+

WO2018126791A1 - Procédé et dispositif d'authentification, et support de stockage informatique - Google Patents

Procédé et dispositif d'authentification, et support de stockage informatique Download PDF

Info

Publication number
WO2018126791A1
WO2018126791A1 PCT/CN2017/110751 CN2017110751W WO2018126791A1 WO 2018126791 A1 WO2018126791 A1 WO 2018126791A1 CN 2017110751 W CN2017110751 W CN 2017110751W WO 2018126791 A1 WO2018126791 A1 WO 2018126791A1
Authority
WO
WIPO (PCT)
Prior art keywords
authentication
handover
information
data
function entity
Prior art date
Application number
PCT/CN2017/110751
Other languages
English (en)
Chinese (zh)
Inventor
谢振华
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2018126791A1 publication Critical patent/WO2018126791A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/062Pre-authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W36/00Hand-off or reselection arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W36/00Hand-off or reselection arrangements
    • H04W36/0005Control or signalling for completing the hand-off
    • H04W36/0011Control or signalling for completing the hand-off for data sessions of end-to-end connection
    • H04W36/0016Hand-off preparation specially adapted for end-to-end data sessions

Definitions

  • the present application relates to the field of communications, and in particular, to an authentication method and apparatus for performing handover, and a computer storage medium.
  • the 3rd Generation Partnership Project (3GPP) proposes a mobile network authentication scheme. As shown in Figure 1, the process of the authentication scheme includes the following steps:
  • Step 101 The core network element (such as the mobility management entity MME) sends an authentication data request to the home network element (such as the home subscription service HSS), for example, sends an Authentication Data Request message, where the message carries the identifier of the user to be authenticated, such as international mobile.
  • the station identifies the IMSI and carries the public key PubK of the core network element;
  • Step 102 A home network element (such as an HSS) obtains an authentication vector of one or a group of users.
  • the authentication vector is composed of the following four parts: a random number RAND, a network authentication parameter AUTN, an expected response XRES, and a key Knp;
  • the network element generates an encryption key Ks and uses it to encrypt Knp in the authentication vector to prevent Knp from being leaked out during transmission, and then uses PubK to encrypt Ks to obtain E PubK (Ks) for the receiver to decrypt the authentication vector. Key and prevent it from being leaked out during transmission;
  • Step 103 The home network element (such as the HSS) sends an authentication data response to the core network element (such as the MME), for example, sends an Authentication Data Response message, and the message carries the processed authentication vector and the Ks encrypted by PubK—E PubK (Ks);
  • the core network element such as the MME
  • Step 104 The core network element (such as MME) decrypts E PubK (Ks) with its own private key corresponding to the public key PubK, obtains Ks, and uses Ks to decrypt the encrypted encrypted Ks in the received authentication vector. key;
  • Ks E PubK
  • Step 105 The core network element (such as the MME) sends a user authentication request to the terminal UE, for example, sends a User Authentication Request message, and carries part of the received information in an authentication vector to form an authentication parameter, such as RAND and AUTN;
  • the core network element such as the MME
  • sends a user authentication request to the terminal UE for example, sends a User Authentication Request message, and carries part of the received information in an authentication vector to form an authentication parameter, such as RAND and AUTN;
  • Step 106 The terminal UE verifies the network based on the AUTN.
  • the terminal UE calculates the response value RES based on the RAND, and sends a user authentication response to the core network element (such as the MME), for example, sends a User Authentication Response message, and the message carries the authentication information, that is, the RES.
  • the AUTN is used for the terminal UE to authenticate the network
  • the RAND is used for the user of the network authentication terminal UE.
  • the authentication process is not introduced in the handover process, so that the authentication operation can be performed after the handover, and the signaling efficiency is reduced.
  • the embodiment of the present application provides an authentication method and device, and a computer storage medium.
  • An embodiment of the present application provides an authentication method, where the method includes:
  • the first network function entity sends a handover notification message to the second network function entity, where the handover notification message carries an authentication parameter, and the authentication parameter is generated based on the authentication data;
  • the first network function entity receives a handover complete message from the terminal, where the handover complete message carries authentication information, and the authentication information is generated based on the authentication parameter;
  • the first network function entity verifies the authentication information based on the authentication data.
  • the first network function entity verifies the authentication information based on the authentication data, including:
  • the first network function entity compares the authentication information based on information in the authentication data
  • the verification is successful; if the information in the authentication data is different from the authentication information, the verification fails.
  • the method further includes:
  • the second network function entity sends a handover preparation message to the first network function entity, where the handover preparation message carries the authentication data;
  • the authentication data includes one or more authentication sub-data;
  • the authentication parameter is generated based on the authentication data, and includes:
  • One or more authentication sub-data are selected from the authentication data as the authentication parameter.
  • the embodiment of the present application further provides an authentication device, where the device includes:
  • a handover preparation unit configured to send a handover preparation message to the network, where the handover preparation message carries the authentication data
  • the authentication data unit is configured to receive a handover preparation message, where the handover preparation message carries the authentication data, and sends a handover notification message to the network, where the handover notification message carries an authentication parameter, and the authentication parameter is generated based on the authentication data. And for receiving a handover complete message from the terminal, where the handover complete message carries authentication information, and the authentication information is generated based on the authentication parameter;
