Nothing Special   »   [go: up one dir, main page]

WO2014190828A1 - Method, apparatus and system for security key management - Google Patents

Method, apparatus and system for security key management Download PDF

Info

Publication number
WO2014190828A1
WO2014190828A1 PCT/CN2014/076167 CN2014076167W WO2014190828A1 WO 2014190828 A1 WO2014190828 A1 WO 2014190828A1 CN 2014076167 W CN2014076167 W CN 2014076167W WO 2014190828 A1 WO2014190828 A1 WO 2014190828A1
Authority
WO
WIPO (PCT)
Prior art keywords
base station
key
current
terminal
master
Prior art date
Application number
PCT/CN2014/076167
Other languages
French (fr)
Chinese (zh)
Inventor
和峰
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2014190828A1 publication Critical patent/WO2014190828A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation

Definitions

  • the present invention relates to the field of communications, and in particular, to a security key management method, apparatus, and system. Background technique
  • LTE Long Term Evolution
  • LTE Advanced enhanced LTE
  • the existing user plane data protocol stack of LTE is shown in Figure 1.
  • the downlink data received from the core network via the User Channel GPRS Tunneling Protocol (GTP-U, GPRS Tunneling Protocol for the User Plane) is packetized and then passed through the packet data.
  • the PDCP Packet Data Convergence Protocol
  • RLC Radio Link Control
  • MAC Medium Access Control
  • PHY Physical Layer
  • UE User Equipment
  • the transmission of uplink data is exactly the opposite of the downlink.
  • the data transmission link between the network and the terminal is a one-to-one dedicated link, so the signal quality of the link and the size of the resources used determine the data transmission performance between the two.
  • LPNs low power nodes
  • next-generation communication networks such as LTE
  • Pico eNB Small cell or micro base station
  • the network side needs to perform load balancing operations, but the process is not flexible enough, especially when there are many cells.
  • the load imbalance caused by the lack is more serious.
  • the number of LPN cells is relatively large, when a user equipment (or terminal) moves within the network, frequent inter-cell handover (Handover) is caused, resulting in frequent Data service terminals are even dropped calls, which can also lead to a decline in user data throughput and user experience.
  • such frequent handovers may also cause the terminal and the network, especially the core network, to receive a large amount of signaling impact, which may cause system resources to be congested or even paralyzed.
  • Dual Connectivity is one of them.
  • the dual-connected terminal can simultaneously connect with two (or more than two, the dual connectivity of the present invention is only a generic term, and does not limit the number of connections), for example, the terminal keeps connected with the macro cell and the LPN cell at the same time.
  • the network side can adjust the amount of data transmitted by the terminal on the two nodes in real time, and if the terminal moves or other reasons cause the LPN cell to change, another cell can still maintain the connection, and the change is not Can cause excessive signaling impact.
  • the above dual connectivity method has security problems, especially when the terminal has a PDCP protocol layer entity on two (or several) network nodes, because of the control plane signaling and user plane data of the radio access network.
  • Security protection (including encryption and decryption and integrity protection) is done at the PDCP layer. Therefore, when several PDCP entities exist, how to implement security protection on different network nodes is an important issue that must be solved.
  • the Access Stratum (AS) has the same security context, including the base station key KeNB, according to which the AS control plane encryption key (KRRCenc) and the integrity protection key (KRRCint) can be derived, and User side encryption key (KUPenc).
  • KRRCenc AS control plane encryption key
  • KRRCint integrity protection key
  • KUPenc User side encryption key
  • the sender uses the control plane integrity protection key (KRRCint) and the encryption key (KRRCenc), and the specified algorithm to perform integrity protection and encryption on the control plane data, and at the receiving end.
  • Reverse operations decryption and integrity protection verification
  • both parties use the user plane encryption key.
  • KeNB Encrypts and decrypts user plane data.
  • the base station key KeNB is initially calculated by the core network and then transmitted to the eNB.
  • the KeNB also updates.
  • the KeNB of the handover target side is still calculated by the core network; but if an X2 handover occurs, the derivative method of the KeNB (or KeNB*) of the handover target side may have two As shown in FIG. 3, one is derived from the KeNB on the switching source side, and the other is derived from the Next Hop (NH), where the NH is calculated by the core network and sent to the eNB. .
  • KeNB* NH derived; otherwise, KeNB * is derived from KeNB.
  • the security protection of several network nodes accessed by the terminal can only be configured by using the same key for several nodes on the network side.
  • the terminal accesses the macro base station (Mac) and the micro base station simultaneously in a typical deployment scenario.
  • a security key management method comprising:
  • the master base station and/or the terminal maintains the base station keys of the two sets of master base stations: a current base station key and a non-current base station key; wherein, the non-current base station key refers to a secret that is not currently used by the master base station and the terminal.
  • the key is derived from the current base station key or the next hop NH or the old non-current base station key; the current base station key refers to the key currently used by the master base station and the terminal, and is used to derive other control planes and/or User plane key, the current base station key has one and only one exists.
  • the first controlled base station key of the controlled base station with which the terminal is connected is derived by the master base station based on the current base station key or the non-current base station key or NH.
  • the corresponding controlled base station key is derived by the master base station according to the master base station key or NH that has not been used before.
  • the controlled base station key is calculated/derived by the master base station and then transmitted to the controlled base station through the interface between the master base station and the controlled base station.
  • the method further comprises the method of selecting a non-current base station key as: using the latest base station key, ie the last derived base station key, the base station key being the current base station key or a non-current base station key.
  • the key derivation method is: calculating a derived key according to a specific key derivation function based on an initial key, wherein the specific key derivation function comprises a one-way function.
  • the corresponding new controlled base station key is derived from the old controlled base station key.
  • a security key management device the device is a master control base station, and the device is configured to maintain a base station key of two sets of master control base stations: a current base station key and a non-current base station key; wherein, the non-current base station is dense Key refers to the key currently not used by the master base station and the terminal, by the current base station key or
  • the NH or the old non-current base station key is derived;
  • the current base station key refers to a key currently used by the master base station and the terminal, and is used to derive other control planes and/or user plane keys, the current base station key At the same time, there is only one and only one exists.
  • the first controlled base station key of the controlled base station with which the terminal is connected is derived by the master base station based on the current base station key or the non-current base station key or NH.
  • the corresponding controlled base station key is derived by the master base station according to the master base station key or NH that has not been used before.
  • the controlled base station key is calculated/derived by the master base station and then transmitted to the controlled base station through the interface between the master base station and the controlled base station.
  • the primary control base station selects the non-current base station key, it is used to: use the latest base station key, that is, the base station key that was derived last time, and the base station key is the current base station key or the non-current base station key.
  • the master base station when deriving a key, is configured to: calculate a derived key according to a specific key derivation function based on the initial key, where the specific key derivation function includes a one-way function.
  • the corresponding new controlled base station key is derived by the master base station based on the old controlled base station key.
  • the master base station is a radio access network side base station in a Long Term Evolution LTE system.
  • a security key management device the device is a terminal, and the device is configured to maintain a base station key of two sets of main control base stations: a current base station key and a non-current base station key; wherein, the non-current base station key refers to The key currently not used by the master base station and the terminal is derived from the current base station key or NH or the old non-current base station key; the current base station key refers to the key currently used by the master base station and the terminal, To derive other control planes and/or user plane keys, the current base station key has both one and only one presence.
  • a security key management system the system includes a master base station and a terminal, wherein the master base station and the terminal are respectively used to maintain base station keys of two sets of master base stations: a current base station key and a non-current base station key;
  • the non-current base station key refers to a key that is not currently used by the master base station and the terminal, and is derived from the current base station key or the NH or the old non-current base station key;
  • the current base station key refers to the current master control
  • the key used by the base station and the terminal is used to derive other control planes and/or user plane keys, and the current base station key has both one and only one.
  • the master base station is a radio access network side base station in an LTE system.
  • the security key management technology provided by the present invention can provide sufficient security protection for multiple connections of the terminal, and the security under multiple connections can be significantly improved, and multiple connections can be prevented when the micro base station connected to the terminal changes frequently.
  • the risk of a key being compromised or compromised is proportional to the change, which guarantees that the security strength of multiple connections is within the controllable range.
  • FIG. 1 is a schematic diagram of an LTE user plane protocol stack
  • 2 is a schematic diagram of a key derivation and protection mechanism in an existing network
  • 3 is a schematic diagram of a method for deriving a base station key in a handover scenario
  • Figure 4 is a schematic diagram of a dual connection scenario
  • FIG. 5 is a schematic diagram of a dual-connection security key management method
  • Figure 6 is a schematic diagram of a key derivation algorithm
  • Figure 7 is a schematic diagram of a dual-connection security key management scenario
  • Figure 8 is a schematic diagram of a dual-connection security key derivation mechanism
  • FIG. 9 is a schematic structural diagram of a structure of a main control base station according to an embodiment of the present disclosure.
  • FIG. 10 is a schematic structural diagram of a terminal structure according to an embodiment of the present invention. detailed description
  • An exemplary embodiment of the present invention provides a security key management method, which enables a terminal to have a strong security key or security configuration when accessing two (or more) wireless access network nodes simultaneously, thereby ensuring Dual connectivity security.
  • the master base station and/or the terminal maintains the base station keys of the two sets of master base stations: a current base station key and a non-current base station key; wherein, the non-current base station key refers to not currently being controlled.
  • the key used by the base station and the terminal is derived from the current base station key or the next hop NH or the old non-current base station key; the current base station key refers to the key currently used by the master base station and the terminal, and is used for derivation Other control planes and/or user plane keys, the current base station key has both one and only one presence.
  • the method of selecting a non-current base station key is: using the latest base station key, i.e., the base station key that was recently derived, which may be the current base station key or a non-current base station key.
  • the base station key of the controlled base station to which the terminal and the access terminal are derived is derived from the key of the master base station (including the current base station key or the non-current base station key), and the key of the same master base station is the most.
  • the key used to derive the controlled base station can only be used once.
  • the corresponding controlled base station key is derived by the master base station according to the previously used master base station key or NH.
  • the corresponding new controlled base station key S-KeNB* is derived from the old controlled base station key S-KeNB.
  • the derivation method is: calculating a derived key (key 2) according to a specific key derivation function based on an initial key (key 1), wherein the specific key derivation function may include any single To the function, the specific calculation method can be determined according to the specific implementation, and there is no limitation here.
  • the base station key of the controlled base station is calculated/derived by the master base station, and then sent to the controlled base station through an interface between the master base station and the controlled base station.
  • the master base station and the controlled base station are collectively referred to as a radio access network side base station in an LTE system, and may be a macro base station or a micro base station or a low power node (LPN) or a small cell base station (Small Cell) or a home. Base station (HeNB), etc.
  • LPN low power node
  • Small Cell Small Cell base station
  • HeNB Base station
  • a macro base station ie, a master base station
