WO2021244447A1 - Information protection method and system, and communication apparatus - Google Patents

Abstract

Provided by the present application are an information protection method and system, and a communication apparatus, which are used to protect access layer information between a terminal device and an access network device. The method may comprise: a terminal device generates a second key according to a first key, random parameters and a first function, uses the second key to encrypt protection information so as to obtain first encrypted protection information, and sends a first request message to an access network device, the first request message comprising first key identification, device identification information, the random parameters, and the first encrypted protection information; when receiving the first request message, the access network device determines the first function and a second function corresponding to the device identification information, generates the second key according to the first key identification, the random parameters, the first function, and the second function, and decrypts the first encrypted protection information by using the second key so as to obtain protection information. By using the present application, the security of information transmission between the terminal device and the access network device may be improved, thereby improving the security and reliability of a network.

Description

Information protection method, system and communication device

This application claims the priority of a Chinese patent application filed with the Chinese Patent Office, the application number is 202010480899.7, and the application name is "information protection method, system and communication device" on May 30, 2020, the entire content of which is incorporated into this application by reference middle.

Technical field

This application relates to the field of communication technology, and in particular to an information protection method, system and communication device.

Background technique

Network slicing is a new type of network and business model that can be customized and managed to better meet the needs of consumers and enterprises for personalized services, such as billing, policy, security, and mobility. Network slicing can be used for mobile bandwidth, multimedia, large-scale machine type communication (massive machine type communication), and critical machine type communication (critical machine type communication).

When a terminal device registers with the network, it provides the core network with the requested network slicing information, which is used by the core network to select a network slicing instance for the terminal device; the core network is based on the terminal device’s contract data, requested network slicing information, roaming agreement, and local configuration Information, operator policies and other information, select the network slices that are allowed to be accessed for the terminal device, and send the network slice information that is allowed to be accessed to the terminal device. When the terminal device receives the allowed network slice information, it may request to access the corresponding network slice according to the allowed network slice information, and send the allowed network slice information to the access network device. When the access network device receives the allowed access network slice information, it can select the access management network element to provide services for the terminal device according to the allowed access network slice information.

Information transmitted between terminal equipment and access network equipment, such as network slice information or terminal equipment capability information, is at risk of being leaked. Therefore, how to improve the security of information transmitted between terminal equipment and access network equipment is Technical problems to be solved urgently.

Summary of the invention

The present application provides an information protection method and communication device, which can improve the security of information transmitted between terminal equipment and access network equipment, thereby improving the security and reliability of the network.

The first aspect of the present application provides an information protection method, which may be executed by an access network device, or may be executed by a device (such as a processor or a chip, etc.) in the access network device. This method takes the access network device as an example, and includes the following content.

The access network device receives a first request message from the terminal device. The first request message includes the first key identifier, device identification information, random parameters, and first encryption protection information; the access network device determines the first request message corresponding to the device identification information. Function and second function; Generate a second key according to the first key identifier, random parameters, first function and second function; Use the second key to decrypt the first encrypted protection information to obtain the protected information.

The protection information may be network slice information, terminal device capability information, or other information that needs to be protected at the access layer. The first encrypted protection information is obtained by using the second key to encrypt the protection information. The device identification information may be the identification information of the terminal device or the identification information of the access management network element.

In the first aspect of this application, when the access network device receives the first request message, it determines the function required to calculate the second key, and uses the determined function, the first key identifier and random parameters to calculate the second key , Use the second key to decrypt the first encrypted protection information to obtain the protection information, which can realize the protection of the protection information sent by the terminal device to the access network device, and effectively prevent eavesdroppers from obtaining the protection information from the access layer message. Thereby, the security of information transmission between the terminal equipment and the access network equipment is improved, and the security and reliability of the network are improved.

In a possible implementation manner, the access network device determines the corresponding device identification information carried in the first request message according to the correspondence between each device identification information and the identification information of the first function and the identification information of the second function. The first function and the second function. The corresponding relationship between the identification information of each device and the identification information of the first function and the identification of the second function is stored on the access network device, so that the access network device can determine the first corresponding to the device identification information carried in the first request message. Function and second function.

