[go: up one dir, main page]

WO2012088661A1 - Method for enhancing usage security of subscriber identity module - Google Patents

Method for enhancing usage security of subscriber identity module Download PDF

Info

Publication number
WO2012088661A1
WO2012088661A1 PCT/CN2010/080365 CN2010080365W WO2012088661A1 WO 2012088661 A1 WO2012088661 A1 WO 2012088661A1 CN 2010080365 W CN2010080365 W CN 2010080365W WO 2012088661 A1 WO2012088661 A1 WO 2012088661A1
Authority
WO
WIPO (PCT)
Prior art keywords
sim
user
security
identification module
user identification
Prior art date
Application number
PCT/CN2010/080365
Other languages
French (fr)
Chinese (zh)
Inventor
黄正全
Original Assignee
北京邮电大学
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 北京邮电大学 filed Critical 北京邮电大学
Priority to PCT/CN2010/080365 priority Critical patent/WO2012088661A1/en
Publication of WO2012088661A1 publication Critical patent/WO2012088661A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal

Definitions

  • the invention belongs to the technical field of mobile communication and smart card application, and particularly relates to an enhanced user identification module (Subscriber Identity) Module, SIM) uses a secure method.
  • SIM Subscriber Identity Module
  • the SIM is used to correlate information related to the user, and at the same time, the related business information signed by the user is also saved, so the security of the SIM is very important, and if the information is leaked or copied, it may lead to illegal use. It is a serious hazard to normal communication services.
  • the first situation occurs in the distribution of SIM. Due to the numerous distribution links and channels involved, the SIM may have been illegally copied by the criminals before being distributed to the user, but the user is unaware; after that, once the user is enabled The copied SIM gives the pirate a chance to use it, and the thief can use the copied SIM to illegally use the communication service contracted by the normal user, causing economic or other losses to the user.
  • the second case occurs during the use of the SIM. Due to improper use or other reasons, the SIM is illegally copied and used by the user, but the user cannot know or control in time, thereby causing serious consequences.
  • the security protection measures for SIM security are usually concentrated in the manufacturing stage of SIM. Once the SIM production is completed, its security and confidential data are unchanged, and the SIM can only be used by the physical security of the SIM itself. Protection is a static protection method. As long as the data is cracked or copied, the security of the SIM is completely destroyed and can no longer be put into use. At the same time, for the user, due to the lack of effective means and channels, it is impossible to know and control the security status of SIM, and it is impossible to actively participate in the security protection process of SIM. Only when their interests are violated, they know the security of their SIM. The status has gone wrong, and it can be seen that the user's protection against SIM security is always in a passive protection state.
  • the present invention aims to provide a method for preventing unauthorized use of SIM by allowing users to actively participate and coordinate monitoring by operators, and realize active management and dynamic monitoring for visualizing the security state of the SIM throughout the use process. From passive defense to active defense, from static management to dynamic management.
  • the SIM includes, but is not limited to, SIM in a GSM system, UIM in a CDMA system (User Identity Model (User Identity Module), USIM (User Service) in 3G (3rd Generation, 3rd Generation) Mobile Communication System Identity Module, User Service Identification Module, other systems employing similar Subscriber Identity Modules/Smart Cards are also applicable to the spirit and spirit of the present invention.
  • GSM Global System for Mobile communications
  • UIM User Identity Module
  • USIM User Service
  • 3G 3rd Generation, 3rd Generation
  • Mobile Communication System Identity Module User Service Identification Module
  • other systems employing similar Subscriber Identity Modules/Smart Cards are also applicable to the spirit and spirit of the present invention.
  • the present invention addresses the above problems, adopts the idea of combining active defense and dynamic management, and expands and enhances the related functional entities in the mobile communication system to add new security data and operation flow, thereby realizing the hiding of the original security data. And protection, so that users can proactively prevent, monitor, and control the security of the SIM, prevent illegal copying and misappropriation of the SIM, and protect the interests of users and operators.
  • the method for enhancing security of the SIM of the present invention comprises three phases: first, performing SIM secure registration when the SIM first accesses the network, completing the function of querying the freshness of the SIM and setting new security data; and then, the SIM is normal.
  • the new security data is used to check the security status of the SIM, and the new security data can be updated and dynamically managed at the same time. Finally, if the status is abnormal, the user is prompted to control the use of the SIM to form a complete active protection. system.
  • the method for enhancing security of the SIM of the present invention specifically includes the following operations:
  • the system needs to check the freshness of the SIM, that is, check whether the SIM is the first time to access the network, whether it has been registered in the network or has been used.
  • the communication system is based on SIM related information such as International Mobile Subscriber Identity/Temporary Mobile Subscriber Identification Number (IMSI/TMSI, International) Mobile Subscriber Identity/Temporary Mobile Subscriber Identity), query system records, and feed back the test results to the user; at the same time, record the ME related information used for registration of this SIM network access, such as International Mobile Equipment Identification Number (IMEI, International) Mobile Equipment Identity) for later use.
  • IMSI/TMSI International Mobile Subscriber Identity/Temporary Mobile Subscriber Identity
  • an activation code After passing the freshness check, two data are randomly generated by the system network side as an activation code (AC, Activation). Code) is sent to the user side, one as the SIM activation code (SAC, SIM Activation Code) and the other as the mobile terminal (ME, Mobile) Equipment) Activation Code (MAC, ME Activation) Code). Each SIM and its ME have a corresponding AC.
  • the network side saves the correspondence between the SIM/ME and the activation code for checking. Since the AC is field-generated data, it has strong timeliness and randomness, and is not easy to be copied and stolen, thereby preventing illegal copying and misappropriation of the SIM, and also preventing the use of SIMs that are illegally copied in advance because of illegally copied SIMs. There is no matching SAC. At the same time, it can also improve the security of the ME.
  • SIM security code (SC, Security). Code) and sent to the network side.
  • SC SIM security code
  • SC Service Security code
  • Each SIM has a corresponding SC.
  • SC can prevent copying or embedding the SIM and prevent the use of SIMs that were previously illegally copied.
  • the present invention adopts a multi-factor combination method to securely combine Ki with AC (SAC, MAC) and SC, and generates a Ki mask according to the following formula 1 (KiM, Ki) Mask):
  • KiM f(Ki,SAC,MAC,SC) (1)
  • f() represents a functional relationship or algorithm implementation, which implements a secure combination of several data such as Ki, SAC, MAC, and SC.
  • KiM Used to replace the original encryption key Ki.
  • KiM Used to replace the original encryption key Ki.
  • KiM is used instead of Ki for related authentication and encryption processing. Because KiM is generated by field-generated data combination, it has strong timeliness, which not only prevents SIM from being copied and stolen, but also prevents the use of illegally copied SIMs, which prevents pre-emptive and in-process monitoring.
  • the present invention combines the IMSI with the AC and the SC by using a multi-factor combination method, as shown in the following formula 2,
  • IMSI_M g(IMSI,SAC,MAC,SC) (2)
  • g () represents a functional relationship or algorithm implementation, to achieve a safe combination of several data such as Ki, SAC, MAC, SC.
  • IMSI_M Generate IMSI mask (IMSI_M, IMSI) Mask), instead of IMSI, hides and protects the real IMSI.
  • IMSI_M is used instead of the real IMSI when other IMSIs are needed, and the real IMSI is no longer used, thereby protecting the user's real identity and SIM security.
  • IMSI_M is generated by field-generated data combination, it has strong timeliness and randomness, which not only prevents SIM from being copied and stolen, but also prevents illegal copying of SIM, preventing precaution and monitoring. The role.
  • the present invention designs a new data - SIM uses the serial number (SUSN, SIM Used) Serial Number), used to record the number of SIM access times.
  • SUSE is initialized when the SIM first enters the network.
  • the user side and the network side simultaneously record and update SUSE.
  • SUSE adopts the method of loop counting, which can be generated by the user side or the network side and then sent to the other party. It can also be calculated by the user side and the network side respectively.
  • the SIM is authenticated every time, the system compares the SUSEs stored on the user side and the network side to check whether they are consistent, so as to determine whether there is a misappropriation of the SIM. If the SUSEs on both sides are the same, or within a reasonable error range, the SIM is not stolen; otherwise, the SIM is stolen and the user is prompted to process.
  • SIM security update During the use of the SIM, the user can dynamically update the newly added security data in the SIM, including AC, SC, KiM, IMSI_M, etc., so that the newly added security and confidential data is constantly changed to avoid being copied and stolen, and further improved. SIM and the security of its use.
  • SIM re-register Under normal circumstances, if the SIM is found to be stolen, the user can only replace the SIM, and the procedures and procedures are troublesome, resulting in the inability to use the communication service in time.
  • the present invention adopts the SIM re-registration method, and the user actively updates the relevant security data in the SIM, and regenerates new security and confidential data, including AC, SC, KiM, IMSI_M, SUSE, etc., to copy and steal.
  • the SIM has no effect, but its SIM can still be used, achieving the same effect and purpose as the direct SIM replacement, but avoiding the troubles and links of directly replacing the SIM.
  • the present invention also checks and limits the use environment of the SIM, and the limited SIM can only be used on the ME that has been registered and authenticated, that is, the machine card association verification.
  • the SIM is registered for the first time
  • the ME is registered in the SIM and the network side, and the related information of the ME is recorded in the SIM, including the IMEI;
  • the network side mainly increases the association information between the ME and the SIM, thus forming a The first layer of the card binding relationship between the SIM and the ME.
  • the network side generates AC (SAC, MAC) for both SIM and ME, and then uses the SAC and MAC to jointly generate KiM, so that SIM and ME form a second layer card binding relationship.
  • the binding relationship between the two layers can be verified. Since the IMEI is easy to forge, the present invention does not verify the first layer binding relationship, but mainly verifies the second layer machine card binding relationship. There is no special explanation in the future, and the machine card binding relationship refers to the second layer machine card binding relationship.
  • KiM KiM
  • SIM binding security is enhanced by binding to the ME. If the user needs to replace the new ME, you need to unbind the SIM card, unbind the SIM from the old ME, and then bind the SIM to the new ME to re-set the security registration. So that the SIM can be used normally on the new ME. Through this series of binding and unbinding operations, it can be ensured that the ME where the SIM is located is authenticated by the user and is safe, thus ensuring the security of the SIM.
  • KiM f(Ki,SAC,SAC,SC) (3)
  • the KiM generated by the above method encrypts the data of the old and new MEs and sends the data to the network side for network access authentication. After the authentication is successful, the related confidential data is regenerated, and the machine card is bound. The security replacement of the ME is completed, and the security data of the SIM is dynamically updated to enhance the security of the SIM.
  • the new ME is registered in the system and generates a MAC for it, and the SIM can successfully access the network.
  • the present invention firstly combines the secret data generated on-site when the SIM is first accessed, and generates new confidential data to replace the original static secret data, thereby improving the security of the data and
  • the data is dynamically updated and managed to achieve active defense.
  • the new confidential data is generated through negotiation.
  • the security of the SIM is unilaterally protected by the user side, and the network side and the user side are cooperatively protected, which can effectively prevent the SIM from being copied and Theft; finally, through the machine card association verification, the SIM environment is authenticated and protected to further enhance the security during SIM use.
  • the above various operating procedures can be flexibly combined to form a complete protection system for pre-prevention, in-process monitoring and post-event control.
  • the enhanced SIM security system of the present invention adds new security data and operation flow without changing the structure of the communication system, thereby expanding the functions and functions of the related functional entities, thereby achieving the purpose of enhancing the security of the SIM use.
  • the system includes two parts: the user side and the network side.
  • the user side includes a SIM and an ME.
  • the SIM stores various confidential data such as mobile user identity information and service information, such as IMSI, Ki, and the like.
  • ME refers to devices with mobile communication functions, such as mobile phones, personal digital processing, mobile communication data cards, portable mobile computers, and the like.
  • the network side generally refers to the network that the operator provides the mobile communication service.
  • the present invention only describes related functional entities related to the authentication of the mobile user identity and service, including the home subscriber server (HSS, Home). Subscriber Server), Mobile Switching Center/Visit Location Register (MSC/VLR, Mobile Switching Center/Visiting) Location Register), Device Identification Register (EIR, Equipment Identity) Register) and other functional entities; HSS specifically includes home location register (HLR, Home Location) Register) and functional entities such as the Authentication Center (AuC).
  • HSS home subscriber server
  • MSC/VLR Mobile Switching Center/Visiting Location Register
  • EIR Equipment Identity Register
  • HSS specifically includes home location register (HLR, Home Location) Register) and functional entities such as the Authentication Center (AuC).
  • the new secret data generated by the method of the present invention needs to be stored in a security function module or entity in the system. It can be stored in existing functional modules or entities in the communication system, such as SIM, HSS/AuC/HLR; it can also be saved with new functional modules or entities.
  • Some secret data generated by the user on the user side may be stored in the SIM or in the ME. If it is stored in the ME, the corresponding backup measures must be set so that when the user replaces the new ME, the relevant data can be transferred to the new ME to ensure that the SIM can still be used normally.
  • the new secret data generated by the invention on the network side may be stored in one or more functional entities, such as HSS/AuC/HLR, according to a specific network structure.
  • the IMSI_M and KiM generated by the method of the present invention can be directly calculated and stored in the system, or can be temporarily calculated only when needed, and avoid long-term storage.
  • the method and the flow of the present invention can be implemented as an ME application on the user side, as a SIM application, or a combination of the two.
  • the method and the process of the present invention can be used alone, one process can implement one method, or only one method can be used; or can be combined and used to combine multiple methods to form one or more processes.
  • the user can take the initiative to master the security status of the SIM, so as to prevent, monitor, and control in advance, detect and prevent theft in time, and avoid losses and harms.
  • Operators can enhance user confidence in the security of SIM and communication services, improve service quality and brand image, and thus enhance user loyalty.
  • FIG. 1 is a simplified schematic diagram of a mobile communication system, showing only some of the functional entities associated with the present invention.
  • FIG. 2 is a schematic diagram of an implementation of a system structure of the present invention.
  • Figure 3 is a general flow chart of SIM security registration.
  • FIG. 4 is a schematic diagram of a detailed flow of data interaction and operation during SIM security registration.
  • Figure 5 is a schematic diagram of a generation method of KiM.
  • Figure 6 is a schematic structural view of an IMSI.
  • Fig. 7 is a schematic structural view of an IMSI_M.
  • FIG. 8 is a schematic diagram of a generation manner of MSIN_M.
  • FIG. 9 is a schematic diagram of a SIM network verification process.
  • FIG. 10 is a schematic diagram of an update SC operation flow.
  • Figure 11 is a general flow chart of SIM re-safe registration.
  • Figure 12 is a schematic diagram of the detailed process of SIM re-authentication registration.
  • Figure 13 is a schematic diagram of the process of rebinding the card.
  • Figure 18 is a schematic diagram showing the operation function of the method of the present invention on the user side.
  • IMSI/TMSI/Ki confidential data
  • IMSI is used to identify the identity of the user and the business appointment relationship between the user and the network.
  • the TMSI is allocated by the MSC/VLR for each incoming user after the user enters the network, and is used to keep the IMSI confidential to communicate with the IMSI.
  • Ki is a communication encryption key for user identity authentication and communication encryption.
  • IMEI is the unique device identification code of the ME. Each ME has its own unique device ID.
  • different functional entities are used to store corresponding data, such as IMSI, Ki in HSS/AuC/HLR, IMEI in EIR, and TMSI in MSC/VLR.
  • an implementation of the system structure of the present invention performs functional expansion on related functional entities on the user side and the network side, mainly by adding some new confidential data, as shown by the italicized text symbols in the figure.
  • New security data On the network side, in order to reduce the amount of communication and the amount of calculation between entities, this embodiment directly stores KiM and IMSI_M.
  • the enhanced SIM uses security method of the present invention, when the system is initially established, or when each new SIM joins, the system establishes relevant recording and allocation storage space for each SIM, for storing the required requirements of the present invention. New safety data and records.
  • the enhanced SIM of the present invention uses a method of security, first performing a SIM secure registration operation. It is done when the user first enables SIM. This operation can be initiated either by the user, such as operating the SIM application menu, or automatically by the SIM. This embodiment is described by taking the method initiated by the user as an example.
  • the overall process of the SIM security registration operation is shown in Figure 3.
  • the data interaction and operation flow between the user side and the network side is shown in Figure 4.
  • Figure 4 is not completely in accordance with the flow shown in Figure 3, but is partially optimized.
  • the SIM secure registration operation includes the following steps:
  • SIM security registration process is initiated by operating the SIM application menu, and the SIM security registration request is sent to the network side.
  • S302 check the freshness of the SIM.
  • the network side checks the internal related database to check whether the SIM has been registered or has been used, so as to determine whether the SIM is fresh, that is, whether it is the first Used in the network.
  • This embodiment checks the freshness of the SIM by checking whether SUSE is 0.
  • S303 Determine the freshness of the SIM.
  • the network side determines whether the SIM is fresh according to the check result, that is, whether SUSE is 0. If it is not fresh, prompt the user and end the operation; otherwise, proceed to the next step.
  • S304 Generate an AC, including SAC and MAC.
  • the network side generates a SAC for the SIM that passes the freshness check, and simultaneously generates a MAC for the ME and sends it to the user side.
  • S305 setting SC.
  • the user side sets the SC for the SIM and sends it to the network side.
  • KiM is generated in accordance with the formula 1 of the content section of the invention unless otherwise specified.
  • IMSI_M Generate IMSI_M.
  • the system combines the generated SAC, MAC and SC, combined with the IMSI, to generate IMSI_M, which is used to hide and replace the IMSI, so as to protect the true identity of the user.
  • the data structure of IMSI is shown in Figure 6, where the mobile country code (MCC, Mobile) Country Code), Mobile Network Code (MNC, Mobile Network) Code) generally does not allow modification. Therefore, this embodiment only applies to the mobile subscriber identification number (MSIN, Mobile Subscriber Identification). Number) is updated, called MSIN mask (MSIN_M, MSIN Mask), the structure of IMSI_M is shown in Figure 7, from which it can be seen that generating MSIN_M is equivalent to generating IMSI_M. Therefore, IMSI_M can be generated by generating MSIN_M.
  • MSIN_M is generated as shown in Equation 3:
  • MSIN_M h(MSIN,SAC,MAC,SC) (4)
  • h() represents a functional relationship or algorithm implementation, which is a secure combination of several data such as MSIN, SAC, MAC, and SC.
  • a generation method of MSIN_M is as shown in FIG. 8 , and the original security encryption algorithm, such as DES/3DES algorithm, is used for combined encryption to update the original MSIN that may have been copied into new data.
  • the original security encryption algorithm such as DES/3DES algorithm
  • the purpose of protecting the security of MSIN, IMSI and SIM is achieved.
  • the lengths of several data such as MSIN, SAC, MAC, and SC can be appropriately changed or set according to the needs of the algorithm.
  • S308 configure SUSE.
  • the system When the system initially creates a SIM-related record, it needs to allocate storage space for SUSE and initialize it to 0, indicating that the SIM is fresh and has not been used.
  • the SIM In the SIM, it can be implemented by adding a new record file or adding a new field based on the existing record file; on the network side, a new data record can be created, or a new data record can be added through the existing data record about the SIM information. The way the field is implemented. In this operation, since the SIM is the first network access authentication, if the above operation is successful, SUSE must be set to 1.
  • the setting SC may also be placed at the beginning of the program, and the generated SC and the secure registration request are simultaneously sent to the network side, and the relevant data is saved only after both parties receive the confirmation information.
  • the sender needs to receive the confirmation message fed back by the receiver before ending the book. Sub-operational process. The detailed operation flow and interactive content are shown in Figure 4.
  • the enhanced SIM uses security method of the present invention to provide a method for monitoring SIM security in the event that after the SIM is officially enabled, the user can check the security of the SIM at any time to check whether it is copied or stolen. It is implemented by verifying KiM and comparing SUSE when the SIM is registered in the network. The process is shown in Figure 9, including the following aspects:
  • S901 The SIM initiates an incoming network verification operation every time the network is logged in to check the security during the use of the SIM.
  • KiM temporarily generating KiM.
  • the user side generates a KiM by using a combination of MAC, SAC, SC, and Ki. Since the calculation is performed by MAC and SAC here, only when the SCs saved by the ME and the SIM are consistent, the calculated KiM is correct, that is, the machine card association verification is implemented; otherwise, the calculated KiM is wrong. , indicating that the machine card association error.
  • S903 the SUSE (denoted as SUSE_SIM) saved by itself is encrypted by KiM (represented by KiM (SUSE_SIM)) and sent to the network side;
  • S904 The network side decrypts the received data by using the corresponding KiM saved by itself, and obtains SUSE_SIM. If the KiM used for encryption is wrong, the decrypted SUSE_SIM is definitely wrong, which will cause subsequent authentication failures.
  • the network side compares SUSE.
  • This step compares SUSE and completes KiM verification and machine card association verification.
  • S906 The user side determines the SUSE comparison result according to the return message on the network side, and makes a next operation selection. If the comparison is successful, continue to execute; otherwise, prompt the user and end the operation.
  • S907 synchronously updating SUSE.
  • the user side and the network synchronize to update SUSE.
  • the embodiment adopts synchronous update by the user side and the network side respectively, and the update adopts a cyclic increment counting manner.
  • the SUSE value after the update operation is 1.
  • the maximum value of SUSE can be flexibly set according to the system conditions.
  • S908 save SUSE.
  • the latest SUSE is saved on the user side and the network side. End the operation.
  • the enhanced SIM using security method of the present invention allows the user to dynamically manage and update the security of the SIM during the process of using the SIM, which is implemented by updating part of the security data in the SIM to prevent The SIM is illegally copied or stolen, improving the security of the SIM.
  • the related process is shown in Figure 10 and includes:
  • S1001 During the use of the SIM, the user may initiate an operation of updating the SC according to the situation or needs to update related security data in the SIM, thereby improving the security of the SIM.
  • S1002 After the user initiates the operation of updating the SC, set a new SC, and then send a request for updating the SC and a new SC to the network side.
  • S1003 The network side receives the update SC request of the user, and determines whether to accept the request. If the request is received, the AC (SAC, MAC) is regenerated, and then a series of processes for updating other security data are started one after another.
  • AC SAC, MAC
  • S1004 update SC.
  • the network side updates the SC stored by itself with the new SC sent by the user side.
  • the network side regenerates the KiM with the new SAC, MAC, and SC.
  • S1008 The user side determines, according to the message sent by the network side, whether the update SC operation on the network side is successful. If it fails, the operation ends; otherwise, the operation continues.
  • the method for enhancing the SIM using security of the present invention provides an operation method for controlling the security of the SIM after use. After the user finds that the SIM is copied or stolen, the SIM is re-registered securely, that is, the SIM is re-registered to avoid direct replacement. The troubles and links of SIM.
  • Figure 11 The overall process of SIM re-registration is shown in Figure 11, which includes the following stages:
  • the detailed process of the related embodiment is as shown in FIG. 12, and includes:
  • the user resets the new SC, and then sends a SIM re-registration request and a new SC to the network side.
  • S1203 The network side regenerates the AC (SAC, MAC).
  • S1204 The network side updates the SC stored by itself using the received new SC.
  • the network side regenerates the KiM with the new AC (SAC, MAC) and the SC.
  • S1206 The network side regenerates the IMSI_M with the new AC (SAC, MAC) and the SC.
  • S1209 The user side determines the message sent back by the network side. If the SIM re-registration fails, the user is prompted to complete the operation; otherwise, the operation is continued.
  • S1210 The user side updates the saved AC (SAC, MAC) by using the new AC (SAC, MAC) sent by the network side.
  • S1212 The user side regenerates the KiM with the new AC (SAC, MAC) and the SC.
  • the method and system for enhancing security of the SIM of the present invention provides a card rebinding operation for use when the user replaces the ME.
  • the process is as shown, including:
  • S1301 The user initiates a card rebinding operation.
  • S1303 The user side encrypts the IMEI of the old and new MEs (represented by IMEI_new, IMEI_old) with KiM, and then sends them to the network side along with the machine card rebinding request and other related information.
  • S1305 The network side obtains IMEI_new and IMEI_old by using the newly generated KiM decryption.
  • S1306 The network side compares IMEI_old with the corresponding IMEI saved by itself.
  • S1307 Determine whether the old IMEI is the same as the previously registered IMEI, that is, whether the IMEI_old is the same as the IMEI. If they are the same, go to the next step; otherwise, the user is prompted with an error and ends the operation.
  • the network side registers the new ME and updates the records related thereto.
  • S1309 The network side generates an activation code SAC and MAC for the SIM and the new ME.
  • the network side updates the confidential data related to the SIM, including KiM, IMSI_M, etc., and then sends the SAC and the MAC along with the card rebinding success message to the user side.
  • S1311 The user side selects the next operation according to the type of the received message. If it is a rebinding success message, continue execution; otherwise, the user is notified and ends.
  • the S1312 After receiving the machine card rebinding success message, the S1312 saves and updates related data, including: the ME saves the MAC, the SIM saves the SAC, the SIM updates the IMEI record, and regenerates the KiM, IMSI_M, and the like.
  • Figure 14 shows an embodiment of the present invention on the user side, which is displayed in the form of a SIM application menu, which is initiated by the user.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephone Function (AREA)

