CN102202290A - Method and system for updating authentication key of user equipment and user equipment - Google Patents
Method and system for updating authentication key of user equipment and user equipment Download PDFInfo
- Publication number
- CN102202290A CN102202290A CN2011101429769A CN201110142976A CN102202290A CN 102202290 A CN102202290 A CN 102202290A CN 2011101429769 A CN2011101429769 A CN 2011101429769A CN 201110142976 A CN201110142976 A CN 201110142976A CN 102202290 A CN102202290 A CN 102202290A
- Authority
- CN
- China
- Prior art keywords
- akey
- network side
- authority
- relevant parameter
- update
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 32
- 230000000977 initiatory effect Effects 0.000 claims description 11
- 238000000926 separation method Methods 0.000 claims description 2
- 230000010076 replication Effects 0.000 abstract 1
- 238000005516 engineering process Methods 0.000 description 6
- 241000209094 Oryza Species 0.000 description 4
- 235000007164 Oryza sativa Nutrition 0.000 description 4
- 235000021186 dishes Nutrition 0.000 description 4
- 239000000203 mixture Substances 0.000 description 4
- 235000009566 rice Nutrition 0.000 description 4
- 230000001960 triggered effect Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 238000005314 correlation function Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
- H04W12/041—Key generation or derivation
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention discloses a method for updating an authentication key of user equipment, comprising the steps: when the updating condition of the authentication key (Akey) of the UE (User Equipment) is met, a network side initiates the exchange of Akey related parameters with the UE; and the network side and the UE respectively generate a new Akey based on the Akey related parameters. Simultaneously, the invention discloses a system for updating the authentication key of the user equipment for realizing the method, and the user equipment. According to the invention, the Akey of the UE can be ceaselessly updated, in such a way, considerable difficulties are created when the Akey of the UE is utilized to replicate a user identification card of the UE, and even if the replication succeeds, the replicated card become invalid owing to the ceaseless updating of the Akey of the UE, therefore, legal rights of UE users and operators are put under effective protection. The method and the system disclosed by the invention can be implemented at lower cost only by updating the UE and the limited network side elements correspondingly.
Description
Technical field
The present invention relates to a kind of authentication code (Akey) renewal technology of the Subscriber Identity Module based on aerial download technology (OTA, Over the Air Technology), relate in particular to a kind of update method of user equipment authority identification sign indicating number and system, subscriber equipment.
Background technology
At present, exist more Subscriber Identity Module to duplicate phenomenon in the mobile communication market, brought certain loss for user and operator.Particularly, when the lawless person obtain duplicate card after, can monitor the conversation that is replicated card user, carry out malice free call on sb. else's expense through illegal means etc.At duplicating the card problem, general precautionary measures belong to passive prevention basically, promptly receive report when waiting by change the access network that Subscriber Identity Module stops to duplicate card for the user; Perhaps, by sharing code data (SSD, Shared Secret Data) technology such as regular update guarantees that active user's identification card only can insert a UE, but, after the card duplicator has obtained authentication code (Akey) information of Subscriber Identity Module, upgrade the SSD mode and can not limit the communication function that duplicates card, especially, it is relatively easy that present communication network obtains Akey information by correlation means, therefore, needs safer and more effective means at present badly and stops Subscriber Identity Module and duplicate.
Summary of the invention
In view of this, main purpose of the present invention is to provide a kind of update method of user equipment authority identification sign indicating number and system, subscriber equipment, can effectively prevent from the Subscriber Identity Module of subscriber equipment (UE, User Equipment) is duplicated.
For achieving the above object, technical scheme of the present invention is achieved in that
A kind of update method of user equipment authority identification sign indicating number comprises:
When satisfying the Akey update condition of UE, the exchange of the Akey relevant parameter between network side initiation and the described UE;
Described network side and described UE are based on the new Akey of each self-generating of Akey relevant parameter.
