.
[0293] In some embodiments, the first network element can request the key of the first network element from the second network element in a case that the fourth NAS security context is not stored on the first network element. In an example, if the first network element does not store the fourth NAS security context identified by the first identifier / second identifier in the received first / third message, the first network element can request the key K NF of the first network element from the second network element. The first network element receives the key of the first network element and / or the security algorithm returned by the second network element.
[0294] In some embodiments, the first network element can also obtain at least one of the key of the first network element, the first identifier, the second identifier, and the security algorithm from the third message sent by the second network element.
[0295] In some embodiments, the key of the first network element is generated by the second network element through vertical derivation. Optionally, input parameters of the vertical derivation include at least one of the following:
[0296] an identifier of the terminal (e.g., IMSI or NAI or GCI or GLI or GPSI or SUPI or SUCI);
[0297] ABBA parameter;
[0298] identifier of the first network element (e.g., instance ID of the first network element or type of the first network element);
[0299] key of the second network element (e.g., K AUSF / K SEAF / K AMF );
[0300] second NAS count, the second NAS count being determined by a sixth NAS security context, the sixth NAS security context being a NAS security context of the corresponding terminal stored on the second network element;
[0301] first random number provided by the terminal;
[0302] second random number provided by the first network element.
[0303] For example, the input parameters of the vertical derivation manner are: identifier of the terminal, ABBA parameter, identifier of the first network element, and key of the second network element.
[0304] For example, the input parameters of the vertical derivation manner are: identifier of the terminal, ABBA parameter, identifier of the first network element, key of the second network element, and second NAS count.
[0305] That is, the second network element can actively (i.e., by sending the third message) or passively (i.e., according to the request of the first network element) send the key of the first network element and / or the security algorithm to the first network element.
[0306] In some embodiments, in the case where the first network element obtains the key K NF of the first network element generated by the vertical derivation manner from the second network element, the first network element sets the values of the first NAS count, i.e., the uplink NAS count and the downlink NAS count, to 0, and can derive K NF and / or K NF_INT according to the first key K NF_ENC of the first network element.
[0307] In the case where the first network element obtains the first key K NF of the first network element generated by the vertical derivation manner from the second network element, the second NAS security context can be understood as being created.
[0308] In some embodiments, in the case where the fourth NAS security context is stored on the first network element, the state of the fourth NAS security context is changed to the current state to obtain the second NAS security context. That is, the fourth NAS security context is activated to obtain the second NAS security context.
[0309] After determining the second NAS security context, the K NF_INT / K NF_ENC , the stored UL NAS OVERFLOW and the received UL NAS SQN, the NF verifies the first message. If the verification is passed, step S2105 is performed. If the verification is not passed, step S2105 is not performed.
[0310] Step S2105, the first network element 1021 sends a second message protected by the second NAS security context to the terminal 101.
[0311] In some embodiments, the terminal receives a second message. Wherein the second message is protected by the first network element according to the encryption protection key and / or the integrity protection key in the second NAS security context, the second message is a response to the first message.
[0312] Step S2106, the terminal 101 verifies the second message according to the first NAS security context to determine whether the NAS connection with the first network element 1021 is successfully established.
[0313] In some embodiments, the terminal verifies the second message according to the first NAS security context to determine whether the NAS connection with the first network element is successfully established.
[0314] In the case that the NAS connection between the terminal and the first network element is successfully established, one or more of steps S2107-S2110 are performed.
[0315] Step S2107, the terminal 101 increases the value of the uplink NAS count in the first NAS security context by 1 in the case that the terminal 101 sends a fourth message to the first network element 1021.
[0316] In some embodiments, the first network element receives the fourth message. Wherein the fourth message includes the first SQN, the first SQN is used by the first network element to update the uplink NAS count in the second NAS security context.
[0317] In some embodiments, the first network element updates the value of the uplink NAS count in the second NAS security context according to the SQN in the fourth message in the case that the fourth message sent by the terminal is received, for example, increases the value of the uplink NAS count in the second NAS security context by 1.
[0318] Step S2108, the first network element 1021 increases the value of the downlink NAS count in the second NAS security context by 1 in the case that the first network element 1021 sends a fifth message to the terminal 101.
[0319] In some embodiments, the terminal receives a fifth message. Wherein, the fifth message comprises a second SQN, and the second SQN is used by the terminal to update the downlink NAS count in the first NAS security context.
[0320] In some embodiments, the terminal updates the value of the downlink NAS count in the first NAS security context according to the second SQN in the fifth message in case that the fifth message is received from the first network element, for example, increases the value of the downlink NAS count in the first NAS security context by 1.
[0321] In step S2109, the terminal 101 updates the value of the state item in the first NAS security context to a second value in case that the NAS connection is released, and obtains a third NAS security context.
[0322] In some embodiments, the terminal updates the value of the state item in the first NAS security context to a second value in case that the NAS connection is released, and the second value indicates a non-current state, and the first NAS security context is updated to obtain a third NAS security context.
[0323] It should be noted that the first value and the second value are different values. For example, the first value is 1, and the second value is 0. For example, the first value is 0, and the second value is 1.
[0324] The state of the NAS security context comprises a current state and a non-current state. Wherein, the NAS security context in the current state can be used to guarantee the NAS message transmitted after the NAS connection is successful. The NAS security context in the non-current state cannot be used to guarantee the NAS message transmitted after the NAS connection is successful.
[0325] In step S2110, the first network element 1021 updates the value of the state item in the second NAS security context to a second value in case that the NAS connection is released, and obtains a fourth NAS security context.
[0326] In some embodiments, the first network element updates the value of the state item in the second NAS security context to a second value in case that the NAS connection is released, and the second value indicates a non-current state, and obtains a fourth NAS security context.
[0327] In some embodiments, the names of information and the like are not limited to the names described in the embodiments, and terms such as "information", "message", "signal", "signaling", "report", "configuration", "indication", "instruction", "command", "channel", "parameter", "domain", "field", "symbol", "symbol", "codebook", "codeword", "codepoint", "bit", "data", "program", "chip", and the like can be replaced with each other.
[0328] In some embodiments, terms such as "uplink", "uplink", "physical uplink", and the like can be replaced with each other, and terms such as "downlink", "downlink", "physical downlink" and the like can be replaced with each other.
[0329] In some embodiments, terms such as "radio", "wireless", "radio access network (RAN)", "access network (AN)", "RAN-based" and the like can be replaced with each other.
[0330] In some embodiments, "acquire", "get", "get", "receive", "transmit", "bidirectional transmission", "send and / or receive" can be replaced with each other, which can be interpreted as receiving from other subjects, obtaining from protocols, obtaining from higher layers, processing to obtain, and various meanings such as autonomous implementation.
[0331] In some embodiments, terms such as "send", "transmit", "report", "issue", "transmit", "bidirectional transmission", "send and / or receive" can be replaced with each other.
[0332] In some embodiments, the terms "certain", "preseted", "pre-set", "set", "indicated", "certain", "arbitrary", "first", and the like can be replaced with each other, "certain A", "preset A", "pre-set A", "set A", "indicated A", "certain A", "arbitrary A", "first A" can be interpreted as A specified in advance in a protocol or the like, A obtained by setting, configuration, or indication, or the like, or a specific A, a certain A, an arbitrary A, or a first A, but are not limited thereto.
[0333] The communication method related to the embodiments of the present disclosure can include at least one of steps S2101-S2110. For example, step S2101 can be implemented as an independent embodiment, step S2104 can be implemented as an independent embodiment, step S2101 and step S2104 can be implemented as independent embodiments, step S2101 and step S2109 can be implemented as independent embodiments, step S2104 and step S2110 can be implemented as independent embodiments, but are not limited thereto.
[0334] In some embodiments, the order of any two steps among steps S2101-S2110 can be exchanged or executed simultaneously. For example, step S2107 and step S2108 can be exchanged in order or executed simultaneously.
[0335] In some embodiments, steps S2102-S2110 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0336] In some embodiments, steps S2101-S2103, steps S2105-S2110 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0337] In some embodiments, steps S2102, S2103, S2105-S2110 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0338] In some embodiments, steps S2102-S2108, step S2110 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0339] In some embodiments, steps S2101-S2103, steps S2105-S2109 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0340] In some embodiments, reference can be made to other optional implementations described before or after the description of Figure 2A.
[0341] Figure 2E is an interaction diagram illustrating a communication method according to an embodiment of the present disclosure. In the embodiment of Figure 2E, the state item can not be included in the NAS security context. The relationship between similar terms in the embodiment of Figure 2E is explained as follows: the NAS security context between the terminal and the first network element created by the terminal side is referred to as the first NAS security context. The NAS security context between the terminal and the first network element created by the first network element side is referred to as the second NAS security context. The first NAS security context and the second NAS security context correspond to each other. The first NAS security context and the second NAS security context correspond to each other means that for the NAS connection between the terminal and the first network element, the terminal side uses the first NAS security context to protect the NAS connection, and correspondingly, the first network element side uses the second NAS security context to protect the NAS connection. The first NAS security context and the second NAS security context can have the same one or more contents. For example, the first NAS security context and the second NAS security context have the same NAS connection identifier (the connection identifier includes 3GPP access and non-3GPP access). For example, the first NAS security context and the second NAS security context have the same security algorithm. For example, the first NAS security context and the second NAS security context have the same encryption protection key or integrity protection key, etc. It is worth noting that the NAS count in the first NAS security context and the second NAS security context can be asynchronous in a short time due to poor network state, etc.
[0342] In the embodiment of Figure 2E, in the case of establishing the NAS connection between the terminal and the first network element, the NAS security context stored by the terminal side can be seen from Figures 2F and 2G, and the NAS security context stored by the first network element side can be seen from Figure 2H.
[0343] As shown in FIG. 2F, the NAS security context stored at the terminal side can include at least one of the NAS security context corresponding to the second network element (AMF / AUSF / SEAF), the first NAS security context, and a common identifier KSI of the NAS security context corresponding to the second network element and the first NAS security context. The NAS security context corresponding to the second network element includes at least one of a NAS connection identifier, a security algorithm, a key of the first network element, an uplink NAS count, a downlink NAS count, an integrity protection key, and an encryption protection key. The first NAS security context includes at least one of the NAS connection identifier, the security algorithm, the key of the first network element, the uplink NAS count, the downlink NAS count, the integrity protection key, and the encryption protection key.
[0344] As shown in FIG. 2G, the NAS security context stored at the terminal side can include at least one of the NAS security context corresponding to the second network element (AMF / AUSF / SEAF) and the first NAS security context. The NAS security context corresponding to the second network element includes at least one of a NAS connection identifier, a security algorithm, a key of the first network element, a context identifier (KSI AMF / SEAF / AUSF ), an uplink NAS count, a downlink NAS count, an integrity protection key, and an encryption protection key. The first NAS security context includes at least one of the NAS connection identifier, the security algorithm, the key of the first network element, the context identifier (KSI NF ), the uplink NAS count, the downlink NAS count, the integrity protection key, and the encryption protection key.
[0345] As shown in FIG. 2H, the NAS security context stored at the first network element side can include a second NAS security context. The second NAS security context includes at least one of a UE identifier, a NAS connection identifier, a security algorithm, a key of the first network element, a context identifier (KSI / KSI NF ), an uplink NAS count, a downlink NAS count, an integrity protection key, and an encryption protection key.
[0346] As shown in FIG. 2E, the communication method of the embodiment of the disclosure is performed by the communication system 100, and the communication method of FIG. 2E includes the following steps:
[0347] In step S2201, the terminal 101 creates a first NAS security context for the first network element 1021.
[0348] It should be noted that the number of the first network elements is one or more. If the number of the first network elements is more than one, the terminal can create or activate one first NAS security context for each of the first network elements. Different first network elements correspond to different first NAS security contexts.