Wherein, the corresponding relationship may be the corresponding relationship between the identification information of the terminal device and the identification information of the first function and the identification information of the second function, or the identification information of the access management network element and the identification information of the first function, and Correspondence between the identification information of the second function.

In a possible implementation manner, the access network device receives a first message from an access management network element, the first message includes identification information of the first function and identification information of the second function, and the access network device establishes the access The corresponding relationship between the identification information of the incoming management network element and the identification information of the first function and the identification information of the second function, so that when the access network device receives the first request message, the first request message corresponding to the device identification information can be determined One function and second function.

In a possible implementation manner, when the access network device generates the second key, the first key is generated according to the first key identifier and the second function, and the first key is generated according to the first key, random parameters and the first function. , Generate the second key. Using two-layer key calculation, the second key is finally obtained to decrypt the first encrypted protection information. The use of two layers of keys allows the encryption keys to protect the information to be replaced frequently, thereby increasing security.

In a possible implementation manner, the access network device generates the second key according to the first key, random parameters, first function, and device identification information, so that there are more parameters for generating the second key, which increases the complexity. To improve safety. Device identification information, such as the identification information of the terminal device.

In a possible implementation manner, when the access network device determines the first function and the second function corresponding to the device identification information carried in the first request message, it also determines the first calculation parameter corresponding to the device identification information. The calculation parameter is used as a parameter for generating the second key, which increases the complexity of the calculation to improve security. The access network device generates the second key according to the first key identifier, the random parameter, the first function, and the second function.

The access network device may determine the first calculation parameter corresponding to the device identification information carried in the first request message according to the correspondence between each device identification information and the first calculation parameter.

In a possible implementation manner, the first message further includes the first calculation parameter, and the access network device establishes the identification information of the access management network element and the identification information of the first function, the identification information of the second function, and the first function. The correspondence between the parameters is calculated, so that when the access network device receives the first request message, it can determine the first function, the second function, and the first calculation parameter corresponding to the device identification information.

In a possible implementation, the access management network element sends a second message to the access network device when it detects that another access network device has been compromised by an attacker. The second message includes the identifier of the third function. Information and identification information of the fourth function; when the access network device receives the second message, it establishes a correspondence between the identification information of the access management network element and the identification information of the third function and the identification information of the fourth function. Optionally, the second message further includes a second calculation parameter, and the access network device establishes a correspondence between the identification information of the access management network element and the identification information of the third function, the identification information of the fourth function, and the second calculation parameter relation.

In a possible implementation, when the access network device receives the second request message from the terminal device, the second request message includes the third key identifier, device identification information, random parameters, and second encryption protection information, according to The corresponding relationship between the identification information of the access management network element and the identification information of the third function and the identification information of the fourth function is determined, and the third function and the fourth function corresponding to the device identification information are determined. Optionally, the access network device further determines the second calculation parameter corresponding to the device identification information.

The access network device generates the fourth key according to the third key identifier, random parameters, third function, and fourth function. Optionally, the fourth key is generated according to the third key identifier, random parameters, third function, fourth function, and second calculation parameter.

The access network device uses the fourth key to decrypt the second encrypted protection information to obtain the protection information.

It is understandable that when an access management network element detects that a certain access network device has been compromised by an attacker, it sends a second message to other access network devices except this one to update the usage. Functions and parameters for generating the decryption key.

In a possible implementation manner, when the access management network element detects that the terminal device is an attacker, it sends instruction information to the access network device, where the instruction information is used to indicate illegal key identification information. Upon receiving the instruction information, the access network device detects whether the first key identifier carried in the first request message matches the illegal key identifier information, and if they match, it indicates that the terminal device sending the first request message is an attacker , Then the access network device rejects the first request message, thereby preventing the attacker from accessing.

The second aspect of the present application provides an information protection method, which may be executed by a terminal device, or may be executed by a device (such as a processor or a chip, etc.) in the terminal device. This method takes terminal equipment as an example, and includes the following content.

