[go: up one dir, main page]

HK1150925B - Methods and apparatuses generating a radio base station key in a cellular radio system - Google Patents

Methods and apparatuses generating a radio base station key in a cellular radio system Download PDF

Info

Publication number
HK1150925B
HK1150925B HK11104863.3A HK11104863A HK1150925B HK 1150925 B HK1150925 B HK 1150925B HK 11104863 A HK11104863 A HK 11104863A HK 1150925 B HK1150925 B HK 1150925B
Authority
HK
Hong Kong
Prior art keywords
base station
radio base
key
radio
derived
Prior art date
Application number
HK11104863.3A
Other languages
Chinese (zh)
Other versions
HK1150925A1 (en
Inventor
Rolf Blom
Karl Norrman
Magnus Lindström
Original Assignee
Telefonaktiebolaget L M Ericsson (Publ)
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telefonaktiebolaget L M Ericsson (Publ) filed Critical Telefonaktiebolaget L M Ericsson (Publ)
Priority claimed from PCT/EP2008/058450 external-priority patent/WO2009074356A1/en
Publication of HK1150925A1 publication Critical patent/HK1150925A1/en
Publication of HK1150925B publication Critical patent/HK1150925B/en

Links

Description

Method and arrangement for generating radio base station keys in a cellular radio system
Technical Field
The present invention relates to a method and arrangement for providing secure communication in a cellular radio system.
Background
Evolved Packet System (EPS) is a standardized cellular telecommunications standard standardized in the third generation partnership project (3 GPP). EPS is part of the Long Term Evolution (LTE) of third generation cellular systems designed to meet the demand for higher user bit rates. In EPS, Access Stratum (AS) traffic is protected by cryptographic means. In particular, the user plane is privacy protected and the Radio Resource Control (RRC) signaling is privacy and integrity protected. The key used to provide encryption is derived from a cryptographic key called K _ eNB.
When a mobile station, also referred to as User Equipment (UE), is handed over from one base station, the K _ eNB of the originating source base station is transformed into a transformed key called K _ eNB in the source evolved node (eNB), i.e. base station, before being transferred to the target eNB. Currently, the target eNB transforms K _ eNB along with the user target eNB cell radio network temporary identifier (C-RNTI). Thereby enabling the use of the transformed cipher key to provide continuous encryption between the UE and the target base station.
It has furthermore been decided that not only the intended target cell should be prepared to accept a particular mobile station, but also other base stations will be able to do so. The root cause is to facilitate recovery from radio link failures, particularly failed handovers. To facilitate acceptance by base stations other than the target base station, the source base station eNB sends key information and a Terminal Identity Token (TeIT) to the set of "to-be-prepared" base stations. The source base station eNB typically sends key information and a terminal identity token (TeIT) to base stations located close to the target base station and/or close to the source base station. However, if the same security token is shared by all enbs in the to-be-prepared set, any of them may masquerade AS a mobile station, at least until AS protection is enabled.
One problem in the existing proposed standards is that the same transformed key K _ eNB should not be used by all base stations, as this would allow all base stations in the to-be-prepared set to generate the K _ eNB that is ultimately used by the base station after the handover. See document Td S3a070975 (distribution to SA3, Td S3a070975) of SA 3. One proposed solution is for the system to generate initial data for use in the transformation of K _ eNB for a given base station eNB in the ready set of base stations. This initial data is then forwarded to the base station eNB together with the corresponding base station key K _ eNB.
Also, the document "Key refresh InSAE/LTE, S3-070234", XP-002445697 describes a method in which data is sent over the air interface when a new base station Key is generated, thereby generating an input.
However, there is a continuing need to reduce complexity and enhance security in existing telecommunication systems. There is therefore a need for an improved method for providing secure communication in a cellular radio system.
Disclosure of Invention
It is an object of the present invention to provide an improved method for providing secure communication in a cellular radio system.
This and other objects are achieved by a method, a radio system node and a user equipment set forth in the appended claims. Thus, by creating the radio base station key and/or terminal identity token using data known to both the mobile station and the radio base station, secure communications can be established and enhanced without the need to provide additional secure network components or additional signaling.
According to one embodiment, a derived radio base station key in a cellular radio system is generated. The derived radio base station key is created in response to the determined set of common data bits and an existing cryptographic key for secure communication between the radio base station and the user equipment. The common data may be, for example, data bits associated with the radio access technology, such as data bits identifying a physical cell identification code. In this way, a cryptographic base station key specific to each radio base station is derived for each radio base station, thereby increasing security in the system. Furthermore, the specific cryptographic key may be derived without additional signaling and/or the need to generate specific input data when deriving the cryptographic key specific to each radio base station, which reduces complexity and provides a high level of security.
According to one embodiment, a terminal identity token is created for identifying a user equipment, UE, connected to a radio base station in a radio system. The UE is adapted to communicate with the radio system via a secure communication associated with an existing ciphering key. When creating the terminal identity token, a set of data bits known to both the UE and the source radio base station is determined. A terminal identity token is then generated in response to the determined set of data bits, the terminal identity and the existing key. Thereby, a terminal identification code label specific to each radio base station is obtained, thereby improving security in the system.