[0349] In some embodiments, the terminal can create the first NAS security context for the first network element before sending the first message, i.e., step S2202.
[0350] In some embodiments, the first NAS security context created by the terminal for the first network element corresponds to the second NAS security context created by the first network element for the terminal. The first NAS security context is stored on the terminal, and the second NAS security context is stored on the first network element. The first NAS security context is used for the terminal side to protect the NAS connection between the terminal and the first network element. The second NAS security context is used for the first network element side to protect the NAS connection between the terminal and the first network element.
[0351] In some embodiments, the first NAS security context includes at least one of the following:
[0352] a NAS connection identifier;
[0353] a security algorithm;
[0354] a key K of the first network element NF ;
[0355] a first NAS count, including an uplink NAS count and / or a downlink NAS count;
[0356] a first identifier KSI, which is a common identifier of the first NAS security context and a NAS security context corresponding to the second network element;
[0357] a second identifier KSI NF , which is an identifier of the first NAS security context;
[0358] an encryption protection key K NF_ENC ;
[0359] an integrity protection key K NF_INT .
[0360] For example, the first NAS security context includes the security algorithm, the first NAS count, the encryption protection key, and the integrity protection key.
[0361] For example, the first NAS security context includes the NAS connection identifier, the security algorithm, the first key of the first network element, the first NAS count, the first identifier, the encryption protection key, and the integrity protection key.
[0362] For example, the first NAS security context includes a NAS connection identifier, a security algorithm, a first key of the first network element, a first NAS count, a second identifier, an encryption protection key, and an integrity protection key.
[0363] In some embodiments, the terminal generates the key of the first network element according to a vertical derivation manner, and sets the value of the first NAS count in the first NAS security context to 0 in the case of generating the key of the first network element.
[0364] In some embodiments, the input parameters of the vertical derivation manner used by the terminal include at least one of the following:
[0365] an identifier of the terminal (such as IMSI or NAI or GCI or GLI or GPSI or SUPI or SUCI);
[0366] an ABBA parameter;
[0367] an identifier of the first network element (such as a type of the first network element or an instance ID of the first network element);
[0368] a key of the second network element (such as K AUSF / K SEAF / K AMF );
[0369] a second NAS count stored in a NAS security context (a fifth NAS security context) corresponding to the second network element in the terminal;
[0370] a first random number provided by the terminal;
[0371] a second random number provided by the first network element.
[0372] For example, the input parameters of the vertical derivation manner are the identifier of the terminal, the ABBA parameter, the identifier of the first network element, and the key of the second network element.
[0373] For example, the input parameters of the vertical derivation manner are the identifier of the terminal, the ABBA parameter, the identifier of the first network element, the key of the second network element, and the second NAS count.
[0374] In some embodiments, the terminal can know the relationship between the network element and the service, the key of the second network element, and the identifier of the network element corresponding to each service in the process of network access. The terminal can determine the first network element which wants to establish the NAS connection according to the service required by the terminal.
[0375] In some embodiments, the terminal can be preconfigured with the relationship between the network element and the service, the identifier of the network element corresponding to each service, and the like.
[0376] There is no KSI available on the terminalNF In this case, the terminal can generate KSI NF It should be noted that in some embodiments, the values of KSI AMF / SEAF / AUSF and KSI NF may be the same or different, for example, KSI NF may be derived from KSI AMF / SEAF / AUSF , KSI AMF / SEAF / AUSF may be mapped to KSI NF, , that is, KSI NF = NF instance ID / NF type: KSI AMF / SEAF / AUSF .
[0377] wherein the key of the second network element is a root key for communication between the terminal and the second network element, the second network element being, for example, an AUSF / SEAF / AMF, K AUSF / K SEAF / K AMF The method for obtaining K NF may refer to related technologies, which will not be described here.
[0378] In some embodiments, the key of the second network element in the input parameter of the vertical derivation mode can be obtained by the terminal in the process of accessing the network. In some embodiments, the key of the second network element in the input parameter of the vertical derivation mode can be determined from the NAS security context corresponding to the second network element stored in the terminal.
[0379] In some embodiments, the encryption protection key and / or the integrity protection key in the first NAS security context are derived according to the key K NF of the first network element. It should be explained that K NF is a root key for communication between the terminal and the first network element, derived vertically from the key of the second network element. K NF_INT is an integrity protection key derived from K NF . K NF_ENC is an encryption protection key derived from K NF .
[0380] In step S2202, the terminal 101 sends a first message to the second network element 1022.
[0381] In some embodiments, the second network element receives the first message. For example, the second network element receives the first message sent by the terminal.
[0382] In some embodiments, the first message is used for the terminal to request to establish a NAS connection with the first network element. The first message can be transmitted to the first network element through the second network element.
[0383] In some embodiments, the name of the first message is not limited, for example, it is an initial NAS signaling, a NAS connection request, etc.
[0384] In some embodiments, the first message sent after step S2201 can be protected according to the first NAS security context. For example, at least part of the content in the first message is protected according to the first NAS security context.
[0385] In some embodiments, the first message comprises at least one of:
[0386] a sequence number SQN;
[0387] a first identifier;
[0388] a second identifier;
[0389] an identifier of the terminal;
[0390] a first random number provided by the terminal.
[0391] For example, the first message comprises the first identifier and the identifier of the terminal.
[0392] For example, the first message comprises the second identifier and the identifier of the terminal.
[0393] For example, the first message comprises the first / second identifier, the first random number provided by the terminal.
[0394] For example, the first message comprises the first / second identifier, the sequence number SQN.
[0395] In some embodiments, both the uplink NAS count and the downlink NAS count comprise a sequence number SQN of the response. The SQN in the first message can be the UL NAS SQN.
[0396] Step S2203, the second network element 1022 sends the first message or the third message to the first network element 1021.
[0397] In some embodiments, the first network element receives the first message or the third message sent by the second network element.
[0398] In some embodiments, the third message comprises the original first message or comprises the processed first message. For example, the third message comprises one or more fields in the first message.
[0399] In some embodiments, the first message can comprise an identifier of the first network element (e.g. an instance ID or a type of the first network element). In this way, the second network element sends the first message or the third message to the first network element.
[0400] In some embodiments, the third message comprises at least one of the first identifier, the second identifier, the security algorithm, and the key of the first network element. Optionally, the first identifier, the second identifier, the security algorithm, and the key of the first network element can all be generated or determined by the second network element. Optionally, the first identifier and the second identifier can also be provided by the terminal in the first message. In this way, the first network element can obtain at least one of the following from the third message sent by the second network element:
[0401] the first identifier;
[0402] the second identifier;
[0403] the security algorithm;
[0404] the key of the first network element.
[0405] For example, the third message comprises the first identifier or the second identifier.
[0406] For example, the third message comprises the first identifier, the security algorithm, and the key of the first network element.
[0407] For example, the third message comprises the second identifier, the security algorithm, and the key of the first network element.
[0408] For example, the third message comprises the security algorithm and the key of the first network element.
[0409] The first identifier, the second identifier, the security algorithm, and the key of the first network element are used by the first network element to generate a NAS security context between the terminal and the first network element (i.e., the second NAS security context on the side of the first network element).
[0410] It should be explained that the first identifier (KSI) is used to identify the NAS security context between the terminal and the first network element (i.e., the first NAS security context on the side of the terminal / the second NAS security context on the side of the first network element) and the NAS security context corresponding to the second network element (i.e., the NAS security context corresponding to the second network element stored by the terminal (i.e., the fifth NAS security context) / the NAS security context corresponding to the terminal stored by the second network element (i.e., the sixth NAS security context)). NF The second identifier (KSI) is used to identify the NAS security context between the terminal and the first network element (i.e., the first NAS security context on the side of the terminal / the second NAS security context on the side of the first network element).
[0411] In some embodiments, the third message is equivalent to the first message, i.e., the second network element is a relay node between the terminal and the first network element, and the second network element only has a forwarding function, and then the second network element sends the third message to the first network element in the case that the first message sent by the terminal is received, the third message being the first message forwarded by the second network element to the first network element.
[0412] In some embodiments, steps S2202 and S2203 can be omitted. The terminal 101 can directly send the first message to the first network element 1021, and the first network element receives the first message protected by the first NAS security context sent by the terminal.
[0413] Step S2204: The first network element 1021 creates or activates a second NAS security context for the terminal 101.
[0414] It should be noted that the number of terminals is one or more. In the case that the number of terminals is more than one, the first network element can create or activate a second NAS security context for each terminal, and different terminals correspond to different second NAS security contexts.
[0415] In some embodiments, the first network element creates or activates the second NAS security context for the terminal in the case that the first message or the third message is received.
[0416] In some embodiments, the second NAS security context includes at least one of the following:
[0417] An identifier of the terminal;
[0418] A NAS connection identifier;
[0419] A security algorithm;
[0420] A key of the first network element;
[0421] A first NAS count, including an uplink NAS count and / or a downlink NAS count;
[0422] A first identifier, which is a common identifier of the second NAS security context and a NAS security context corresponding to the second network element;
[0423] A second identifier, which is an identifier of the second NAS security context;
[0424] An encryption protection key;
[0425] An integrity protection key.
[0426] For example, the second NAS security context includes the security algorithm, the first NAS count, the encryption protection key, and the integrity protection key.
[0427] For example, the second NAS security context includes a NAS connection identifier, a security algorithm, the first key of the first network element, a first NAS count, a first identifier, an encryption protection key, and an integrity protection key.
[0428] For example, the second NAS security context includes a NAS connection identifier, a security algorithm, the first key of the first network element, a first NAS count, a second identifier, an encryption protection key, and an integrity protection key.
[0429] The identifier of the terminal in the second NAS security context can be obtained by the first network element from the first / third message.
[0430] In some embodiments, the first network element requests the key of the first network element from the second network element. For example, the first network element can request the key K NF of the first network element from the second network element. The first network element receives the key of the first network element and / or the security algorithm returned by the second network element.
[0431] In some embodiments, the first network element can also obtain at least one of the key of the first network element, the first identifier, the second identifier, and the security algorithm from the third message sent by the second network element.
[0432] In some embodiments, the key of the first network element is generated by the second network element through vertical derivation. Optionally, the input parameters of the vertical derivation include at least one of the following:
[0433] The identifier of the terminal (such as IMSI or NAI or GCI or GLI or GPSI or SUPI or SUCI);
[0434] The ABBA parameter;
[0435] The identifier of the first network element (such as the instance ID of the first network element or the type of the first network element);
[0436] The key of the second network element (such as K AUSF / K SEAF / K AMF );
[0437] The second NAS count stored in the NAS security context (the sixth NAS security context) corresponding to the terminal in the second network element;
[0438] The first random number provided by the terminal;
[0439] The second random number provided by the first network element.
[0440] For example, the input parameters of the vertical derivation are: the identifier of the terminal, the ABBA parameter, the identifier of the first network element, the key of the second network element, and the second NAS count.
[0441] That is, the second network element can actively (i.e., by sending the third message) or passively (i.e., sending according to the request of the first network element) send the first network element's key and / or security algorithm to the first network element.
[0442] In some embodiments, in the case where the first network element obtains the first network element's key K NF generated by vertical derivation from the second network element, the first network element sets the value of the first NAS count, i.e., the uplink NAS count and the downlink NAS count, to 0, and can derive K NF from the first key K NF_INT of the first network element and / or K NF_ENC .
[0443] After determining the second NAS security context, K NF_INT / K NF_ENC , the stored UL NAS OVERFLOW, and the received UL NAS SQN in the second NAS security context, the NF verifies the first message. If the verification is passed, step S2205 is performed. If the verification is not passed, step S2205 is not performed.
[0444] Step S2205, the first network element 1021 sends a second message protected by the second NAS security context to the terminal 101.
[0445] In some embodiments, the terminal receives the second message. Wherein the second message is protected by the first network element according to the encryption protection key and / or the integrity protection key in the second NAS security context, and the second message is a response to the first message.