Abstract

The present invention belongs to the technical field of mobile communication and smart card application, and specially provides a method for enhancing the security of a subscriber identity module (SIM). For the phenomenon that illegal copy and embezzlement of the SIM often exist in a mobile communication system, the invention adopts the idea of combination of active defence and dynamic management. By performing function expansion and enhancement on a part of the function entities in the mobile communication system and adding new security data and operation process, the invention realizes the hiding and protection of the original security data so that the user can actively perform the prevention in advance, supervision in process, and postmortem control on the security during the usage of the SIM. Thus the illegal copy and embezzlement of the SIM are prevented and the profits of the subscriber and the operator are protected.

Description

增强用户身份模块使用安全性的方法  Ways to enhance the security of user identity modules
技术领域Technical field
本发明属于移动通信和智能卡应用技术领域,具体涉及到增强用户识别模块(Subscriber Identity Module,SIM)使用安全性的方法。The invention belongs to the technical field of mobile communication and smart card application, and particularly relates to an enhanced user identification module (Subscriber Identity) Module, SIM) uses a secure method.
背景技术Background technique
在移动无线通信系统中,采用SIM来与用户相关的信息,同时还保存用户所签约的相关业务信息,因此SIM的安全性至关重要,如果其中的信息被泄露或复制,就可能导致非法使用,对正常的通信业务发生严重危害。In the mobile wireless communication system, the SIM is used to correlate information related to the user, and at the same time, the related business information signed by the user is also saved, so the security of the SIM is very important, and if the information is leaked or copied, it may lead to illegal use. It is a serious hazard to normal communication services.
由于SIM自身技术和生产销售等条件的限制,加之移动通信系统的生产和运营涉及到众多的厂商、渠道和环节,导致非法复制和盗用SIM的现象时有发生。从SIM的流通使用过程来分析,导致产生非法复制或盗用SIM的现象的情况可分为如下两种:Due to the limitations of SIM's own technology and production and sales conditions, and the production and operation of mobile communication systems involve many vendors, channels and links, the phenomenon of illegal copying and misappropriation of SIM has occurred from time to time. The analysis from the circulation use process of SIM, resulting in the phenomenon of illegal copying or misappropriation of SIM can be divided into the following two types:
第一种情况发生在SIM的分发环节,由于涉及到众多的分发环节和渠道,SIM在发放到用户手中之前就可能已经被不法分子非法复制了,而用户却不知情;之后,一旦用户启用被复制过的SIM,就给盗用者以可乘之机,盗用者就可以用复制的SIM非法使用正常用户所订约的通信业务,给用户造成经济或其它损失。The first situation occurs in the distribution of SIM. Due to the numerous distribution links and channels involved, the SIM may have been illegally copied by the criminals before being distributed to the user, but the user is unaware; after that, once the user is enabled The copied SIM gives the pirate a chance to use it, and the thief can use the copied SIM to illegally use the communication service contracted by the normal user, causing economic or other losses to the user.
第二种情况发生在SIM使用过程中,由于用户使用不当或其它原因导致SIM被非法复制和使用,用户却无法知晓或及时控制,从而造成严重后果。The second case occurs during the use of the SIM. Due to improper use or other reasons, the SIM is illegally copied and used by the user, but the user cannot know or control in time, thereby causing serious consequences.
上述两种情况造成的非法复制或盗用SIM现象都会严重妨碍通信业务的正常开展,给运营商和移动用户都带来严重的影响,甚至导致巨大的经济损失和民事纠纷。The illegal copying or misappropriation of SIM caused by the above two situations will seriously hinder the normal development of communication services, causing serious impacts on operators and mobile users, and even lead to huge economic losses and civil disputes.
目前,对SIM安全性进行安全性保护的措施通常集中在SIM的生产制造阶段,一旦SIM生产制造完毕后,其安全性和保密数据就一成不变,只能借助于SIM本身的物理安全性来对SIM进行保护,属于一种静态防护手段,只要其中的数据被破解或复制,SIM的安全就彻底被破坏,就再也不能投入使用。同时,对用户来说,由于缺乏有效手段和渠道,无法获知和掌控SIM的安全状态,更无法主动参与到SIM的安全防护过程中,只有当自己的利益受到侵害后才知道自己的SIM的安全状态已经出了问题,由此可见,用户对其SIM安全性的防护始终处于一种被动防护状态。同样,对运营商而言,也是始终处于被动的、静态的防护状态。虽然目前针对非法复制和盗用SIM的现象已经提出了一些动态的、主动的防护方法和专利,但通常都是属于事后检测或控制手段,即只有当非法复制和盗用SIM的危害行为发生后才有可能监控到;而且通常是在通信系统网络侧部署监测措施,因此,其过程和结果只有运营商才知道,而用户却无从得知、无法举证,也不能及时避免进一步的危害发生,无法有效保障自己的合法权益,难免不会与运营商产生纠纷;另外,一旦SIM被盗用了,用户要想解决这个问题,就只能更换SIM,由此给用户和运营商都会增添不少麻烦,用户和运营商的业务均会受到影响,运营商的业务质量和品牌效应难免不会受到影响。At present, the security protection measures for SIM security are usually concentrated in the manufacturing stage of SIM. Once the SIM production is completed, its security and confidential data are unchanged, and the SIM can only be used by the physical security of the SIM itself. Protection is a static protection method. As long as the data is cracked or copied, the security of the SIM is completely destroyed and can no longer be put into use. At the same time, for the user, due to the lack of effective means and channels, it is impossible to know and control the security status of SIM, and it is impossible to actively participate in the security protection process of SIM. Only when their interests are violated, they know the security of their SIM. The status has gone wrong, and it can be seen that the user's protection against SIM security is always in a passive protection state. Similarly, for operators, it is always in a passive, static state of protection. Although some dynamic and active protection methods and patents have been proposed for the illegal copying and misappropriation of SIM, they are usually after-the-fact detection or control means that only when the illegal copying and misappropriation of SIM occurs It may be monitored; and monitoring measures are usually deployed on the network side of the communication system. Therefore, the process and results are only known to the operator, but the user has no knowledge, can not prove, and can not avoid further harm in time, can not effectively protect Your own legitimate rights and interests will inevitably not cause disputes with operators; in addition, once the SIM is stolen, users can only replace SIM if they want to solve this problem, which will add a lot of trouble to users and operators. The operator's business will be affected, and the operator's business quality and brand effect will inevitably be unaffected.
针对上述现象和问题,本发明旨在提供可以让用户主动参与、运营商协同监控的、防止非法盗用SIM的方法,实现对SIM在整个使用过程中的安全状态进行可视化的主动管理和动态监控,由被动防御变为主动防御、由静态管理变为动态管理。In view of the above-mentioned phenomena and problems, the present invention aims to provide a method for preventing unauthorized use of SIM by allowing users to actively participate and coordinate monitoring by operators, and realize active management and dynamic monitoring for visualizing the security state of the SIM throughout the use process. From passive defense to active defense, from static management to dynamic management.
由上述背景技术可知,本发明所述的SIM包含但不限于GSM系统中的SIM、CDMA系统中UIM(User Identity Model,用户识别模块)、3G(3rd Generation,第三代)移动通信系统中的USIM (User Service Identity Module,用户服务识别模块),其它采用类似的用户识别模块/智能卡的系统也适用于本发明的精神和思想。It can be seen from the above background that the SIM according to the present invention includes, but is not limited to, SIM in a GSM system, UIM in a CDMA system (User Identity Model (User Identity Module), USIM (User Service) in 3G (3rd Generation, 3rd Generation) Mobile Communication System Identity Module, User Service Identification Module, other systems employing similar Subscriber Identity Modules/Smart Cards are also applicable to the spirit and spirit of the present invention.
发明内容Summary of the invention
本发明针对上述问题,采用主动防御和动态管理相结合的思想,通过对移动通信系统中的相关功能实体进行功能扩展和增强,增加新的安全数据和操作流程,实现对原有安全数据的隐藏和保护,使用户可以主动对SIM的安全性进行事先预防、事中监控、事后控制,防止非法复制和盗用SIM,保护用户和运营商的利益。The present invention addresses the above problems, adopts the idea of combining active defense and dynamic management, and expands and enhances the related functional entities in the mobile communication system to add new security data and operation flow, thereby realizing the hiding of the original security data. And protection, so that users can proactively prevent, monitor, and control the security of the SIM, prevent illegal copying and misappropriation of the SIM, and protect the interests of users and operators.
本发明的增强SIM使用安全性的方法,包括三个阶段:首先,在SIM第一次入网时执行SIM安全注册,完成查询SIM的新鲜性以及设置新的安全数据等功能;然后,在SIM正常使用过程中,利用新的安全数据检查SIM的安全状态,同时也可以对新的安全数据进行适时更新和动态管理;最后,如果发现状态异常,及时提示用户控制SIM的使用,形成完整的主动防护体系。The method for enhancing security of the SIM of the present invention comprises three phases: first, performing SIM secure registration when the SIM first accesses the network, completing the function of querying the freshness of the SIM and setting new security data; and then, the SIM is normal. During the use process, the new security data is used to check the security status of the SIM, and the new security data can be updated and dynamically managed at the same time. Finally, if the status is abnormal, the user is prompted to control the use of the SIM to form a complete active protection. system.
本发明的增强SIM使用安全性的方法,具体包括如下操作:The method for enhancing security of the SIM of the present invention specifically includes the following operations:
1)检查SIM新鲜性。在SIM第一次入网注册时,系统要对SIM进行新鲜性检查,即检查SIM是否是第一次入网,是否已经入网注册或者已经被使用。通信系统根据SIM的相关信息,如国际移动用户识别号/临时移动用户识别号(IMSI/TMSI,International Mobile Subscriber Identity/Temporary Mobile Subscriber Identity),查询系统记录,并将检查结果反馈给用户;同时,记录与此SIM入网注册所使用的ME相关信息,如国际移动设备识别号(IMEI,International Mobile Equipment Identity),以供以后使用。这样,当检查结果出现异常时,用户就可以及时停止使用SIM以防止发生危害。1) Check the freshness of the SIM. When the SIM is registered for the first time, the system needs to check the freshness of the SIM, that is, check whether the SIM is the first time to access the network, whether it has been registered in the network or has been used. The communication system is based on SIM related information such as International Mobile Subscriber Identity/Temporary Mobile Subscriber Identification Number (IMSI/TMSI, International) Mobile Subscriber Identity/Temporary Mobile Subscriber Identity), query system records, and feed back the test results to the user; at the same time, record the ME related information used for registration of this SIM network access, such as International Mobile Equipment Identification Number (IMEI, International) Mobile Equipment Identity) for later use. In this way, when an abnormality occurs in the inspection result, the user can stop using the SIM in time to prevent the occurrence of a hazard.