  • a plurality of micro base stations ie, multiple controlled base stations
  • This embodiment takes the key management of the terminal 1 in the master base station and the first controlled base station as an example.
  • the terminal 1 has a security context at the master base station; the security context includes a current master base station key KeNB, and the macro base station and the terminal 1 derive a control plane and/or a user plane key according to the KeNB to protect the information of the terminal 1 and the macro base station. transfer.
  • the security context includes a current master base station key KeNB, and the macro base station and the terminal 1 derive a control plane and/or a user plane key according to the KeNB to protect the information of the terminal 1 and the macro base station. transfer.
  • the master base station derives the controlled base station key KeNB* according to the KeNB or NH and transmits it to the first controlled base station.
  • KeNB is used to derive KeNB*; Terminal 1 also performs the same derivation to get the same KeNB*.
  • the terminal 1 and the first controlled base station respectively derive a control plane and/or a user plane key according to the KeNB* as a base station key to protect information transmission between the terminal 1 and the micro base station.
  • Specific Embodiment 2 Based on the scenario of the specific embodiment 1. This embodiment further takes the key management at the time of generating a key update as an example.
  • the terminal 1 needs to perform key update during the connection process of the first controlled base station.
  • the specific reason may be that the serial number of the PDCP layer is to be reversed, or the network side algorithm or security requirement.
  • the macro base station derives a new controlled base station key KeNB** according to the controlled base station key KeNB* of the first controlled base station, and transmits the key to the first controlled base station. Accordingly, terminal 1 also performs the same key derivation operation to obtain the same KeNB * *.
  • the terminal 1 and the first controlled base station respectively derive a control plane and/or a user plane key according to the KeNB** as a base station key to protect information transmission between the terminal 1 and the first controlled base station.
  • the derivation of the network side by KeNB* to KeNB** can also be done by the first controlled base station without the need for macro base station calculation.
  • the terminal 1 and the first controlled base station may further repeat the foregoing operations to complete a new key update.
  • Specific embodiment 3 :
  • a macro base station ie, a master base station
  • a plurality of micro base stations ie, a controlled base station
  • the terminal 2 first establishes a dual connection with the macro base station and the first controlled base station, and then the terminal 2 moves to In the coverage of the second controlled base station, the dual connection with the macro base station and the second controlled base station is re-completed.
  • the key management of the terminal 2 in the master base station and the second controlled base station is example.
  • the terminal 2 has a security context at the macro base station, including the current master base station key KeNB, and is used to protect the information transmission between the terminal 2 and the macro base station according to the control plane and/or the user plane key derived by the KeNB.
  • the macro base station determines that the currently existing base station key has been used to derive the controlled base station key, the macro base station derives a new non according to the current base station key KeNB or the old non-current key KeNB'.
  • the current master base station key KeNB then derives the second controlled base station key KeNB* according to the new non-current master base station key KeNB and passes it to the second controlled base station.
  • the method for the macro base station to select a new non-current base station key is: using the latest base station key (ie, the base station key that was last derived, the base station key may be the current base station key or the non-current base station key); If the macro base station determines that there is currently a controlled base station key that is not used for the derivation operation, then the second controlled base station key is derived directly from the key.
  • the terminal 2 performs the same key derivation as the macro base station to obtain KeNB*.
  • the terminal 2 and the second controlled base station respectively derive a control plane and/or a user plane key according to the KeNB* as a base station key to protect information transmission between the terminal 2 and the micro base station.
  • this embodiment further describes a key update method of the master base station.
  • Bay' J If the key between the terminal 2 and the macro base station needs to be updated (the specific reason may be that the PDCP sequence number is to be flipped, or is in security or algorithm consideration), Bay' J:
  • the latest non-current base station key in the current security context is converted into the current base station key.
  • the macro base station only needs to perform the same operation as the terminal 2, and replaces the current base station key with the latest non-current base station key.
  • the new current base station key that is, the key update of the master base station is completed
  • Method two according to the latest base station key in the current security context (may be the current base station secret The key or the non-current base station key) derives the current key of the new master base station.
  • Embodiment 5 may be the latest base station key in the current security context (may be the current base station secret The key or the non-current base station key) derives the current key of the new master base station.
  • a macro base station ie, a master base station
  • a plurality of micro base stations ie, controlled base stations
  • the terminal 3 is simultaneously connected to the macro base station, the third controlled base station, and the fourth controlled base station.
  • Status double connection at this time is actually multiple connections.
  • the key management of the terminal 3 in the primary control base station, the third controlled base station, and the fourth controlled base station is taken as an example, where the connection establishment sequence is controlled from the macro base station to the third controlled base station to the fourth control.
  • the base station is taken as an example.
  • the terminal 3 has a security context at the macro base station, including the current master base station key KeNB, and protects the information transfer between the terminal 3 and the macro base station according to the control plane and/or the user plane key derived by the KeNB.
  • the NH is used to derive the third controlled base station key KeNB*-3, otherwise the macro base station determines whether there is currently an unused master base station key, and if so, uses the The master base station key derives the third controlled base station key KeNB*-3, otherwise the new master base station key KeNB' needs to be derived from the latest master base station key, and then the third one is derived according to the new KeNB. Control the base station key KeNB*-3.
  • the macro base station Since the latest master base station key has been used to derive the third controlled base station key, the macro base station first derives a new master base station key KeNB based on the nearest master base station key KeNB', and then further according to The KeNB "derives the fourth controlled base station key KeNB*-4.
  • Terminal 3 obtains KeNB*-3 and KeNB*-4 using the same key derivation. And the third controlled base station and the fourth controlled base station respectively derive a control plane and/or a user plane key according to the KeNB*-3 and the KeNB*-4 as the controlled base station key to protect the terminal 3 and the corresponding controlled base station. Information transfer.
  • the master base station flexibly determines the derivative method of the controlled base station key according to the base station key, thereby obtaining a relatively independent controlled base station key, so that even if the controlled base station key is broken, It affects the data transmission of the master base station.
  • the controlled base station or the master base station generates a key update, it will be relatively independent without affecting the other party.
  • the above derivation method also avoids the possibility of using duplicate keys in all controlled base stations, minimizing the risk of key leakage.
  • the foregoing embodiments of the present invention only provide a feasible implementation scheme for some typical processes of a macro base station and a micro base station deployment scenario, but are also applicable to other deployment scenarios, such as a macro base station and a macro base station, and a micro base station.
  • the micro base station, the macro base station and the HeNB or the LPN, and the HeNB and the micro base station and the like can be combined in any manner, and the flow of the present invention is not limited to other message flows.
  • the master control base station provided by the embodiment of the present invention, as shown in FIG. 9, includes:
  • the storage unit 91 is configured to maintain a current base station key and a non-current base station key corresponding to the terminal;
  • the key generating unit 92 is configured to generate a non-current base station key corresponding to the terminal;
  • the non-current base station key refers to a key that is not currently used by the master base station and the terminal, and is derived from the current base station key or NH or the original non-current base station key; the current base station key refers to the current master control The key used by the base station and the terminal is used to derive other control planes and/or user plane keys, and the current base station key has both one and only one.
  • the key generation unit 92 is configured as a base station key of the controlled base station to which the terminal and the terminal are connected, and is derived from the current base station key or a non-current base station key, but the same master base station key can be used only once. Derived controlled base station key.
  • the key generation unit 92 configured as the first controlled base station key of the controlled base station to which the terminal and the access is connected, is derived by the master base station according to the current base station key or the non-current base station key or NH.
  • the key generation unit 92 is configured to: if the terminal accesses other controlled base stations, the corresponding controlled base station key is derived by the master base station according to the master base station key or NH that has not been used before.
  • the key generation unit 92 is configured to calculate/derive the controlled base station key by the master base station, and then send the signal to the controlled base station through an interface between the master base station and the controlled base station.
  • the key generation unit 92 is configured to use the latest base station key as the master base station key, i.e., the most recently derived base station key, which is the current base station key or the non-current base station key.
  • the key generation unit 92 is configured to: when the master base station derives a key, to: calculate a derived key according to a specific key derivation function based on the initial key, where the specific key derivation function includes a one-way function.
  • the key generation unit 92 is configured to, when the terminal and the controlled base station accessed by the terminal need to perform key update, the corresponding new controlled base station key is derived by the master base station according to the old controlled base station key.
  • the master base station is a radio access network side base station in a Long Term Evolution LTE system.
  • the embodiment of the present invention further provides a terminal, as shown in FIG. 10, the terminal includes: a storage unit 1001 configured to maintain a current base station key and a non-current base station key; and a receiving unit 1002 configured to receive the primary control base station
  • the non-current base station key is sent; wherein the non-current base station key refers to a key that is not currently used by the master base station and the terminal, and is derived from the current base station key or the NH or the original non-current base station key;
  • the current base station key refers to a key currently used by the master base station and the terminal, and is used to derive other control planes and/or user plane keys, and the current base station key has both one and only one.
  • a security key management system includes a master control base station and a terminal, where the master control base station and the terminal are respectively used to maintain base station keys of two sets of master control base stations: a current base station key and a non-current base station. a key; wherein the non-current base station key refers to a key that is not currently used by the master base station and the terminal, and is derived from a current base station key or NH or an original non-current base station key; the current base station key refers to a current The key used by the master base station and the terminal to derive other controls Face and/or user plane key, the current base station key has both one and only one.
  • the master base station is a radio access network side base station in an LTE system.
  • the method, the device or the system uses the security key management technology provided by the present invention, sufficient security protection can be provided for multiple connections of the terminal, and the security under multiple connections can be significantly improved, and When the frequent change of the micro base station connected to the terminal is prevented, the risk of the multi-connection key being cracked or leaked is proportional to the change, that is, the security strength of the multiple connection can be guaranteed to be within the controllable range.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Disclosed are a method, apparatus and system for security key management. A master control base station and/or a terminal maintain/maintains two sets of base station key for the master control base station: a present base station key and a non-present base station key. The non-present base station key is the key not used by the master control base station and the terminal at present, and is derived from the present base station key or Next Hop (NH) or a prior non-present base station key. The present base station key is the key used by the master control base station and the terminal at present, and is used for deriving other control panel and/or user panel keys. There exists one and only one present base station key simultaneously.