[0446] Step S2206, the terminal 101 verifies the second message according to the first NAS security context to determine whether the NAS connection with the first network element 1021 is successfully established.
[0447] In some embodiments, the terminal verifies the second message according to the first NAS security context to determine whether the NAS connection with the first network element is successfully established.
[0448] In the case where the NAS connection between the terminal and the first network element is successfully established, one or more of steps S2207-S2210 are performed.
[0449] Step S2207, the terminal 101 increases the value of the uplink NAS count in the first NAS security context by 1 in the case where the terminal sends a fourth message to the first network element 1021.
[0450] In some embodiments, the first network element receives the fourth message. Wherein, the fourth message comprises the first SQN, and the first SQN is used by the first network element to update the uplink NAS count in the second NAS security context.
[0451] In some embodiments, the first network element, in case that the fourth message sent by the terminal is received, updates the value of the uplink NAS count in the second NAS security context according to the SQN in the fourth message, for example, increases the value of the uplink NAS count in the second NAS security context by 1.
[0452] Step S2208, the first network element 1021, in case that the fifth message is sent to the terminal 101, increases the value of the downlink NAS count in the second NAS security context by 1.
[0453] In some embodiments, the terminal receives the fifth message. Wherein, the fifth message comprises the second SQN, and the second SQN is used by the terminal to update the downlink NAS count in the first NAS security context.
[0454] In some embodiments, the terminal, in case that the fifth message sent by the first network element is received, updates the value of the downlink NAS count in the first NAS security context according to the second SQN in the fifth message, for example, increases the value of the downlink NAS count in the first NAS security context by 1.
[0455] Step S2209, the terminal 101, in case that the NAS connection is released, deletes the first NAS security context.
[0456] In some embodiments, in case that the NAS connection is released, the terminal deletes the first NAS security context.
[0457] Step S2210, the first network element 1021, in case that the NAS connection is released, deletes the second NAS security context.
[0458] In some embodiments, in case that the NAS connection is released, the first network element deletes the second NAS security context.
[0459] In some embodiments, the implementation of each step in FIG. 2E can also refer to the related steps in the embodiment of FIG. 2A.
[0460] The communication method related to the embodiments of the present disclosure can include at least one of steps S2201-S2210. For example, step S2201 can be implemented as an independent embodiment, step S2204 can be implemented as an independent embodiment, step S2201 and step S2204 can be implemented as independent embodiments, step S2201 and step S2209 can be implemented as independent embodiments, step S2204 and step S2210 can be implemented as independent embodiments, but are not limited thereto.
[0461] In some embodiments, any two steps among steps S2201-S2210 can be exchanged in order or executed simultaneously. For example, step S2207 and step S2208 can be exchanged in order or executed simultaneously.
[0462] In some embodiments, steps S2202-S2210 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0463] In some embodiments, steps S2201-S2203, steps S2205-S2210 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0464] In some embodiments, steps S2202, S2203, S2205-S2210 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0465] In some embodiments, steps S2202-S2208, step S2210 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0466] In some embodiments, steps S2201-S2203, steps S2205-S2209 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0467] In some embodiments, other optional implementations described before or after the corresponding description of FIG. 2E can be referred to.
[0468] FIG. 2I is an interaction diagram illustrating a communication method according to an embodiment of the present disclosure. In the embodiment of FIG. 2I, the state item can not be included in the NAS security context. The relationship between similar terms in the embodiment of FIG. 2I is explained as follows: the NAS security context between the terminal and the first network element created by the terminal side is referred to as the first NAS security context. The NAS security context between the terminal and the first network element created by the first network element side is referred to as the second NAS security context. The first NAS security context and the second NAS security context correspond to each other. The first NAS security context and the second NAS security context correspond to each other means that for the NAS connection between the terminal and the first network element, the terminal side uses the first NAS security context to protect the NAS connection, and correspondingly, the first network element side uses the second NAS security context to protect the NAS connection. The first NAS security context and the second NAS security context can have the same one or more contents. For example, the first NAS security context and the second NAS security context have the same NAS connection identifier (the connection identifier includes 3GPP access and non-3GPP access). For example, the first NAS security context and the second NAS security context have the same security algorithm. For example, the first NAS security context and the second NAS security context have the same encryption protection key or integrity protection key, etc. It is worth noting that the NAS count can be asynchronous in the first NAS security context and the second NAS security context in a short time due to poor network state, etc.
[0469] In the embodiment of FIG. 2E, in the case of establishing the NAS connection between the terminal and the first network element, the NAS security context stored by the terminal side can refer to FIG. 2F and FIG. 2G, and the NAS security context stored by the first network element side can refer to FIG. 2H.
[0470] As shown in FIG. 2I, the embodiment of the present disclosure relates to a communication method, which is performed by the communication system 100, and the communication method of FIG. 2I includes the following steps:
[0471] In step S2301, the terminal 101 sends a first message to the second network element 1022.
[0472] In some embodiments, the second network element receives the first message. For example, the second network element receives the first message sent by the terminal.
[0473] In some embodiments, the first message is used for the terminal to request to establish the NAS connection with the first network element. The first message can be transmitted to the first network element through the second network element.
[0474] In some embodiments, the name of the first message is not limited, which is, for example, initial NAS signaling, NAS connection request, etc.
[0475] In some embodiments, the first message is protected according to the NAS security context corresponding to the second network element stored on the terminal; or the first message is unprotected.
[0476] It should be explained that, before the NAS security context between the terminal and the first network element is created, i.e. before the communication method of the present disclosure is performed, the NAS security context between the terminal and the second network element has been created or activated by default. For example, the terminal can obtain the NAS security context corresponding to the second network element in the process of accessing the network. The NAS security context corresponding to the second network element stored on the terminal refers to the NAS security context between the terminal and the second network element currently available on the terminal. The NAS security context between the terminal and the second network element is used to guarantee the NAS connection communication between the terminal and the second network element.
[0477] For example, assuming that the first message is protected according to the NAS security context corresponding to the second network element stored on the terminal, the second network element can verify the first message according to the NAS security context between the terminal and the second network element stored on the second network element (i.e. the NAS security context corresponding to the terminal / the sixth NAS security context) in the case of receiving the first message. Optionally, the first message can include an identifier for the second network element to determine the corresponding NAS security context, such as the identifier of the terminal, the first identifier, the second identifier, etc. If the second network element verifies the first message successfully, step S2302 is performed. If the second network element fails to verify the first message, step S2302 is not performed.
[0478] In some embodiments, the first message includes at least one of the following:
[0479] the first identifier;
[0480] the second identifier;
[0481] the identifier of the terminal;
[0482] the first random number provided by the terminal.
[0483] For example, the first message includes the first identifier and the identifier of the terminal.
[0484] For example, the first message includes the second identifier and the identifier of the terminal.
[0485] For example, the first message includes the first / second identifier, the first random number provided by the terminal.
[0486] Step S2302: The second network element 1022 sends the first message or the third message to the first network element 1021.
[0487] In some embodiments, the first network element receives the first message or the third message sent by the second network element.
[0488] In some embodiments, the third message comprises the original first message or comprises the processed first message. For example, the third message comprises one or more fields in the first message. For example, the third message comprises contents extracted from the first message.
[0489] In some embodiments, the first message can comprise an identifier of the first network element (e.g. an instance ID or a type of the first network element). In this way, it is convenient for the second network element to send the third message to the first network element.
[0490] In some embodiments, the third message comprises at least part of the content of the first message and at least one of the first identifier, the second identifier, the security algorithm, and the key of the first network element. Optionally, the first identifier, the second identifier, the security algorithm, and the key of the first network element can all be generated or determined by the second network element. Optionally, the first identifier and the second identifier can also be provided by the terminal in the first message. In this way, it is convenient for the first network element to obtain at least one of the following from the third message sent by the second network element:
[0491] the first identifier;
[0492] the second identifier;
[0493] the security algorithm;
[0494] the key of the first network element.
[0495] For example, the third message comprises the first identifier or the second identifier.
[0496] For example, the third message comprises the first identifier, the security algorithm, and the key of the first network element.
[0497] For example, the third message comprises the second identifier, the security algorithm, and the key of the first network element.
[0498] For example, the third message comprises the security algorithm and the key of the first network element.
[0499] The first identifier, the second identifier, the security algorithm, and the key of the first network element are used by the first network element to generate a NAS security context between the terminal and the first network element (i.e. a second NAS security context on the side of the first network element).
[0500] It should be explained that the first identifier (KSI) is used to identify the NAS security context between the terminal and the first network element (i.e. the first NAS security context on the terminal side / the second NAS security context on the first network element side) and the NAS security context corresponding to the second network element (i.e. the fifth NAS security context stored by the terminal corresponding to the second network element / the sixth NAS security context stored by the second network element corresponding to the terminal). The second identifier (KSI NF ) is used to identify the NAS security context between the terminal and the first network element (i.e. the first NAS security context on the terminal side / the second NAS security context on the first network element side).
[0501] It should be noted that the KSI can be a common identifier of the NAS security context between the terminal and the second network element and the NAS security context between the terminal and the first network element. In some embodiments, the value of KSI AMF / SEAF / AUSF and KSI NF may be the same or different, for example, KSI NF may be derived from KSI AMF / SEAF / AUSF , KSI AMF / SEAF / AUSF may be mapped to KSI NF , i.e. KSI NF = NF instance ID / NF type: KSI AMF / SEAF / AUSF .
[0502] In some embodiments, the third message is equivalent to the first message, i.e. the second network element is a relay node between the terminal and the first network element, and the second network element only has the function of forwarding, so that the second network element sends the third message to the first network element in the case that the first message sent by the terminal is received, and the third message is the first message forwarded by the second network element to the first network element.
[0503] In some embodiments, the first message sent by the terminal is not security protected.
[0504] In some embodiments, steps S2301 and S2302 can be omitted. The terminal 101 can directly send the first message to the first network element 1021, and the first network element receives the unprotected first message sent by the terminal.
[0505] In some embodiments, if the first message is unprotected, the first message can include a NAS context identifier with a value of 111. The NAS context identifier with a value of 111 indicates that there is no available NAS security context.
[0506] Step S2303, the first network element 1021 creates a second NAS security context for the terminal 101.
[0507] It should be noted that the number of terminals is one or more. In the case that the number of terminals is more than one, the first network element can create or activate one second NAS security context for each terminal, and different terminals correspond to different second NAS security contexts.
[0508] In some embodiments, the first network element creates the second NAS security context for the terminal upon receiving the first message or the third message.
[0509] In some embodiments, the second NAS security context comprises at least one of:
[0510] an identifier of the terminal;
[0511] a NAS connection identifier;
[0512] a security algorithm;
[0513] a key of the first network element;
[0514] a first NAS count comprising an uplink NAS count and / or a downlink NAS count;
[0515] a first identifier being a common identifier of the second NAS security context and a NAS security context corresponding to the second network element;
[0516] a second identifier being an identifier of the second NAS security context;
[0517] an encryption protection key;
[0518] an integrity protection key.
[0519] For example, the second NAS security context comprises the security algorithm, the first NAS count, the encryption protection key, and the integrity protection key.
[0520] For example, the second NAS security context comprises the NAS connection identifier, the security algorithm, the first key of the first network element, the first NAS count, the first identifier, the encryption protection key, and the integrity protection key.
[0521] For example, the second NAS security context comprises the NAS connection identifier, the security algorithm, the first key of the first network element, the first NAS count, the second identifier, the encryption protection key, and the integrity protection key.
[0522] Wherein the identifier of the terminal in the second NAS security context can be obtained by the first network element from the first / third message.
[0523] In some embodiments, the first network element requests the key of the first network element from the second network element. For example, the first network element can request the key K NFThe first network element receives the key and / or the security algorithm of the first network element returned by the second network element.