According to one embodiment, a method of identifying a user equipment, UE, in a radio system is provided. The UE communicates with the radio system via a secure communication associated with an existing ciphering key. A first terminal identity token is generated in the radio base station to which the user equipment is currently connected. The first terminal identity token is then distributed to a plurality of other radio base stations of the radio system. A second terminal identity token is also generated in the user equipment. The second flag is communicated to one of the other radio base stations. When the second indicia is received by the radio station, the UE is identified by comparing the first terminal identity indicia and the second terminal identity indicia. The first terminal identity token and the second terminal identity token are each created in response to the terminal identity and an existing key. Thus, the disconnected terminal can be reconnected to the system via a secure identification process.
The invention also extends to a node and user equipment adapted to implement the method described above.
Using the method, node and user equipment according to the invention will provide a more efficient and secure procedure for providing secure communication in a radio system. This is achieved by using data available to the radio base station and the user equipment when deriving the cryptographic key or terminal identity token.
Drawings
The invention will now be described in more detail, by way of non-limiting example, and with reference to the accompanying drawings, in which:
figure 1 is a diagram illustrating a cellular radio system,
figure 2 is a flow chart showing steps performed in a process for creating a radio base station key,
figure 3 is a flow chart showing the steps performed in the source radio base station when preparing to verify the authenticity of a moving mobile station,
figure 4 is a flow chart showing steps performed in a target radio base station when verifying the authenticity of a mobile station,
figure 5 is a flow chart showing steps performed in a mobile station when verifying the authenticity of the mobile station for a cellular radio system,
fig. 6 is a view of a radio base station, an
Fig. 7 is a view of a user equipment.
Detailed Description
Reference is made below to the LTE system in the exemplary embodiment described. However, the present invention is not limited to LTE systems, but is applicable to any radio system that uses radio base station keys to protect data transmitted to and from mobile stations associated with radio base stations.
In fig. 1, a schematic diagram of a cellular radio system 100 providing encrypted communications for a mobile station, also referred to as User Equipment (UE)101, is shown. The UE 101 transmits data to the radio base station 103 and receives data from the radio base station 103. In case the cellular radio system is an LTE system, the radio base station 103 is usually referred to as evolved nodeb (enb). As the UE 101 moves around in the geographical area covered by the cellular radio system 100, it is sometimes necessary to handover the connection from one radio base station to another. Sometimes, the UE may also lose the connection to the cellular radio system 100 and may then need to reconnect to the cellular radio system. In both cases, it is desirable to maintain a secure connection between the cellular radio system 100 and the UE 101.
In case the UE moves from the area covered by the radio base station 103 towards the area covered by the radio base station 105, the cellular radio system prepares a handover from the source radio base station 103 to the target radio base station 105. Also, since it may sometimes be difficult to predict to which radio base station the mobile station 101 is to be handed over, a plurality of other radio base stations may also be prepared for handover. The "to-be-prepared" radio base station is represented in fig. 1 by a single radio base station 107.
During handover, new radio base station keys need to be derived, available for continuous secure communication between the mobile station 101 and the radio base stations 105, 107 to which the connection is transferred after handover. The new base station key may be referred to as a transformed or derived base station key. In case the cellular radio system is an LTE system, the transformed key may be labeled K _ eNB.
According to an aspect of the invention, the information for creating the unique transformed base station key K _ eNB in the to-be-prepared set may be based on the least significant bits of the identification code known (or made known) to both the mobile station UE and the radio base station eNB. For example, a 9 bit E-UTRAN physical cell identity, here denoted as PhyCell _ ID, or some other cell specific data determined by the Radio Access Technology (RAT) context may be used. According to one embodiment, the transformation may utilize a Pseudo Random Function (PRF) or a hash function, with the source base station key K _ eNB and cell data, e.g., the PhyCell _ ID bits, as inputs. Other input parameters may also be included. Examples of other parameters may be C-RNTI or any other user specific information, data identifying when a key may be used, etc.
The mobile station will know the PhyCell _ ID bit from its Radio Access Technology (RAT) context. In the above exemplary embodiments, the derivation of the target base station key K _ eNB for a given base station eNB with PhyCell _ ID may in one exemplary embodiment be written as:
K_eNB*=PRF(K_eNB_Source),PhyCell_ID bits,Other_parameters)
according to another aspect of the invention, the terminal identity token TeIT may be formed in a corresponding manner and may be made unique for each base station eNB, i.e. it may also be derived by applying the PRF to the mobile station identity, the base station key K _ eNB of the source and the PhyCell _ ID bit of the receiving base station eNB. Other input parameters may also be included. Examples of other parameters may be C-RNTI or any other user specific information, data identifying when a key may be used, etc.
Furthermore, when the mobile station is required to prove its identity, it may be adapted to generate a corresponding identity token. This is typically the case during handover when the user equipment is connected to a new radio base station and the system needs to verify the identity of the user equipment, or if the connection to the user equipment is lost and the user equipment needs to reconnect to the system.
According to one embodiment, the terminal identity token 1(TeIT1) may be defined as:
TeIT1 ═ PRF (K _ eNB _ Source, Terminal _ ID, PhyCell _ ID bits, Other _ parameters) in fig. 2, a flow chart is shown for explaining the steps performed when generating the base station encryption key for the secure connection between the mobile station 101 and the cellular radio system 100 when the secure connection is handed over from one Source radio base station 103 to the target radio base station 105, 107. First, in step 201, the system detects that there may be a handover. For example, the system may determine from radio measurements that the mobile station 101 is close to the cell border of the source radio base station. Subsequently, in step 203, the source radio base station generates a transformed base station key and transmits it to the target base station 105. The source base station 103 may also send the transformed base station key to the set of "to be prepared" radio base stations 107, step 203. The transformed base station key may be derived as described above. According to one embodiment, the source base station also transmits a terminal identity token in step 205. The terminal identity token may be, for example, a token generated as the token TeIT1 described above. The handover may then be performed in a conventional manner as indicated by step 207.
According to another embodiment of the invention, the source base station eNB may be adapted to distribute a common label TeIT3 to all base stations in the set to be prepared. This flag may be an output from a PRF applied to an output from a second PRF having as inputs at least a terminal identity and K _ eNB. Other input parameters may also be provided. Examples of other parameters may be C-RNTI or any other user specific information, data identifying when a key may be used, etc.
According to an exemplary embodiment, when the mobile station transmits its identity token information TeIT2, it transmits the base station key K _ eNB and the PRF of the terminal identity. The receiving base station may apply an outer prf (outer prf) to TeIT2 received from the terminal and compare the result with the identity token received from the source base station, TeIT 3. If the two entities correspond, the terminal identity is determined to have been established. Expressed in different ways, the terminal identity tokens 2 and 3 can be written as:
TeIT2=PRF(K_eNB_Source,Terminal_ID,Other_parameters)
TeIT3=PRF(TeIT2,Other_parameters2)
the comparison in the base station of TeIT2 received from the mobile station and TeIT3 received from the source eNB may be performed as follows:
TeIT3=?=PRF(TeIT2,Other parameters2),
wherein? The term "comparison operation" means a comparison operation.
In the above description, the Terminal _ ID may be, for example, a C-RNTI or any other user-specific information assigned to the Terminal in the source base station eNB, data identifying a time when the key may be used, or the like.
Thus, if, for example, the connection of the UE 101 is lost and the UE 101 needs to reconnect to the cellular radio system 100, all radio base stations having access to the TeIT3 identity token information can verify the authenticity of the mobile station transmitting the identity token TeIT 2.
According to one embodiment, the transformed base station key K _ eNB for the target base station eNB may be derived in the same way as the radio base stations eNB in the set to be prepared. The target base station eNB may then receive the same type of information as all other preparation base stations enbs, since the handover may fail and the mobile station will then try to reconnect to the intended target base station eNB.
In fig. 3, a flow chart is shown for explaining the steps performed in the source radio base station when preparing to verify the authenticity of the moving mobile station. First, in step 301, a source radio base station determines to transmit terminal identity tokens to a plurality of other radio base stations. The reason for transmitting the terminal identity token may be, for example, that there is a handover procedure in progress. The terminal identity token may be generated, for example, at step 303 as the TeIT3 token as described above. Subsequently, the flag is transmitted to the other radio base station in step 305. The other radio base stations may typically be neighbouring radio base stations to which the mobile station may be connected in the near future.
In fig. 4, a flow chart of steps performed in the target radio base station when verifying the authenticity of the mobile station is shown. First, in step 401, the target radio base station receives a tag identification code TeIT3 from the source radio base station. Subsequently, in step 403, the target radio base station receives the terminal identity token TeIT2 from the mobile station. Then, the target base station compares the tag identity TeIT3 with the terminal tag identity TeIT2 in step 405. Finally, in step 407, the target radio base station verifies the authenticity of the mobile station based on the comparison in step 405.
In fig. 5, a flow chart of steps performed in a mobile station when verifying the authenticity of the mobile station for a cellular radio system is shown. First, in step 501, a mobile station is triggered to send an authentication message. For example, during handover or when the connection is lost, the mobile station may need to (re) authenticate itself to the radio base station of the cellular radio system. Subsequently, the mobile station generates a terminal identity token in step 503. The terminal identity token may be generated as the terminal identity token TeIT2 as described above. Finally, the mobile station transmits an authentication message to the radio base station of the cellular radio network in step 505, from which the cellular radio system can authenticate the mobile station.
In fig. 6, an exemplary radio base station 103 adapted to generate a transformed cryptographic radio base station key according to the above is shown. The radio base station comprises a module 601 for selecting data for use in creating a cryptographic key or a terminal identity token according to the above. The module 601 is connected to a module 603 adapted to generate a cryptographic key or a terminal identity token according to what has been described above. The exemplary radio base station 103 may further comprise an identifier module (identifier module)605 adapted to identify the UE connected to the radio base station using the terminal identity token as described above.
In fig. 7, an exemplary User Equipment (UE)101 adapted to generate a terminal identity token according to the above is shown. The UE comprises a module 701 for selecting data for use in creating a terminal identity token according to the above. The module 701 is connected to a module 703 adapted to generate a terminal identity token according to the above. The terminal identity token generated in the module 703 may be transmitted by a token transmitter 705 connected to the module 703.
Using the methods and systems described herein will provide a more efficient procedure for providing secure communication in a cellular radio system in handover situations and in situations requiring authentication of the mobile station.