2)生成激活码。在通过新鲜性检查后,由系统网络侧随机生成两个数据作为激活码(AC,Activation Code)发送给用户侧,一个作为SIM的激活码(SAC,SIM Activation Code),另一个作为移动终端(ME,Mobile Equipment)的激活码(MAC,ME Activation Code)。每个SIM及其所在的ME都有相应的AC。网络侧保存SIM/ME与激活码的对应关系,以备检查。由于AC是现场生成的数据,具有较强的时效性和随机性,不容易被复制和盗用,从而可以防止非法复制和盗用SIM,同时也可以防止使用事先非法复制的SIM,因为非法复制的SIM没有与之匹配的SAC。同时还可以提高ME的安全性。2) Generate an activation code. After passing the freshness check, two data are randomly generated by the system network side as an activation code (AC, Activation). Code) is sent to the user side, one as the SIM activation code (SAC, SIM Activation Code) and the other as the mobile terminal (ME, Mobile) Equipment) Activation Code (MAC, ME Activation) Code). Each SIM and its ME have a corresponding AC. The network side saves the correspondence between the SIM/ME and the activation code for checking. Since the AC is field-generated data, it has strong timeliness and randomness, and is not easy to be copied and stolen, thereby preventing illegal copying and misappropriation of the SIM, and also preventing the use of SIMs that are illegally copied in advance because of illegally copied SIMs. There is no matching SAC. At the same time, it can also improve the security of the ME.
3)设置安全码。为一步增强SIM使用的安全性,增强用户的主动性以及对SIM的可控性,用户设置一个数据,作为SIM的安全码(SC,Security Code),并发送给网络侧。每个SIM都有对应的SC。同样,SC可以防止复制或盗用SIM,以及防止使用事先非法复制的SIM。3) Set the security code. In order to enhance the security of SIM usage, enhance user initiative and controllability of SIM, users set a data as SIM security code (SC, Security). Code) and sent to the network side. Each SIM has a corresponding SC. Similarly, the SC can prevent copying or embedding the SIM and prevent the use of SIMs that were previously illegally copied.
4)生成Ki掩码。由于SIM一旦制造出来,其中的加密密钥Ki就固定不变,导致容易被破解和复制。为提高Ki的安全性,本发明采用多因素组合方式,将Ki与AC(SAC、MAC)、SC进行安全组合,按照下列公式1生成Ki掩码(KiM,Ki Mask):4) Generate a Ki mask. Since the SIM is once manufactured, the encryption key Ki therein is fixed, resulting in easy cracking and copying. In order to improve the security of Ki, the present invention adopts a multi-factor combination method to securely combine Ki with AC (SAC, MAC) and SC, and generates a Ki mask according to the following formula 1 (KiM, Ki) Mask):
KiM=f(Ki,SAC,MAC,SC) (1)KiM=f(Ki,SAC,MAC,SC) (1)
其中,f()表示一种函数关系或算法实现,实现对Ki、SAC、MAC、SC等几种数据的安全组合。Among them, f() represents a functional relationship or algorithm implementation, which implements a secure combination of several data such as Ki, SAC, MAC, and SC.
用来替代原有的加密密钥Ki。在之后的通信过程中,用KiM来代替Ki进行相关的认证和加密处理。由于KiM采用现场生成的数据组合生成,具有很强的时效性,不仅可以防止SIM被复制和盗用,同时也可以防止使用非法复制的SIM,起到事先预防和事中监控的作用。Used to replace the original encryption key Ki. In the subsequent communication process, KiM is used instead of Ki for related authentication and encryption processing. Because KiM is generated by field-generated data combination, it has strong timeliness, which not only prevents SIM from being copied and stolen, but also prevents the use of illegally copied SIMs, which prevents pre-emptive and in-process monitoring.
5)生成IMSI掩码。同样,SIM一旦制造出来,其中的IMSI就固定不变,容易被复制和盗用。对此,为保护IMSI的安全性,本发明采用多因素组合方式,将IMSI与AC、SC进行组合,按照下列公式2所示,5) Generate an IMSI mask. Similarly, once the SIM is manufactured, the IMSI is fixed and easily copied and stolen. In order to protect the security of the IMSI, the present invention combines the IMSI with the AC and the SC by using a multi-factor combination method, as shown in the following formula 2,
IMSI_M= g(IMSI,SAC,MAC,SC) (2)IMSI_M= g(IMSI,SAC,MAC,SC) (2)
其中,g()表示一种函数关系或算法实现,实现对Ki、SAC、MAC、SC等几种数据的安全组合。Among them, g () represents a functional relationship or algorithm implementation, to achieve a safe combination of several data such as Ki, SAC, MAC, SC.
生成IMSI掩码(IMSI_M,IMSI Mask),来代替IMSI,对真实IMSI进行隐藏和保护。这样,除了在SIM第一次入网注册时需要真实的IMSI外,在其它需要IMSI的时候,都采用IMSI_M代替真实的IMSI,不再使用真实的IMSI,从而保护用户的真实身份和SIM的安全性;同时,由于IMSI_M采用现场生成的数据组合生成,具有很强的时效性和随机性,不仅可以防止SIM被复制和盗用,同时也可以防止使用非法复制的SIM,起到事先预防和事中监控的作用。Generate IMSI mask (IMSI_M, IMSI) Mask), instead of IMSI, hides and protects the real IMSI. In this way, in addition to the real IMSI required when the SIM first accesses the network, IMSI_M is used instead of the real IMSI when other IMSIs are needed, and the real IMSI is no longer used, thereby protecting the user's real identity and SIM security. At the same time, because IMSI_M is generated by field-generated data combination, it has strong timeliness and randomness, which not only prevents SIM from being copied and stolen, but also prevents illegal copying of SIM, preventing precaution and monitoring. The role.
6)比较SIM使用序列号。本发明设计一个新的数据——SIM使用序列号(SUSN,SIM Used Serial Number),用于记录SIM入网使用次数。SUSE在SIM第一次入网时初始化。用户侧和网络侧同步记录和更新SUSE。SUSE采用循环计数的方式,既可以由用户侧或网络侧一方生成后,发送给另一方;也可以由用户侧和网络侧分别计算。在SIM每次入网认证时,系统都会比较用户侧和网络侧分别保存的SUSE,检测其是否一致,以此来判断是否存在盗用SIM的现象。如果两侧的SUSE相同,或者在一个合理的误差范围内,则说明SIM未被盗用;反之,则说明SIM被盗用,提示用户进行处理。6) Compare the serial number used by the SIM. The present invention designs a new data - SIM uses the serial number (SUSN, SIM Used) Serial Number), used to record the number of SIM access times. SUSE is initialized when the SIM first enters the network. The user side and the network side simultaneously record and update SUSE. SUSE adopts the method of loop counting, which can be generated by the user side or the network side and then sent to the other party. It can also be calculated by the user side and the network side respectively. When the SIM is authenticated every time, the system compares the SUSEs stored on the user side and the network side to check whether they are consistent, so as to determine whether there is a misappropriation of the SIM. If the SUSEs on both sides are the same, or within a reasonable error range, the SIM is not stolen; otherwise, the SIM is stolen and the user is prompted to process.
7)SIM安全更新。在SIM的使用过程中,用户可以动态更新SIM中的新增加的那部分安全数据,包括AC、SC、KiM、IMSI_M等,使新增加的安全保密数据不断变化,以免被复制和盗用,进一步提高SIM及其使用过程的安全性。7) SIM security update. During the use of the SIM, the user can dynamically update the newly added security data in the SIM, including AC, SC, KiM, IMSI_M, etc., so that the newly added security and confidential data is constantly changed to avoid being copied and stolen, and further improved. SIM and the security of its use.
8)SIM重新注册。在通常情况下,如果发现SIM被盗用,用户只能更换SIM,手续和流程都比较麻烦,导致不能及时使用通信业务。对此,本发明采用SIM重新注册的方式,由用户主动对SIM中的相关安全数据进行动态更新,重新生成新的安全保密数据,包括AC、SC、KiM、IMSI_M、SUSE等,使复制和盗用的SIM失去作用,但自己的SIM仍可继续使用,达到与直接更换SIM相同的效果和目的,却避免了直接更换SIM的诸多麻烦和环节。8) SIM re-register. Under normal circumstances, if the SIM is found to be stolen, the user can only replace the SIM, and the procedures and procedures are troublesome, resulting in the inability to use the communication service in time. In this regard, the present invention adopts the SIM re-registration method, and the user actively updates the relevant security data in the SIM, and regenerates new security and confidential data, including AC, SC, KiM, IMSI_M, SUSE, etc., to copy and steal. The SIM has no effect, but its SIM can still be used, achieving the same effect and purpose as the direct SIM replacement, but avoiding the troubles and links of directly replacing the SIM.
9)机卡关联验证。为一步保障SIM使用安全性,本发明对SIM的使用环境也进行检查和限制,限定SIM只能在经过注册认证过的ME上使用,即机卡关联验证。在SIM第一次入网注册时,ME同时在SIM和网络侧中注册,在SIM中记录ME的相关信息,包括IMEI;网络侧则主要增加记录ME与SIM之间的关联信息,这样,形成了SIM与ME之间的第一层机卡绑定关系。网络侧为SIM和ME都生成AC(SAC、MAC),然后利用SAC、MAC联合生成KiM,从而使SIM与ME形成第二层机卡绑定关系。之后,在SIM每次入网认证时,都可以对这两层机卡绑定关系进行验证。由于IMEI容易伪造,因此,本发明不验证第一层绑定关系,而主要验证第二层机卡绑定关系。以后没有特别说明,机卡绑定关系均是指第二层机卡绑定关系。通过重新计算KiM,就可以验证SIM与ME是否是注册的那对SIM/ME。如果SIM、ME有一个不同,则计算出的KiM就会不同,由此就会导致SIM入网认证失败。这样,有效防止了复制SIM的使用,即使复制了SIM,如果没有匹配的ME也不能成功。因此,通过与ME绑定,增强了SIM使用安全性。如果用户需要更换新的ME,则需要先进行机卡解绑操作,将SIM与其旧的ME解除绑定关联关系,然后再将SIM与新的ME进行机卡绑定,即重新进行一次安全注册,这样SIM就可以在新的ME上正常使用了。通过这一系列的绑定、解绑操作,就可以保证SIM所在的ME是经过用户确认的,是安全的,从而也就保证了SIM使用的安全性。9) Machine card association verification. In order to ensure the security of the SIM in one step, the present invention also checks and limits the use environment of the SIM, and the limited SIM can only be used on the ME that has been registered and authenticated, that is, the machine card association verification. When the SIM is registered for the first time, the ME is registered in the SIM and the network side, and the related information of the ME is recorded in the SIM, including the IMEI; the network side mainly increases the association information between the ME and the SIM, thus forming a The first layer of the card binding relationship between the SIM and the ME. The network side generates AC (SAC, MAC) for both SIM and ME, and then uses the SAC and MAC to jointly generate KiM, so that SIM and ME form a second layer card binding relationship. After that, each time the SIM is authenticated to the network, the binding relationship between the two layers can be verified. Since the IMEI is easy to forge, the present invention does not verify the first layer binding relationship, but mainly verifies the second layer machine card binding relationship. There is no special explanation in the future, and the machine card binding relationship refers to the second layer machine card binding relationship. By recalculating KiM, it is possible to verify whether the SIM and ME are registered pairs of SIM/ME. If there is a difference between the SIM and the ME, the calculated KiM will be different, which will cause the SIM to enter the network authentication failure. In this way, the use of the copy SIM is effectively prevented, and even if the SIM is copied, if there is no matching ME, it cannot be successful. Therefore, SIM binding security is enhanced by binding to the ME. If the user needs to replace the new ME, you need to unbind the SIM card, unbind the SIM from the old ME, and then bind the SIM to the new ME to re-set the security registration. So that the SIM can be used normally on the new ME. Through this series of binding and unbinding operations, it can be ensured that the ME where the SIM is located is authenticated by the user and is safe, thus ensuring the security of the SIM.
10)机卡重新绑定。如前所述,在SIM第一次入网注册时,会对当时所用的ME进行注册和绑定。之后,如果用户需要更换ME时,则需要将新的ME与SIM进行绑定,即机卡重新绑定。当SIM使用新的ME时,由于新的ME没有对应的MAC,无法生成KiM,因此,如果仍然采用KiM进行入网认证时就会导致失败,此时就可以由用户人工启动此操作,完成机卡绑定。由于缺少MAC,无法生成KiM,虽然此时可以直接使用Ki,但同样出于防止使用复制的SIM的目的,本发明仍然不使用Ki,而是利用公式1采用如下形式生成所需要的KiM:10) Machine card rebinding. As mentioned earlier, when the SIM first registers with the network, it registers and binds the ME used at the time. After that, if the user needs to replace the ME, the new ME needs to be bound to the SIM, that is, the card is re-bound. When the SIM uses a new ME, since the new ME does not have a corresponding MAC, KiM cannot be generated. Therefore, if the KiM is still used for network authentication, it will cause a failure. At this point, the user can manually initiate the operation and complete the card. Bind. Due to the lack of MAC, KiM cannot be generated. Although Ki can be used directly at this time, the present invention still does not use Ki for the purpose of preventing the use of the copied SIM, but uses the following form to generate the required KiM using the following form:
KiM=f(Ki,SAC,SAC,SC) (3) KiM=f(Ki,SAC,SAC,SC) (3)