Preferably, satisfy the Akey update condition of UE, for:
Receive the Akey update request of UE, determine that described UE has the authority of upgrading Akey;
Perhaps, receive the Akey update request of UE, described UE is by authentication;
Perhaps, receive the Akey update request of UE, determine that described UE has the authority of upgrading Akey, and described UE is by authentication.
Preferably, satisfy the Akey update condition of UE, for:
When described UE was registered to described network side, described UE had the authority of upgrading Akey, and described UE Akey last time is updated to the duration that present time length surpasses setting;
Perhaps, when described UE was registered to described network side, described UE had the authority of upgrading Akey, and described UE Akey last time is updated to present time length and surpasses the duration of setting, and described UE is by authentication.
Preferably, described UE is registered to described network side, for:
Described UE is initiated to the position of described network side and upgrades.
Preferably, the exchange of the Akey relevant parameter between described initiation and the described UE, for:
Generate the exchange of the public key information of Akey between described network side and the described UE.
Preferably, described network side and described UE be based on the new Akey of each self-generating of Akey relevant parameter, for:
Described network side and each self-generating of described UE are used to generate the private key of Akey, utilize the PKI of described generation Akey, based on the new Akey of each self-generating of Diffie-Hellman algorithm.
Preferably, described UE is based on the new Akey of each self-generating of Akey relevant parameter, for:
When described UE was the separation between machine and card pattern, described UE generated new Akey in Subscriber Identity Module;
When described UE is machine card integrated pattern, in described UE, generate new Akey.
A kind of update system of user equipment authority identification sign indicating number comprises network side and UE, wherein:
Network side is used for when satisfying the Akey update condition of UE, the exchange of the Akey relevant parameter between initiation and the described UE; And, generate new Akey based on the Akey relevant parameter;
UE is used for generating new Akey based on the Akey relevant parameter.
Preferably, satisfy the Akey update condition of UE, for:
Receive the Akey update request of UE, determine that described UE has the authority of upgrading Akey;
Perhaps, receive the Akey update request of UE, described UE is by authentication;
Perhaps, receive the Akey update request of UE, determine that described UE has the authority of upgrading Akey, and described UE is by authentication.
Preferably, satisfy the Akey update condition of UE, for:
When described UE was registered to described network side, described UE had the authority of upgrading Akey, and described UE Akey last time is updated to the duration that present time length surpasses setting;
Perhaps, when described UE was registered to described network side, described UE had the authority of upgrading Akey, and described UE Akey last time is updated to present time length and surpasses the duration of setting, and described UE is by authentication.
Preferably, generate the exchange of the public key information of Akey between described network side and the described UE;
Described network side and each self-generating of described UE are used to generate the private key of Akey, utilize the PKI of described generation Akey, based on the new Akey of each self-generating of Diffie-Hellman algorithm.
A kind of subscriber equipment comprises transmitting element, receiving element and generation unit, wherein:
Transmitting element is used for sending the Akey update request to network side;
Receiving element is used to receive the Akey relevant parameter that exchanges between described subscriber equipment and the described network side;
Generation unit is used for generating new Akey based on the Akey relevant parameter.
A kind of subscriber equipment comprises transmitting element, receiving element and generation unit, wherein:
Transmitting element is used for sending register requirement to network side;
Receiving element is used to receive the Akey relevant parameter that exchanges between described subscriber equipment and the described network side;
Generation unit is used for generating new Akey based on the Akey relevant parameter.
Among the present invention; the function of upgrading Akey is set for UE; like this, UE user initiates the update request of Akey by UE, thereby the Akey of UE is brought in constant renewal in; like this; the difficulty that the Subscriber Identity Module that utilizes the Akey of UE to carry out UE duplicates is quite big, even duplicate successfully, the Akey by UE brings in constant renewal in; can make also that to duplicate card invalid, thereby effectively protect the legitimate rights and interests of UE user and operator.The present invention only can realize by UE and limited network side network element are carried out corresponding upgrading, realizes that cost is lower.