Description

一种安全密钥管理方法、 装置和系统 技术领域  Security key management method, device and system
本发明涉及通信领域, 具体涉及一种安全密钥管理方法、 装置和系统。 背景技术  The present invention relates to the field of communications, and in particular, to a security key management method, apparatus, and system. Background technique
随着无线通信技术和标准的不断演进, 移动分组业务得到了巨大的发 展, 单终端的数据吞吐能力在不断提升。 以长期演进(LTE, Long Term Evolution )系统为例, 在 20M带宽内可以支持下行最大速率 100Mbps的数 据传输, 后续的增强的 LTE ( LTE Advanced ) 网络中, 数据的传输速率将 进一步提升, 甚至可以达到 lGbps。  With the continuous evolution of wireless communication technologies and standards, the mobile packet service has been greatly developed, and the data throughput capability of a single terminal is constantly increasing. Taking the Long Term Evolution (LTE) system as an example, the downlink maximum rate of 100 Mbps data transmission can be supported in a 20 M bandwidth. In the subsequent enhanced LTE (LTE Advanced) network, the data transmission rate will be further improved, and even Reached 1Gbps.
现有 LTE的用户面数据协议栈如图 1所示,从核心网经用户层面 GPRS 隧道协议( GTP-U, GPRS Tunnelling Protocol for the User Plane )收到的下 行数据, 经解包后通过分组数据汇聚协议(PDCP, Packet Data Convergence Protocol )子层、 无线链路控制 (RLC, Radio Link Control )协议子层、 媒 体接入控制 (MAC, Medium Access Control )协议子层和物理层(PHY ) 处理发送给用户设备(UE, User Equipment ); 上行数据的发送与下行正好 相反。 目前网络与终端之间的数据传输链路是一对一的专用链接, 因此这 条链路的信号质量和使用的资源大小决定了两者间的数据传输性能。 如果 链路使用的资源受到限制或者信号质量比较差, 则终端的用户体验就会下 降, 这就是现在移动运营商正在面临的巨大挑战, 虽然网络容量逐年扩增, 但仍赶不上终端数量的增加和用户对数据业务量的需求。  The existing user plane data protocol stack of LTE is shown in Figure 1. The downlink data received from the core network via the User Channel GPRS Tunneling Protocol (GTP-U, GPRS Tunneling Protocol for the User Plane) is packetized and then passed through the packet data. The PDCP (Packet Data Convergence Protocol) sublayer, the Radio Link Control (RLC) protocol sublayer, the Medium Access Control (MAC) Medium Sublayer, and the Physical Layer (PHY) For user equipment (UE, User Equipment); the transmission of uplink data is exactly the opposite of the downlink. Currently, the data transmission link between the network and the terminal is a one-to-one dedicated link, so the signal quality of the link and the size of the resources used determine the data transmission performance between the two. If the resources used by the link are limited or the signal quality is poor, the user experience of the terminal will decrease. This is a huge challenge that mobile operators are facing now. Although the network capacity is expanding year by year, it still cannot keep up with the increase in the number of terminals. User demand for data traffic.
为了满足数据业务量的增长需求, 以及业务在地域上不平均的特点, 运营商在部署新一代通信网络(比如 LTE ) 的过程中, 也在增加低功率节 点( LPN, Low Power Node ) (或称小小区( Small Cell )或微基站( Pico eNB ) ) 来进行热点增强。 随着 LPN小区的增加, 网络部署环境变得更加复杂, 同 时也带来了一些问题。 首先, 因为 LPN小区覆盖范围相比宏小区 (Macro Cell )要小得多, 容量也相对较小, 某些 LPN小区可能会轻易被用户占满 而导致负荷过高, 从而影响用户数据的吞吐量, 而另外一些 LPN小区或宏 小区会处在相对较低的负荷水平上, 如果要平衡负荷, 需要网络侧执行负 荷均衡操作, 但该过程不够灵活, 尤其当小区较多时, 这种灵活性的缺乏 导致的负荷不均就更严重; 另外, 由于 LPN小区数量比较多, 因此用户设 备 (或称为终端) 在网络内发生移动时, 会导致频繁的小区间切换 ( Handover ), 从而导致频繁的数据业务终端甚至是掉话等问题, 这也会导 致用户的数据吞吐量和用户体验的下降。 同时这种频繁的切换也会导致终 端与网络, 尤其是核心网会收到大量的信令冲击, 从而可能导致系统资源 拥塞甚至瘫痪。 随着将来运营商以及个人部署的 LPN小区数量的增加, 上 述情况会愈来愈严重, 因此目前不少公司和运营商都倾向于寻求一种新的 增强方案, 双连接( Dual Connectivity )就是其中之一, 双连接下终端可以 同时与两个(或两个以上, 本发明所述双连接只是一个泛称, 并不限制连 接个数)网络节点保持连接, 比如终端同时与宏小区和 LPN小区保持连接, 在网络负荷不均衡时, 网络侧可以实时调控终端在两个节点上的传输数据 量, 同时如果终端移动或其他原因导致 LPN小区变更时, 另外一个小区还 可以保持连接, 且这种变更不会导致过多的信令冲击。 In order to meet the growing demand for data traffic and the geographically uneven nature of services, operators are also adding low power nodes (LPNs) in the process of deploying next-generation communication networks (such as LTE) (or Small cell or micro base station (Pico eNB) To carry out hot spot enhancements. As the number of LPN cells increases, the network deployment environment becomes more complex and brings some problems. First, because the coverage of the LPN cell is much smaller than that of the Macro Cell, and the capacity is relatively small, some LPN cells may be easily occupied by users and the load may be too high, thereby affecting the throughput of user data. The other LPN cells or macro cells are at a relatively low load level. If the load is to be balanced, the network side needs to perform load balancing operations, but the process is not flexible enough, especially when there are many cells. In addition, the load imbalance caused by the lack is more serious. In addition, because the number of LPN cells is relatively large, when a user equipment (or terminal) moves within the network, frequent inter-cell handover (Handover) is caused, resulting in frequent Data service terminals are even dropped calls, which can also lead to a decline in user data throughput and user experience. At the same time, such frequent handovers may also cause the terminal and the network, especially the core network, to receive a large amount of signaling impact, which may cause system resources to be congested or even paralyzed. With the increase in the number of LPN cells deployed by operators and individuals in the future, the above situation will become more and more serious. Therefore, many companies and operators are eager to seek a new enhancement solution. Dual Connectivity is one of them. First, the dual-connected terminal can simultaneously connect with two (or more than two, the dual connectivity of the present invention is only a generic term, and does not limit the number of connections), for example, the terminal keeps connected with the macro cell and the LPN cell at the same time. When the network load is unbalanced, the network side can adjust the amount of data transmitted by the terminal on the two nodes in real time, and if the terminal moves or other reasons cause the LPN cell to change, another cell can still maintain the connection, and the change is not Can cause excessive signaling impact.
但是, 上述的双连接方式存在安全问题, 尤其是当终端在两个(或若 干个) 网络节点上都存在 PDCP协议层实体的时候, 因为无线接入网的控 制面信令和用户面数据的安全保护 (包括加解密和完整性保护) 都是在 PDCP层完成的, 因此当有若干个 PDCP实体存在时, 不同网络节点上的安 全保护如何实现是必须解决的重要问题。  However, the above dual connectivity method has security problems, especially when the terminal has a PDCP protocol layer entity on two (or several) network nodes, because of the control plane signaling and user plane data of the radio access network. Security protection (including encryption and decryption and integrity protection) is done at the PDCP layer. Therefore, when several PDCP entities exist, how to implement security protection on different network nodes is an important issue that must be solved.
按照现有协议, 如图 2所示, 无线接入网侧 (如 eNB ) 与终端之间的 接入层(Access Stratum, AS )拥有相同的安全上下文, 其中包括基站密钥 KeNB, 根据该密钥可以派生出 AS控制面的加密密钥 ( KRRCenc )和完整 性保护密钥 (KRRCint ), 以及用户面的加密密钥 (KUPenc )。 在 eNB与终 端之间进行数据传输时, 发送端利用控制面完整性保护密钥(KRRCint )和 加密密钥( KRRCenc ),以及指定算法对控制面数据实施完整性保护和加密, 而在接收端则会根据相同的密钥和算法执行反向操作 (解密和完整性保护 验证), 对于用户面数据发送和接收, 双方则会利用用户面加密密钥According to the existing protocol, as shown in Figure 2, between the radio access network side (such as an eNB) and the terminal The Access Stratum (AS) has the same security context, including the base station key KeNB, according to which the AS control plane encryption key (KRRCenc) and the integrity protection key (KRRCint) can be derived, and User side encryption key (KUPenc). When data transmission is performed between the eNB and the terminal, the sender uses the control plane integrity protection key (KRRCint) and the encryption key (KRRCenc), and the specified algorithm to perform integrity protection and encryption on the control plane data, and at the receiving end. Reverse operations (decryption and integrity protection verification) are performed based on the same key and algorithm. For user plane data transmission and reception, both parties use the user plane encryption key.
( KUPenc )对用户面数据进行加密和解密操作。 其中所述基站密钥 KeNB 初始由核心网计算然后发送给 eNB。 在后续的过程中, 比如为防止 PDCP 序列号翻转或终端发生切换时, KeNB也会发生更新。 以切换为例, 如果发 生的是 S1切换, 则切换目标侧的 KeNB仍然由核心网计算; 但如果发生的 是 X2切换,则切换目标侧的 KeNB (或称 KeNB* )的派生方法可能有两种, 如图 3所示, 一种是由切换源侧的 KeNB派生而来, 另一种由下一跳(Next Hop , NH )派生而来, 其中 NH是由核心网计算并发送给 eNB的。 具体使 用哪种方法需要根据切换源侧是否存在未被使用过的 NH (即未被用来做过 密钥派生的) 而定, 如果切换源侧有未被使用过的 NH, 则 KeNB*由 NH 派生; 否则, KeNB *由 KeNB派生。 (KUPenc) Encrypts and decrypts user plane data. The base station key KeNB is initially calculated by the core network and then transmitted to the eNB. In the subsequent process, for example, to prevent the PDCP serial number from being flipped or the terminal switching, the KeNB also updates. Taking handover as an example, if an S1 handover occurs, the KeNB of the handover target side is still calculated by the core network; but if an X2 handover occurs, the derivative method of the KeNB (or KeNB*) of the handover target side may have two As shown in FIG. 3, one is derived from the KeNB on the switching source side, and the other is derived from the Next Hop (NH), where the NH is calculated by the core network and sent to the eNB. . Which method is used depends on whether there is an unused NH on the source side (that is, it is not used for key derivation). If there is an unused NH on the source side, KeNB* NH derived; otherwise, KeNB * is derived from KeNB.