[0524] In some embodiments, the first network element can also obtain at least one of the key of the first network element, the first identifier, the second identifier, and the security algorithm from the third message sent by the second network element.
[0525] In some embodiments, the key of the first network element is generated by the second network element through vertical derivation. Optionally, the input parameters of the vertical derivation include at least one of the following:
[0526] the identifier of the terminal (such as IMSI or NAI or GCI or GLI or GPSI or SUPI or SUCI);
[0527] the ABBA parameter;
[0528] the identifier of the first network element (such as instance ID);
[0529] the key of the second network element (such as K AUSF / K SEAF / K AMF );
[0530] the second NAS count determined by the sixth NAS security context, the sixth NAS security context being the NAS security context of the corresponding terminal stored on the second network element;
[0531] the first random number provided by the terminal;
[0532] the second random number provided by the first network element.
[0533] For example, the input parameters of the vertical derivation are the identifier of the terminal, the ABBA parameter, the identifier of the first network element, the key of the second network element, the first random number, and the second random number.
[0534] In some embodiments, the first random number provided by the terminal can be included in the first message.
[0535] In some embodiments, the random number provided by the first network element can be included in the request message in which the first network element requests the first key of the first network element from the second network element, or the first network element actively or passively sends the first random number (from the first message) and the second random number to the second network element.
[0536] In some embodiments, if the terminal sends the first message to the second network element, the first random number provided by the terminal can be included in the first message, and the second network element obtains the first random number from the first message. Of course, the terminal can also send the first random number to the second network element through other messages in addition to the first message, which is not limited by the present disclosure.
[0537] In some embodiments, if the terminal sends the first message to the first network element, the first message can include the first random number provided by the terminal, and the first network element can carry the first random number obtained from the first message and / or the generated second random number in a key request message sent by the first network element to the second network element to send to the second network element. Of course, the first network element can also send the first random number and / or the second random number to the second network element through other messages, which is not limited by the present disclosure.
[0538] After the second network element obtains the first random number and the second random number, the first key of the first network element can be generated. The second network element can actively (i.e., through a third message) or passively (i.e., according to the request of the first network element) send the generated first key of the first network element and / or the security algorithm to the first network element.
[0539] In some embodiments, in the case where the first network element obtains the first key K NF of the first network element generated by vertical derivation from the second network element, the first network element sets the value of the first NAS count, i.e., the uplink NAS count and the downlink NAS count, to 0, and can derive K NF according to the first key K NF_INT of the first network element. NF_ENC .
[0540] Step S2304, the first network element 1021 sends a second message protected by the second NAS security context to the terminal 101.
[0541] In some embodiments, the terminal receives the second message. The second message is protected by the first network element according to the encryption protection key and / or the integrity protection key in the second NAS security context, and the second message is a response to the first message.
[0542] Step S2305, the terminal 101 creates a first NAS security context for the first network element 1021.
[0543] It should be noted that the number of first network elements is one or more. If the number of first network elements is more than one, the terminal can create or activate one first NAS security context for each first network element. Different first network elements correspond to different first NAS security contexts.
[0544] In some embodiments, the terminal can create a first NAS security context for the first network element after receiving the second message.
[0545] In some embodiments, the first NAS security context created by the terminal for the first network element corresponds to a second NAS security context created by the first network element for the terminal. The first NAS security context is stored on the terminal, and the second NAS security context is stored on the first network element. The first NAS security context is used for protecting the NAS connection between the terminal and the first network element on the terminal side. The second NAS security context is used for protecting the NAS connection between the terminal and the first network element on the first network element side.
[0546] In some embodiments, the first NAS security context comprises at least one of:
[0547] a NAS connection identifier;
[0548] a security algorithm;
[0549] a key K NF of the first network element;
[0550] a first NAS count comprising an uplink NAS count and / or a downlink NAS count;
[0551] a first identifier KSI being a common identifier for the first NAS security context and a NAS security context corresponding to the second network element;
[0552] a second identifier KSI NF being an identifier for the first NAS security context;
[0553] an encryption protection key K NF_ENC ;
[0554] an integrity protection key K NF_INT .
[0555] For example, the first NAS security context comprises the security algorithm, the first NAS count, the encryption protection key, and the integrity protection key.
[0556] For example, the first NAS security context comprises the NAS connection identifier, the security algorithm, the first key of the first network element, the first NAS count, the first identifier, the encryption protection key, and the integrity protection key.
[0557] For example, the first NAS security context comprises the NAS connection identifier, the security algorithm, the first key of the first network element, the first NAS count, the second identifier, the encryption protection key, and the integrity protection key.
[0558] In some embodiments, the terminal generates the key of the first network element according to a vertical derivation manner, and sets the value of the first NAS count in the first NAS security context to 0 in the case that the key of the first network element is generated.
[0559] In some embodiments, the input parameters of the vertical derivation manner used by the terminal comprise at least one of the following:
[0560] an identifier of the terminal (e.g., IMSI or NAI or GCI or GLI or GPSI or SUPI or SUCI);
[0561] an ABBA parameter;
[0562] an identifier of the first network element (e.g., a type of the first network element or an instance ID of the first network element);
[0563] a key of the second network element (e.g., K AUSF / K SEAF / K AMF );
[0564] a second NAS count determined by a fifth NAS security context;
[0565] a first random number provided by the terminal;
[0566] a second random number provided by the first network element.
[0567] For example, the input parameters of the vertical derivation manner are the identifier of the terminal, the ABBA parameter, the identifier of the first network element, and the key of the second network element, the first random number, and the second random number.
[0568] In some embodiments, the terminal can know the relationship between the network element and the service, the key of the second network element, and the identifier of the network element corresponding to each service during the network access process. The key of the second network element is a root key for communication between the terminal and the second network element, and the second network element is, for example, AUSF / SEAF / AMF, K AUSF / K SEAF / K AMF The acquisition method can refer to related technologies, which will not be described here.
[0569] In some embodiments, the terminal can be preconfigured with the relationship between the network element and the service, and the identifier of the network element corresponding to each service.
[0570] In some embodiments, the key of the second network element in the input parameters of the vertical derivation manner can be obtained by the terminal during the network access process. In some embodiments, the key of the second network element in the input parameters of the vertical derivation manner can be determined from the NAS security context corresponding to the second network element stored in the terminal.
[0571] In some embodiments, the encryption protection key and / or the integrity protection key in the first NAS security context are derived according to the key K NF of the first network element. It should be explained that K NFK is a root key for communication between the terminal and the first network element, derived vertically from the key of the second network element. NF_INT K is a key for integrity protection, derived vertically from K NF . NF_ENC K is a key for encryption protection, derived from K NF .
[0572] In some embodiments, the second random number provided by the first network element can be included in the second message.
[0573] At step S2306, the terminal 101 verifies the second message according to the first NAS security context to determine whether the NAS connection with the first network element 1021 is successfully established.
[0574] In some embodiments, the terminal verifies the second message according to the first NAS security context to determine whether the NAS connection with the first network element is successfully established. If the terminal verifies the second message according to the first NAS security context successfully, it is determined that the NAS connection between the terminal and the first network element is successfully established. If the terminal verifies the second message according to the first NAS security context fails, it is determined that the NAS connection between the terminal and the first network element is not successfully established.
[0575] In the case that the NAS connection between the terminal and the first network element is successfully established, one or more of steps S2307-S2310 are performed.
[0576] At step S2307, the terminal 101 increases the value of the uplink NAS count in the first NAS security context by 1 in the case that the terminal sends a fourth message to the first network element 1021.
[0577] In some embodiments, the first network element receives the fourth message. The fourth message includes the first SQN, which is used by the first network element to update the uplink NAS count in the second NAS security context.
[0578] In some embodiments, the first network element updates the value of the uplink NAS count in the second NAS security context according to the SQN in the fourth message in the case that the first network element receives the fourth message sent by the terminal, for example, increases the value of the uplink NAS count in the second NAS security context by 1.
[0579] At step S2308, the first network element 1021 increases the value of the downlink NAS count in the second NAS security context by 1 in the case that the first network element sends a fifth message to the terminal 101.
[0580] In some embodiments, the terminal receives the fifth message. The fifth message includes the second SQN, which is used by the terminal to update the downlink NAS count in the first NAS security context.
[0581] In some embodiments, the terminal updates the value of the downlink NAS count in the first NAS security context according to the second SQN in the fifth message in a case that the fifth message sent by the first network element is received, for example, increases the value of the downlink NAS count in the first NAS security context by 1.
[0582] In step S2309, the terminal 101 deletes the first NAS security context in a case that the NAS connection is released.
[0583] In some embodiments, the terminal deletes the first NAS security context in a case that the NAS connection is released.
[0584] In step S2310, the first network element 1021 deletes the second NAS security context in a case that the NAS connection is released.
[0585] In some embodiments, the first network element deletes the second NAS security context in a case that the NAS connection is released.
[0586] In some embodiments, the implementation of each step in FIG. 2I can also refer to the related steps in the embodiments of FIG. 2A and FIG. 2E.
[0587] The communication method related to the embodiments of the present disclosure can include at least one of steps S2301-S2310. For example, step S2303 can be implemented as an independent embodiment, step S2305 can be implemented as an independent embodiment, step S2303 and step S2305 can be implemented as independent embodiments, step S2305 and step S2309 can be implemented as independent embodiments, step S2303 and step S2310 can be implemented as independent embodiments, but are not limited thereto.
[0588] In some embodiments, the order of any two steps among steps S2301-S2310 can be exchanged or executed simultaneously. For example, step S2307 and step S2308 can be exchanged or executed simultaneously.
[0589] In some embodiments, steps S2301, S2302, S2304-S2310 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0590] In some embodiments, steps S2301-S2304, S2306-S2310 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0591] In some embodiments, steps S2301-S2304, steps S2306-S2308, step S2310 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0592] In some embodiments, steps S2301, S2302, steps S2304-S2309 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0593] In some embodiments, other optional implementations can be found in the description before or after the corresponding description of FIG. 2I.
[0594] FIG. 3A is a flow diagram illustrating a communication method according to an embodiment of the present disclosure. As shown in FIG. 3A, the embodiment of the present disclosure relates to a communication method, which is performed by a terminal side, and the above method comprises:
[0595] Step S3101, creating or activating a first NAS security context for a first network element.
[0596] Optional implementations of step S3101 can be found in the optional implementations of steps S2101 of FIG. 2A, S2201 of FIG. 2E, and other associated parts in the embodiments related to FIG. 2A and FIG. 2E, which will not be repeated here.
[0597] Step S3102, sending a first message.
[0598] Optional implementations of step S3102 can be found in the optional implementations of steps S2102 of FIG. 2A, S2202 of FIG. 2E, and other associated parts in the embodiments related to FIG. 2A and FIG. 2E, which will not be repeated here.
[0599] In some embodiments, the terminal 101 sends the first message to the first network element 1021, but is not limited thereto, and the terminal can also send the first message to the second network element or other subjects.
[0600] Step S3103, receiving a second message.
[0601] Optional implementations of step S3103 can be found in the optional implementations of steps S2105 of FIG. 2A, S2205 of FIG. 2E, and other associated parts in the embodiments related to FIG. 2A and FIG. 2E, which will not be repeated here.
[0602] In some embodiments, the terminal 101 receives the second message sent by the first network element 1021, but is not limited thereto, and the terminal can also receive the second message sent by other subjects.
[0603] Step S3104: verifying the second message according to the first NAS security context.
[0604] The optional implementation of step S3104 can refer to the optional implementation of step S2106 in FIG. 2A, step S2206 in FIG. 2E, and other associated parts in the embodiments related to FIG. 2A and FIG. 2E, which are not described herein again.
[0605] Step S3105: in the case of sending the fourth message to the first network element, increasing the value of the uplink NAS count in the first NAS security context by 1.