之后,用上述方式生成的KiM对新旧ME的数据进行加密后发送给网络侧进行入网认证。待认证成功后,重新生成相关的保密数据,实现机卡绑定,既完成了ME的安全更换,同时也对SIM的安全数据进行了一次动态更新,增强SIM的使用安全性。Then, the KiM generated by the above method encrypts the data of the old and new MEs and sends the data to the network side for network access authentication. After the authentication is successful, the related confidential data is regenerated, and the machine card is bound. The security replacement of the ME is completed, and the security data of the SIM is dynamically updated to enhance the security of the SIM.
只有在机卡重新绑定后,新的ME在系统中注册,并为其生成MAC后,SIM才能入网成功。Only after the machine card is re-bound, the new ME is registered in the system and generates a MAC for it, and the SIM can successfully access the network.
通过上述操作,本发明首先通过将在SIM第一次入网时现场生成的保密数据进行组合,生成新的保密数据以代替原有的静态的保密数据,不仅提高了数据的安全性,而且可以对数据进行动态更新和管理,实现主动防御;其次,通过协商生成新的保密数据,将由用户侧单方面保护SIM的安全性,变为由网络侧和用户侧协同保护,可以有效防止SIM被复制和盗用;最后,通过机卡关联验证,对SIM的使用环境进行认证和保护,进一步增强SIM使用过程中的安全性。上述各种操作过程,可以灵活组合使用,形成一套完整的事前预防、事中监控、事后控制的防护体系。Through the above operations, the present invention firstly combines the secret data generated on-site when the SIM is first accessed, and generates new confidential data to replace the original static secret data, thereby improving the security of the data and The data is dynamically updated and managed to achieve active defense. Secondly, the new confidential data is generated through negotiation. The security of the SIM is unilaterally protected by the user side, and the network side and the user side are cooperatively protected, which can effectively prevent the SIM from being copied and Theft; finally, through the machine card association verification, the SIM environment is authenticated and protected to further enhance the security during SIM use. The above various operating procedures can be flexibly combined to form a complete protection system for pre-prevention, in-process monitoring and post-event control.
本发明的增强SIM使用安全性的系统,在不改变通信系统结构的基础上,增加新的安全数据和操作流程,来扩展相关功能实体的功能和作用,达到增强SIM使用安全性的目的。系统包括用户侧和网络侧两部分。The enhanced SIM security system of the present invention adds new security data and operation flow without changing the structure of the communication system, thereby expanding the functions and functions of the related functional entities, thereby achieving the purpose of enhancing the security of the SIM use. The system includes two parts: the user side and the network side.
用户侧包括SIM和ME。SIM存储有移动用户身份信息以及业务信息等各种保密数据,如IMSI、Ki等。ME是指具有移动通信功能的设备,如手机、个人数字处理、移动通信数据卡、便携式移动电脑等。The user side includes a SIM and an ME. The SIM stores various confidential data such as mobile user identity information and service information, such as IMSI, Ki, and the like. ME refers to devices with mobile communication functions, such as mobile phones, personal digital processing, mobile communication data cards, portable mobile computers, and the like.
网络侧泛指运营商提供移动通信业务的网络,为简单计,本发明只说明所涉及到的对移动用户身份和业务进行认证的相关功能实体,包括归属用户服务器(HSS,Home Subscriber Server)、移动交换中心/拜访位置寄存器(MSC/VLR,Mobile Switching Center/Visiting Location Register)、设备标识寄存器(EIR,Equipment Identity Register)等功能实体;HSS具体还包括归属位置寄存器(HLR,Home Location Register)和认证中心(AuC,Authentication Center)等功能实体。The network side generally refers to the network that the operator provides the mobile communication service. For the sake of simplicity, the present invention only describes related functional entities related to the authentication of the mobile user identity and service, including the home subscriber server (HSS, Home). Subscriber Server), Mobile Switching Center/Visit Location Register (MSC/VLR, Mobile Switching Center/Visiting) Location Register), Device Identification Register (EIR, Equipment Identity) Register) and other functional entities; HSS specifically includes home location register (HLR, Home Location) Register) and functional entities such as the Authentication Center (AuC).
本发明所述方法生成的新的保密数据,如KiM、IMSI_M、SUSE等,需要存储在系统中的安全功能模块或实体中。它可以保存在通信系统中现有的功能模块或实体,如SIM、HSS/AuC/HLR中;也可以采用新的功能模块或实体进行保存。The new secret data generated by the method of the present invention, such as KiM, IMSI_M, SUSE, etc., needs to be stored in a security function module or entity in the system. It can be stored in existing functional modules or entities in the communication system, such as SIM, HSS/AuC/HLR; it can also be saved with new functional modules or entities.
本发明在用户侧生成的一些保密数据,如KiM、IMSI_M、SUSE等,既可以存储在SIM中,也可以存储在ME。如果存储在ME,必须设置相应的备份措施,以便用户在更换新的ME时,可以将相关数据传递给新的ME,以保证SIM仍能正常使用。Some secret data generated by the user on the user side, such as KiM, IMSI_M, SUSE, etc., may be stored in the SIM or in the ME. If it is stored in the ME, the corresponding backup measures must be set so that when the user replaces the new ME, the relevant data can be transferred to the new ME to ensure that the SIM can still be used normally.
本发明在网络侧生成的新的保密数据,如KiM、IMSI_M、SUSE等,可以根据具体的网络结构,保存在一个或多个功能实体中,如HSS/AuC/HLR。The new secret data generated by the invention on the network side, such as KiM, IMSI_M, SUSE, etc., may be stored in one or more functional entities, such as HSS/AuC/HLR, according to a specific network structure.
本发明方法生成的IMSI_M和KiM,既可以直接计算出来存储在系统中,也可以只在需要的时候临时计算出来,而避免长期存储。The IMSI_M and KiM generated by the method of the present invention can be directly calculated and stored in the system, or can be temporarily calculated only when needed, and avoid long-term storage.
本发明的方法和流程,在用户侧,既可以作为ME应用程序实现,也可以作为SIM应用程序实现,或者二者组合使用。The method and the flow of the present invention can be implemented as an ME application on the user side, as a SIM application, or a combination of the two.
本发明所述的方法和流程,既可以单独使用,一个流程实现一种方法,或者只采用其中的一种方法;也可以综合使用,将多种方法进行组合,形成一个或多个流程,组成一套完整的防护体系或业务流程。The method and the process of the present invention can be used alone, one process can implement one method, or only one method can be used; or can be combined and used to combine multiple methods to form one or more processes. A complete set of protection systems or business processes.
本发明的有益效果包括:Advantageous effects of the present invention include:
1、在不改动移动通信网络的结构和设备的情况下,通过增加相应的功能算法和程序,可以大大增强SIM使用过程的安全性,有效防止非法复制和盗用SIM的现象发生,减少运营商和用户的损失。1. Without changing the structure and equipment of the mobile communication network, by adding corresponding functional algorithms and programs, the security of the SIM use process can be greatly enhanced, and the phenomenon of illegal copying and misappropriation of SIM can be effectively prevented, and operators and User's loss.
2、可以使运营商明确掌握是在SIM流通过程中哪个环节出现了非法复制或盗用现象,从而可以有针对性地增强对SIM流通环节的管理和控制。2. It is possible for the operator to clearly understand which part of the SIM circulation process has been illegally copied or stolen, so that the management and control of the SIM circulation link can be enhanced in a targeted manner.
3、用户可以主动掌握SIM的安全状态,做到事先预防、事中监控、事后控制,及时发现和阻止被盗用的现象,避免损失和危害。3. The user can take the initiative to master the security status of the SIM, so as to prevent, monitor, and control in advance, detect and prevent theft in time, and avoid losses and harms.
4、运营商和用户均可以举证是在哪个环节出现了非法复制或盗用现象,从而可以分清责任和承担相应的后果,避免出现不必要的纷争,影响正常业务开展。4. Operators and users can prove that there is illegal copying or misappropriation in which link, so that they can distinguish responsibility and bear corresponding consequences, avoid unnecessary disputes and affect normal business development.
5、运营商可以增强用户对SIM和通信业务的安全性的信心,提升服务质量和品牌形象,从而可以增强用户忠诚度。5. Operators can enhance user confidence in the security of SIM and communication services, improve service quality and brand image, and thus enhance user loyalty.
附图说明DRAWINGS
图1为移动通信系统的简化结构示意图,只标明了与本发明相关的部分功能实体。1 is a simplified schematic diagram of a mobile communication system, showing only some of the functional entities associated with the present invention.
图2为本发明的一种系统结构实现方式示意图。2 is a schematic diagram of an implementation of a system structure of the present invention.
图3为SIM安全注册总体流程图。Figure 3 is a general flow chart of SIM security registration.
图4为SIM安全注册时数据交互与操作详细流程示意图。FIG. 4 is a schematic diagram of a detailed flow of data interaction and operation during SIM security registration.
图5为KiM的一种生成方式示意图。Figure 5 is a schematic diagram of a generation method of KiM.
图6为IMSI的结构示意图。Figure 6 is a schematic structural view of an IMSI.
图7为IMSI_M的结构示意图。Fig. 7 is a schematic structural view of an IMSI_M.
图8为MSIN_M的一种生成方式示意图。FIG. 8 is a schematic diagram of a generation manner of MSIN_M.
图9为SIM入网验证流程示意图。FIG. 9 is a schematic diagram of a SIM network verification process.
图10为更新SC操作流程示意图。FIG. 10 is a schematic diagram of an update SC operation flow.
图11为SIM重新安全注册总体流程图。Figure 11 is a general flow chart of SIM re-safe registration.
图12为SIM重新安全注册详细流程示意图。Figure 12 is a schematic diagram of the detailed process of SIM re-authentication registration.
图13为机卡重新绑定流程示意图。Figure 13 is a schematic diagram of the process of rebinding the card.
图18为本发明方法在用户侧的操作功能示意图。Figure 18 is a schematic diagram showing the operation function of the method of the present invention on the user side.
下面结合附图,用具体实施例对本发明提供的增强SIM使用安全性的方法进行详细说明。The method for enhancing the security of SIM use provided by the present invention will be described in detail below with reference to the accompanying drawings.
具体实施方式detailed description
如图1所示,在移动通信系统中,SIM中保存着IMSI/TMSI/Ki等保密数据。IMSI用于识别用户身份以及用户与网络的业务预约关系。TMSI是用户入网后,由MSC/VLR为每个入网的用户分配的,用于对IMSI进行保密,以代替IMSI进行通信。Ki为通信加密密钥,用于用户身份认证和通信加密。IMEI是ME的唯一设备标识码。每个ME都有自己唯一的设备识别码。在网络侧中,采用不同的功能实体来保存相应的数据,如HSS/AuC/HLR中有IMSI、Ki,EIR中有IMEI,MSC/VLR中有TMSI。As shown in FIG. 1, in the mobile communication system, confidential data such as IMSI/TMSI/Ki is stored in the SIM. IMSI is used to identify the identity of the user and the business appointment relationship between the user and the network. The TMSI is allocated by the MSC/VLR for each incoming user after the user enters the network, and is used to keep the IMSI confidential to communicate with the IMSI. Ki is a communication encryption key for user identity authentication and communication encryption. IMEI is the unique device identification code of the ME. Each ME has its own unique device ID. In the network side, different functional entities are used to store corresponding data, such as IMSI, Ki in HSS/AuC/HLR, IMEI in EIR, and TMSI in MSC/VLR.
本发明的系统结构的一种实现方案如图2所示,在用户侧和网络侧对相关的功能实体进行功能扩展,主要是增加一些新的保密数据,如图中斜体文字符号所示。在SIM中增加SAC、SC、SUSE、KiM、IMSI_M,其中KiM和IMSI_M由SIM在入网认证时现场计算获得;在ME中增加MAC;同样,在网络侧不同的功能实体中增加与用户侧相对应的新的安全数据。在网络侧,为减少各实体间的通信量以及计算量,本实施例直接存储KiM和IMSI_M。As shown in FIG. 2, an implementation of the system structure of the present invention performs functional expansion on related functional entities on the user side and the network side, mainly by adding some new confidential data, as shown by the italicized text symbols in the figure. Add SAC, SC, SUSE, KiM, IMSI_M in the SIM, where KiM and IMSI_M are obtained by the SIM on-site when the network is authenticated; MAC is added in the ME; similarly, it is added to the user side in different functional entities on the network side. New security data. On the network side, in order to reduce the amount of communication and the amount of calculation between entities, this embodiment directly stores KiM and IMSI_M.