根据上述描述, 在双连接场景下, 按照现有协议, 终端接入的若干个 网络节点的安全保护只能是网络侧的若干个节点釆用相同的密钥配置。 如 图 4所示, 在典型部署场景下终端同时接入宏基站( Macro eNB )和微基站 According to the above description, in the dual connectivity scenario, according to the existing protocol, the security protection of several network nodes accessed by the terminal can only be configured by using the same key for several nodes on the network side. As shown in Figure 4, the terminal accesses the macro base station (Mac) and the micro base station simultaneously in a typical deployment scenario.
( Pico eNB/LPN )这两个节点, 如果两个节点使用相同的安全配置 (比如 相同的加密密钥), 则终端侧只需要釆用一套安全上下文配置即可。 上述方 法的问题在于不安全, 因为在运营商部署的微基站(或称 LPN, 小小区基 站等)被认为是部署在公开环境的 (比如闹市区或街道旁), 因此微基站相 比于宏基站来说不够安全, 即基站本身就存在安全隐患, 如果微基站与宏 基站釆用相同的安全配置, 当微基站被攻破之后, 宏基站的安全保护也会 被攻破, 而当微基站发生频繁变更时, 密钥被破解的风险就更大, 同时密 钥泄露的可能性也跟其经历过的不安全的微基站数量成正比。 因此从这个 方面来讲釆用同一套安全上下文是有潜在安全漏洞的。 但除此之外, 现有 协议并无法支持在双连接下的安全保护机制, 尤其是对安全密钥的管理机 制。 发明内容 (Pico eNB/LPN) These two nodes, if the two nodes use the same security configuration (such as the same encryption key), the terminal side only needs to use a set of security context configuration. The problem with the above method is that it is not secure because the micro base station (or LPN, small cell base station, etc.) deployed by the operator is considered to be deployed in a public environment (such as a downtown area or a street), so the micro base station is compared to Acer. The station is not safe enough, that is, the base station itself has security risks, if the micro base station and the macro The base station uses the same security configuration. After the micro base station is compromised, the security protection of the macro base station is also broken. When the micro base station changes frequently, the risk of the key being cracked is greater, and the key is compromised. Sex is also proportional to the number of insecure micro-base stations it has experienced. So in this respect, using the same set of security contexts is a potential security hole. However, in addition to this, existing protocols cannot support the security protection mechanism under dual connectivity, especially the security key management mechanism. Summary of the invention
有鉴于此, 本发明的主要目的在于提供一种安全密钥管理方法、 装置 和系统, 提高多连接下的安全性。  In view of the above, it is a primary object of the present invention to provide a security key management method, apparatus and system that improve security under multiple connections.
为达到上述目的, 本发明的技术方案是这样实现的:  In order to achieve the above object, the technical solution of the present invention is achieved as follows:
一种安全密钥管理方法, 该方法包括:  A security key management method, the method comprising:
主控基站和 /或终端维护两套主控基站的基站密钥: 当前基站密钥和非 当前基站密钥; 其中, 所述非当前基站密钥指当前没有被主控基站和终端 使用的密钥, 由当前基站密钥或下一跳 NH或旧的非当前基站密钥派生; 所述当前基站密钥指当前被主控基站和终端使用的密钥, 用于派生其他控 制面和 /或用户面密钥, 所述当前基站密钥同时有且只有一个存在。  The master base station and/or the terminal maintains the base station keys of the two sets of master base stations: a current base station key and a non-current base station key; wherein, the non-current base station key refers to a secret that is not currently used by the master base station and the terminal. The key is derived from the current base station key or the next hop NH or the old non-current base station key; the current base station key refers to the key currently used by the master base station and the terminal, and is used to derive other control planes and/or User plane key, the current base station key has one and only one exists.
终端与其接入的受控基站的基站密钥, 由主控基站的密钥 (包括当前 基站密钥或非当前基站密钥)派生, 但同一个主控基站密钥最多只能被使 用一次用以派生受控基站密钥。  The base station key of the controlled base station to which the terminal and the access control station are derived from the key of the master control base station (including the current base station key or the non-current base station key), but the same master base station key can only be used once at most. To derive a controlled base station key.
终端与其接入的受控基站的第一个受控基站密钥由主控基站根据当前 基站密钥或非当前基站密钥或 NH派生。  The first controlled base station key of the controlled base station with which the terminal is connected is derived by the master base station based on the current base station key or the non-current base station key or NH.
如果终端接入其它受控基站时, 对应的受控基站密钥由主控基站根据 之前未被使用过的主控基站密钥或 NH派生。  If the terminal accesses other controlled base stations, the corresponding controlled base station key is derived by the master base station according to the master base station key or NH that has not been used before.
受控基站密钥由主控基站计算 /派生, 然后通过主控基站与受控基站之 间的接口发送给受控基站。 该方法还包括选择非当前基站密钥的方法为: 使用最新的基站密钥, 即最近一次被派生的基站密钥, 该基站密钥是当前基站密钥或非当前基站 密钥。 The controlled base station key is calculated/derived by the master base station and then transmitted to the controlled base station through the interface between the master base station and the controlled base station. The method further comprises the method of selecting a non-current base station key as: using the latest base station key, ie the last derived base station key, the base station key being the current base station key or a non-current base station key.
所述的密钥派生方法为: 基于初始密钥, 根据特定密钥派生函数计算 派生密钥, 其中特定密钥派生函数包括单向函数。  The key derivation method is: calculating a derived key according to a specific key derivation function based on an initial key, wherein the specific key derivation function comprises a one-way function.
在终端与其接入的受控基站需要执行密钥更新时, 对应的新的受控基 站密钥由旧的受控基站密钥派生。  When the terminal and the controlled base station to which it accesses need to perform a key update, the corresponding new controlled base station key is derived from the old controlled base station key.
一种安全密钥管理装置, 该装置为主控基站, 所述装置用于维护两套 主控基站的基站密钥: 当前基站密钥和非当前基站密钥; 其中, 所述非当 前基站密钥指当前没有被主控基站和终端使用的密钥, 由当前基站密钥或 A security key management device, the device is a master control base station, and the device is configured to maintain a base station key of two sets of master control base stations: a current base station key and a non-current base station key; wherein, the non-current base station is dense Key refers to the key currently not used by the master base station and the terminal, by the current base station key or
NH或旧的非当前基站密钥派生;所述当前基站密钥指当前被主控基站和终 端使用的密钥, 用于派生其他控制面和 /或用户面密钥, 所述当前基站密钥 同时有且只有一个存在。 The NH or the old non-current base station key is derived; the current base station key refers to a key currently used by the master base station and the terminal, and is used to derive other control planes and/or user plane keys, the current base station key At the same time, there is only one and only one exists.
终端与其接入的受控基站的基站密钥, 由主控基站的密钥 (包括当前 基站密钥或非当前基站密钥)派生, 但同一个主控基站密钥最多只能被使 用一次用以派生受控基站密钥。  The base station key of the controlled base station to which the terminal and the access control station are derived from the key of the master control base station (including the current base station key or the non-current base station key), but the same master base station key can only be used once at most. To derive a controlled base station key.
终端与其接入的受控基站的第一个受控基站密钥由主控基站根据当前 基站密钥或非当前基站密钥或 NH派生。  The first controlled base station key of the controlled base station with which the terminal is connected is derived by the master base station based on the current base station key or the non-current base station key or NH.
如果终端接入其它受控基站时, 对应的受控基站密钥由主控基站根据 之前未被使用过的主控基站密钥或 NH派生。  If the terminal accesses other controlled base stations, the corresponding controlled base station key is derived by the master base station according to the master base station key or NH that has not been used before.
受控基站密钥由主控基站计算 /派生, 然后通过主控基站与受控基站之 间的接口发送给受控基站。  The controlled base station key is calculated/derived by the master base station and then transmitted to the controlled base station through the interface between the master base station and the controlled base station.
所述主控基站选择非当前基站密钥时, 用于: 使用最新的基站密钥, 即最近一次被派生的基站密钥, 该基站密钥是当前基站密钥或非当前基站 密钥。 所述主控基站在派生密钥时, 用于: 基于初始密钥, 根据特定密钥派 生函数计算派生密钥, 其中特定密钥派生函数包括单向函数。 When the primary control base station selects the non-current base station key, it is used to: use the latest base station key, that is, the base station key that was derived last time, and the base station key is the current base station key or the non-current base station key. The master base station, when deriving a key, is configured to: calculate a derived key according to a specific key derivation function based on the initial key, where the specific key derivation function includes a one-way function.
在终端与其接入的受控基站需要执行密钥更新时, 对应的新的受控基 站密钥由主控基站根据旧的受控基站密钥派生。  When the terminal and the controlled base station to which it accesses need to perform key update, the corresponding new controlled base station key is derived by the master base station based on the old controlled base station key.
所述的主控基站是长期演进 LTE系统中的无线接入网侧基站。  The master base station is a radio access network side base station in a Long Term Evolution LTE system.