The terminal device generates a second key according to the first key, random parameters and the first function, uses the second key to encrypt the protection information to obtain the first encrypted protection information; sends a first request message to the access network device, The first request message includes a first key identifier, device identification information, random parameters, and first encryption protection information; the first key identifier is used to generate a first key.

In the second aspect of this application, the terminal device uses the second key to encrypt the protected information, and sends the encrypted first encrypted protection information to the access network device, which can realize the privacy protection of the protected information and effectively prevent eavesdroppers. Obtain protection information from the access layer message, thereby improving the security of information transmitted between the terminal device and the access network device, and improving the security and reliability of the network.

In a possible implementation manner, the terminal device generates the second key according to the first key, random parameters, device identification information, and the first function, so that there are more parameters for generating the second key, which increases the complexity. To improve safety. Device identification information, such as the identification information of the terminal device.

In a possible implementation manner, the terminal device receives a third message from the access management network element, where the third message includes the identification information of the first function, the first key, and the first key identification. The first key and the first function are used for the terminal device to generate the second key; the first key identifier is used for the terminal device to be carried in the first request message so that the access network device can generate the second key.

In a possible implementation, the access management network element sends a fourth message to the terminal device when it detects that an access network device has been compromised by an attacker, and the fourth message is used to update the terminal device The function and parameters of the decryption key are generated. The fourth message includes the identification information of the third function, the third key and the third key identification; when the terminal device receives the fourth message, it will be based on the third key, random parameters and The third function is to generate a fourth key, and use the fourth key to encrypt the protection information to obtain the second encrypted protection information; send a second request message to the access network device, the second request message includes the third key identifier , Device identification information, random parameters and second encryption protection information, and the third key identification is used to generate the third key.

If the access network equipment is compromised by an attacker, when the second request message is received, the protected information encrypted with the fourth key cannot be decrypted, so that the protected information cannot be obtained. Other access network equipment that has not been compromised by the attacker When the second request message is received, it can be decrypted correctly to obtain the protection information, so that in a scenario where an access network device is compromised by an attacker, the information transmission between the terminal device and other access network devices can be protected. It is understandable that when an access management network element detects that a certain access network device has been compromised by an attacker, it sends a second message to other access network devices except this one to update the usage. Because of the function and parameters for generating the decryption key, the compromised access network device cannot obtain the parameters in the second message, and thus cannot generate the fourth key for decryption.

The third aspect of the present application provides an information protection method, which may be executed by an access network device, or may be executed by a device (such as a processor or a chip, etc.) in the access network device. This method takes the access network device as an example, and includes the following content.

The access network device receives a first request message from the terminal device. The first request message includes the first key identifier, device identification information, random parameters, and first encryption protection information; determining the first function and second function corresponding to the device identification information Function and the first encryption algorithm; generate the second key according to the first key identifier, the first function and the second function; decrypt the first encrypted protection information according to the second key, random parameters and the first encryption algorithm, Get protection information.

The protection information may be network slice information, terminal device capability information, or other information that needs to be protected at the access layer. The device identification information may be the identification information of the terminal device or the identification information of the access management network element.

In the third aspect of the present application, when the access network device receives the first request message, it determines the function and encryption algorithm required to calculate the second key, uses the determined function to calculate the second key, and uses the second key and The encryption algorithm decrypts the first encrypted protection information to obtain the protection information, which can realize the protection of the protection information sent by the terminal equipment to the access network equipment, and effectively prevent eavesdroppers from obtaining the protection information from the access layer message, thereby improving the terminal equipment The security of information transmitted with the access network equipment improves the security and reliability of the network.

In a possible implementation manner, the access network device determines the correspondence between the device identification information and the identification information of the first function, the identification information of the second function, and the algorithm identification of the first encryption algorithm according to the correspondence between the device identification information and the identification information of the first function. The first function, the second function and the first encryption algorithm of, in order to generate the second key, and the first encryption protection information is decrypted by using the second key and the first encryption algorithm.