  • the switching execution unit is configured to receive a handover notification message, where the handover notification message carries an authentication parameter, and sends a handover execution message carrying the authentication parameter to the terminal;
  • a verification unit configured to verify the authentication information based on the authentication data.
  • the verification unit is further configured to: compare the authentication information based on information in the authentication data; if the information in the authentication data is the same as the authentication information, the verification succeeds; If the information in the authentication data is different from the authentication information, the verification fails.
  • An embodiment of the present application provides an authentication apparatus, where the apparatus includes:
  • a receiving unit configured to receive a handover preparation message sent by the second network function entity, where the handover preparation message carries the authentication data, and is configured to receive a handover complete message from the terminal, where the handover complete message carries the authentication information, where The authentication information is generated based on the authentication parameter;
  • a sending unit configured to send a handover notification message to the second network function entity, where the handover notification message carries an authentication parameter, and the authentication parameter is generated based on the authentication data;
  • a verification unit configured to verify the authentication information based on the authentication data.
  • the verification unit is further configured to: compare the authentication information based on information in the authentication data; if the information in the authentication data is the same as the authentication information, the verification succeeds; If the information in the authentication data is different from the authentication information, the verification fails.
  • the sending unit is further configured to: send a path switch message to the core network element, where the path switch message carries the target base station system Information.
  • the embodiment of the present application further provides an authentication device, where the device includes:
  • a sending unit configured to send a handover preparation message to the first network function entity, where the handover preparation message carries the authentication data, and is configured to send, to the terminal, a handover execution message carrying the authentication parameter, where the authentication parameter is based on the authentication Data generation
  • the receiving unit is configured to receive a handover notification message that carries the authentication parameter sent by the first network function entity.
  • the authentication data includes one or more authentication sub-data; the device further includes: a selecting unit configured to select one or more authentication sub-data from the authentication data as the authentication parameter.
  • the embodiment of the present application further provides a computer storage medium storing a computer program configured to execute the above authentication method.
  • the first network function entity receives the handover preparation message sent by the second network function entity, where the handover preparation message carries the authentication data, and the first network function entity sends the second network function
  • the entity sends a handover notification message, where the handover notification message carries an authentication parameter, and the authentication parameter is generated based on the authentication data
  • the first network function entity receives a handover complete message from the terminal, where the handover complete message carries the authentication Information, the authentication information is generated based on the authentication parameter
  • the first network function entity verifies the authentication information based on the authentication data.
  • the technical solution of the embodiment of the present application combines the authentication process with the handover process to provide a new base station system, so that the base station system can initiate and execute the authentication process during the handover process, thereby improving signaling efficiency.
  • 1 is a schematic flow chart of an existing mobile network authentication method
  • FIG. 2 is a schematic flowchart 1 of an authentication method according to an embodiment of the present application.
  • FIG. 3 is a schematic flowchart 2 of an authentication method according to an embodiment of the present application.
  • FIG. 4 is a schematic flowchart of an authentication method based on a core network handover according to an embodiment of the present application
  • FIG. 5 is a schematic flowchart of an authentication method according to an access network handover according to an embodiment of the present application
  • FIG. 6 is a first schematic structural diagram of an authentication device according to an embodiment of the present application.
  • FIG. 7 is a second schematic structural diagram of an authentication apparatus according to an embodiment of the present application.
  • FIG. 8 is a third schematic structural diagram of an authentication apparatus according to an embodiment of the present application.
  • FIG. 2 is a schematic flowchart 1 of an authentication method according to an embodiment of the present application. As shown in FIG. 2, the process includes:
  • Step 201 The first network function entity receives a handover preparation message sent by the second network function entity, where the handover preparation message carries the authentication data.
  • the first network function entity is a target base station system
  • the second network function entity is a source base station system or a core network element.
  • Step 202 The first network function entity sends a handover notification message to the second network function entity, where the handover notification message carries an authentication parameter, and the authentication parameter is generated based on the authentication data.
  • Step 203 The first network function entity receives a handover complete message from the terminal, where the handover complete message carries authentication information, and the authentication information is generated based on the authentication parameter.
  • Step 204 The first network function entity verifies the authentication information based on the authentication data.
  • the first network function entity verifies the authentication information based on the authentication data, and includes:
  • the first network function entity compares the authentication information based on information in the authentication data
  • the verification is successful; if the information in the authentication data is different from the authentication information, the verification fails.