一种安全密钥管理装置, 该装置为终端, 所述装置用于维护两套主控 基站的基站密钥: 当前基站密钥和非当前基站密钥; 其中, 所述非当前基 站密钥指当前没有被主控基站和终端使用的密钥, 由当前基站密钥或 NH 或旧的非当前基站密钥派生; 所述当前基站密钥指当前被主控基站和终端 使用的密钥, 用于派生其他控制面和 /或用户面密钥, 所述当前基站密钥同 时有且只有一个存在。  A security key management device, the device is a terminal, and the device is configured to maintain a base station key of two sets of main control base stations: a current base station key and a non-current base station key; wherein, the non-current base station key refers to The key currently not used by the master base station and the terminal is derived from the current base station key or NH or the old non-current base station key; the current base station key refers to the key currently used by the master base station and the terminal, To derive other control planes and/or user plane keys, the current base station key has both one and only one presence.
一种安全密钥管理系统, 该系统包括主控基站和终端, 所述主控基站 和终端分别用于维护两套主控基站的基站密钥: 当前基站密钥和非当前基 站密钥; 其中, 所述非当前基站密钥指当前没有被主控基站和终端使用的 密钥, 由当前基站密钥或 NH或旧的非当前基站密钥派生; 所述当前基站 密钥指当前被主控基站和终端使用的密钥, 用于派生其他控制面和 /或用户 面密钥, 所述当前基站密钥同时有且只有一个存在。  A security key management system, the system includes a master base station and a terminal, wherein the master base station and the terminal are respectively used to maintain base station keys of two sets of master base stations: a current base station key and a non-current base station key; The non-current base station key refers to a key that is not currently used by the master base station and the terminal, and is derived from the current base station key or the NH or the old non-current base station key; the current base station key refers to the current master control The key used by the base station and the terminal is used to derive other control planes and/or user plane keys, and the current base station key has both one and only one.
所述主控基站是 LTE系统中的无线接入网侧基站。  The master base station is a radio access network side base station in an LTE system.
釆用本发明提供的安全密钥管理技术, 可以对终端的多连接提供足够 的安全保护, 多连接下的安全性得以明显提高, 并可以防止在终端连接的 微基站发生频繁变更时, 多连接的密钥被破解或被泄露的风险随变更成正 比, 即可以保证多连接的安全强度在可控的范围之内。 附图说明  The security key management technology provided by the present invention can provide sufficient security protection for multiple connections of the terminal, and the security under multiple connections can be significantly improved, and multiple connections can be prevented when the micro base station connected to the terminal changes frequently. The risk of a key being compromised or compromised is proportional to the change, which guarantees that the security strength of multiple connections is within the controllable range. DRAWINGS
图 1为 LTE用户面协议栈示意图;  FIG. 1 is a schematic diagram of an LTE user plane protocol stack;
图 2为现有网络中密钥派生和保护机制示意图; 图 3为切换场景下基站密钥派生的方法示意图; 2 is a schematic diagram of a key derivation and protection mechanism in an existing network; 3 is a schematic diagram of a method for deriving a base station key in a handover scenario;
图 4为双连接场景示意图;  Figure 4 is a schematic diagram of a dual connection scenario;
图 5为双连接安全密钥管理方法示意图;  FIG. 5 is a schematic diagram of a dual-connection security key management method;
图 6为密钥派生算法示意图;  Figure 6 is a schematic diagram of a key derivation algorithm;
图 7为双连接安全密钥管理场景示意图;  Figure 7 is a schematic diagram of a dual-connection security key management scenario;
图 8为双连接安全密钥派生机制示意图;  Figure 8 is a schematic diagram of a dual-connection security key derivation mechanism;
图 9为本发明实施例提供的主控基站组成结构示意图;  FIG. 9 is a schematic structural diagram of a structure of a main control base station according to an embodiment of the present disclosure;
图 10为本发明实施例提供的终端组成结构示意图。 具体实施方式  FIG. 10 is a schematic structural diagram of a terminal structure according to an embodiment of the present invention. detailed description
本发明的示例性实施例提供一种安全密钥管理方法, 所述方法使得终 端同时接入两个(或多个)无线接入网节点时拥有较强的安全密钥或安全 配置, 从而保证双连接的安全性。  An exemplary embodiment of the present invention provides a security key management method, which enables a terminal to have a strong security key or security configuration when accessing two (or more) wireless access network nodes simultaneously, thereby ensuring Dual connectivity security.
如图 5所示, 主控基站和 /或终端维护两套主控基站的基站密钥: 当前 基站密钥和非当前基站密钥; 其中, 所述非当前基站密钥指当前没有被主 控基站和终端使用的密钥, 由当前基站密钥或下一跳 NH或旧的非当前基 站密钥派生; 所述当前基站密钥指当前被主控基站和终端使用的密钥, 用 于派生其他控制面和 /或用户面密钥, 所述当前基站密钥同时有且只有一个 存在。  As shown in FIG. 5, the master base station and/or the terminal maintains the base station keys of the two sets of master base stations: a current base station key and a non-current base station key; wherein, the non-current base station key refers to not currently being controlled. The key used by the base station and the terminal is derived from the current base station key or the next hop NH or the old non-current base station key; the current base station key refers to the key currently used by the master base station and the terminal, and is used for derivation Other control planes and/or user plane keys, the current base station key has both one and only one presence.
优选地, 选择非当前基站密钥的方法为: 使用最新的基站密钥, 即最 近一次被派生的基站密钥, 该基站密钥可能是当前基站密钥或非当前基站 密钥。  Preferably, the method of selecting a non-current base station key is: using the latest base station key, i.e., the base station key that was recently derived, which may be the current base station key or a non-current base station key.
如图 5 所示, 终端与其接入的受控基站的基站密钥, 由主控基站的密 钥 (包括当前基站密钥或非当前基站密钥)派生, 同一个主控基站的密钥 最多只能被使用一次用以派生所述受控基站的密钥。  As shown in FIG. 5, the base station key of the controlled base station to which the terminal and the access terminal are derived is derived from the key of the master base station (including the current base station key or the non-current base station key), and the key of the same master base station is the most. The key used to derive the controlled base station can only be used once.
如图 5所示,终端与其接入的受控基站的第一个受控基站密钥 S-KeNB 由主控基站根据当前基站密钥或非当前基站密钥或 NH派生。 As shown in FIG. 5, the first controlled base station key S-KeNB of the controlled base station to which the terminal and the access control station Derived by the master base station according to the current base station key or the non-current base station key or NH.
优选地, 如果终端接入其它受控基站时, 对应的受控基站密钥由主控 基站根据之前未被使用过的主控基站密钥或 NH派生。  Preferably, if the terminal accesses other controlled base stations, the corresponding controlled base station key is derived by the master base station according to the previously used master base station key or NH.
可选的, 在终端与其接入的受控基站需要执行密钥更新时, 对应的新 的受控基站密钥 S-KeNB*由旧的受控基站密钥 S-KeNB派生。  Optionally, when the terminal and the controlled base station accessed by the terminal need to perform key update, the corresponding new controlled base station key S-KeNB* is derived from the old controlled base station key S-KeNB.
优选地, 如图 6所示, 所述派生方法为: 基于初始密钥(密钥 1 )根据 特定密钥派生函数计算派生密钥 (密钥 2 ), 其中特定密钥派生函数可以包 括任何单向函数, 具体计算方法可以依具体实现而定, 在此不做限制。  Preferably, as shown in FIG. 6, the derivation method is: calculating a derived key (key 2) according to a specific key derivation function based on an initial key (key 1), wherein the specific key derivation function may include any single To the function, the specific calculation method can be determined according to the specific implementation, and there is no limitation here.
优选地, 在网络侧, 受控基站的基站密钥由主控基站计算 /派生, 然后 通过主控基站与受控基站之间的接口发送给受控基站。  Preferably, on the network side, the base station key of the controlled base station is calculated/derived by the master base station, and then sent to the controlled base station through an interface between the master base station and the controlled base station.
优选地, 所述主控基站和受控基站是 LTE系统中的无线接入网侧基站 的统称, 可以是宏基站或微基站或低功率节点( LPN )或小小区基站( Small Cell )或家庭基站(HeNB )等。 在具体实现中依网络部署而定。 下面结合不同的实施例对本发明进行进一步的说明。  Preferably, the master base station and the controlled base station are collectively referred to as a radio access network side base station in an LTE system, and may be a macro base station or a micro base station or a low power node (LPN) or a small cell base station (Small Cell) or a home. Base station (HeNB), etc. In the specific implementation depends on the network deployment. The invention will now be further described in conjunction with various embodiments.
具体实施例一:  Embodiment 1
如图 7所示, 部署网络中存在宏基站(即主控基站)和若干微基站(即 多个受控基站), 其中终端 1同时处于宏基站和在第一受控基站的覆盖范围 中, 且与两者保持双连接。 本实施例以终端 1 在主控基站和第一受控基站 中的密钥管理为例。  As shown in FIG. 7, a macro base station (ie, a master base station) and a plurality of micro base stations (ie, multiple controlled base stations) are present in the deployment network, where the terminal 1 is in the macro base station and in the coverage of the first controlled base station, And maintain a double connection with both. This embodiment takes the key management of the terminal 1 in the master base station and the first controlled base station as an example.
终端 1 在主控基站存在安全上下文; 所述安全上下文包括当前主控基 站密钥 KeNB, 宏基站和终端 1根据 KeNB派生控制面和 /或用户面密钥用 以保护终端 1与宏基站的信息传递。  The terminal 1 has a security context at the master base station; the security context includes a current master base station key KeNB, and the macro base station and the terminal 1 derive a control plane and/or a user plane key according to the KeNB to protect the information of the terminal 1 and the macro base station. transfer.
主控基站根据 KeNB或 NH派生受控基站密钥 KeNB*, 并传递给第一 受控基站。  The master base station derives the controlled base station key KeNB* according to the KeNB or NH and transmits it to the first controlled base station.
其中, 如果主控基站侧有未被使用的 NH, 则使用 NH派生 KeNB*, 否则使用 KeNB派生 KeNB *; 终端 1也执行相同的派生操作以得到相同的 KeNB*。 Wherein, if there is an unused NH on the master base station side, the NH derived KeNB* is used, Otherwise KeNB is used to derive KeNB*; Terminal 1 also performs the same derivation to get the same KeNB*.