本发明的增强SIM使用安全性的方法,在系统初始建立时,或者在每一个新的SIM加入时,由系统为每一个SIM建立相关的记录和分配存储空间,用于保存本发明所需要的新的安全数据和记录。The enhanced SIM uses security method of the present invention, when the system is initially established, or when each new SIM joins, the system establishes relevant recording and allocation storage space for each SIM, for storing the required requirements of the present invention. New safety data and records.
本发明的增强SIM使用安全性的方法,首先执行SIM安全注册操作。它是在用户第一次启用SIM时完成的。此操作既可以由用户主动发起,如操作SIM应用程序菜单,也可以由SIM自动发起执行。本实施例以用户主动发起的方式为例进行说明。SIM安全注册操作总体流程如图3所示,用户侧与网络侧之间的数据交互和操作流程如图4所示。图4不是完全按照图3所示流程进行,而是对其进行了部分优化处理。SIM安全注册操作包括如下几个步骤:The enhanced SIM of the present invention uses a method of security, first performing a SIM secure registration operation. It is done when the user first enables SIM. This operation can be initiated either by the user, such as operating the SIM application menu, or automatically by the SIM. This embodiment is described by taking the method initiated by the user as an example. The overall process of the SIM security registration operation is shown in Figure 3. The data interaction and operation flow between the user side and the network side is shown in Figure 4. Figure 4 is not completely in accordance with the flow shown in Figure 3, but is partially optimized. The SIM secure registration operation includes the following steps:
S301,启动SIM安全注册。用户第一次启用SIM时,通过操作SIM应用程序菜单,主动发起SIM安全注册过程,向网络侧发送SIM安全注册请求。S301, start SIM security registration. When the user first enables the SIM, the SIM security registration process is initiated by operating the SIM application menu, and the SIM security registration request is sent to the network side.
S302,检查SIM的新鲜性。网络侧在接收到用户侧的SIM安全注册请求后,检查内部相关的数据库,查看此SIM是否已经注册过,或者是否已经使用过,以此来判断此SIM是否是新鲜性,即是否是第一次入网使用。本实施例通过检查SUSE是否为0的方式来检查SIM的新鲜性。S302, check the freshness of the SIM. After receiving the SIM security registration request from the user side, the network side checks the internal related database to check whether the SIM has been registered or has been used, so as to determine whether the SIM is fresh, that is, whether it is the first Used in the network. This embodiment checks the freshness of the SIM by checking whether SUSE is 0.
S303,判断SIM的新鲜性。网络侧根据检查结果,判断SIM是否是新鲜的,即SUSE是否为0。如果不是新鲜的,则提示用户,并结束操作;否则,继续执行下一步。S303. Determine the freshness of the SIM. The network side determines whether the SIM is fresh according to the check result, that is, whether SUSE is 0. If it is not fresh, prompt the user and end the operation; otherwise, proceed to the next step.
S304,生成AC,包括SAC和MAC。网络侧为通过新鲜性检查的SIM生成SAC,同时为ME生成MAC,并发送给用户侧。S304. Generate an AC, including SAC and MAC. The network side generates a SAC for the SIM that passes the freshness check, and simultaneously generates a MAC for the ME and sends it to the user side.
S305,设置SC。用户侧为SIM设置SC,并将其发送给网络侧。S305, setting SC. The user side sets the SC for the SIM and sends it to the network side.
S306,生成KiM。系统根据现场生成的SAC、MAC和SC,结合Ki,组合生成KiM,用来代替Ki。KiM的一种生成方式如图5所示,几种数据采用SIM中现有的安全加密算法,如DES/3DES算法,进行组合加密得到KiM,从而可以将原始的、可能已被复制的Ki更新为新的数据,达到保护Ki和SIM使用安全性的目的。如果SAC、MAC和SC的数据长度与Ki或算法的数据长度不匹配,则需要在运算过程中对SAC、MAC和SC进行适当的变换,使其数据长度与Ki或算法的数据长度匹配。在本发明实施例中,如果没有特别说明,KiM均按照发明内容部分的公式1的方式生成。S306, generating KiM. The system combines Ki generated according to the SAC, MAC and SC generated in the field, and generates KiM in combination to replace Ki. One way of generating KiM is shown in Figure 5. Several data are encrypted by the existing secure encryption algorithm in SIM, such as DES/3DES algorithm, to obtain KiM, so that the original Ki that may have been copied can be updated. For the purpose of protecting the Ki and SIM security for new data. If the data lengths of the SAC, MAC, and SC do not match the data length of the Ki or the algorithm, the SAC, MAC, and SC need to be appropriately transformed during the operation so that the data length matches the data length of the Ki or the algorithm. In the embodiment of the present invention, KiM is generated in accordance with the formula 1 of the content section of the invention unless otherwise specified.
S307,生成IMSI_M。系统根据现场生成的SAC、MAC和SC,结合IMSI,组合生成IMSI_M,用来隐藏和代替IMSI,实现保护用户真实身份的目的。IMSI的数据结构如图6所示,其中,移动国家代码(MCC,Mobile Country Code)、移动网络代码(MNC,Mobile Network Code)一般不允许修改,因此,本实施例仅对移动用户识别号(MSIN,Mobile Subscriber Identification Number)进行更新,称之为MSIN掩码(MSIN_M,MSIN Mask),IMSI_M的结构则如图7所示,由此可以看出:生成MSIN_M等同于生成IMSI_M。因此,可以通过生成MSIN_M的方式来生成IMSI_M。MSIN_M的生成方式如公式3所示:S307. Generate IMSI_M. The system combines the generated SAC, MAC and SC, combined with the IMSI, to generate IMSI_M, which is used to hide and replace the IMSI, so as to protect the true identity of the user. The data structure of IMSI is shown in Figure 6, where the mobile country code (MCC, Mobile) Country Code), Mobile Network Code (MNC, Mobile Network) Code) generally does not allow modification. Therefore, this embodiment only applies to the mobile subscriber identification number (MSIN, Mobile Subscriber Identification). Number) is updated, called MSIN mask (MSIN_M, MSIN Mask), the structure of IMSI_M is shown in Figure 7, from which it can be seen that generating MSIN_M is equivalent to generating IMSI_M. Therefore, IMSI_M can be generated by generating MSIN_M. MSIN_M is generated as shown in Equation 3:
MSIN_M= h(MSIN,SAC,MAC,SC) (4) MSIN_M= h(MSIN,SAC,MAC,SC) (4)
其中,h()表示一种函数关系或算法实现,它是MSIN、SAC、MAC、SC等几种数据的安全组合。MSIN_M的一种生成方式如图8所示,采用SIM中现有的安全加密算法,如DES/3DES算法,进行组合加密得到,从而将原始的、可能已被复制的MSIN更新为新的数据,达到保护MSIN、IMSI和SIM使用安全性的目的。在实施过程中,MSIN、SAC、MAC、SC等几种数据的长度可以根据算法的需要进行适当变换或设置。Where h() represents a functional relationship or algorithm implementation, which is a secure combination of several data such as MSIN, SAC, MAC, and SC. A generation method of MSIN_M is as shown in FIG. 8 , and the original security encryption algorithm, such as DES/3DES algorithm, is used for combined encryption to update the original MSIN that may have been copied into new data. The purpose of protecting the security of MSIN, IMSI and SIM is achieved. In the implementation process, the lengths of several data such as MSIN, SAC, MAC, and SC can be appropriately changed or set according to the needs of the algorithm.
S308,配置SUSE。在系统初始建立SIM相关记录时,需要为SUSE分配存储空间并初始化为0,表示此SIM是新鲜的、未曾使用过的。在SIM中,可以通过新的记录文件或在已有记录文件的基础上增加新字段的方式实现;在网络侧,可以建立新的数据记录,或者通过现有的有关SIM信息的数据记录增加新的字段的方式实现。在本次操作时,由于SIM是第一次入网认证,因此,如果上述操作成功,则需将SUSE设置为1。S308, configure SUSE. When the system initially creates a SIM-related record, it needs to allocate storage space for SUSE and initialize it to 0, indicating that the SIM is fresh and has not been used. In the SIM, it can be implemented by adding a new record file or adding a new field based on the existing record file; on the network side, a new data record can be created, or a new data record can be added through the existing data record about the SIM information. The way the field is implemented. In this operation, since the SIM is the first network access authentication, if the above operation is successful, SUSE must be set to 1.
S309,完成SIM安全注册过程。用户侧和网络侧分别存储相应的数据。S309, completing the SIM security registration process. The user side and the network side respectively store corresponding data.
上述流程中,设置SC也可以放在程序开始部分,将生成的SC与安全注册请求同时发送给网络侧,只有在双方都收到确认信息后再保存有关数据。在本发明方法的流程中,为了保证交互数据的可靠性和一致性,在每次用户侧和网络侧协商生成数据过程中,发送方均需要收到接收方反馈回来的确认消息后才能结束本次操作流程。详细的操作流程及交互内容如图4所示。In the above process, the setting SC may also be placed at the beginning of the program, and the generated SC and the secure registration request are simultaneously sent to the network side, and the relevant data is saved only after both parties receive the confirmation information. In the process of the method of the present invention, in order to ensure the reliability and consistency of the interaction data, each time the user side and the network side negotiate to generate data, the sender needs to receive the confirmation message fed back by the receiver before ending the book. Sub-operational process. The detailed operation flow and interactive content are shown in Figure 4.
本发明的增强SIM使用安全性的方法,提供一种事中监控SIM安全性的方法,即在SIM正式启用后,用户可以随时检测SIM的安全性,检查其是否被复制或盗用。它是在SIM入网登记时,通过验证KiM和比较SUSE实现,流程如图9所示,包括如下几个方面:The enhanced SIM uses security method of the present invention to provide a method for monitoring SIM security in the event that after the SIM is officially enabled, the user can check the security of the SIM at any time to check whether it is copied or stolen. It is implemented by verifying KiM and comparing SUSE when the SIM is registered in the network. The process is shown in Figure 9, including the following aspects:
S901,SIM在每次入网登录时,启动入网验证操作,以检查SIM使用过程中的的安全性。S901: The SIM initiates an incoming network verification operation every time the network is logged in to check the security during the use of the SIM.
S902,临时生成KiM。用户侧采用MAC、SAC、SC、Ki组合生成KiM。由于此处采用MAC和SAC进行计算,只有当ME和SIM各自保存的SC是一致的,计算出来的KiM才是正确的,也即实现了机卡关联验证;否则,计算出的KiM是错误的,表明机卡关联出错。S902, temporarily generating KiM. The user side generates a KiM by using a combination of MAC, SAC, SC, and Ki. Since the calculation is performed by MAC and SAC here, only when the SCs saved by the ME and the SIM are consistent, the calculated KiM is correct, that is, the machine card association verification is implemented; otherwise, the calculated KiM is wrong. , indicating that the machine card association error.
S903,都将自己保存的SUSE(记为SUSE_SIM)用KiM加密后(用KiM(SUSE_SIM)表示)发给网络侧;S903, the SUSE (denoted as SUSE_SIM) saved by itself is encrypted by KiM (represented by KiM (SUSE_SIM)) and sent to the network side;
S904,网络侧用自己保存的对应的KiM对接收的数据进行解密,获得SUSE_SIM。如果用于加密的KiM是错误的,则解密出来的SUSE_SIM肯定也是错误的,就会导致以后的认证失败。S904: The network side decrypts the received data by using the corresponding KiM saved by itself, and obtains SUSE_SIM. If the KiM used for encryption is wrong, the decrypted SUSE_SIM is definitely wrong, which will cause subsequent authentication failures.
S905,网络侧比较SUSE。网络侧将SUSE_SIM与自己保存的对应的SUSE(记为SUSE_Net)进行比较;如果两侧的SUSE相同(即SUSE_SIM=SUSE_Net),则说明SIM未被盗用,返回SUSE比较成功的消息;如果不一致,则说明SIM被盗用,返回SUSE比较失败的消息。此步通过比较SUSE,同时完成了KiM验证、机卡关联验证。S905, the network side compares SUSE. The network side compares the SUSE_SIM with the corresponding SUSE (named SUSE_Net) saved by itself; if the SUSEs on both sides are the same (ie, SUSE_SIM=SUSE_Net), the SIM is not stolen, and the message that SUSE is successful is returned; if not, then Indicates that the SIM is stolen and returns a message that the SUSE comparison failed. This step compares SUSE and completes KiM verification and machine card association verification.
S906,用户侧根据网络侧的返回消息,判断SUSE比较结果,并做出下一步操作选择。如果比较成功,则继续执行;否则,提示用户并结束操作。S906: The user side determines the SUSE comparison result according to the return message on the network side, and makes a next operation selection. If the comparison is successful, continue to execute; otherwise, prompt the user and end the operation.