  • the method further includes:
  • FIG. 3 is a second schematic flowchart of an authentication method according to an embodiment of the present disclosure. As shown in FIG. 3, the process includes:
  • Step 301 The second network function entity sends a handover preparation message to the first network function entity, where the handover preparation message carries the authentication data.
  • the second network function entity is a source base station system
  • the first network function entity is a target base station system or a core network element.
  • Step 302 The second network function entity sends a handover execution message carrying the authentication parameter to the terminal when receiving the handover notification message that carries the authentication parameter sent by the first network function entity, where the authentication parameter is based on the Authentication data generation.
  • the authentication data includes one or more authentication sub-data;
  • the authentication parameter is generated based on the authentication data, and includes:
  • One or more authentication sub-data are selected from the authentication data as the authentication parameter.
  • Embodiment 1 (The first network function entity is the target base station system, and the second network function entity is the core network element)
  • FIG. 4 is a schematic flowchart of an authentication method based on a core network switching according to an embodiment of the present application. As shown in FIG. 4, the process includes:
  • Step 401 The terminal UE accesses the mobile network, and the authentication data sending network element initiates the authentication process to the terminal UE by using the source base station system, or performs the handover process in the embodiment or the embodiment in FIG. 5, and the source base station system caches These certification data;
  • Step 402 The source base station system determines to initiate a handover process, and sends a handover requirement to the core network element (such as the mobility management function MMF, or the MME), for example, sends a Handover Required message, and carries the cached authentication data.
  • the core network element such as the mobility management function MMF, or the MME
  • Step 403 The core network element sends a handover request to the target base station system, for example, sends a Handover Request message, and carries the received authentication data.
  • Step 404 The target base station system sends a handover response to the core network element, for example, sending a Handover Response message, carrying an authentication parameter, and the authentication parameter is from the cached authentication data, such as RAND and AUTN;
  • Step 405 The core network element sends a handover command to the source base station system, for example, sends a Handover Command message, and carries the received authentication parameter.
  • Step 406 The source base station system sends a handover command to the terminal UE, for example, sends a Handover Command message, and carries the received authentication parameter.
  • Step 407 The terminal UE authenticates the network through the authentication parameter, and calculates the authentication information, such as the RES, and accesses the target base station system, and sends a handover confirmation to the target base station system, for example, sends a Handover Confirmed message, and carries the authentication information.
  • the authentication information such as the RES
  • Step 408 The target base station system receives the authentication information, and verifies the terminal UE, for example, calculates XRES by RAND, and compares whether XRES is equal to RES.
  • Embodiment 2 (The first network function entity is the target base station system, and the second network function entity is the source base station system)
  • FIG. 5 is a schematic flowchart of an authentication method based on an access network switching according to an embodiment of the present application. As shown in FIG. 5, the process includes:
  • Step 501 The terminal UE accesses the mobile network, and the authentication data is sent by the network element through the source base station system. Initiating an authentication process for the terminal UE, or performing a handover procedure in the embodiment or the embodiment in FIG. 4, the source base station system buffering the authentication data;
  • Step 502 The source base station system determines to initiate a handover process, and sends a handover request to the target base station system, for example, sends a Handover Request message, and carries the cached authentication data.
  • Step 503 The target base station system sends a handover response to the source base station system, for example, sending a Handover Response message, carrying an authentication parameter, and the authentication parameter is from the cached authentication data, such as RAND and AUTN;
  • Step 504 The source base station system sends a connection reconfiguration to the terminal UE, for example, sends an RRC Connection Reconfiguration message, and carries the received authentication parameter.
  • Step 505 The terminal UE authenticates the network through the authentication parameter, and calculates authentication information, such as RES, and accesses the target base station system, and sends a connection reconfiguration complete to the target base station system, for example, sending an RRC Connection Reconfiguration Complete message, carrying the authentication information;
  • authentication information such as RES
  • Step 506 The target base station system receives the authentication information, and verifies the terminal UE, for example, calculates XRES by RAND, and compares whether XRES is equal to RES;
  • Step 507 The target base station system sends a path switch to the core network element, for example, sends a Path Switch message.
  • FIG. 6 is a first schematic structural diagram of an authentication apparatus according to an embodiment of the present application. As shown in FIG. 6, the apparatus includes:
  • the receiving unit 61 is configured to receive a handover preparation message sent by the second network function entity, where the handover preparation message carries the authentication data, and is configured to receive a handover complete message from the terminal, where the handover complete message carries the authentication information, where The authentication information is generated based on the authentication parameter;
  • the sending unit 62 is configured to send a handover notification message to the second network function entity, where the handover notification message carries an authentication parameter, and the authentication parameter is generated based on the authentication data;
  • the verification unit 63 is configured to verify the authentication information based on the authentication data.
  • the authentication device is configured in a first network function entity, where the first The network function entity is a target base station system, and the second network function entity is a source base station system or a core network element.