Description of drawings
Fig. 1 is the flow chart of update method of the user equipment authority identification sign indicating number of the embodiment of the invention one;
Fig. 2 is the flow chart of update method of the user equipment authority identification sign indicating number of the embodiment of the invention two;
Fig. 3 is the flow chart of update method of the user equipment authority identification sign indicating number of the embodiment of the invention three;
Fig. 4 is the flow chart of update method of the user equipment authority identification sign indicating number of the embodiment of the invention four;
Fig. 5 is the composition structural representation of a kind of subscriber equipment of the present invention;
Fig. 6 is the composition structural representation of the another kind of subscriber equipment of the present invention.
Embodiment
Basic thought of the present invention is: the user is in the renewal of constantly initiating Akey by UE, the Akey of UE is brought in constant renewal in, promoted the difficulty that the Subscriber Identity Module to UE duplicates, even Subscriber Identity Module is duplicated by the people, also can make it invalid by the renewal of Akey, thereby can farthest guarantee the fail safe of Akey.
Among the present invention, when network side is determined to satisfy the Akey update condition of UE, the exchange of the Akey relevant parameter between initiation and the described UE;
Network side and UE are based on the new Akey of each self-generating of Akey relevant parameter.
Here, satisfy the Akey update condition of UE, be meant: satisfy the Akey update condition of UE, be meant: receive the Akey update request of UE, determine that UE has the authority of upgrading Akey; This condition needs carry out purview certification to the UE that initiates the Akey update request, if duplicate card, does not then probably possess corresponding authority and is rejected and carries out Akey and upgrade, and fail safe is higher relatively.
Perhaps, satisfy the Akey update condition of UE, be meant: receive the Akey update request of UE, UE is by authentication; This condition needs carry out authentication to the UE that initiates the Akey update request, if duplicate card, does not then probably possess corresponding password and is rejected and carries out Akey and upgrade, and fail safe is higher relatively.
Perhaps, satisfy the Akey update condition of UE, be meant: receive the Akey update request of UE, determine that described UE has the authority of upgrading Akey, and described UE is by authentication.This condition has quite high fail safe, promptly need the UE that initiates the Akey update request is carried out authentication and purview certification, the UE that has only authentication to pass through just can allow it to carry out the Akey renewal, and the duration that UE was updated to current renewal last time has exceeded the setting duration.
Certainly, network side also can initiatively initiate the Akey of UE is upgraded, at this moment, satisfy the Akey update condition of UE, be meant: when UE was registered to described network side, UE had the authority of upgrading Akey, and UE Akey last time is updated to the duration that present time length surpasses setting.Here, UE is registered to described network side and is meant: UE is initiated to the incident of the UE such as position renewal of network side to the network side registration.At this moment, network side determines at first whether UE has the authority that Akey upgrades, by determining behind the purview certification that UE upgraded Akey and whether exceed the setting threshold duration apart from present time length last time, promptly network side is considered the network side resource-constrained, can not upgrade for UE carry out Akey continually again.
Perhaps, satisfy the Akey update condition of UE, be meant: when UE was registered to described network side, UE had the authority of upgrading Akey, and UE Akey last time is updated to present time length and surpasses the duration of setting, and UE is by authentication.This condition has higher fail safe, promptly need the UE that initiates the Akey update request is carried out authentication and purview certification, the UE that has only authentication to pass through just can allow it to carry out the Akey renewal, the duration that UE was updated to current renewal last time has exceeded the setting duration simultaneously, and, UE just allows it to carry out Akey and upgrades by authentication.Among the present invention, MSCe and MSC all refer to mobile switching centre, and the equal aim of HLRe and HLR belongs to location register.
For making the purpose, technical solutions and advantages of the present invention clearer, by the following examples and with reference to accompanying drawing, the present invention is described in more detail.