[0606] The optional implementation of step S3105 can refer to the optional implementation of step S2107 in FIG. 2A, step S2207 in FIG. 2E, and other associated parts in the embodiments related to FIG. 2A and FIG. 2E, which are not described herein again.
[0607] Step S3106: in the case of receiving the fifth message sent by the first network element, updating the downlink NAS count in the first NAS security context according to the SQN in the fifth message.
[0608] The optional implementation of step S3106 can refer to the optional implementation of step S2108 in FIG. 2A, step S2208 in FIG. 2E, and other associated parts in the embodiments related to FIG. 2A and FIG. 2E, which are not described herein again.
[0609] Step S3107: in the case of releasing the NAS connection, deleting the first NAS security context or updating the state of the first NAS security context.
[0610] The optional implementation of step S3107 can refer to the optional implementation of step S2109 in FIG. 2A, step S2209 in FIG. 2E, and other associated parts in the embodiments related to FIG. 2A and FIG. 2E, which are not described herein again.
[0611] The communication method related to the embodiments of the present disclosure can include at least one of steps S3101 to S3107. For example, step S3101 can be implemented as an independent embodiment, step S3107 can be implemented as an independent embodiment, and steps S3101 and S3107 can be implemented as independent embodiments, but are not limited thereto.
[0612] In some embodiments, the order between any two of steps S3101 to S3107 can be exchanged or executed simultaneously.
[0613] In some embodiments, steps S3102 to S3107 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0614] In some embodiments, steps S3101-S3106 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0615] In some embodiments, steps S3102-S3106 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0616] FIG. 3B is a flow diagram illustrating a communication method according to embodiments of the present disclosure. As shown in FIG. 3B, embodiments of the present disclosure relate to a communication method, which is performed by a terminal side, and the above method comprises:
[0617] Step S3201, creating or activating a first NAS security context for a first network element.
[0618] Optional implementation of step S3201 can refer to optional implementation of step S2101 in FIG. 2A, step S2201 in FIG. 2E, step S3101 in FIG. 3A, and other associated parts in embodiments related to FIG. 2A, FIG. 2E, and FIG. 3A, which will not be described here.
[0619] Step S3202, sending a first message.
[0620] Optional implementation of step S3202 can refer to step S2102 in FIG. 2A, step S2202 in FIG. 2E, optional implementation of step S3102 in FIG. 3A, and other associated parts in embodiments related to FIG. 2A, FIG. 2E, and FIG. 3A, which will not be described here.
[0621] Step S3203, receiving a second message.
[0622] Optional implementation of step S3203 can refer to step S2105 in FIG. 2A, step S2205 in FIG. 2E, optional implementation of step S3103 in FIG. 3A, and other associated parts in embodiments related to FIG. 2A, FIG. 2E, and FIG. 3A, which will not be described here.
[0623] The communication method related to embodiments of the present disclosure can comprise at least one of steps S3201-S3203. For example, step S3201 can be implemented as an independent embodiment, but is not limited thereto.
[0624] In some embodiments, the order between any two of steps S3201-S3203 can be exchanged or performed simultaneously.
[0625] In some embodiments, steps S3202 and S3203 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0626] In some embodiments, step S3203 and one or more of steps S3104-S3107 of step S3104 of FIG. 3A are combined.
[0627] FIG. 3C is a flow diagram illustrating a communication method according to an embodiment of the present disclosure. As shown in FIG. 3C, the embodiments of the present disclosure relate to a communication method, which is performed by a terminal side, and the above method comprises the following steps:
[0628] Step S3301: creating or activating a first NAS security context for a first network element.
[0629] The optional implementation of step S3301 can refer to the optional implementation of step S2101 of FIG. 2A, step S2201 of FIG. 2E, step S3101 of FIG. 3A, and other associated parts in the embodiments related to FIG. 2A, FIG. 2E, and FIG. 3A, which are not described herein again.
[0630] Step S3302: deleting the first NAS security context or updating the state of the first NAS security context in the case that the NAS connection is released.
[0631] The optional implementation of step S3302 can refer to step S2109 of FIG. 2A, step S2209 of FIG. 2E, the optional implementation of step S3107 of FIG. 3A, and other associated parts in the embodiments related to FIG. 2A, FIG. 2E, and FIG. 3A, which are not described herein again.
[0632] The communication method related to the embodiments of the present disclosure can comprise at least one of step S3301 and step S3302. For example, step S3302 can be implemented as an independent embodiment, but is not limited thereto.
[0633] In some embodiments, step S3301 and step S3302 can be exchanged in order or executed simultaneously.
[0634] In some embodiments, step S3301 is optional, and can be omitted or replaced in different embodiments.
[0635] In some embodiments, step S3302 is optional, and can be omitted or replaced in different embodiments.
[0636] In some embodiments, step S3302 and one or more of steps S3102-S3106 of step S3102 of FIG. 3A are combined.
[0637] FIG. 3D is a flow diagram illustrating a communication method according to an embodiment of the present disclosure. As shown in FIG. 3D, the embodiments of the present disclosure relate to a communication method, which is performed by a terminal side, and the above method comprises the following steps:
[0638] Step S3401, creating or activating the first NAS security context for the first network element.
[0639] The optional implementation of step S3401 can refer to the optional implementation of step S2101 in FIG. 2A, step S2201 in FIG. 2E, step S2305 in FIG. 2I, the optional implementation of step S3101 in FIG. 3A, and other associated parts in the embodiments related to FIG. 2A, FIG. 2B, and FIG. 3A, which are not described here again.
[0640] FIG. 3E is a flow diagram illustrating a communication method according to an embodiment of the present disclosure. As shown in FIG. 3E, the embodiment of the present disclosure relates to a communication method, which is performed by a terminal side, and the above method comprises:
[0641] Step S3501, sending the first message.
[0642] The optional implementation of step S3501 can refer to the optional implementation of step S2301 in FIG. 2I and other associated parts in the embodiments related to FIG. 2I, which are not described here again.
[0643] Step S3502, receiving the second message.
[0644] The optional implementation of step S3502 can refer to the optional implementation of step S2304 in FIG. 2I and other associated parts in the embodiments related to FIG. 2I, which are not described here again.
[0645] Step S3503, creating or activating the first NAS security context for the first network element.
[0646] The optional implementation of step S3503 can refer to the optional implementation of step S2305 in FIG. 2I and other associated parts in the embodiments related to FIG. 2I, which are not described here again.
[0647] Step S3504, verifying the second message according to the first NAS security context.
[0648] The optional implementation of step S3504 can refer to the optional implementation of step S2306 in FIG. 2I and other associated parts in the embodiments related to FIG. 2I, which are not described here again.
[0649] Step S3505, in the case of sending the fourth message to the first network element, increasing the value of the uplink NAS count in the first NAS security context by 1.
[0650] The optional implementation of step S3505 can refer to the optional implementation of step S2307 in FIG. 2I and other associated parts in the embodiments related to FIG. 2I, which are not described here again.
[0651] Step S3506, in a case where the first network element sends the fifth message, updating the downlink NAS count in the first NAS security context according to the SQN in the fifth message.
[0652] The optional implementation of step S3506 can refer to the optional implementation of step S2308 in FIG. 2I and other associated parts in the embodiments related to FIG. 2I, which will not be repeated here.
[0653] Step S3507, in a case where the NAS connection is released, deleting the first NAS security context or updating the state of the first NAS security context.
[0654] The optional implementation of step S3507 can refer to the optional implementation of step S2309 in FIG. 2I and other associated parts in the embodiments related to FIG. 2I, which will not be repeated here.
[0655] The communication method related to the embodiments of the present disclosure can include at least one of steps S3501-S3507. For example, step S3503 can be implemented as an independent embodiment, step S3507 can be implemented as an independent embodiment, and step S3503 and step S3507 can be implemented as independent embodiments, but are not limited thereto.
[0656] In some embodiments, the order between any two of steps S3501-S3507 can be exchanged or executed simultaneously.
[0657] In some embodiments, steps S3501, S3502, S3504-S3507 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0658] In some embodiments, steps S3501-S3506 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0659] In some embodiments, steps S3501, S3502, S3504-S3506 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0660] FIG. 3F is a flow diagram of a communication method according to an embodiment of the present disclosure. As shown in FIG. 3F, the embodiments of the present disclosure relate to a communication method, which is executed by a terminal side, and the above method includes:
[0661] Step S3601, receiving a second message.
[0662] The optional implementation of step S3601 can refer to the optional implementation of step S2304 in FIG. 2I, the optional implementation of step S3502 in FIG. 3E, and other associated parts in the embodiments related to FIG. 2I and FIG. 3E, which are not described here again.
[0663] Step S3602, creating or activating a first NAS security context for the first network element.
[0664] The optional implementation of step S3602 can refer to the optional implementation of step S2305 in step S2104 in FIG. 2A, step S2204 in FIG. 2E, and the optional implementation of step S2303 in FIG. 2I, and other associated parts in the embodiments related to FIG. 2A, FIG. 2E and FIG. 2I, which are not described here again.
[0665] The communication method related to the embodiments of the present disclosure can include at least one of step S3601 and step S3602. For example, step S3601 can be implemented as an independent embodiment, but is not limited thereto.
[0666] In some embodiments, step S3601 and step S3602 can be exchanged in order or executed simultaneously.
[0667] In some embodiments, step S3601 is optional, which can be omitted or replaced in different embodiments.
[0668] In some embodiments, step S3602 is optional, which can be omitted or replaced in different embodiments.
[0669] FIG. 4A is a flow diagram of a communication method according to an embodiment of the present disclosure. As shown in FIG. 4A, the embodiments of the present disclosure relate to a communication method, which is executed by a first network element side, and the above method includes:
[0670] Step S4101, receiving a first message or a third message.
[0671] The optional implementation of step S4101 can refer to step S2102, step S2103 in FIG. 2A, step S2202, step S2203 in FIG. 2E, the optional implementation of step S2301, step S2302 in FIG. 2I, and other associated parts in the embodiments related to FIG. 2A, FIG. 2E and FIG. 2I, which are not described here again.
[0672] Step S4102, creating a second NAS security context for the terminal.
[0673] The optional implementation of step S4102 can refer to step S2104 in FIG. 2A, step S2204 in FIG. 2E, the optional implementation of step S2303 in FIG. 2I, and other associated parts in the embodiments related to FIG. 2A, FIG. 2E and FIG. 2I, which are not described here again.
[0674] Step S4103, sending the second message.
[0675] The optional implementation of step S4103 can be refer to the optional implementation of step S2105 in FIG. 2A, step S2205 in FIG. 2E, step S2304 in FIG. 2I, and other associated parts in the embodiments related to FIG. 2A, FIG. 2E, FIG. 2I, which are not described here again.
[0676] Step S4104, in the case of receiving the fourth message sent by the terminal, updating the downlink NAS count in the second NAS security context according to the SQN in the fourth message.
[0677] The optional implementation of step S4104 can be refer to the optional implementation of step S2107 in FIG. 2A, step S2207 in FIG. 2E, step S2307 in FIG. 2I, and other associated parts in the embodiments related to FIG. 2A, FIG. 2E, FIG. 2I, which are not described here again.
[0678] Step S4105, in the case of sending the fifth message to the terminal, increasing the value of the downlink NAS count in the second NAS security context by 1.
[0679] The optional implementation of step S4105 can be refer to the optional implementation of step S2108 in FIG. 2A, step S2208 in FIG. 2E, step S2308 in FIG. 2I, and other associated parts in the embodiments related to FIG. 2A, FIG. 2E, FIG. 2I, which are not described here again.
[0680] Step S4106, in the case of the NAS connection being released, deleting the second NAS security context or changing the state of the second NAS security context.
[0681] The optional implementation of step S4106 can be refer to the optional implementation of step S2110 in FIG. 2A, step S2210 in FIG. 2E, step S2310 in FIG. 2I, and other associated parts in the embodiments related to FIG. 2A, FIG. 2E, FIG. 2I, which are not described here again.