  • the checking unit 63 is further configured to: compare the authentication information based on information in the authentication data; if the information in the authentication data is the same as the authentication information, verify Successful; if the information in the authentication data is different from the authentication information, the verification fails.
  • the sending unit 62 is further configured to: send a path switch message to the core network element, where the path switch message carries the Information of the target base station system.
  • the implementation functions of the units in the authentication apparatus shown in FIG. 6 can be understood by referring to the related description of the foregoing authentication method.
  • the functions of the units in the authentication apparatus shown in FIG. 6 can be realized by a program running on the processor, or can be realized by a specific logic circuit.
  • each unit in the authentication device may be implemented by a central processing unit (CPU) or a microprocessor (MPU, Micro Processor Unit) or a digital device located in the authentication device.
  • CPU central processing unit
  • MPU Micro Processor Unit
  • DSP Digital Signal Processor
  • FPGA Field Programmable Gate Array
  • FIG. 7 is a second schematic structural diagram of an authentication apparatus according to an embodiment of the present application. As shown in FIG. 7, the apparatus includes:
  • the sending unit 71 is configured to send a handover preparation message to the first network function entity, where the handover preparation message carries the authentication data, and is configured to send a handover execution message carrying the authentication parameter to the terminal, where the authentication parameter is based on the Authentication data generation;
  • the receiving unit 72 is configured to receive a handover notification message that carries the authentication parameter sent by the first network function entity;
  • the authentication data includes one or more authentication sub-data; the apparatus further includes: a selecting unit configured to select one or more authentication sub-data from the authentication data as the authentication parameter.
  • the authentication device is configured in a second network function entity, where the second network function entity is a source base station system, and the first network function entity is a target base station system or a core network element.
  • each unit in the authentication device may be implemented by a CPU, an MPU, or a DSP, or an FPGA or the like located in the authentication device.
  • FIG. 8 is a third schematic structural diagram of an authentication apparatus according to an embodiment of the present application. As shown in FIG. 8, the apparatus includes:
  • the handover preparation unit 81 is configured to send a handover preparation message to the network, where the handover preparation message carries the authentication data.
  • the authentication data unit 82 is configured to receive a handover preparation message, where the handover preparation message carries the authentication data, and sends a handover notification message to the network, where the handover notification message carries an authentication parameter, and the authentication parameter is generated based on the authentication data. And receiving, by the terminal, a handover complete message, where the handover complete message carries authentication information, where the authentication information is generated based on the authentication parameter;
  • the switching execution unit 83 is configured to receive a handover notification message, where the handover notification message carries an authentication parameter, and sends a handover execution message carrying the authentication parameter to the terminal;
  • the verification unit 84 is configured to verify the authentication information based on the authentication data.
  • the authentication device is disposed in a base station system.
  • the checking unit 84 is further configured to: compare the authentication information based on information in the authentication data; and if the information in the authentication data is the same as the authentication information, verify Successful; if the information in the authentication data is different from the authentication information, the verification fails.
  • each unit in the authentication device may be implemented by a CPU, an MPU, or a DSP, or an FPGA or the like located in the authentication device.
  • embodiments of the present application can be provided as a method, system, or computer program product. Accordingly, the application can take the form of a hardware embodiment, a software embodiment, or an embodiment in combination with software and hardware. Moreover, the application can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage and optical storage, etc.) including computer usable program code.
  • the computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the computer is readable and stored
  • the instructions in the reservoir produce an article of manufacture comprising an instruction device that implements the functions specified in one or more blocks of the flow or in a flow or block diagram of the flowchart.
  • These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device.
  • the instructions provide steps for implementing the functions specified in one or more of the flow or in a block or blocks of a flow diagram.
  • an embodiment of the present invention further provides a computer storage medium, wherein a computer program is configured, and the computer program is configured to execute the authentication method of the embodiment of the present invention.
  • the first network function entity receives the handover preparation message sent by the second network function entity, where the handover preparation message carries the authentication data, and the first network function entity sends the second network function entity to the second network function entity.
  • Sending a handover notification message where the handover notification message carries an authentication parameter, and the authentication parameter is generated based on the authentication data
  • the first network function entity receives a handover complete message from the terminal, where the handover complete message carries the authentication information And the authentication information is generated based on the authentication parameter
  • the first network function entity checks the authentication information based on the authentication data.
  • the technical solution of the embodiment of the present application combines the authentication process with the handover process to provide a new base station system, so that the base station system can initiate and execute the authentication process during the handover process, thereby improving signaling efficiency.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