终端 1 与第一受控基站分别根据 KeNB*作为基站密钥派生控制面和 / 或用户面密钥用以保护终端 1与该微基站的信息传递。  The terminal 1 and the first controlled base station respectively derive a control plane and/or a user plane key according to the KeNB* as a base station key to protect information transmission between the terminal 1 and the micro base station.
此时, 终端 1 与网络侧的两个接入网元间分别釆用两套安全密钥用以 保护各自的无线连接。 具体实施例二: 以具体实施例一的场景为基础。 本实施例进一步以发 生密钥更新时的密钥管理为例。  At this time, two sets of security keys are used between the terminal 1 and the two access network elements on the network side to protect their respective wireless connections. Specific Embodiment 2: Based on the scenario of the specific embodiment 1. This embodiment further takes the key management at the time of generating a key update as an example.
终端 1 在第一受控基站连接过程中, 需要进行密钥更新, 具体原因可 以是 PDCP层序列号将要翻转, 或网络侧算法或安全需求等。  The terminal 1 needs to perform key update during the connection process of the first controlled base station. The specific reason may be that the serial number of the PDCP layer is to be reversed, or the network side algorithm or security requirement.
则宏基站根据第一受控基站的受控基站密钥 KeNB*, 派生新的受控基 站密钥 KeNB**, 并将该密钥发送给第一受控基站。 相应的, 终端 1也执行 相同的密钥派生操作以得到相同的 KeNB * *。  Then, the macro base station derives a new controlled base station key KeNB** according to the controlled base station key KeNB* of the first controlled base station, and transmits the key to the first controlled base station. Accordingly, terminal 1 also performs the same key derivation operation to obtain the same KeNB * *.
终端 1与第一受控基站分别根据 KeNB**作为基站密钥派生控制面和 / 或用户面密钥用以保护终端 1与该第一受控基站的信息传递。  The terminal 1 and the first controlled base station respectively derive a control plane and/or a user plane key according to the KeNB** as a base station key to protect information transmission between the terminal 1 and the first controlled base station.
优选地, 网络侧由 KeNB*到 KeNB**的派生操作也可以由第一受控基 站完成, 而不需要宏基站计算。  Preferably, the derivation of the network side by KeNB* to KeNB** can also be done by the first controlled base station without the need for macro base station calculation.
优选地, 后续过程中, 终端 1 与第一受控基站还可以重复上述操作以 完成新的密钥更新。 具体实施例三:  Preferably, in the subsequent process, the terminal 1 and the first controlled base station may further repeat the foregoing operations to complete a new key update. Specific embodiment 3:
如图 7所示, 部署网络中存在宏基站(即主控基站)和若干微基站(即 受控基站), 终端 2先与宏基站和第一受控基站建立双连接, 然后终端 2移 动到了第二受控基站的覆盖范围中, 且重新完成与宏基站和第二受控基站 的双连接。 本实施例以终端 2在主控基站和第二受控基站中的密钥管理为 例。 As shown in FIG. 7, a macro base station (ie, a master base station) and a plurality of micro base stations (ie, a controlled base station) exist in the deployment network, and the terminal 2 first establishes a dual connection with the macro base station and the first controlled base station, and then the terminal 2 moves to In the coverage of the second controlled base station, the dual connection with the macro base station and the second controlled base station is re-completed. In this embodiment, the key management of the terminal 2 in the master base station and the second controlled base station is example.
终端 2在宏基站存在安全上下文, 其中包括当前主控基站密钥 KeNB, 并根据由 KeNB派生的控制面和 /或用户面密钥用以保护终端 2与宏基站的 信息传递。  The terminal 2 has a security context at the macro base station, including the current master base station key KeNB, and is used to protect the information transmission between the terminal 2 and the macro base station according to the control plane and/or the user plane key derived by the KeNB.
如图 8所示, 如果宏基站判断当前存在的基站密钥都已经被用于派生 受控基站密钥,则宏基站根据当前基站密钥 KeNB或旧的非当前密钥 KeNB' 派生新的非当前主控基站密钥 KeNB", 然后根据新的非当前主控基站密钥 KeNB"派生第二受控基站密钥 KeNB*, 并传递给第二受控基站。 其中宏基 站选择新的非当前基站密钥的方法为: 使用最新的基站密钥 (即最近一次 被派生的基站密钥, 该基站密钥可能是当前基站密钥或非当前基站密钥); 如果宏基站判断当前存在未被用于派生操作的受控基站密钥, 则直接根据 该密钥派生第二受控基站密钥。 终端 2执行与宏基站相同的密钥派生方式, 获得 KeNB*。  As shown in FIG. 8, if the macro base station determines that the currently existing base station key has been used to derive the controlled base station key, the macro base station derives a new non according to the current base station key KeNB or the old non-current key KeNB'. The current master base station key KeNB" then derives the second controlled base station key KeNB* according to the new non-current master base station key KeNB and passes it to the second controlled base station. The method for the macro base station to select a new non-current base station key is: using the latest base station key (ie, the base station key that was last derived, the base station key may be the current base station key or the non-current base station key); If the macro base station determines that there is currently a controlled base station key that is not used for the derivation operation, then the second controlled base station key is derived directly from the key. The terminal 2 performs the same key derivation as the macro base station to obtain KeNB*.
终端 2 与第二受控基站分别根据 KeNB*作为基站密钥派生控制面和 / 或用户面密钥用以保护终端 2与该微基站的信息传递。 具体实施例四:  The terminal 2 and the second controlled base station respectively derive a control plane and/or a user plane key according to the KeNB* as a base station key to protect information transmission between the terminal 2 and the micro base station. Specific Embodiment 4:
以具体实施例三的场景为基础, 本实施例进一步说明主控基站的密钥 更新方法。  Based on the scenario of the third embodiment, this embodiment further describes a key update method of the master base station.
如果终端 2与宏基站之间的密钥需要更新(具体原因可以是 PDCP序 列号将要翻转, 或者是处于安全或算法考虑), 贝' J :  If the key between the terminal 2 and the macro base station needs to be updated (the specific reason may be that the PDCP sequence number is to be flipped, or is in security or algorithm consideration), Bay' J:
方法一, 将当前安全上下文中最新的非当前基站密钥转为当前基站密 钥, 此时宏基站只需要与终端 2执行相同的操作, 用最新的非当前基站密 钥替换当前基站密钥, 以作为新的当前基站密钥 (即完成了主控基站的密 钥更新);  In the first method, the latest non-current base station key in the current security context is converted into the current base station key. At this time, the macro base station only needs to perform the same operation as the terminal 2, and replaces the current base station key with the latest non-current base station key. As the new current base station key (that is, the key update of the master base station is completed);
方法二, 根据当前安全上下文中的最新基站密钥 (可能是当前基站密 钥或者是非当前基站密钥)派生新的主控基站的当前密钥。 具体实施例五: Method two, according to the latest base station key in the current security context (may be the current base station secret The key or the non-current base station key) derives the current key of the new master base station. Embodiment 5:
如图 7所示, 部署网络中存在宏基站(即主控基站)和若干微基站(即 受控基站), 终端 3同时处于与宏基站、 第三受控基站和第四受控基站的连 接状态(此时的双连接实为多连接)。 本实施例以终端 3在主控基站、 第三 受控基站和第四受控基站中的密钥管理为例, 这里连接的建立顺序以宏基 站至第三受控基站再到第四受控基站为例。  As shown in FIG. 7, a macro base station (ie, a master base station) and a plurality of micro base stations (ie, controlled base stations) exist in the deployment network, and the terminal 3 is simultaneously connected to the macro base station, the third controlled base station, and the fourth controlled base station. Status (double connection at this time is actually multiple connections). In this embodiment, the key management of the terminal 3 in the primary control base station, the third controlled base station, and the fourth controlled base station is taken as an example, where the connection establishment sequence is controlled from the macro base station to the third controlled base station to the fourth control. The base station is taken as an example.
终端 3在宏基站存在安全上下文, 其中包括当前主控基站密钥 KeNB, 并根据由 KeNB派生的控制面和 /或用户面密钥保护终端 3与宏基站的信息 传递。  The terminal 3 has a security context at the macro base station, including the current master base station key KeNB, and protects the information transfer between the terminal 3 and the macro base station according to the control plane and/or the user plane key derived by the KeNB.
如果宏基站判断当前存在未被使用的 NH,则使用 NH派生第三受控基 站密钥 KeNB*— 3,否则宏基站判断当前是否存在未被使用的主控基站密钥, 如果存在则使用该主控基站密钥派生第三受控基站密钥 KeNB*— 3, 否则需 要先用最新的主控基站密钥派生新的主控基站密钥 KeNB', 然后根据新的 KeNB,派生第三首控基站密钥 KeNB*— 3。  If the macro base station determines that there is currently an unused NH, the NH is used to derive the third controlled base station key KeNB*-3, otherwise the macro base station determines whether there is currently an unused master base station key, and if so, uses the The master base station key derives the third controlled base station key KeNB*-3, otherwise the new master base station key KeNB' needs to be derived from the latest master base station key, and then the third one is derived according to the new KeNB. Control the base station key KeNB*-3.
因为最新的主控基站密钥已经被用于派生第三受控基站密钥, 因此宏 基站根据最近的主控基站密钥 KeNB',首先派生新的主控基站密钥 KeNB", 然后进一步根据 KeNB"派生第四受控基站密钥 KeNB*— 4。  Since the latest master base station key has been used to derive the third controlled base station key, the macro base station first derives a new master base station key KeNB based on the nearest master base station key KeNB', and then further according to The KeNB "derives the fourth controlled base station key KeNB*-4.