[0682] The communication method related to the embodiments of the present disclosure can include at least one of steps S4101-S4106. For example, step S4102 can be implemented as an independent embodiment, steps S4101 and S4102 can be implemented as independent embodiments, steps S4102 and S4106 can be implemented as independent embodiments, but not limited to this.
[0683] In some embodiments, the order between any two steps of steps S4101-S4106 can be exchanged or executed simultaneously.
[0684] In some embodiments, the step S4101 and the steps S4103-S4106 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0685] In some embodiments, the steps S4103-S4106 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0686] In some embodiments, the step S4101 and the steps S4103-S4105 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0687] FIG. 4B is a flow diagram illustrating a communication method according to an embodiment of the present disclosure. As shown in FIG. 4B, the embodiments of the present disclosure relate to a communication method, which is performed by a first network element side, and the above method comprises the following steps:
[0688] In step S4201, a first message is received.
[0689] The optional implementation of the step S4201 can refer to the optional implementation of the steps S2102, S2103 in FIG. 2A, the steps S2202, S2203 in FIG. 2E, the steps S2301, S2302 in FIG. 2I, and other associated parts in the embodiments related to FIG. 2A, FIG. 2E, and FIG. 2I, which will not be repeated here.
[0690] In step S4202, a second NAS security context is created for the terminal.
[0691] The optional implementation of the step S4202 can refer to the step S2104 in FIG. 2A, the step S2204 in FIG. 2E, the optional implementation of the step S2303 in FIG. 2I, and other associated parts in the embodiments related to FIG. 2A, FIG. 2E, and FIG. 2I, which will not be repeated here.
[0692] In step S4203, in the case that the NAS connection is released, the second NAS security context is deleted or the state of the second NAS security context is changed.
[0693] The optional implementation of the step S4203 can refer to the step S2110 in FIG. 2A, the step S2210 in FIG. 2E, the optional implementation of the step S2310 in FIG. 2I, and other associated parts in the embodiments related to FIG. 2A, FIG. 2E, and FIG. 2I, which will not be repeated here.
[0694] The communication method related to the embodiments of the present disclosure can include at least one of steps S4201-S4203. For example, step S4202 can be implemented as an independent embodiment, and steps S4202 and S4203 can be implemented as independent embodiments, but are not limited thereto.
[0695] In some embodiments, the order between any two of steps S4201-S4203 can be exchanged or performed simultaneously.
[0696] In some embodiments, steps S4201 and S4203 are optional, and one or more of these steps can be omitted or replaced in different embodiments.
[0697] In some embodiments, step S4201 is optional, and this step can be omitted or replaced in different embodiments.
[0698] FIG. 4C is a flow diagram illustrating a communication method according to an embodiment of the present disclosure. As shown in FIG. 4C, the embodiments of the present disclosure relate to a communication method, which is performed by a first network element side, and the above method includes the following steps.
[0699] Step S4301: creating a second NAS security context for the terminal.
[0700] The optional implementation of step S4301 can refer to the optional implementation of step S2104 in FIG. 2A, step S2204 in FIG. 2E, step S2303 in FIG. 2I, and other associated parts in the embodiments related to FIG. 2A, FIG. 2E, and FIG. 2I, which are not described here again.
[0701] FIG. 5 is a flow diagram illustrating a communication method according to an embodiment of the present disclosure. As shown in FIG. 5, the embodiments of the present disclosure relate to a communication method, which is performed by a second network element side, and the above method includes the following steps.
[0702] Step S501: receiving a first message.
[0703] The optional implementation of step S501 can refer to the optional implementation of step S2102 in FIG. 2A, step S2202 in FIG. 2E, step S2301 in FIG. 2I, and other associated parts in the embodiments related to FIG. 2A, FIG. 2E, and FIG. 2I, which are not described here again.
[0704] Step S502: sending the first message or a third message.
[0705] The optional implementation of step S502 can refer to the optional implementation of step S2103 in FIG. 2A, step S2203 in FIG. 2E, step S2302 in FIG. 2I, and other associated parts in the embodiments related to FIG. 2A, FIG. 2E, and FIG. 2I, which are not described here again.
[0706] The communication method related to the embodiments of the present disclosure can include at least one of step S501 and step S502. For example, step S501 can be implemented as an independent embodiment, but is not limited thereto.
[0707] In some embodiments, step S501 and step S502 can be exchanged in order or executed simultaneously.
[0708] In some embodiments, step S501 is optional, and in different embodiments, this step can be omitted or replaced.
[0709] In some embodiments, step S502 is optional, and in different embodiments, this step can be omitted or replaced.
[0710] FIG. 6A is an interaction diagram illustrating a communication method according to an embodiment of the present disclosure. As shown in FIG. 6A, the above method includes:
[0711] Step 1, before the terminal (UE) starts to establish a NAS connection with the first network element (NF), it first retrieves the NAS security context of the NF according to the available KSI (for AMF / SEAF) or KSI NF of the NF. If KSI NF is used, the UE identifies the NAS security context of the NF according to the NF code part of KSI NF . NF code = NF type or NF instance ID.
[0712] In some embodiments, if there is no existing NAS security context of this NF stored, the UE derives K NF and K NF_INT / K NF_ENC for the communication between the UE and the NF, and creates the corresponding NAS security context. The UL NAS COUNT and DL NAS COUNT contained in the NAS security context of the NF are set to zero. The NAS security context identifier of the NF can be KSI or KSI NF . K NF is the root key of the communication between the UE and the NF, derived from K AUSF / K SEAF / K AMF (i.e. vertical derivation). The UE can obtain K AUSF / K SEAF / K AMF when it is registered.
[0713] In some embodiments, if there is an existing non-current NAS security context (stored after previous NAS connection release) for this NF, the UE changes the state of the corresponding NAS security context for the NF, e.g. from non-current to current. The K NF and K NF_INT / K NF_ENC used for the NAS connection establishment. No derivation is needed.
[0714] In some embodiments, KSI is a generic identifier of the NAS security context of the AMF / SEAF / AUSF and the NAS security context of the NF. KSI NF is an identifier of the NAS security context of the NF, which can be generated by the UE itself. KSI NF may share the same value as KSI AMF / SEAF / AUSF , or can be derived from KSI AMF / SEAF / AUSF , e.g. KSI NF = NF instance ID / NF type: KSI AMF / SEAF / AUSF .
[0715] In some embodiments, K NF_INT is an integrity protection key derived from K NF . K NF_ENC is an encryption protection key derived from K NF .
[0716] In some embodiments, K NF is derived vertically: input S of KDF: UE identifier (such as IMSI or NAI or GCI or GLI), ABBA parameters, NF type or NF instance ID (known by the terminal). Input key key is K AUSF / K SEAF / K AMF .
[0717] Step 2, the UE sends NAS signaling protected by K NF_INT and / or K NF_ENC . NAS SQN (stored in the NAS security context of the NF), KSI / KSI NF and UE identifier are included in the NAS signaling (e.g. message to request establishment of NAS connection).
[0718] In some embodiments, the initial NAS signaling for establishing the NAS connection can be forwarded by the AMF.
[0719] Step 3, upon receiving the NAS signaling, if the received KSI / KSI NFIf the corresponding UE NAS security context is not stored in the NF, the NF sends a key request to the SEAF / AMF / AUSF, including the UE identifier, NF instance ID or NF type, and KSI / KSI. NF SEAF / AMF / AUSF derives K using vertical derivation. NF and K NF The selected algorithm is returned to NF. If the received KSI / KSI NF If the identified UE NAS security context is stored in NF, skip this step.
[0720] In some embodiments, once KSI is received NF KSI can be derived from AMF / SEAF / AUSF. AMF / SEAF / AUF And retrieve the corresponding NAS security context of AMF / SEAF / AUSF to generate K NF .
[0721] In some embodiments, once a KSI is received, the AMF / SEAF / AUSF can retrieve the corresponding NAS security context to generate a KSI. NF .
[0722] Step 4, if K is received from SEAF / AMF / AUSF NF With the security algorithm, the NF creates the UE NAS security context. The NF sets the UL NAS COUNT and DL NAS COUNT to zero, and from K... NF Export K NF_INT / K NF_ENC By using the exported K NF_INT / K NF_ENC The stored UL NAS OVERFLOW and the received UL NAS SQN, NF verify the NAS signaling.
[0723] In some embodiments, the UE NAS security context of the NF is provided by the KSI / KSI provided by the UE. NF Logo.
[0724] In some embodiments, if the received KSI / KSI NF If the UE NAS security context identifier is already stored in the NF, then the NF activates the UE NAS security context, that is, changes the state from non-current to current. This is done by using the stored K... NF_INT / K NF_ENC The stored UL NAS OVERFLOW and the received UL NAS SQN, NF verify the NAS signaling.
[0725] Step 5, if the verification is passed, the NF returns the NAS signaling to the UE, which is protected by K NF_INT / K NF_ENC . The UE verifies the NAS signaling using the stored corresponding NAS security context.
[0726] In some embodiments, all subsequent communications between the UE and the NF are protected by using the NAS security context created / activated per NF. For UL messages, the UE increments the UL NAS COUNT by 1, and the NF updates the UL NAS COUNT accordingly. For DL messages, the NF increments the DL NAS COUNT by 1, and the UE updates the DL NAS COUNT accordingly.
[0727] After the NAS connection is released, step 6 is performed.
[0728] Step 6, the UE and the NF change the state of the corresponding NAS security context, i.e., from current state to non-current state.
[0729] In some embodiments, the NAS security context stored in the UE can refer to FIG. 2B and FIG. 2C. The UE NAS security context stored in the NF can refer to FIG. 2D. Among them, the NAS security context of SEAF / AMF / AUSF is created before the NAS security context of other NFs.
[0730] FIG. 6B is an interaction schematic diagram of a communication method according to an embodiment of the present disclosure. Compared with FIG. 6A, the difference is that:
[0731] Only the vertical derivative is available for deriving K NF . KSI / KSI NF provided by the UE.
[0732] In some embodiments, KNF is derived vertically: the input S of KDF is the UE identifier (such as IMSI or NAI or GCI or GLI or GPSI or SUPI or SUCI), the ABBA parameter, the NF instance ID, and the NAS COUNT stored in the NAS security context of AUSF / SEAF / AMF. The input key key is K AUSF / K SEAF / K AMF .
[0733] For steps 1 and 4, once K NF is derived, the UE and the NF set the NAS COUNT to zero.
[0734] For step 6, once the NAS connection is released, the UE and the NF delete the NAS security context.
[0735] In some embodiments, the NAS security context stored in the UE can refer to FIG. 2F and FIG. 2G. The UE NAS security context stored in the NF can refer to FIG. 2H.
[0736] FIG. 6C is an interaction diagram illustrating a communication method according to an embodiment of the disclosure. Compared with FIG. 6A, the difference is that:
[0737] For step 1, NAS signaling is sent without protection or by using the NAS security context of the AMF. KSI / KSI NF / KSI AMF / SEAF / AUSF .
[0738] Where, if the NAS signaling is protected by the NAS security context of the AMF, the AMF / SEAF / AUSF can directly provide K NF and KSI / KSI NF to the NF. In this case, step 2 can be skipped.
[0739] For steps 2 and 5, only the vertical derivative can be used to derive K NF .
[0740] For steps 3 and 5, once K NF is derived, the UE and the NF set the NAS COUNT to zero.
[0741] Where, K NF Vertical derivation: the input S of the KDF: UE identifier (such as IMSI or NAI or GCI or GLI), ABBA parameter, NF instance ID, UE-provided random number, NF-provided random number. The input key key is K AUSF / K SEAF / K AMF . The UE-provided random number is transmitted in step 1, and the NF-provided random number is transmitted in step 4.
[0742] For step 6, once the NAS connection is released, the UE and the NF delete the NAS security context.