Embodiment one
In this example, the user initiates Akey by supplementary service and upgrades.Fig. 1 is the flow chart of update method of the user equipment authority identification sign indicating number of the embodiment of the invention one, and as shown in Figure 1, the update method of this exemplary user equipment authentication code specifically may further comprise the steps:
Step 101 by the supplementary service operation of UE, is initiated more new technological process of Akey.
Among the present invention, so-called supplementary service operation is the newly-increased business that is specifically designed to initiation Akey update request of UE; This business can be used as user's subscription data, or the value-added service that provides as operator and providing.It will be appreciated by those skilled in the art that making UE initiate certain service request is to realize easily.
Among the present invention, UE is sent to mobile switching centre (MSC, MobileSwitching Center) with the Akey update request and initiates Akey and upgrade.
Step 102, after receiving the Akey update request of UE, MSCe initiates FEATREQ to HLRe, carries user's mobile identification number (MIN, Mobile Identification Number), parameters such as Electronic Serial Number (ESN, Electronic Serial Number), Supplementary Service Code.
Step 103, HLRe determines whether UE user has the authority of upgrading Akey, instruct MS Ce initiates the RUIDIR operation.
Here, determine user's renewal Akey business of whether having contracted as HLRe by UE user's subscription data, thereby determine whether UE user has the authority of upgrading Akey, upgrade the authority that the Akey business then has renewal Akey if comprise in the subscription data, otherwise do not have authority.Perhaps, HLRe determine UE user whether opened Akey more new business determine that whether it has the authority of upgrading Akey, then has the authority of upgrading Akey, otherwise does not have an authority when opening.
Step 104, MSCe initiates the RUIDIR operation, indication user incoming traffic operator password.
Step 105, MSCe gives HLRe by RUIDIR message after collecting the business operation password.
Step 106, HLRe determines whether password is correct, correct if the user possesses the authority and the password that upgrade Akey, HLRe returns acknowledge message to MSCe.MSCe gives user's playback, and the prompting user keeps open state, and Akey will be updated.
Step 107, HLRe/OTAF (Over the Air Service Provisioning Function) initiates the operation of aerial parameter management (OTAPA, Over the Air Technology Parameter Administration) parameter downloads.
Step 108~step 109, HLRe uses D-H (Diffie-Hellman) algorithm, by eating dishes without rice or wine and the UE exchange parameter, generates Akey at HLRe and UE simultaneously.
Concrete, realize the generation of Akey between HLRe and the UE by the D-H algorithm.At first, generate the exchange of the public key information of Akey between HLRe and the UE, exchange earlier is used for the public key information that Akey generates between the two; Then, each self-generating of HLRe and UE is used to generate the private key of Akey, utilizes the private key of PKI and each self-generating to generate new Akey.
Step 110~step 111, after Akey generated and finishes, HLRe triggered a shared secret data (SSD) update.
Step 112, after the shared secret data (SSD) update success, HLRe submits Akey automatically to, promptly preserves the Akey of this renewal in its database automatically.
Step 113~step 114, HLRe constructs point-to-point short message and delivers (SMDPP, Short MessageDeliver Point to Point) short message, notifies user Akey to upgrade successfully.
Like this, all generated identical Akey, when guaranteeing that the user utilizes UE communication, also avoided duplicating the UE Subscriber Identity Module in UE side and network side.Among the embodiment one, suppose that UE is machine card integrated structure, like this, the Akey that the UE adnation becomes is stored among the UE.It will be appreciated by those skilled in the art that the duplicating of Subscriber Identity Module, come down to, be i.e. duplicating the number that distributes for the user to the duplicating of UE user identity.
Among the present invention, identical step has identical processing mode, and the step identical with embodiment one among the following embodiment no longer given unnecessary details its detailed process process.
Embodiment two
In this example, the regular update Akey of operator.Fig. 2 is the flow chart of update method of the user equipment authority identification sign indicating number of the embodiment of the invention two, and as shown in Figure 2, the update method of this exemplary user equipment authentication code specifically may further comprise the steps:
Step 207~step 208, HLRe uses the D-H algorithm, by eating dishes without rice or wine and the UE exchange parameter, generates Akey at HLRe and UE simultaneously.