终端 3使用相同的密钥派生方式获得 KeNB*— 3和 KeNB*— 4。并与第三 受控基站和第四受控基站根据 KeNB*— 3和 KeNB*— 4作为受控基站密钥分 别派生控制面和 /或用户面密钥用以保护终端 3 与对应受控基站的信息传 递。  Terminal 3 obtains KeNB*-3 and KeNB*-4 using the same key derivation. And the third controlled base station and the fourth controlled base station respectively derive a control plane and/or a user plane key according to the KeNB*-3 and the KeNB*-4 as the controlled base station key to protect the terminal 3 and the corresponding controlled base station. Information transfer.
此时, 终端 3 与网络侧的三个接入网元间分别釆用三套安全密钥用以 保护各自的无线连接。  At this time, three sets of security keys are used between the terminal 3 and the three access NEs on the network side to protect their respective wireless connections.
优选地, 如果上述过程中主控基站或者受控基站的密钥需要执行密钥 更新, 则可以分别借鉴具体实施例四和具体实施例二中所述方法执行。 通过上述实施例可以看出, 主控基站根据本基站密钥灵活决定受控基 站密钥的派生方法, 从而得到相对独立的受控基站密钥, 这样即使受控基 站密钥被攻破也不会影响到主控基站的数据传递, 同时如果受控基站或主 控基站发生密钥更新时, 也会相对独立而不会影响到对方。 另外釆用上述 派生方法也避免了在所有受控基站中使用重复密钥的可能性, 从最大程度 上减小了密钥泄露的风险。 Preferably, if the key of the master base station or the controlled base station needs to execute the key in the above process The update can be performed by referring to the methods described in the fourth embodiment and the second embodiment. It can be seen from the above embodiment that the master base station flexibly determines the derivative method of the controlled base station key according to the base station key, thereby obtaining a relatively independent controlled base station key, so that even if the controlled base station key is broken, It affects the data transmission of the master base station. At the same time, if the controlled base station or the master base station generates a key update, it will be relatively independent without affecting the other party. In addition, the above derivation method also avoids the possibility of using duplicate keys in all controlled base stations, minimizing the risk of key leakage.
需要说明的是, 本发明的上述实施例只是对宏基站和微基站部署场景 的一些典型流程提出了可行的实施方案, 但同样适用于其他的部署场景, 比如宏基站与宏基站,微基站与微基站,宏基站与 HeNB或 LPN,以及 HeNB 与微基站等等任意组合场景, 另外本发明所述流程也不限制还有其他的消 息流程。  It should be noted that the foregoing embodiments of the present invention only provide a feasible implementation scheme for some typical processes of a macro base station and a micro base station deployment scenario, but are also applicable to other deployment scenarios, such as a macro base station and a macro base station, and a micro base station. The micro base station, the macro base station and the HeNB or the LPN, and the HeNB and the micro base station and the like can be combined in any manner, and the flow of the present invention is not limited to other message flows.
装置实施例一、  Device embodiment 1
本发明实施例提供的主控基站, 如图 9所示, 包括:  The master control base station provided by the embodiment of the present invention, as shown in FIG. 9, includes:
存储单元 91,配置为维护终端对应的当前基站密钥和非当前基站密钥; 密钥生成单元 92, 配置为生成终端对应的非当前基站密钥;  The storage unit 91 is configured to maintain a current base station key and a non-current base station key corresponding to the terminal; the key generating unit 92 is configured to generate a non-current base station key corresponding to the terminal;
其中, 所述非当前基站密钥指当前没有被主控基站和终端使用的密钥, 由当前基站密钥或 NH或原非当前基站密钥派生; 所述当前基站密钥指当 前被主控基站和终端使用的密钥, 用于派生其他控制面和 /或用户面密钥, 所述当前基站密钥同时有且只有一个存在。  The non-current base station key refers to a key that is not currently used by the master base station and the terminal, and is derived from the current base station key or NH or the original non-current base station key; the current base station key refers to the current master control The key used by the base station and the terminal is used to derive other control planes and/or user plane keys, and the current base station key has both one and only one.
密钥生成单元 92, 配置为终端与其接入的受控基站的基站密钥, 由当 前基站密钥或非当前基站密钥派生, 但同一个主控基站密钥最多只能被使 用一次用以派生受控基站密钥。  The key generation unit 92 is configured as a base station key of the controlled base station to which the terminal and the terminal are connected, and is derived from the current base station key or a non-current base station key, but the same master base station key can be used only once. Derived controlled base station key.
密钥生成单元 92, 配置为终端与其接入的受控基站的第一个受控基站 密钥由主控基站根据当前基站密钥或非当前基站密钥或 NH派生。 密钥生成单元 92, 配置为如果终端接入其它受控基站时, 对应的受控 基站密钥由主控基站根据之前未被使用过的主控基站密钥或 NH派生。 The key generation unit 92, configured as the first controlled base station key of the controlled base station to which the terminal and the access is connected, is derived by the master base station according to the current base station key or the non-current base station key or NH. The key generation unit 92 is configured to: if the terminal accesses other controlled base stations, the corresponding controlled base station key is derived by the master base station according to the master base station key or NH that has not been used before.
密钥生成单元 92, 配置为受控基站密钥由主控基站计算 /派生, 然后通 过主控基站与受控基站之间的接口发送给受控基站。  The key generation unit 92 is configured to calculate/derive the controlled base station key by the master base station, and then send the signal to the controlled base station through an interface between the master base station and the controlled base station.
密钥生成单元 92, 配置为使用最新的基站密钥作为主控基站密钥, 即 最近一次被派生的基站密钥, 该基站密钥是当前基站密钥或非当前基站密 钥。  The key generation unit 92 is configured to use the latest base station key as the master base station key, i.e., the most recently derived base station key, which is the current base station key or the non-current base station key.
密钥生成单元 92, 配置为所述主控基站在派生密钥时, 用于: 基于初 始密钥, 根据特定密钥派生函数计算派生密钥, 其中特定密钥派生函数包 括单向函数。  The key generation unit 92 is configured to: when the master base station derives a key, to: calculate a derived key according to a specific key derivation function based on the initial key, where the specific key derivation function includes a one-way function.
密钥生成单元 92, 配置为在终端与其接入的受控基站需要执行密钥更 新时, 对应的新的受控基站密钥由主控基站根据旧的受控基站密钥派生。  The key generation unit 92 is configured to, when the terminal and the controlled base station accessed by the terminal need to perform key update, the corresponding new controlled base station key is derived by the master base station according to the old controlled base station key.
所述的主控基站是长期演进 LTE系统中的无线接入网侧基站。  The master base station is a radio access network side base station in a Long Term Evolution LTE system.
本发明实施例还提供了一种终端, 所述终端如图 10所示, 包括: 存储单元 1001, 配置为维护当前基站密钥和非当前基站密钥; 接收单元 1002, 配置为接收主控基站发来的非当前基站密钥; 其中, 所述非当前基站密钥指当前没有被主控基站和终端使用的密钥, 由当前基站密钥或 NH或原非当前基站密钥派生; 所述当前基站密钥指当 前被主控基站和终端使用的密钥, 用于派生其他控制面和 /或用户面密钥, 所述当前基站密钥同时有且只有一个存在。  The embodiment of the present invention further provides a terminal, as shown in FIG. 10, the terminal includes: a storage unit 1001 configured to maintain a current base station key and a non-current base station key; and a receiving unit 1002 configured to receive the primary control base station The non-current base station key is sent; wherein the non-current base station key refers to a key that is not currently used by the master base station and the terminal, and is derived from the current base station key or the NH or the original non-current base station key; The current base station key refers to a key currently used by the master base station and the terminal, and is used to derive other control planes and/or user plane keys, and the current base station key has both one and only one.
本发明实施例提供的一种安全密钥管理系统, 包括主控基站和终端, 所述主控基站和终端分别用于维护两套主控基站的基站密钥: 当前基站密 钥和非当前基站密钥; 其中, 所述非当前基站密钥指当前没有被主控基站 和终端使用的密钥, 由当前基站密钥或 NH或原非当前基站密钥派生; 所 述当前基站密钥指当前被主控基站和终端使用的密钥, 用于派生其他控制 面和 /或用户面密钥, 所述当前基站密钥同时有且只有一个存在。 A security key management system provided by an embodiment of the present invention includes a master control base station and a terminal, where the master control base station and the terminal are respectively used to maintain base station keys of two sets of master control base stations: a current base station key and a non-current base station. a key; wherein the non-current base station key refers to a key that is not currently used by the master base station and the terminal, and is derived from a current base station key or NH or an original non-current base station key; the current base station key refers to a current The key used by the master base station and the terminal to derive other controls Face and/or user plane key, the current base station key has both one and only one.
所述主控基站是 LTE系统中的无线接入网侧基站。  The master base station is a radio access network side base station in an LTE system.
综上所述可见, 无论是方法、 装置还是系统, 釆用本发明提供的安全 密钥管理技术, 可以对终端的多连接提供足够的安全保护, 多连接下的安 全性得以明显提高, 并可以防止在终端连接的微基站发生频繁变更时, 多 连接的密钥被破解或被泄露的风险随变更成正比, 即可以保证多连接的安 全强度在可控的范围之内。  In summary, whether the method, the device or the system uses the security key management technology provided by the present invention, sufficient security protection can be provided for multiple connections of the terminal, and the security under multiple connections can be significantly improved, and When the frequent change of the micro base station connected to the terminal is prevented, the risk of the multi-connection key being cracked or leaked is proportional to the change, that is, the security strength of the multiple connection can be guaranteed to be within the controllable range.
以上所述, 仅为本发明的较佳实施例而已, 并非用于限定本发明的保 护范围。  The above is only the preferred embodiment of the present invention and is not intended to limit the scope of the present invention.