S907,同步更新SUSE。在上述认证成功后,用户侧和网络同步更新SUSE。为避免用户侧与网络再次交互,本实施例采用由用户侧和网络侧分别同步更新,更新采用循环递增计数方式。当旧的SUSE值达到最大值时,执行更新操作之后的SUSE值则为1。SUSE的最大值可根据系统情况灵活设定。S907, synchronously updating SUSE. After the above authentication succeeds, the user side and the network synchronize to update SUSE. In order to prevent the user side from interacting with the network again, the embodiment adopts synchronous update by the user side and the network side respectively, and the update adopts a cyclic increment counting manner. When the old SUSE value reaches the maximum value, the SUSE value after the update operation is 1. The maximum value of SUSE can be flexibly set according to the system conditions.
S908,保存SUSE。用户侧和网络侧保存最新的SUSE。结束操作。S908, save SUSE. The latest SUSE is saved on the user side and the network side. End the operation.
本发明的增强SIM使用安全性的方法,可以让用户在使用SIM的过程中对SIM的安全性进行动态管理和更新,它是通过以SIM中的部分安全数据进行更新的方式来实现的,防止SIM被非法复制或盗用,提高SIM的使用安全性。相关流程如图10所示,包括:The enhanced SIM using security method of the present invention allows the user to dynamically manage and update the security of the SIM during the process of using the SIM, which is implemented by updating part of the security data in the SIM to prevent The SIM is illegally copied or stolen, improving the security of the SIM. The related process is shown in Figure 10 and includes:
S1001,用户在SIM使用过程中,可以根据情况或需要启动更新SC的操作,以更新SIM中的相关安全数据,提高SIM的安全性。S1001: During the use of the SIM, the user may initiate an operation of updating the SC according to the situation or needs to update related security data in the SIM, thereby improving the security of the SIM.
S1002,用户启动更新SC的操作后,设置新的SC,然后向网络侧发送更新SC的请求和新的SC。S1002: After the user initiates the operation of updating the SC, set a new SC, and then send a request for updating the SC and a new SC to the network side.
S1003,网络侧接收到用户的更新SC请求,决定是否接受请求。如果接收请求,则重新生成AC(SAC、MAC),然后会相继启动一系列更新其它安全数据的流程。S1003: The network side receives the update SC request of the user, and determines whether to accept the request. If the request is received, the AC (SAC, MAC) is regenerated, and then a series of processes for updating other security data are started one after another.
S1004,更新SC。网络侧使用用户侧发送的新SC更新自己存储的SC。S1004, update SC. The network side updates the SC stored by itself with the new SC sent by the user side.
S1005,更新KiM。网络侧用新的SAC、MAC和SC重新生成KiM。S1005, update KiM. The network side regenerates the KiM with the new SAC, MAC, and SC.
S1006,更新IMSI_M。网络侧用新的SAC、MAC和SC重新生成IMSI_M。S1006, update IMSI_M. The network side regenerates the IMSI_M with the new SAC, MAC, and SC.
S1007,如果网络侧所有的更新操作都成功,则向用户侧发送SC更新成功的消息,同时将新的SAC、MAC发送给用户侧。S1007: If all the update operations on the network side are successful, send a message that the SC update is successful to the user side, and send the new SAC and MAC to the user side.
S1008,用户侧根据网络侧发送回来的消息判断网络侧的更新SC操作是否成功。如果失败,则结束操作;否则,继续执行操作。S1008: The user side determines, according to the message sent by the network side, whether the update SC operation on the network side is successful. If it fails, the operation ends; otherwise, the operation continues.
S1009,更新AC(SAC、MAC)。用户侧用网络侧发送的AC(SAC、MAC)更新自己内部保存的AC,即SIM更新SAC,ME更新MAC。S1009, update AC (SAC, MAC). The user side updates the AC stored internally by the AC (SAC, MAC) sent by the network side, that is, the SIM updates the SAC, and the ME updates the MAC.
S1010,更新SC。在网络侧更新SC成功之后,用户侧才能更新自己的SC。SIM更新SC。S1010, update SC. After the network side updates the SC successfully, the user side can update its own SC. SIM updates SC.
S1011,更新KiM。用户侧用新的AC(SAC、MAC)和SC重新生成KiM。S1011, update KiM. The user side regenerates KiM with the new AC (SAC, MAC) and SC.
S1012,更新IMSI_M/MSIN_M。用户侧用新的AC(SAC、MAC)和SC重新生成IMSI_M/MSIN_M。S1012, updating IMSI_M/MSIN_M. The user side regenerates IMSI_M/MSIN_M with the new AC (SAC, MAC) and SC.
S1013,上述操作执行完毕后,将执行结果反馈给用户和网络侧。S1013: After the foregoing operations are completed, the execution result is fed back to the user and the network side.
本发明的增强SIM使用安全性的方法,提供一种事后控制SIM使用安全性的操作方法,是在用户发现SIM被复制或盗用之后,对SIM重新进行安全注册,即SIM重新注册,避免直接更换SIM的诸多麻烦和环节。SIM重新注册的总体流程如图11所示,包括如下几个阶段:The method for enhancing the SIM using security of the present invention provides an operation method for controlling the security of the SIM after use. After the user finds that the SIM is copied or stolen, the SIM is re-registered securely, that is, the SIM is re-registered to avoid direct replacement. The troubles and links of SIM. The overall process of SIM re-registration is shown in Figure 11, which includes the following stages:
S1101,重新生成AC(SAC、MAC)。S1101, regenerating AC (SAC, MAC).
S1102,重新设置SC。S1102, reset the SC.
S1103,重新生成KiM。S1103, regenerate KiM.
S1104,重新生成IMSI_M。S1104, regenerating the IMSI_M.
S1105,重新设置SUSE。S1105, reset SUSE.
相关实施例的详细流程如图12所示,包括:The detailed process of the related embodiment is as shown in FIG. 12, and includes:
S1201,用户在发现SIM被盗用后,启动SIM重新注册操作。S1201: After the user finds that the SIM is stolen, the user initiates a SIM re-registration operation.
S1202,用户重新设置新的SC,然后向网络侧发送SIM重新注册请求和新SC。S1202, the user resets the new SC, and then sends a SIM re-registration request and a new SC to the network side.
S1203,网络侧重新生成AC(SAC、MAC)。S1203: The network side regenerates the AC (SAC, MAC).
S1204,网络侧使用接收的新SC更新自己存储的SC。S1204: The network side updates the SC stored by itself using the received new SC.
S1205,网络侧用新的AC(SAC、MAC)和SC重新生成KiM。S1205, the network side regenerates the KiM with the new AC (SAC, MAC) and the SC.
S1206,网络侧用新的AC(SAC、MAC)和SC重新生成IMSI_M。S1206: The network side regenerates the IMSI_M with the new AC (SAC, MAC) and the SC.
S1207,网络侧重新设置SUSE为初始值1。In S1207, the network side resets SUSE to an initial value of 1.
S1208,如果网络侧所有的操作都成功,则向用户侧发送SIM重新注册成功的消息,同时将新AC(SAC、MAC)发送给用户侧;否则,发送注册失败的消息,并结束操作。S1208: If all operations on the network side are successful, send a message that the SIM re-registration is successful to the user side, and send the new AC (SAC, MAC) to the user side; otherwise, send a message that the registration fails, and end the operation.
S1209,用户侧判断网络侧发送回来的消息,如果是SIM重新注册失败,则提示用户,并结束操作;否则,继续执行操作。S1209: The user side determines the message sent back by the network side. If the SIM re-registration fails, the user is prompted to complete the operation; otherwise, the operation is continued.
S1210,用户侧使用网络侧发送的新AC(SAC、MAC)更新自己保存的AC(SAC、MAC)。S1210: The user side updates the saved AC (SAC, MAC) by using the new AC (SAC, MAC) sent by the network side.
S1211,用户侧更新SC。S1211, the user side updates the SC.
S1212,用户侧用新的AC(SAC、MAC)和SC重新生成KiM。S1212: The user side regenerates the KiM with the new AC (SAC, MAC) and the SC.
S1213,用户侧用新的AC(SAC、MAC)和SC重新生成IMSI_M/MSIN_M。S1213: The user side regenerates the IMSI_M/MSIN_M with the new AC (SAC, MAC) and the SC.
S1214,用户侧重新设置SUSE为初始值1。In S1214, the user side resets SUSE to an initial value of 1.
S1215,上述操作执行完毕后,将执行结果反馈给用户和网络侧。两侧分别保存相关数据。S1215: After the foregoing operations are completed, the execution result is fed back to the user and the network side. The relevant data is saved on both sides.
本发明的增强SIM使用安全性的方法和系统,提供一种机卡重新绑定的操作,供用户更换ME时使用。流程如图所示,包括:The method and system for enhancing security of the SIM of the present invention provides a card rebinding operation for use when the user replaces the ME. The process is as shown, including:
S1301,用户启动机卡重新绑定操作。S1301: The user initiates a card rebinding operation.
S1302,SIM按公式(3)的方式生成KiM。S1302, the SIM generates KiM in the manner of formula (3).
S1303,用户侧用KiM对新旧ME的IMEI(分别用IMEI_new、IMEI_old表示)加密,然后随同机卡重新绑定请求以及其它相关信息一起发送给网络侧。S1303: The user side encrypts the IMEI of the old and new MEs (represented by IMEI_new, IMEI_old) with KiM, and then sends them to the network side along with the machine card rebinding request and other related information.
S1304,网络侧收到机卡重新绑定请求后,同样按照公式(3)的方式生成KiM。S1304: After receiving the card rebinding request, the network side also generates KiM according to the formula (3).
S1305,网络侧用新生成的KiM解密获得IMEI_new、IMEI_old。S1305: The network side obtains IMEI_new and IMEI_old by using the newly generated KiM decryption.
S1306,网络侧将IMEI_old与自己保存的对应的IMEI进行比较。S1306: The network side compares IMEI_old with the corresponding IMEI saved by itself.
S1307,判断旧IMEI是否与以前注册的IMEI相同,即IMEI_old与IMEI是否相同。如果相同,则执行下一步;否则,提示用户出错,并结束操作。S1307: Determine whether the old IMEI is the same as the previously registered IMEI, that is, whether the IMEI_old is the same as the IMEI. If they are the same, go to the next step; otherwise, the user is prompted with an error and ends the operation.
S1308,网络侧对新的ME进行注册,更新与之相关的记录。S1308, the network side registers the new ME and updates the records related thereto.
S1309,网络侧为SIM和新的ME生成激活码SAC、MAC。S1309: The network side generates an activation code SAC and MAC for the SIM and the new ME.
S1310,网络侧更新与此SIM相关的保密数据,包括KiM、IMSI_M等,然后将SAC、MAC随同机卡重新绑定成功消息一起发送给用户侧S1310: The network side updates the confidential data related to the SIM, including KiM, IMSI_M, etc., and then sends the SAC and the MAC along with the card rebinding success message to the user side.
S1311,用户侧根据收到的消息类型选择下一步操作。如果是重新绑定成功消息,则继续执行;否则,告之用户,并结束。S1311: The user side selects the next operation according to the type of the received message. If it is a rebinding success message, continue execution; otherwise, the user is notified and ends.
S1312,收到机卡重新绑定成功消息消息后,保存并更新相关数据,具体包括:ME保存MAC,SIM保存SAC,SIM更新有关IMEI记录,重新生成KiM、IMSI_M等。After receiving the machine card rebinding success message, the S1312 saves and updates related data, including: the ME saves the MAC, the SIM saves the SAC, the SIM updates the IMEI record, and regenerates the KiM, IMSI_M, and the like.
S1313,将操作结果反馈给各参与方。S1313, the operation result is fed back to each participant.
本发明的上述操作及其实施例,既可以单独使用,也可以组合使用;部分操作既可以由系统自动运行,也可以由用户手动启动。图14给出了本发明在用户侧的一种实施方式,以SIM应用程序菜单的方式进行显示,由用户启动操作。The above operations of the present invention and their embodiments may be used alone or in combination; some operations may be automatically performed by the system or manually by the user. Figure 14 shows an embodiment of the present invention on the user side, which is displayed in the form of a SIM application menu, which is initiated by the user.
以上实施例仅供说明本发明之用,而非对本发明的限制,有关技术领域的技术人员,在不脱离本发明的精神和范围的情况下,还可以做出各种修改、变换或变型,而所有等同的技术方案也属于本发明范畴之内,应当由各项权利要求限定。The above embodiments are merely illustrative of the invention, and are not intended to limit the scope of the invention, and various modifications, alterations and variations can be made without departing from the spirit and scope of the invention. All equivalent technical solutions are also within the scope of the invention and should be defined by the claims.
本发明未述部分与现有技术相同。The parts not described in the present invention are the same as those in the prior art.