Step 209~step 210, after Akey generated and finishes, HLRe triggered a shared secret data (SSD) update.
Step 213~step 214, HLRe structure SMDPP short message upgrades successfully when notifying user Akey to upgrade in this position.
Embodiment three
In this example, the user initiates UIM card Akey by supplementary service and upgrades.Fig. 3 is the flow chart of update method of the user equipment authority identification sign indicating number of the embodiment of the invention three, and as shown in Figure 3, the update method of this exemplary user equipment authentication code specifically may further comprise the steps:
Step 308~step 311, HLRe uses the D-H algorithm, and the UIM card exchange parameter by eating dishes without rice or wine with UE generates Akey at the UIM of HLRe and UE card simultaneously.
Step 312~step 314, after Akey generated and finishes, HLRe triggered a shared secret data (SSD) update.
Step 316~step 317, HLRe structure SMDPP short message notifies user Akey to upgrade successfully.
Embodiment four
In this example, the Akey of the regular update UIM of operator card.Fig. 4 is the flow chart of update method of the user equipment authority identification sign indicating number of the embodiment of the invention four, and as shown in Figure 4, the update method of this exemplary user equipment authentication code specifically may further comprise the steps: concrete steps as follows:
Step 407~step 410, HLRe uses the D-H algorithm, and the UIM card exchange parameter by eating dishes without rice or wine with UE generates Akey at the UIM of HLRe and UE card simultaneously.
Step 411~step 413, after Akey generated and finishes, HLRe triggered a shared secret data (SSD) update.
Step 416~step 417, HLRe structure SMDPP short message upgrades successfully when notifying user Akey to upgrade in this position.
The present invention has also put down in writing a kind of update system of user equipment authority identification sign indicating number, comprises network side and UE, wherein:
Network side is used for when satisfying the Akey update condition of UE, the exchange of the Akey relevant parameter between initiation and the described UE; And, generate new Akey based on the Akey relevant parameter;
UE is used for generating new Akey based on the Akey relevant parameter.
Need to prove, the present invention there is no change to the network configuration of network side, only be that the function of wherein related network elements has been carried out upgrading etc., as to wherein MSC, attaching position register (HLR, HomeLocation Register), network element such as OTAF is upgraded the function that its Akey that supports UE is upgraded.Among the present invention, UE also need support the function that Akey upgrades, and promptly has to initiate the Akey update request, carry out the mutual of Akey relevant parameter with network side and generate the ability of Akey.Perhaps, when initiating the Akey renewal by network side, UE need have the ability of carrying out the mutual of Akey relevant parameter and generation Akey with network side.
The above-mentioned Akey update condition that satisfies UE, for:
Receive the Akey update request of UE, determine that described UE has the authority of upgrading Akey;
Perhaps, receive the Akey update request of UE, described UE is by authentication;
Perhaps, receive the Akey update request of UE, determine that described UE has the authority of upgrading Akey, and described UE is by authentication.
The above-mentioned Akey update condition that satisfies UE, for:
When described UE was registered to described network side, described UE had the authority of upgrading Akey, and described UE Akey last time is updated to the duration that present time length surpasses setting;
Perhaps, when described UE was registered to described network side, described UE had the authority of upgrading Akey, and described UE Akey last time is updated to present time length and surpasses the duration of setting, and described UE is by authentication.
Generate the exchange of the public key information of Akey between described network side and the described UE;
Described network side and each self-generating of described UE are used to generate the private key of Akey, utilize the PKI of described generation Akey, based on the new Akey of each self-generating of Diffie-Hellman algorithm.
Network side in the update system of user equipment authority identification sign indicating number of the present invention specifically is meant the related network elements that relates in the previous embodiment one to embodiment four.The function that UE possessed also can be understood with reference to the associated description of previous embodiment.It will be appreciated by those skilled in the art that upgrades to said network element and UE is to realize easily.