In a possible implementation manner, the access network device receives a first message from an access management network element, the first message includes identification information of the first function, identification information of the second function, and algorithm identification of the first encryption algorithm Establish a correspondence between the identification information of the access management network element and the identification information of the first function, the identification information of the second function, and the algorithm identification of the first encryption algorithm. Therefore, when the access network device receives the first request message, it can determine the first function, the second function, and the first encryption algorithm corresponding to the device identification information.

In a possible implementation manner, the access network device generates the first key according to the first key identifier and the first function; generates the second key identifier according to the first key and the second function; The key identification and the first function generate the second key. The use of two layers of keys allows the encryption keys to protect the information to be replaced frequently, thereby increasing security.

In a possible implementation manner, the access network device generates the second key identifier according to the first key identifier, the first key, and the second function. Increase the complexity of calculating the second key identifier to improve security.

In a possible implementation manner, the access network device receives a second message from the access management network element, and the second message includes the identification information of the third function, the identification information of the fourth function, and the algorithm identification of the second encryption algorithm. Establish the correspondence between the identification information of the access network device and the identification information of the third function, the identification information of the fourth function, and the algorithm identification of the second encryption algorithm.

In a possible implementation manner, the access network device receives a second request message from the terminal device. The second request message includes the third key identifier, device identification information, random parameters, and second encryption protection information; The corresponding relationship between the identification information of the network device and the identification information of the third function, the identification information of the fourth function, and the algorithm identification of the second encryption algorithm, to determine the third function, fourth function, and second encryption corresponding to the device identification information Algorithm; Generate the fourth key according to the third key identifier, the third function and the fourth function; decrypt the second encrypted protection information according to the fourth key, random parameters and the second encryption algorithm to obtain the protection information.

It is understandable that when an access management network element detects that a certain access network device has been compromised by an attacker, it sends a second message to other access network devices except this one to update the usage. Functions and parameters for generating the decryption key.

In a possible implementation manner, when the access management network element detects that the terminal device is an attacker, it sends instruction information to the access network device, where the instruction information is used to indicate illegal key identification information. Upon receiving the instruction information, the access network device detects whether the first key identifier carried in the first request message matches the illegal key identifier information, and if they match, it indicates that the terminal device sending the first request message is an attacker , Then the access network device rejects the first request message, thereby preventing the attacker from accessing.

The fourth aspect of the present application provides an information protection method, which may be executed by a terminal device, or may be executed by a device (such as a processor or a chip, etc.) in the terminal device. This method takes terminal equipment as an example, and includes the following content.

The terminal device encrypts the protection information according to the second key, random parameters, and the first encryption algorithm to obtain the first encrypted protection information; sends a first request message to the access network device, the first request message including the first key identifier, Device identification information, random parameters, and first encrypted protection information.

In the fourth aspect of this application, the terminal device uses the second key and the first encryption algorithm to encrypt the protected information, and sends the encrypted first encrypted protection information to the access network device, which can realize the privacy protection of the protected information. It can effectively prevent eavesdroppers from obtaining protection information from access layer messages, thereby improving the security of information transmitted between the terminal device and the access network device, and improving the security and reliability of the network.

In a possible implementation manner, the terminal device receives a third message from the access management network element, where the third message includes the second key, the algorithm identifier of the first encryption algorithm, and the first key identifier. The second key and the first encryption algorithm are used for the terminal device to encrypt the protection information, and the first key identifier is used for the terminal device to be carried in the first request message so that the access network device can generate the second key.

In a possible implementation, the access management network element sends a fourth message to the terminal device when it detects that an access network device has been compromised by an attacker, and the fourth message is used to update the terminal device Function and parameters for generating the decryption key, the fourth message includes the fourth key, the algorithm identification of the second encryption algorithm, and the third key identification. In the case of receiving the fourth message, the terminal device encrypts the protection information according to the fourth key, the random parameter and the second encryption algorithm to obtain the second encrypted protection information; sends the second request message to the access network device, the first The second request message includes the third key identification, device identification information, random parameters, and second encryption protection information.