Claims (5)

  1. 增强用户识别模块使用安全性的方法,包括如下步骤, A method for enhancing the security of the user identification module, including the following steps,
    (1)提供以下装置,移动通信网络系统、移动用户终端机以及用户识别模块(1) Providing the following devices, a mobile communication network system, a mobile user terminal, and a subscriber identity module
    (2)检查用户识别模块新鲜性,在用户识别模块安装在移动用户终端机第一次入网注册时,移动通信网络系统根据用户识别模块的相关信息,查询移动通信网络系统记录,并将是否第一次入网注册的新鲜性检查结果反馈给用户,同时,记录与此用户识别模块入网注册所使用的移动用户终端机的相关信息。(2) Checking the freshness of the subscriber identity module. When the subscriber identity module is installed in the mobile subscriber terminal for the first time to register in the network, the mobile communication network system queries the mobile communication network system for recording according to the relevant information of the subscriber identity module, and will The freshness check result of the one-time network registration is fed back to the user, and at the same time, the information related to the mobile user terminal used by the subscriber identity module to register the network is recorded.
  2. 根据权利要求1所述的增强用户识别模块使用安全性的方法,其特征在于,还包括有如下步骤,The method for enhancing security of user identification module usage according to claim 1, further comprising the steps of:
    (1)生成激活码,在通过新鲜性检查后,由移动通信网络系统网络侧随机生成两个数据作为激活码发送给用户侧,一个作为用户识别模块的激活码,另一个作为移动用户终端机的激活码,每个用户识别模块及其所在的移动用户终端机都有相应的激活码,网络侧保存用户识别模块/移动用户终端机与激活码的对应关系,以备检查,(1) Generate an activation code. After passing the freshness check, two data are randomly generated by the network side of the mobile communication network system as an activation code and sent to the user side, one as an activation code of the user identification module and the other as a mobile user terminal. Activation code, each user identification module and the mobile user terminal where it is located have a corresponding activation code, and the network side saves the correspondence between the user identification module/mobile user terminal and the activation code for checking,
    (2)设置安全码,用户设置一个数据,作为用户识别模块的安全码,并发送给网络侧,每个SIM都有对应的安全码,网络侧对应保存该安全码。(2) Set the security code, the user sets a data as the security code of the user identification module, and sends it to the network side. Each SIM has a corresponding security code, and the network side saves the security code.
  3. 根据权利要求2所述的增强用户识别模块使用安全性的方法,其特征在于,还包括有如下步骤,生成加密密钥掩码,网络侧将加密密钥与激活码、安全码进行如下列公式所示的安全组合加密密钥掩码=f(加密密钥,用户识别模块激活码,移动用户终端机激活码,安全码)生成加密密钥掩码并替代原有的加密密钥,在之后的通信过程中,用加密密钥掩码来代替加密密钥进行相关的认证和加密处理。The method for enhancing security of user identification module according to claim 2, further comprising the steps of: generating an encryption key mask, and the network side performs the encryption key, the activation code, and the security code according to the following formula: The security combination encryption key mask = f (encryption key, user identification module activation code, mobile user terminal activation code, security code) is generated to generate an encryption key mask and replace the original encryption key, after which In the communication process, the encryption key is used instead of the encryption key for related authentication and encryption processing.
  4. 根据权利要求2所述的增强用户识别模块使用安全性的方法,其特征在于,还包括有如下步骤,生成国际移动用户识别号掩码,网络侧将国际移动用户识别号与激活码、安全码进行如下列公式所示的安全组合国际移动用户识别号掩码= g(国际移动用户识别号掩码,用户识别模块激活码,移动用户终端机的激活码,安全码)在第一次入网注册时使用真实的国际移动用户识别号,其后都采用国际移动用户识别号掩码代替真实的国际移动用户识别号。The method for enhancing security of user identification module according to claim 2, further comprising the steps of: generating an international mobile subscriber identification number mask, and the network side transmitting the international mobile subscriber identification number and the activation code and the security code. Perform the security combination International Mobile Subscriber ID mask as shown in the following formula = g (International Mobile Subscriber ID Mask, User Identification Module Activation Code, Mobile User Terminal Activation Code, Security Code) uses the actual international mobile subscriber identification number when registering for the first time, and then uses international mobile subscribers. The identification number mask replaces the real international mobile subscriber identification number.
  5. 根据权利要求1所述的增强用户识别模块使用安全性的方法,其特征在于,还包括有如下步骤,比较用户识别模块使用序列号,用户识别模块使用序列号用于记录用户识别模块入网使用次数,在用户识别模块第一次入网时初始化,用户侧和网络侧同步记录和更新用户识别模块使用序列号,在用户识别模块每次入网认证时,移动通信网络系统都会比较用户侧和网络侧分别保存的用户识别模块使用序列号是否一致。The method for enhancing security of user identification module according to claim 1, further comprising the steps of: comparing a user identification module using a serial number, and the user identification module using the serial number for recording the number of times the user identification module is used in the network. When the user identification module is first initialized, the user side and the network side synchronously record and update the user identification module to use the serial number. When the user identification module enters the network authentication every time, the mobile communication network system compares the user side and the network side respectively. The saved user identification module uses the serial number to be consistent.
PCT/CN2010/080365 2010-12-28 2010-12-28 Method for enhancing usage security of subscriber identity module WO2012088661A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2010/080365 WO2012088661A1 (en) 2010-12-28 2010-12-28 Method for enhancing usage security of subscriber identity module