La présente invention concerne un procédé et un dispositif d'authentification, et un support de stockage informatique. Le procédé comprend les étapes suivantes : une première entité fonctionnelle de réseau reçoit un message de préparation de transfert transmis par une seconde entité fonctionnelle de réseau, le message de préparation de transfert contenant des données d'authentification ; la première entité fonctionnelle de réseau transmet un message de notification de transfert à la seconde entité fonctionnelle de réseau, le message de notification de transfert contenant des paramètres d'authentification qui sont générés sur la base des données d'authentification ; la première entité fonctionnelle de réseau reçoit un message d'accomplissement de transfert, d'un terminal, le message d'accomplissement de transfert contenant des informations d'authentification qui sont générées sur la base des paramètres d'authentification ; et la première entité fonctionnelle de réseau vérifie les informations d'authentification sur la base des données d'authentification.
PCT/CN2017/110751 2017-01-03 2017-11-13 Procédé et dispositif d'authentification, et support de stockage informatique WO2018126791A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201710002692.7A CN108271154B (zh) 2017-01-03 2017-01-03 一种认证方法及装置
CN201710002692.7 2017-01-03

Publications (1)

Publication Number Publication Date
WO2018126791A1 true WO2018126791A1 (fr) 2018-07-12

Family

ID=62771592

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/110751 WO2018126791A1 (fr) 2017-01-03 2017-11-13 Procédé et dispositif d'authentification, et support de stockage informatique

Country Status (2)

Country Link
CN (1) CN108271154B (fr)
WO (1) WO2018126791A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110536296A (zh) * 2019-04-18 2019-12-03 中兴通讯股份有限公司 认证参数发送方法和装置以及认证参数处理方法和装置
CN115474194A (zh) * 2022-09-19 2022-12-13 天翼数字生活科技有限公司 一种安全认证方法、装置、设备和存储介质

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111163493B (zh) * 2018-11-08 2022-08-19 中国电信股份有限公司 通信配置方法、系统和相关设备
CN114071624B (zh) * 2020-07-31 2024-01-12 维沃移动通信有限公司 切换方法、装置及通信设备

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101635923A (zh) * 2009-08-05 2010-01-27 中兴通讯股份有限公司 一种支持快速切换的eap认证方法及系统
US20100098247A1 (en) * 2008-10-20 2010-04-22 Nokia Corporation Method, Apparatus And Computer Program Product For Generating An Encryption Key And An Authentication Code Key Utilizing A Generic Key Counter
CN101779391A (zh) * 2007-08-12 2010-07-14 Lg电子株式会社 具有链路失效恢复的切换方法、用于实现该方法的无线设备及基站
US20100268951A1 (en) * 2007-11-27 2010-10-21 Ki Seon Ryu Method of handover