If the access network equipment is compromised by an attacker, when the second request message is received, the protected information encrypted with the fourth key cannot be decrypted, so that the protected information cannot be obtained. Other access network equipment that has not been compromised by the attacker When the second request message is received, it can be decrypted correctly to obtain the protection information, so that in a scenario where an access network device is compromised by an attacker, the information transmission between the terminal device and other access network devices can be protected.

The fifth aspect of the present application provides a communication device. The communication device may be an access network device or a device in the access network device. In one design, the device may include modules corresponding to the methods/operations/steps/actions described in the first aspect or the third aspect and various possible implementation modes. The module may be a hardware circuit or It is software, or it can be realized by hardware circuit combined with software. In one design, the device may include a processing unit and a transceiver unit. Exemplary,

The transceiver unit is configured to receive a first request message from a terminal device. The first request message includes a first key identifier, device identification information, random parameters, and first encryption protection information; determining a first function and a first function corresponding to the device identification information Two functions;

The processing unit is configured to generate a second key according to the first key identifier, random parameters, the first function, and the second function; use the second key to decrypt the first encrypted protection information to obtain the protection information.

A sixth aspect of the present application provides a communication device, which includes a processor, configured to implement the method described in the first aspect or the third aspect. The device may also include a memory for storing instructions and data. The memory is coupled with the processor. When the processor executes the instructions stored in the memory, the device can realize the foregoing first aspect and each possible implementation manner of the first aspect, or the third aspect and each possible third aspect. Implement the method described in the method. The device may also include a communication interface, which is used for the device to communicate with other devices. Illustratively, the communication interface may be a circuit hardware module such as a transceiver and a bus, and other devices may be terminal devices. In one possible design, the device includes:

Memory, used to store program instructions;

The processor is configured to receive a first request message from a terminal device, where the first request message includes a first key identifier, device identification information, random parameters, and first encryption protection information; determining a first function and a first function corresponding to the device identification information Two functions; generate a second key according to the first key identifier, random parameters, first function and second function; use the second key to decrypt the first encrypted protection information to obtain the protection information.

The seventh aspect of the present application provides a computer-readable storage medium, including instructions, which when run on a computer, cause the computer to execute the first aspect and each possible implementation manner of the first aspect, or the third aspect and the third aspect The methods provided by each possible implementation.

An eighth aspect of the present application provides a chip system that includes a processor and may also include a memory, which is used to implement the foregoing first aspect and each possible implementation manner of the first aspect, or each of the third aspect and the third aspect It is possible to implement the method provided by the way. The chip system can be composed of chips, or it can include chips and other discrete devices.

A ninth aspect of the present application provides a communication device. The communication device may be a terminal device or a device in the terminal device. In one design, the device may include modules corresponding to the methods/operations/steps/actions described in the second aspect or the fourth aspect and various possible implementation modes. The module may be a hardware circuit or It is software, or it can be realized by hardware circuit combined with software. In one design, the device may include a processing unit and a transceiver unit. Exemplary,

The processing unit is configured to generate a second key according to the first key, random parameters, and the first function, and use the second key to encrypt the protection information to obtain the first encrypted protection information;

The transceiver unit is configured to send a first request message to the access network device. The first request message includes a first key identifier, device identification information, random parameters, and first encryption protection information; the first key identifier is used to generate a first Key.

A tenth aspect of the present application provides a communication device, which includes a processor, configured to implement the method described in the second or fourth aspect. The device may also include a memory for storing instructions and data. The memory is coupled with the processor, and when the processor executes the instructions stored in the memory, the device can realize the foregoing second aspect and each possible implementation manner of the second aspect, or the fourth aspect and each possible aspect of the fourth aspect. Implement the method described in the method. The device may also include a communication interface, which is used for the device to communicate with other devices. Illustratively, the communication interface may be a circuit hardware module such as a transceiver and a bus, and other devices may be access network devices. In one possible design, the device includes:

Memory, used to store program instructions;

The processor is configured to generate a second key according to the first key, random parameters, and the first function, and use the second key to encrypt the protection information to obtain the first encrypted protection information; and send the first encrypted protection information to the access network device. A request message. The first request message includes a first key identifier, device identification information, random parameters, and first encryption protection information; the first key identifier is used to generate a first key.