Claims

权利要求书 claims
1、 一种安全密钥管理方法, 该方法包括: 1. A security key management method, the method includes:
主控基站和 /或终端维护当前基站密钥和非当前基站密钥; The master base station and/or terminal maintains the current base station key and non-current base station key;
其中, 所述非当前基站密钥指当前没有被主控基站和终端使用的密钥, 由当前基站密钥或下一跳 NH或旧的非当前基站密钥派生; Wherein, the non-current base station key refers to a key that is not currently used by the master base station and the terminal, and is derived from the current base station key or the next hop NH or the old non-current base station key;
所述当前基站密钥指当前被主控基站和终端使用的密钥, 用于派生其 他控制面和 /或用户面密钥, 所述当前基站密钥同时有且只有一个存在。 The current base station key refers to the key currently used by the master base station and the terminal, and is used to derive other control plane and/or user plane keys. There is only one current base station key at the same time.
2、 根据权利要求 1所述的方法, 其中, 终端与其接入的受控基站的基 站密钥, 由主控基站的密钥派生, 但同一个主控基站密钥最多只能被使用 一次用以派生受控基站密钥; 所述主控基站的密钥包括当前基站密钥或非 当前基站密钥。 2. The method according to claim 1, wherein the base station key of the controlled base station to which the terminal is connected is derived from the key of the master base station, but the same master base station key can only be used once at most. to derive a controlled base station key; the key of the master base station includes a current base station key or a non-current base station key.
3、 根据权利要求 2所述的方法, 其中, 所述方法还包括: 主控基站根 据当前基站密钥或非当前基站密钥或 NH,派生终端与其接入的第一个受控 基站的密钥。 3. The method according to claim 2, wherein the method further includes: the master base station deriving the secret key of the terminal and the first controlled base station it accesses based on the current base station key or the non-current base station key or NH. key.
4、 根据权利要求 2所述的方法, 其中, 所述方法还包括: 如果终端接 入其它受控基站时, 对应的受控基站密钥由主控基站根据之前未被使用过 的主控基站密钥或 NH派生。 4. The method according to claim 2, wherein the method further includes: if the terminal accesses other controlled base stations, the corresponding controlled base station key is determined by the master base station according to the master base station that has not been used before. Key or NH derivation.
5、 根据权利要求 2所述的方法, 其中, 受控基站密钥由主控基站计算 /派生, 通过主控基站与受控基站之间的接口发送给受控基站。 5. The method according to claim 2, wherein the controlled base station key is calculated/derived by the master base station, and is sent to the controlled base station through the interface between the master base station and the controlled base station.
6、 根据权利要求 1所述的方法, 其中, 该方法还包括: 使用最新的基 站密钥, 即最近一次被派生的基站密钥, 该基站密钥是当前基站密钥或非 当前基站密钥。 6. The method according to claim 1, wherein the method further comprises: using the latest base station key, that is, the most recently derived base station key, which is the current base station key or a non-current base station key. .
7、 根据权利要求 1至 6任一项所述的方法, 其中, 所述派生为: 基于 初始密钥, 根据特定密钥派生函数计算派生密钥, 其中特定密钥派生函数 包括单向函数。 7. The method according to any one of claims 1 to 6, wherein the derivation is: based on the initial key, calculating the derived key according to a specific key derivation function, wherein the specific key derivation function includes a one-way function.
8、 根据权利要求 1所述的方法, 其中, 在终端与其接入的受控基站需 要执行密钥更新时, 对应的新的受控基站密钥由旧的受控基站密钥派生。 8. The method according to claim 1, wherein when the terminal and the controlled base station accessed need to perform a key update, the corresponding new controlled base station key is derived from the old controlled base station key.
9、 一种主控基站, 所述主控基站包括: 9. A main control base station, the main control base station includes:
存储单元, 配置为维护两套主控基站的基站密钥: 当前基站密钥和非 当前基站密钥; The storage unit is configured to maintain two sets of base station keys of the main control base station: the current base station key and the non-current base station key;
密钥生成单元, 配置为利用当前基站密钥用于派生其他控制面和 /或用 户面密钥; A key generation unit configured to utilize the current base station key for deriving other control plane and/or user plane keys;
其中, 所述非当前基站密钥指当前没有被主控基站和终端使用的密钥, 由当前基站密钥或 NH或旧的非当前基站密钥派生; 所述当前基站密钥指 当前被主控基站和终端使用的密钥,用于派生其他控制面和 /或用户面密钥, 所述当前基站密钥同时有且只有一个存在。 Wherein, the non-current base station key refers to a key that is not currently used by the master base station and the terminal, and is derived from the current base station key or NH or an old non-current base station key; the current base station key refers to a key that is currently used by the master base station. The key used by the control base station and the terminal is used to derive other control plane and/or user plane keys, and only one of the current base station keys exists at the same time.
10、 根据权利要求 9所述的主控基站, 其中, 密钥生成单元, 配置为 终端与其接入的受控基站的基站密钥, 由主控基站的密钥派生, 但同一个 主控基站密钥最多只能被使用一次用以派生受控基站密钥; 所述主控基站 的密钥包括当前基站密钥或非当前基站密钥。 10. The master base station according to claim 9, wherein the key generation unit is configured as the base station key of the controlled base station to which the terminal and its access are derived from the key of the master base station, but the same master base station The key can only be used once at most to derive the key of the controlled base station; the key of the master base station includes the current base station key or the non-current base station key.
11、 根据权利要求 10所述的主控基站, 其中, 密钥生成单元, 配置为 终端与其接入的受控基站的第一个受控基站密钥由主控基站根据当前基站 密钥或非当前基站密钥或 NH派生。 11. The master base station according to claim 10, wherein the key generation unit is configured so that the terminal and the first controlled base station key of the controlled base station it accesses are generated by the master base station according to the current base station key or a non-control base station key. Current base station key or NH derivation.
12、 根据权利要求 10所述的主控基站, 其中, 密钥生成单元, 配置为 如果终端接入其它受控基站时, 对应的受控基站密钥由主控基站根据之前 未被使用过的主控基站密钥或 NH派生。 12. The master base station according to claim 10, wherein the key generation unit is configured so that if the terminal accesses other controlled base stations, the corresponding controlled base station key is generated by the master base station based on the key that has not been used before. Master base station key or NH derivation.
13、 根据权利要求 10所述的主控基站, 其中, 密钥生成单元, 配置为 受控基站密钥由主控基站计算 /派生, 然后通过主控基站与受控基站之间的 接口发送给受控基站。 13. The master base station according to claim 10, wherein the key generation unit is configured so that the controlled base station key is calculated/derived by the master base station, and then sent to the master base station through the interface between the master base station and the controlled base station. Controlled base station.
14、 根据权利要求 9所述的主控基站, 其中, 密钥生成单元, 配置为 使用最新的基站密钥, 即最近一次被派生的基站密钥, 该基站密钥是当前 基站密钥或非当前基站密钥。 14. The main control base station according to claim 9, wherein the key generation unit is configured as The latest base station key is used, that is, the most recently derived base station key, which is the current base station key or a non-current base station key.
15、 根据权利要求 9至 14任一项所述的主控基站, 其中, 密钥生成单 元, 配置为所述主控基站在派生密钥时, 用于: 基于初始密钥, 根据特定 密钥派生函数计算派生密钥, 其中特定密钥派生函数包括单向函数。 15. The master base station according to any one of claims 9 to 14, wherein the key generation unit is configured so that when the master base station derives a key, it is configured to: based on the initial key, according to the specific key The derivation function computes a derived key, where the particular key derivation function includes a one-way function.
16、 根据权利要求 9所述的主控基站, 其中, 密钥生成单元, 配置为 在终端与其接入的受控基站需要执行密钥更新时, 对应的新的受控基站密 钥由主控基站根据旧的受控基站密钥派生。 16. The master base station according to claim 9, wherein the key generation unit is configured so that when the terminal and the controlled base station it accesses need to perform a key update, the corresponding new controlled base station key is generated by the master base station. The base station is derived from the old controlled base station key.
17、 根据权利要求 9所述的主控基站, 其中, 所述的主控基站是长期 演进 LTE系统中的无线接入网侧基站。 17. The main control base station according to claim 9, wherein the main control base station is a radio access network side base station in the Long Term Evolution LTE system.
18、 一种终端, 所述终端包括: 18. A terminal, the terminal includes:
存储单元, 配置为维护两套主控基站的基站密钥: 当前基站密钥和非 当前基站密钥; The storage unit is configured to maintain two sets of base station keys of the main control base station: the current base station key and the non-current base station key;
接收单元, 配置为派生其他控制面和 /或用户面密钥; a receiving unit configured to derive other control plane and/or user plane keys;
其中, 所述非当前基站密钥指当前没有被主控基站和终端使用的密钥, 由当前基站密钥或 NH或旧的非当前基站密钥派生; 所述当前基站密钥指 当前被主控基站和终端使用的密钥,用于派生其他控制面和 /或用户面密钥, 所述当前基站密钥同时有且只有一个存在。 Wherein, the non-current base station key refers to a key that is not currently used by the master base station and the terminal, and is derived from the current base station key or NH or an old non-current base station key; the current base station key refers to a key that is currently used by the master base station. The key used by the control base station and the terminal is used to derive other control plane and/or user plane keys, and only one of the current base station keys exists at the same time.
19、 一种安全密钥管理系统, 该系统包括主控基站和终端, 所述主控 基站和终端分别用于维护两套主控基站的基站密钥: 当前基站密钥和非当 前基站密钥; 其中, 所述非当前基站密钥指当前没有被主控基站和终端使 用的密钥, 由当前基站密钥或 NH或旧的非当前基站密钥派生; 所述当前 基站密钥指当前被主控基站和终端使用的密钥, 用于派生其他控制面和 /或 用户面密钥, 所述当前基站密钥同时有且只有一个存在。 19. A security key management system. The system includes a main control base station and a terminal. The main control base station and the terminal are respectively used to maintain two sets of base station keys of the main control base station: the current base station key and the non-current base station key. ; Wherein, the non-current base station key refers to a key that is not currently used by the master base station and the terminal, and is derived from the current base station key or NH or an old non-current base station key; the current base station key refers to a key that is currently used by the base station. The key used by the master control base station and the terminal is used to derive other control plane and/or user plane keys, and only one of the current base station keys exists at the same time.
20、 根据权利要求 19所述的系统, 其中, 所述主控基站是 LTE系统中 的无线接入网侧基站。 20. The system according to claim 19, wherein the main control base station is an LTE system wireless access network side base station.
PCT/CN2014/076167 2013-05-27 2014-04-24 Method, apparatus and system for security key management WO2014190828A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201310202007.7 2013-05-27
CN201310202007.7A CN104185177B (en) 2013-05-27 2013-05-27 A kind of safety key managing method, device and system

Publications (1)

Publication Number Publication Date
WO2014190828A1 true WO2014190828A1 (en) 2014-12-04

Family

ID=51965849

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/076167 WO2014190828A1 (en) 2013-05-27 2014-04-24 Method, apparatus and system for security key management

Country Status (2)

Country Link
CN (1) CN104185177B (en)
WO (1) WO2014190828A1 (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108307437A (en) * 2016-08-12 2018-07-20 中兴通讯股份有限公司 A kind of method and device of data processing
US11206538B2 (en) 2016-09-30 2021-12-21 Huawei Technologies Co., Ltd. Control signaling processing method, device, and system
CN108668281B (en) * 2017-03-31 2021-07-09 华为技术有限公司 Communication method, related equipment and system
CN109586900B (en) 2017-09-29 2020-08-07 华为技术有限公司 Data security processing method and device
CN113795024A (en) * 2020-05-26 2021-12-14 华为技术有限公司 Method and device for obtaining secret key

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101946536A (en) * 2008-02-15 2011-01-12 艾利森电话股份有限公司 Application specific master key selection in evolved networks
WO2011004774A1 (en) * 2009-07-04 2011-01-13 株式会社エヌ・ティ・ティ・ドコモ Mobile communication method and mobile communication system
CN102958052A (en) * 2011-08-29 2013-03-06 华为技术有限公司 Secure data transmission method and related device

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA2775305C (en) * 2009-09-25 2017-07-11 Research In Motion Limited System and method for multi-carrier network operation

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101946536A (en) * 2008-02-15 2011-01-12 艾利森电话股份有限公司 Application specific master key selection in evolved networks
WO2011004774A1 (en) * 2009-07-04 2011-01-13 株式会社エヌ・ティ・ティ・ドコモ Mobile communication method and mobile communication system
CN102958052A (en) * 2011-08-29 2013-03-06 华为技术有限公司 Secure data transmission method and related device

Also Published As

Publication number Publication date
CN104185177B (en) 2019-02-01
CN104185177A (en) 2014-12-03

Similar Documents

Publication Publication Date Title
JP7327603B2 (en) BASE STATION AND METHOD PERFORMED BY BASE STATION
JP6739471B2 (en) Dual connection mode operation of user terminal in wireless communication network
CN110224982B (en) Security key derivation in dual connectivity
EP2663107B1 (en) Key generating method and apparatus
TWI393414B (en) Secure session keys context
KR101078615B1 (en) Encryption in a wireless telecommunications
CN106375989B (en) The method and user equipment and wireless access minor node of realization access layer safety
EP2501164B1 (en) Method and system for establishing enhanced key when terminal moves to enhanced universal terrestrial radio access network(utran)
WO2015176462A1 (en) Dual-connection radio bearer migration processing and migration methods and devices
WO2014177090A1 (en) Handover method, master base station and slave base station
WO2013097672A1 (en) Inter-base station carrier aggregation security communication method and device
WO2011032497A1 (en) Method, device and system for reconfiguring aggregation cell
US9736125B2 (en) Method and device for generating access stratum key in communications system
WO2014110908A1 (en) Secure data transmission method and lte access network system
WO2014190828A1 (en) Method, apparatus and system for security key management
CN110290523B (en) Method for configuring and transmitting encryption keys
KR20150103063A (en) Method for synchronizing encryption information between scell and ue
WO2015027524A1 (en) Communication method, network side device, and user equipment
CN104812010A (en) Method for supporting UE recovery under small community reinforced scene
CN105764052A (en) TD-LTE authentication and protective encryption method
WO2014177107A1 (en) Pdcp count value processing method, device and computer storage medium
EP3311599B1 (en) Ultra dense network security architecture and method
Chen et al. The optimization of security algorithm selection for wireless communications in UMTS
BR112016021416B1 (en) SECONDARY BASE STATION APPARATUS, COMMUNICATION METHOD TO A SECONDARY BASE STATION APPARATUS, MAIN BASE STATION APPARATUS, COMMUNICATION METHOD TO A MAIN BASE STATION APPARATUS,COMMUNICATION APPARATUS, COMMUNICATION METHOD TO A MOBILE TERMINAL APPARATUS ,E,INTEGRATED CIRCUIT

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14804291

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14804291

Country of ref document: EP

Kind code of ref document: A1