Claims (6)

1. A method of creating a derived radio base station key in a source radio base station of a cellular radio system connected to a user equipment, UE, connectable to said cellular radio system, characterized by the steps of:
-creating (203) the radio base station key in response to a determined set of data and an existing cryptographic key for communication between the user equipment, UE and the source radio base station, wherein the determined set of data are physical cell identity bits derived from a cell identity of a cell associated with a target radio base station, the physical cell identity bits being known to both the user equipment and the source radio base station.
2. A method according to claim 1, characterised by the step of using additional input parameters as input data when creating the derived radio base station key.
3. The method according to any of the claims 1 to 2, characterised by the step of creating the derived radio base station key using a pseudo-random function.
4. A node (103) for use in a cellular radio system, the node being adapted to create a derived radio base station key, the node being further characterized by:
-means (601) for determining a set of data being physical cell identity bits derived from a cell identity of a cell associated with a target radio base station, the physical cell identity bits being known to a user equipment, a UE, and a radio base station of the cellular radio system, all communicating with the cellular radio system via a secure communication associating an existing cryptographic key, and
-means (603) for creating the radio base station key in response to the determined set of data and the existing key.
5. The node according to claim 4, characterized by means for using additional input parameters as input data when creating the derived radio base station key.
6. The node according to any of claims 4 to 5, characterized by means for creating the derived radio base station key using a pseudo-random function.
HK11104863.3A 2007-12-11 2008-07-01 Methods and apparatuses generating a radio base station key in a cellular radio system HK1150925B (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US1281407P 2007-12-11 2007-12-11
US61/012814 2007-12-11
PCT/EP2008/058450 WO2009074356A1 (en) 2007-12-11 2008-07-01 Methods and apparatuses generating a radio base station key in a cellular radio system

Publications (2)

Publication Number Publication Date
HK1150925A1 HK1150925A1 (en) 2012-01-13
HK1150925B true HK1150925B (en) 2015-04-24

Family

ID=

Similar Documents

Publication Publication Date Title
EP2220883B1 (en) Methods and apparatuses generating a radio base station key in a cellular radio system
CN101682931B (en) Method for generating mobile station, base station and traffic encryption key
CN107196920B (en) A kind of key generation distribution method towards wireless communication system
CN101945386B (en) A kind of method and system realizing safe key synchronous binding
CN101309503A (en) Wireless handover method, base station and terminal
CN101521873A (en) Method for enabling local security context
CN101742492B (en) Key processing method and system
WO2008152611A1 (en) Apparatus, method and computer program product providing transparent container
CN108337661B (en) Ticket-based LTE-R vehicle-ground communication access layer handover authentication method
HK1150925B (en) Methods and apparatuses generating a radio base station key in a cellular radio system
HK1185209B (en) Methods and apparatuses generating a radio base station key in a cellular radio system
EP3174326B1 (en) Method for providing a wireless user station for access to a telecommunication network through a network wireless access point, associated network wireless access point and wireless user station
KR102593167B1 (en) Operation method of a communication network system
HK1200637B (en) Methods and apparatuses generating a radio base station key in a cellular radio system
CN100499899C (en) Playback attack prevention method
Ji et al. A Scheme for Authentication and Traceability of 5G Mobile Terminal Based on IPv6 and Blockchain
CN119450473A (en) Session establishment method and related device
KR20150135715A (en) Apparatus and method for protecting privacy of user in mobile communication network