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2010/080365 WO2012088661A1 (en) 2010-12-28 2010-12-28 Method for enhancing usage security of subscriber identity module

Publications (1)

Publication Number Publication Date
WO2012088661A1 true WO2012088661A1 (en) 2012-07-05

Family

ID=46382178

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2010/080365 WO2012088661A1 (en) 2010-12-28 2010-12-28 Method for enhancing usage security of subscriber identity module

Country Status (1)

Country Link
WO (1) WO2012088661A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11483709B2 (en) 2019-03-14 2022-10-25 At&T Intellectual Property I, L.P. Authentication technique to counter subscriber identity module swapping fraud attack

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1564616A (en) * 2004-03-16 2005-01-12 李傲 Identification code priority log-on method for cell phone
CN101365219A (en) * 2007-08-09 2009-02-11 展讯通信(上海)有限公司 Mobile phone register method, mobile phone teminal processing method and network side processing method
CN101796858A (en) * 2007-09-01 2010-08-04 苹果公司 Service provider activation with subscriber identity module policy
US20100210305A1 (en) * 2009-02-13 2010-08-19 Smarttrust Ab Method for activating sim cards

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1564616A (en) * 2004-03-16 2005-01-12 李傲 Identification code priority log-on method for cell phone
CN101365219A (en) * 2007-08-09 2009-02-11 展讯通信(上海)有限公司 Mobile phone register method, mobile phone teminal processing method and network side processing method
CN101796858A (en) * 2007-09-01 2010-08-04 苹果公司 Service provider activation with subscriber identity module policy
US20100210305A1 (en) * 2009-02-13 2010-08-19 Smarttrust Ab Method for activating sim cards

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11483709B2 (en) 2019-03-14 2022-10-25 At&T Intellectual Property I, L.P. Authentication technique to counter subscriber identity module swapping fraud attack

Similar Documents

Publication Publication Date Title
US9788209B2 (en) Apparatus and methods for controlling distribution of electronic access clients
US11882442B2 (en) Handset identifier verification
JP6170115B2 (en) Network-assisted fraud detection apparatus and method
EP1671511B2 (en) Enhanced security design for cryptography in mobile communication systems
JP6471150B2 (en) Profile setting method and apparatus
US7886355B2 (en) Subsidy lock enabled handset device with asymmetric verification unlocking control and method thereof
JP5074578B2 (en) Method and system for mobile device credential processing
EP1828931B1 (en) Secure collaborative terminal identity authentication between a wireless communication device and a wireless operator
US8171527B2 (en) Method and apparatus for securing unlock password generation and distribution
KR20060132996A (en) Mobile communication device security device and method
CA2545159A1 (en) Method for the authentication of applications
WO2002101981A1 (en) Method and arrangement for encrypting data transfer at an interface in mobile equipment in radio network, and mobile equipment in radio network
WO2006079282A1 (en) A method for setting the key and setting the initial security key in the mobile terminal
EP1683387B1 (en) Method and apparatus for authentication in wireless communications
CN111901360B (en) A control system and method suitable for secure access to intranet data
US20230007491A1 (en) Managing a subscription identifier associated with a device
WO2012088661A1 (en) Method for enhancing usage security of subscriber identity module
CN100466806C (en) An authentication method between a mobile terminal and a network device
CN100461938C (en) A Controlled Key Renewal Method
CN106878989A (en) A kind of connection control method and device
EP4554265A1 (en) Terminal device, system and method using auts for data transfer
HK1166911A (en) Platform validation and management of wireless devices

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10861436

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 08/11/2013)

122 Ep: pct application non-entry in european phase

Ref document number: 10861436

Country of ref document: EP

Kind code of ref document: A1