Fig. 5 is the composition structural representation of a kind of subscriber equipment of the present invention, and as shown in Figure 5, subscriber equipment of the present invention comprises transmitting element 50, receiving element 51 and generation unit 52, wherein:
Transmitting element 50 is used for sending the Akey update request to network side;
Receiving element 51 is used to receive the Akey relevant parameter that exchanges between described subscriber equipment and the described network side;
Generation unit 52 is used for generating new Akey based on the Akey relevant parameter.
The UE of this example possesses the UE that initiatively sends Akey update request ability.
Fig. 6 is the composition structural representation of the another kind of subscriber equipment of the present invention, and as shown in Figure 6, subscriber equipment of the present invention comprises transmitting element 60, receiving element 61 and generation unit 62, wherein:
Transmitting element 60 is used for sending register requirement to network side;
Receiving element 61 is used to receive the Akey relevant parameter that exchanges between described subscriber equipment and the described network side;
Generation unit 62 is used for generating new Akey based on the Akey relevant parameter.
The function that it will be appreciated by those skilled in the art that the above-mentioned processing unit among the UE of the present invention can be passed through the relevant hardware circuit, or the mode of processor and corresponding executive software and realizing.The correlation function of above-mentioned each processing unit can be understood referring to the associated description of previous embodiment.
The above is preferred embodiment of the present invention only, is not to be used to limit protection scope of the present invention.
Claims (13)
1. the update method of a user equipment authority identification sign indicating number is characterized in that, described method comprises:
When satisfying the authentication code Akey update condition of UE, the exchange of the Akey relevant parameter between network side initiation and the described UE;
Described network side and described UE are based on the new Akey of each self-generating of Akey relevant parameter.
2. method according to claim 1 is characterized in that, satisfies the Akey update condition of UE, for:
Receive the Akey update request of UE, determine that described UE has the authority of upgrading Akey;
Perhaps, receive the Akey update request of UE, described UE is by authentication;
Perhaps, receive the Akey update request of UE, determine that described UE has the authority of upgrading Akey, and described UE is by authentication.
3. method according to claim 1 is characterized in that, satisfies the Akey update condition of UE, for:
When described UE was registered to described network side, described UE had the authority of upgrading Akey, and described UE Akey last time is updated to the duration that present time length surpasses setting;
Perhaps, when described UE was registered to described network side, described UE had the authority of upgrading Akey, and described UE Akey last time is updated to present time length and surpasses the duration of setting, and described UE is by authentication.
4. method according to claim 3 is characterized in that described UE is registered to described network side, for:
Described UE is initiated to the position of described network side and upgrades.
5. according to each described method of claim 1 to 4, it is characterized in that, the exchange of the Akey relevant parameter between described initiation and the described UE, for:
Generate the exchange of the public key information of Akey between described network side and the described UE.
6. method according to claim 5 is characterized in that, described network side and described UE be based on the new Akey of each self-generating of Akey relevant parameter, for:
Described network side and each self-generating of described UE are used to generate the private key of Akey, utilize the PKI of described generation Akey, based on the new Akey of each self-generating of Diffie-Hellman algorithm.
7. method according to claim 5 is characterized in that, described UE is based on the new Akey of each self-generating of Akey relevant parameter, for:
When described UE was the separation between machine and card pattern, described UE generated new Akey in Subscriber Identity Module;
When described UE is machine card integrated pattern, in described UE, generate new Akey.
8. the update system of a user equipment authority identification sign indicating number comprises network side and UE, it is characterized in that:
Network side is used for when satisfying the Akey update condition of UE, the exchange of the Akey relevant parameter between initiation and the described UE; And, generate new Akey based on the Akey relevant parameter;
UE is used for generating new Akey based on the Akey relevant parameter.