[0743] In some embodiments, the NAS security context stored in the UE can refer to FIG. 2F and FIG. 2G. The UE NAS security context stored in the NF can refer to FIG. 2H.
[0744] In some embodiments, an implementation on the UE side includes that the UE should be able to create and store different NAS security contexts for different NFs, including NAS COUNT, security algorithm, key, context state, KSI, and the like.
[0745] Optionally, once NAS signaling is received from the UE, the NF shall be able to create and store a NAS security context for the UE.
[0746] Optionally, the UE shall be able to perform vertical derivation to generate K NF .
[0747] Optionally, the UE shall be able to provide KSI or KSI NF to the network for the NF to create a NAS security context.
[0748] Optionally, the UE shall be able to provide a random number for key generation by sending NAS signaling.
[0749] Optionally, the UE shall be able to protect initial NAS signaling by using the NAS security context of the AUSF / SEAF / AMF.
[0750] Optionally, the UE shall be able to maintain separate NAS counts for communication with different NFs.
[0751] In some embodiments, one implementation on the first network element (NF) side includes that the NF shall be able to create and store a UE NAS security context, including NAS count, security algorithm, keys, context state, ngKSI, UE identifier, etc.
[0752] Optionally, once NAS signaling is received from the UE, the NF shall be able to store a UE NAS security context.
[0753] Optionally, the NF shall be able to provide a random number for key generation.
[0754] Optionally, the NF shall be able to maintain a NAS count for direct communication with the UE.
[0755] Optionally, the NF shall be able to interact with the AUSF / SEAF / AMF to obtain K NF .
[0756] In some embodiments, one implementation on the second network element (AUSF / SEAF / AMF) side includes that the AUSF / SEAF / AMF shall be able to perform vertical derivation to generate K NF .
[0757] Optionally, the AUSF / SEAF / AMF shall be able to ensure freshness of K NF .
[0758] Optionally, the AUSF / SEAF / AMF shall be able to obtain random numbers provided by the UE and the NF.
[0759] In the embodiments of the present disclosure, part or all of the steps, and optional implementation manners thereof, can be combined with part or all of the steps in other embodiments, or combined with optional implementation manners of other embodiments.
[0760] The embodiments of the present disclosure also propose a device for implementing any of the above methods, for example, a device comprising units or modules for implementing the steps performed by the terminal in any of the above methods. For another example, another device is proposed, comprising units or modules for implementing the steps performed by the network equipment (such as access network equipment, core network function node, core network equipment, etc.) in any of the above methods.
[0761] It should be understood that the division of each unit or module in the above device is only a logical function division, and all or part of them can be integrated into one physical entity, or can be physically separated. In addition, the units or modules in the device can be implemented in the form of processor calling software: for example, the device includes a processor, the processor is connected with a memory, the memory stores instructions, and the processor calls the instructions stored in the memory to implement any of the above methods or the functions of each unit or module of the device, wherein the processor is, for example, a general processor, such as a central processing unit (CPU) or a microprocessor, and the memory is a memory in the device or a memory outside the device. Alternatively, the units or modules in the device can be implemented in the form of hardware circuit, and the functions of part or all of the units or modules can be implemented by designing the hardware circuit, and the hardware circuit can be understood as one or more processors; for example, in one implementation, the hardware circuit is an application-specific integrated circuit (ASIC), and the functions of part or all of the units or modules are implemented by designing the logical relationship of elements in the circuit; for another example, in another implementation, the hardware circuit is a programmable logic device (PLD), and taking a field programmable gate array (FPGA) as an example, it can include a large number of logic gate circuits, and the connection relationship between the logic gate circuits is configured by a configuration file, so as to implement the functions of part or all of the units or modules. All units or modules of the above device can be implemented in the form of processor calling software, or all units or modules can be implemented in the form of hardware circuit, or part of the units or modules can be implemented in the form of processor calling software, and the remaining part can be implemented in the form of hardware circuit.
[0762] In the embodiments of the present disclosure, the processor is a circuit with signal processing capability. In one implementation, the processor can be a circuit with instruction reading and running capability, such as a central processing unit (CPU), a microprocessor, a graphics processing unit (GPU) (which can be understood as a microprocessor), a digital signal processor (DSP), or the like. In another implementation, the processor can implement certain functions through a logical relationship of a hardware circuit, and the logical relationship of the hardware circuit is fixed or can be reconfigured. For example, the processor is a hardware circuit implemented by an application-specific integrated circuit (ASIC) or a programmable logic device (PLD), such as an FPGA. In the reconfigurable hardware circuit, the processor loads a configuration document to implement the hardware circuit configuration. It can be understood that the processor loads instructions to implement the functions of the above part or all units or modules. In addition, it can also be a hardware circuit designed for artificial intelligence, which can be understood as an ASIC, such as a neural network processing unit (NPU), a tensor processing unit (TPU), a deep learning processing unit (DPU), and the like.
[0763] FIG. 7A is a structural schematic diagram of a terminal, according to an embodiment of the present disclosure. As shown in FIG. 7A, the terminal 7100 can include at least one of a transceiver module 7101, a processing module 7102, and the like. In some embodiments, the processing module 7102 is configured to create or activate a first NAS security context for a first network element, the first NAS security context corresponding to a second NAS security context created or activated by the first network element for the terminal, the first NAS security context being used to protect a NAS connection between the terminal and the first network element, and the first NAS security context being used to protect the NAS connection between the terminal and the first network element. Optionally, the transceiver module 7101 is configured to perform at least one of the communication steps (e.g., steps S2102, S2103, S2105, S2107, S2108, S2202, S2203, S2205, S2207, S2208, S2301, S2302, S2304, S2307, S2308, but not limited thereto) of the sending and / or receiving performed by the terminal 101 in any of the above methods, details of which are not described herein again. Optionally, the processing module is configured to perform at least one of the other steps (e.g., steps S2101, S2104, S2106, S2109, S2110, S2201, S2204, S2206, S2209, S2210, S2303, S2305, S2306, S2309, S2310, but not limited thereto) performed by the terminal 101 in any of the above methods, details of which are not described herein again.
[0764] FIG. 7B is a structural schematic diagram of a first network element, according to an embodiment of the present disclosure. As shown in FIG. 7B, the first network element 7200 can include at least one of a transceiver module 7201, a processing module 7202, and the like. In some embodiments, the processing module 7202 is configured to create or activate a second NAS security context for a terminal, the second NAS security context corresponding to a first NAS security context created or activated by the terminal for the first network element, the second NAS security context being used to protect a NAS connection between the terminal and the first network element. Optionally, the transceiver module is configured to perform at least one of the communication steps (for example, steps S2102, S2103, S2105, S2107, S2108, S2202, S2203, S2205, S2207, S2208, S2301, S2302, S2304, S2307, S2308, but not limited to this) of the sending and / or receiving performed by the first network element 1021 in any of the above methods, which will not be described herein again. Optionally, the processing module is configured to perform at least one of the other steps (for example, steps S2101, S2104, S2106, S2109, S2110, S2201, S2204, S2206, S2209, S2210, S2303, S2305, S2306, S2309, S2310, but not limited to this) performed by the first network element 1021 in any of the above methods, which will not be described herein again.
[0765] In some embodiments, the transceiver module can include a sending module and / or a receiving module, which can be separate or integrated together. Optionally, the transceiver module can be mutually replaced with a transceiver.
[0766] In some embodiments, the processing module can be one module, or can include multiple sub-modules. Optionally, the multiple sub-modules perform all or part of the steps required to be performed by the processing module, respectively. Optionally, the processing module can be mutually replaced with a processor.
[0767] FIG. 8A is a structural schematic diagram of a communication device 8100, according to an embodiment of the present disclosure. The communication device 8100 can be a network device (for example, an access network device, a core network device, and the like), a terminal (for example, a user equipment, and the like), a chip, a chip system, or a processor supporting the network device to implement any of the above methods, or a chip, a chip system, or a processor supporting the terminal to implement any of the above methods. The communication device 8100 can be used to implement the methods described in the above method embodiments, and details can be referred to the descriptions in the above method embodiments.
[0768] As shown in FIG. 8A, the communication device 8100 includes one or more processors 8101. The processor 8101 can be a general processor or a special-purpose processor, etc., for example, a baseband processor or a central processing unit. The baseband processor can be used to process communication protocols and communication data, the central processing unit can be used to control a communication apparatus (e.g., a base station, a baseband chip, a terminal device, a terminal device chip, a DU or a CU, etc.), execute programs, and process data of the programs. Optionally, the communication device 8100 is configured to perform any of the above methods. Optionally, the one or more processors 8101 are configured to invoke instructions to cause the communication device 8100 to perform any of the above methods.
[0769] In some embodiments, the communication device 8100 further includes one or more transceivers 8102. When the communication device 8100 includes one or more transceivers 8102, the transceiver 8102 performs at least one of the communication steps (e.g., steps S2102, S2103, S2105, S2107, S2108, S2202, S2203, S2205, S2207, S2208, S2301, S2302, S2304, S2307, S2308, but not limited to this) in the above methods, and the processor 8101 performs at least one of the other steps (e.g., steps S2101, S2104, S2106, S2109, S2110, S2201, S2204, S2206, S2209, S2210, S2303, S2305, S2306, S2309, S2310, but not limited to this). In optional embodiments, the transceiver can include a receiver and / or a transmitter, which can be separate or integrated together. Optionally, the terms transceiver, transceiving unit, transceiver, transceiving circuit, interface circuit, interface, etc. can be replaced with each other, and the terms transmitter, transmitting unit, transmitter, transmitting circuit, etc. can be replaced with each other, and the terms receiver, receiving unit, receiver, receiving circuit, etc. can be replaced with each other.
[0770] In some embodiments, the communication device 8100 further includes one or more memories 8103 for storing data. Alternatively, all or part of the memories 8103 can be external to the communication device 8100. In optional embodiments, the communication device 8100 can include one or more interface circuits 8104. Optionally, the interface circuit 8104 is connected to the memory 8103, and the interface circuit 8104 can be used to receive data from the memory 8103 or other devices, and can be used to send data to the memory 8103 or other devices. For example, the interface circuit 8104 can read data stored in the memory 8103 and send the data to the processor 8101.
[0771] The communication device 8100 described in the above embodiments can be a network device or a terminal, but the scope of the communication device 8100 described in the present disclosure is not limited thereto, and the structure of the communication device 8100 can not be limited by Figure 8A. The communication device can be a standalone device or can be part of a larger device. For example, the communication device can be: 1) a standalone integrated circuit (IC), or a chip, or a chip system or subsystem; (2) a set of one or more ICs, which can optionally include a storage component for storing data, programs; (3) an ASIC, such as a modem; (4) a module that can be embedded in other devices; (5) a receiver, a terminal device, a smart terminal device, a cellular phone, a wireless device, a handset, a mobile unit, a vehicle-mounted device, a network device, a cloud device, an artificial intelligence device, etc.; (6) other devices, etc.
[0772] Figure 8B is a structural schematic diagram of a chip 8200 according to an embodiment of the present disclosure. For the case where the communication device 8100 is a chip or a chip system, the structural schematic diagram of the chip 8200 shown in Figure 8B can be referred to, but is not limited thereto.
[0773] The chip 8200 includes one or more processors 8201. The chip 8200 is configured to execute any of the above methods.
[0774] In some embodiments, the chip 8200 further includes one or more interface circuits 8202. Optionally, the terms interface circuit, interface, transceiver pin, etc. can be replaced by each other. In some embodiments, the chip 8200 further includes one or more memories 8203 for storing data. Optionally, all or part of the memories 8203 can be external to the chip 8200. Optionally, the interface circuit 8202 is connected to the memory 8203, and the interface circuit 8202 can be used to receive data from the memory 8203 or other devices, and the interface circuit 8202 can be used to send data to the memory 8203 or other devices. For example, the interface circuit 8202 can read data stored in the memory 8203 and send the data to the processor 8201.