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100450285C (zh) * 2005-06-06 2009-01-07 华为技术有限公司 一种终端在基站间进行切换的方法
CN101193427A (zh) * 2006-11-24 2008-06-04 中兴通讯股份有限公司 支持快速切换的预认证方法
CN101420691A (zh) * 2008-11-24 2009-04-29 华为技术有限公司 鉴权方法、通信系统及装置
CN101765167A (zh) * 2008-12-24 2010-06-30 中国移动通信集团公司 一种在不同制式网络间实现漫游的方法、系统及终端
CN101552985B (zh) * 2009-05-05 2011-04-06 广州杰赛科技股份有限公司 一种移动通信系统切换的预认证方法
US8385549B2 (en) * 2009-08-21 2013-02-26 Industrial Technology Research Institute Fast authentication between heterogeneous wireless networks

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101779391A (zh) * 2007-08-12 2010-07-14 Lg电子株式会社 具有链路失效恢复的切换方法、用于实现该方法的无线设备及基站
US20100268951A1 (en) * 2007-11-27 2010-10-21 Ki Seon Ryu Method of handover
US20100098247A1 (en) * 2008-10-20 2010-04-22 Nokia Corporation Method, Apparatus And Computer Program Product For Generating An Encryption Key And An Authentication Code Key Utilizing A Generic Key Counter
CN101635923A (zh) * 2009-08-05 2010-01-27 中兴通讯股份有限公司 一种支持快速切换的eap认证方法及系统

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110536296A (zh) * 2019-04-18 2019-12-03 中兴通讯股份有限公司 认证参数发送方法和装置以及认证参数处理方法和装置
CN115474194A (zh) * 2022-09-19 2022-12-13 天翼数字生活科技有限公司 一种安全认证方法、装置、设备和存储介质

Also Published As

Publication number Publication date
CN108271154B (zh) 2022-04-15
CN108271154A (zh) 2018-07-10

Similar Documents

Publication Publication Date Title
US11405780B2 (en) Method for performing verification by using shared key, method for performing verification by using public key and private key, and apparatus
US11825303B2 (en) Method for performing verification by using shared key, method for performing verification by using public key and private key, and apparatus
CN112566112B (zh) 用于无线通信的装置、方法和存储介质
EP2868029B1 (fr) Accord de clé destiné à la communication sans fil
CN108353279B (zh) 一种认证方法和认证系统
CN104754575B (zh) 一种终端认证的方法、装置及系统
CN107809411A (zh) 移动网络的认证方法、终端设备、服务器和网络认证实体
WO2017028593A1 (fr) Procédé pour amener un dispositif d'accès à un réseau à accéder à un point d'accès à un réseau sans fil, dispositif d'accès à un réseau, serveur d'application et support de stockage lisible par ordinateur non volatil
KR20160078426A (ko) 무선 직접통신 네트워크에서 비대칭 키를 사용하여 아이덴티티를 검증하기 위한 방법 및 장치
KR20180057665A (ko) 사용자 장비(ue)를 위한 액세스 방법, 디바이스 및 시스템
CA2929173A1 (fr) Procede, systeme, et appareil de configuration de cle
JP2011522494A (ja) 暗号鍵の生成
CN108112012A (zh) 一种群组终端的网络认证方法及装置
CN103688563A (zh) 执行组认证和密钥协商过程
WO2019095990A1 (fr) Procédé et dispositif de communication
WO2016011588A1 (fr) Entité de gestion de mobilité, serveur domestique, terminal, et système et procédé d'authentification d'identité
CA3137389A1 (fr) Procede et appareil d'envoi de parametres
WO2018126791A1 (fr) Procédé et dispositif d'authentification, et support de stockage informatique
CN107820242A (zh) 一种认证机制的协商方法及装置
CN112235799B (zh) 终端设备入网鉴权方法及系统
CN104683103A (zh) 一种终端设备登录认证的方法和设备
CN112887971B (zh) 数据传输方法和装置
CN112400335B (zh) 用于执行数据完整性保护的方法和计算设备
CN104168566A (zh) 一种接入网络的方法及装置
CN108270560B (zh) 一种密钥传输方法及装置

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17890729

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17890729

Country of ref document: EP

Kind code of ref document: A1

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载