9. system according to claim 8 is characterized in that, satisfies the Akey update condition of UE, for:
Receive the Akey update request of UE, determine that described UE has the authority of upgrading Akey;
Perhaps, receive the Akey update request of UE, described UE is by authentication;
Perhaps, receive the Akey update request of UE, determine that described UE has the authority of upgrading Akey, and described UE is by authentication.
10. system according to claim 8 is characterized in that, satisfies the Akey update condition of UE, for:
When described UE was registered to described network side, described UE had the authority of upgrading Akey, and described UE Akey last time is updated to the duration that present time length surpasses setting;
Perhaps, when described UE was registered to described network side, described UE had the authority of upgrading Akey, and described UE Akey last time is updated to present time length and surpasses the duration of setting, and described UE is by authentication.
11. system according to claim 8 is characterized in that, generates the exchange of the public key information of Akey between described network side and the described UE;
Described network side and each self-generating of described UE are used to generate the private key of Akey, utilize the PKI of described generation Akey, based on the new Akey of each self-generating of Diffie-Hellman algorithm.
12. a subscriber equipment is characterized in that described subscriber equipment comprises transmitting element, receiving element and generation unit, wherein:
Transmitting element is used for sending the Akey update request to network side;
Receiving element is used to receive the Akey relevant parameter that exchanges between described subscriber equipment and the described network side;
Generation unit is used for generating new Akey based on the Akey relevant parameter.
13. a subscriber equipment is characterized in that described subscriber equipment comprises transmitting element, receiving element and generation unit, wherein:
Transmitting element is used for sending register requirement to network side;
Receiving element is used to receive the Akey relevant parameter that exchanges between described subscriber equipment and the described network side;
Generation unit is used for generating new Akey based on the Akey relevant parameter.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011101429769A CN102202290A (en) | 2011-05-30 | 2011-05-30 | Method and system for updating authentication key of user equipment and user equipment |
| PCT/CN2012/072737 WO2012163142A1 (en) | 2011-05-30 | 2012-03-21 | Method and system for updating authentication key of user equipment, and user equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011101429769A CN102202290A (en) | 2011-05-30 | 2011-05-30 | Method and system for updating authentication key of user equipment and user equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102202290A true CN102202290A (en) | 2011-09-28 |
Family
ID=44662609
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011101429769A Pending CN102202290A (en) | 2011-05-30 | 2011-05-30 | Method and system for updating authentication key of user equipment and user equipment |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN102202290A (en) |
| WO (1) | WO2012163142A1 (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2012163142A1 (en) * | 2011-05-30 | 2012-12-06 | 中兴通讯股份有限公司 | Method and system for updating authentication key of user equipment, and user equipment |
| CN107959927A (en) * | 2016-10-17 | 2018-04-24 | 中国电信股份有限公司 | For updating the methods, devices and systems of authentication code |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20020094974A (en) * | 2001-06-12 | 2002-12-20 | 엘지전자 주식회사 | Method of transmitting packet data, and system for the same |
| CN1870808A (en) * | 2005-05-28 | 2006-11-29 | 华为技术有限公司 | Key updating method |
| CN1972190A (en) * | 2006-12-11 | 2007-05-30 | 中国移动通信集团公司 | A method and system for consulting new authentication secret key |
| CN101009913A (en) * | 2006-01-26 | 2007-08-01 | 中兴通讯股份有限公司 | Authentication method of the personal hand-held device system |
| CN101116284A (en) * | 2004-12-17 | 2008-01-30 | 艾利森电话股份有限公司 | Anti-clone mutual authentication in a radio communication network |
| CN101378582A (en) * | 2007-08-29 | 2009-03-04 | 中国移动通信集团公司 | User recognizing module, authentication center, authentication method and system |