[0775] In some embodiments, the interface circuit 8202 performs at least one of the communication steps (for example, steps S2102, S2103, S2105, S2107, S2108, S2202, S2203, S2205, S2207, S2208, S2301, S2302, S2304, S2307, S2308, but not limited to) of transmitting and / or receiving in the above method. The interface circuit 8202 performing the communication steps such as transmitting and / or receiving in the above method means that the interface circuit 8202 performs data interaction between the processor 8201, the chip 8200, the memory 8203 or the transceiver device. In some embodiments, the processor 8201 performs at least one of the other steps (for example, steps S2101, S2104, S2106, S2109, S2110, S2201, S2204, S2206, S2209, S2210, S2303, S2305, S2306, S2309, S2310, but not limited to).
[0776] The modules and / or devices described in each of the embodiments of the virtual device, the physical device, the chip, etc. can be combined or separated as the case may be. Alternatively, part or all of the steps can also be executed by a plurality of modules and / or devices in cooperation, which is not limited here.
[0777] The disclosure also proposes a storage medium, and the above storage medium stores instructions, which, when executed on the communication device 8100, causes the communication device 8100 to perform any of the above methods. Alternatively, the above storage medium is an electronic storage medium. Alternatively, the above storage medium is a computer readable storage medium, but is not limited to this, and it can also be a storage medium readable by other devices. Alternatively, the above storage medium can be a non-transitory storage medium, but is not limited to this, and it can also be a transitory storage medium.
[0778] The disclosure also proposes a program product, which, when executed by the communication device 8100, causes the communication device 8100 to perform any of the above methods. Alternatively, the above program product is a computer program product.
[0779] The disclosure also proposes a computer program, which, when executed on a computer, causes the computer to perform any of the above methods.
Claims
1. A communication method characterized by comprising: The method is performed by a terminal, and the method comprises: creating or activating a first NAS security context for a first network element, the first NAS security context corresponding to a second NAS security context, the second NAS security context being created or activated by the first network element for the terminal, the first NAS security context being used by the terminal to protect a NAS connection between the terminal and the first network element.
2. The method of claim 1, wherein, The creating or activating the first NAS security context for the first network element comprises: creating or activating the first NAS security context for the first network element before sending a first message, or after receiving a second message, wherein the first message is used by the terminal to request the first network element to establish a NAS connection, and the second message is a response of the first network element to the first message.
3. The method of claim 2, wherein, The sending the first message comprises: sending the first message to a second network element, so as to send the first message or a third message to the first network element through the second network element, the third message being generated based on the first message; or sending the first message to the first network element.
4. The method according to claim 2 or 3, characterized in that, The first NAS security context comprises at least one of: a NAS connection identifier; a security algorithm; a key of the first network element; a first NAS count comprising an uplink NAS count and / or a downlink NAS count; a first identifier being a common identifier of the first NAS security context and a fifth NAS security context, the fifth NAS security context being a NAS security context of a corresponding second network element stored on the terminal; a second identifier being an identifier of the first NAS security context; an encryption protection key; an integrity protection key; a state item, a value of the state item being a first value, the first value indicating a current state.
5. The method according to any one of claims 2-4, characterized in that, The creating or activating the first NAS security context for the first network element before sending the first message comprises: in a case where a third NAS security context is stored on the terminal, changing a value of a state item in the third NAS security context to a first value to obtain the first NAS security context, the third NAS security context being obtained by changing a value of a state item in the first NAS security context created or activated last time by the terminal in a case where a NAS connection with the first network element is released last time to a second value, wherein the first value indicates a current state, and the second value indicates a non-current state.
6. The method according to any one of claims 2-4, characterized in that, The creating or activating the first NAS security context for the first network element before sending the first message comprises: in a case where the third NAS security context is not stored on the terminal, generating a key of the first network element according to a vertical derivation manner, and setting a value of a first NAS count in the first NAS security context to 0.
7. The method according to any one of claims 2-4, characterized in that, The creating or activating the first NAS security context for the first network element after receiving the second message comprises: generating a key of the first network element according to a vertical derivation manner, and setting a value of a first NAS count in the first NAS security context to 0.
8. The method according to claim 6 or 7, characterized in that, The input parameter of the vertical derivation manner comprises at least one of: an identifier of the terminal; inter-architecture anti-babbling ABBA parameters; an identifier of the first network element; a key of the second network element; a second NAS count determined by a fifth NAS security context; a first random number provided by the terminal; a second random number provided by the first network element.
9. The method according to any one of claims 2-8, characterized in that, the second message is protected by the first network element according to a cipher protection key and / or an integrity protection key in the second NAS security context; the method further comprises: verifying the second message according to the first NAS security context, and determining whether the NAS connection with the first network element is successfully established.
10. The method according to any one of claims 1-9, characterized in that, after the NAS connection is successfully established, comprising: in a case where a fourth message is sent to the first network element, increasing a value of an uplink NAS count in the first NAS security context by 1, wherein the fourth message comprises a first sequence number SQN, and the first SQN is used by the first network element to update an uplink NAS count in the second NAS security context.
11. The method according to any one of claims 1-10, characterized in that, after the NAS connection is successfully established, comprising: in a case where a fifth message sent by the first network element is received, updating a value of a downlink NAS count in the first NAS security context according to a second SQN in the fifth message.
12. The method according to any one of claims 1-11, characterized in that, the method further comprises: in a case where the NAS connection is released, removing the first NAS security context.
13. The method according to any one of claims 1-11, characterized in that, the method further comprises: in a case where the NAS connection is released, changing a value of a state item in the first NAS security context to a second value to obtain a third NAS security context, the second value indicating a non-current state.
14. The method of claim 5 or 6, wherein, the first message is protected according to the first NAS security context.
15. The method of claim 7, wherein, the first message is unprotected or is protected according to a fifth NAS security context.
16. The method according to any one of claims 14 or 15, characterized in that, the first message comprises at least one of: a sequence number SQN; the first identifier; the second identifier; an identifier of the terminal; a first random number provided by the terminal.
17. A method of communication, comprising: performed by a first network element, the method comprising: creating or activating a second NAS security context for a terminal, the second NAS security context corresponding to a first NAS security context, the first NAS security context being created or activated by the terminal for the first network element, and the second NAS security context being used by the first network element to protect a NAS connection between the terminal and the first network element.
18. The method of claim 17, wherein, before the second NAS security context is created or activated for the terminal, comprising: receiving a first message, the first message being used by the terminal to request establishment of a NAS connection with the first network element; wherein the first NAS security context is created or activated by the terminal before the first message is sent or after a second message is received, and the second message is a response to the first message by the first network element.
19. The method of claim 18, wherein, the receiving the first message, comprising: receiving the first message sent by the terminal; or receiving the first message or a third message sent by a second network element, the third message being generated by the second network element according to the received first message.
20. The method of any one of claims 17-19, wherein, The second NAS security context comprises at least one of the following: an identifier of the terminal; a NAS connection identifier; a security algorithm; a key of the first network element; a first NAS count comprising an uplink NAS count and / or a downlink NAS count; a first identifier, which is a common identifier of the second NAS security context and a fifth NAS security context, the fifth NAS security context being a NAS security context of a corresponding second network element stored on the terminal; a second identifier, which is an identifier of the second NAS security context; an encryption protection key; an integrity protection key; a state item, a value of the state item being a first value, the first value indicating a current state.
21. The method according to any one of claims 17-20, characterized in that, The creating or activating the second NAS security context for the terminal comprises: in a case where a fourth NAS security context is stored on the first network element, changing a value of a state of the fourth NAS security context to a first value to obtain the second NAS security context, the fourth NAS security context being obtained by changing a value of a state item in the second NAS security context created or activated last time to a second value in a case where the first network element releases a NAS connection with the terminal last time, wherein the first value indicates a current state and the second value indicates a non-current state.
22. The method of claim 20, wherein, The creating or activating the second NAS security context for the terminal comprises: in a case where a fourth NAS security context is not stored on the first network element, requesting the second network element to generate the key of the first network element; receiving the key of the first network element and the security algorithm returned by the second network element; setting a value of the first NAS count in the second NAS security context to 0.
23. The method of claim 20, wherein, The method further comprises: obtaining at least one of the following from a third message sent by the second network element: the first identifier; the second identifier; the security algorithm; the key of the first network element.
24. The method of claim 22 or 23, wherein, The key of the first network element is generated by the second network element according to a vertical derivation manner, and input parameters of the vertical derivation manner comprise at least one of the following: the identifier of the terminal; an inter-architecture anti-downgrade (ABBA) parameter; an identifier of the first network element; a key of the second network element; a second NAS count, the second NAS count being determined by a sixth NAS security context, the sixth NAS security context being a NAS security context of the terminal stored on the second network element; a first random number provided by the terminal; a second random number provided by the first network element.
25. The method of claim 18 or 19, wherein, The method further comprises: sending a second message to the terminal, the second message being protected according to the encryption protection key and / or the integrity protection key in the second NAS security context.
26. The method of any one of claims 17-25, wherein, After the NAS connection is successfully established, comprising: in a case where a fourth message sent by the terminal is received, updating a value of an uplink NAS count in the second NAS security context according to a first sequence number (SQN) in the fourth signaling.
27. The method of any one of claims 17-26, wherein, After the NAS connection is successfully established, comprising: In case a fifth message is sent to the terminal, a value of a downlink NAS count in the second NAS security context is increased by 1, wherein the fifth message comprises a second SQN, and the second SQN is used by the terminal to update the downlink NAS count in the first NAS security context.
28. The method of any one of claims 17-27, wherein, The method further comprises: In case the NAS connection is released, the second NAS security context is removed.
29. The method of any one of claims 17-27, wherein, The method further comprises: In case the NAS connection is released, a value of a state item in the second NAS security context is changed to a second value, resulting in a fourth NAS security context, and the second value indicates a non-current state.
30. The method of claim 20, wherein, The first message comprises at least one of: a sequence number SQN; the first identifier; the second identifier; an identifier of the terminal; a first random number provided by the terminal.
31. A terminal, characterized by comprises: a processing module, configured to create or activate a first NAS security context for a first network element, the first NAS security context corresponding to a second NAS security context, the second NAS security context being created or activated by the first network element for a terminal, and the first NAS security context being used by the terminal to protect a NAS connection between the terminal and the first network element.
32. A first network element, characterized by, comprises: a processing module, configured to create or activate a second NAS security context for a terminal, the second NAS security context corresponding to a first NAS security context, the first NAS security context being created or activated by the terminal for a first network element, and the second NAS security context being used by the first network element to protect a NAS connection between the terminal and the first network element.
33. A terminal, characterized by comprises: one or more processors; a memory coupled to the processors, the memory having stored thereon executable instructions that, as a result of execution by the processors, cause the communication method of any one of claims 1-16 to be performed.
34. A first network element, characterized by, comprises: one or more processors; a memory coupled to the processors, the memory having stored thereon executable instructions that, as a result of execution by the processors, cause the communication method of any one of claims 17-30 to be performed. comprises a terminal, a first network element and a second network element, wherein the terminal is configured to create or activate a first NAS security context for a first network element, the first NAS security context corresponding to a second NAS security context, and the first NAS security context being used by the terminal to protect a NAS connection between the terminal and the first network element; 35. A communication system, characterized by the first network element is configured to create or activate a second NAS security context for a terminal, the second NAS security context being used by the first network element to protect a NAS connection between the terminal and the first network element. The instructions, when run on the communication device, cause the communication device to perform the communication method of any one of claims 1-30.
36. A storage medium, the storage medium storing instructions, wherein, The computer program and / or instructions, when executed by the communication device, implement the communication method of any one of claims 1-30.
37. A computer program product comprising computer programs and / or instructions, characterized in that,