| CN101388770A (en) * | 2008-10-20 | 2009-03-18 | 华为技术有限公司 | Method, server and client device for obtaining dynamic host configuration protocol key |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102202290A (en) * | 2011-05-30 | 2011-09-28 | 中兴通讯股份有限公司 | Method and system for updating authentication key of user equipment and user equipment |
-
2011
- 2011-05-30 CN CN2011101429769A patent/CN102202290A/en active Pending
-
2012
- 2012-03-21 WO PCT/CN2012/072737 patent/WO2012163142A1/en active Application Filing
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20020094974A (en) * | 2001-06-12 | 2002-12-20 | 엘지전자 주식회사 | Method of transmitting packet data, and system for the same |
| CN101116284A (en) * | 2004-12-17 | 2008-01-30 | 艾利森电话股份有限公司 | Anti-clone mutual authentication in a radio communication network |
| CN1870808A (en) * | 2005-05-28 | 2006-11-29 | 华为技术有限公司 | Key updating method |
| CN101009913A (en) * | 2006-01-26 | 2007-08-01 | 中兴通讯股份有限公司 | Authentication method of the personal hand-held device system |
| CN1972190A (en) * | 2006-12-11 | 2007-05-30 | 中国移动通信集团公司 | A method and system for consulting new authentication secret key |
| CN101378582A (en) * | 2007-08-29 | 2009-03-04 | 中国移动通信集团公司 | User recognizing module, authentication center, authentication method and system |
| CN101388770A (en) * | 2008-10-20 | 2009-03-18 | 华为技术有限公司 | Method, server and client device for obtaining dynamic host configuration protocol key |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2012163142A1 (en) * | 2011-05-30 | 2012-12-06 | 中兴通讯股份有限公司 | Method and system for updating authentication key of user equipment, and user equipment |
| CN107959927A (en) * | 2016-10-17 | 2018-04-24 | 中国电信股份有限公司 | For updating the methods, devices and systems of authentication code |
| CN107959927B (en) * | 2016-10-17 | 2021-03-05 | 中国电信股份有限公司 | Method, device and system for updating authentication code |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2012163142A1 (en) | 2012-12-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10306432B2 (en) | Method for setting terminal in mobile communication system | |
| US9706512B2 (en) | Security method and system for supporting re-subscription or additional subscription restriction policy in mobile communications | |
| US8909193B2 (en) | Authentication method | |
| CN103354640A (en) | Authenticating a wireless device in a visited network | |
| KR101504173B1 (en) | Charging Method and Apparatus of WiFi Roaming Based on AC-AP Association | |
| CN102143491A (en) | MTC (machine type communication) equipment authentication method, MTC gateway and relevant equipment | |
| US11070376B2 (en) | Systems and methods for user-based authentication | |
| KR20160143333A (en) | Method for Double Certification by using Double Channel | |
| KR20140125785A (en) | Method and apparatus for efficient security management of disaster message in mobile communication system | |
| CN104185161B (en) | Universal embedded integrated circuit card, the switching method of user signing contract information and system | |
| CN109495894B (en) | Method and system for preventing pseudo base station | |
| RU2668114C2 (en) | Method of managing shared network users, corresponding device and system | |
| EP3045003B1 (en) | Paging procedure control | |
| CN102202290A (en) | Method and system for updating authentication key of user equipment and user equipment | |
| EP2557727B1 (en) | Method and system for multi-access authentication in next generation network | |
| CN100536612C (en) | A method and device to perfect the terminal authentication | |
| CN101160784A (en) | Key updating negotiation method and device | |
| CN101835150B (en) | A method, device and system for sharing encrypted data updates | |
| CN101431754B (en) | Method for preventing clone terminal access | |
| WO2018082944A1 (en) | A communication network and a method for establishing non-access stratum connections in a communication network | |
| CN100466803C (en) | A method for realizing terminal-to-network authentication in a code division multiple access network | |
| CN100372431C (en) | A CDMA system end-to-end encrypted communication method | |
| CN106899568A (en) | The method and apparatus that a kind of Service Ticket of internet of things equipment updates | |
| EP2476271A1 (en) | Method for binding secure device to a wireless phone | |
| CN110557745A (en) | System and method for managing locking of user equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20110928 |