The eleventh aspect of the present application provides a computer-readable storage medium, including instructions, which when run on a computer, cause the computer to execute the second aspect and each possible implementation manner of the second aspect, or the fourth aspect and the fourth aspect The methods provided by each possible implementation.

A twelfth aspect of the present application provides a chip system, which includes a processor and may also include a memory, which is used to implement the foregoing second aspect and each possible implementation manner of the second aspect, or the fourth aspect and the fourth aspect The methods provided by each possible implementation. The chip system can be composed of chips, or it can include chips and other discrete devices.

A thirteenth aspect of the present application provides a communication system that includes the access network device described in the first aspect and the terminal device described in the second aspect, or includes the access network device described in the third aspect and the second aspect The terminal equipment described in the four aspects.

Description of the drawings

Figure 1 is an example flow chart of the pre-configuration information based on the granularity of the terminal device;

Figure 2 is an example flow chart of pre-configuration information based on PLMN granularity;

Figure 3 is a schematic diagram of a network architecture applying an embodiment of the present application;

4 is a schematic flowchart of the information protection method provided by Embodiment 1 of the application;

Figure 4a is a schematic diagram of UE generating a second key in the first embodiment;

Figure 4b is a schematic diagram of the access network device generating the second key in the first embodiment;

FIG. 5 is a schematic flowchart of the information protection method provided in the second embodiment of this application;

Figure 5a is a schematic diagram of the access network device generating a second key in the second embodiment;

FIG. 6 is a schematic flowchart of an information protection method provided in Embodiment 3 of this application;

Fig. 6a is a schematic diagram of the access network device generating the second key in the third embodiment;

FIG. 7 is a schematic flowchart of an information protection method provided in Embodiment 4 of this application;

FIG. 8 is a schematic flowchart of an information protection method provided in Embodiment 5 of this application;

FIG. 9 is a schematic structural diagram of a communication device provided by an embodiment of this application;

FIG. 10 is a schematic structural diagram of another communication device provided by an embodiment of this application.

detailed description

In order to better understand the technical solutions provided by the embodiments of the present application, first introduce the technical terms involved in the embodiments of the present application.

(1) Network slicing

Network slices can also be called slices or network slice instances. In order to meet the diversity requirements and the isolation between slices, the business can be relatively independent of management and operation and maintenance, and provide tailor-made business functions and analysis capabilities. Instances of different service types can be deployed on different network slices, and different instances of the same service type can also be deployed on different network slices. A network slice can be regarded as an instantiated core network architecture.

The network slice in the fifth-generation (5th-generation, 5G) network is a virtual private network that can be composed of a set of network functions and sub-networks. Many network slices can be deployed in the operator's network, and each network slice can have different performance to meet the needs of different applications and different vertical industries.

(2) Network slicing information

In the case that network slicing is deployed in the network, when the terminal device registers to the network, the selection process of the network slicing will be triggered. The selection process of the network slice relies on information such as the subscription data of the terminal device, roaming agreement, local configuration information, and operator policy.

When the terminal device needs to access the network slice, the requested network slice information is provided to the core network for the core network to select the network slice instance for the terminal device. The requested (requested) network slice information may be the requested network slice selection assistance information (network slice selection assistance information, NSSAI), which is recorded as requested NSSAI. The NSSAI may be composed of one or more single network slice selection assistance information (S-NSSAI), and one S-NSSAI is used to identify a single network slice type. Since NSSAI is composed of one or more S-NSSAIs, NSSAI can be replaced with S-NSSAI or S-NSSAIs.

When the core network element receives the requested network slice information, it selects the network slice that the terminal device is allowed to access based on the terminal device's contract data, requested network slice information, roaming agreement, local configuration information, operator policy and other information , And send the allowed network slice information to the terminal device. The allowed network slice information can be the allowed NSSAI, which is recorded as allowed NSSAI. In allowed NSSAI, the single network slice selection auxiliary information that the current operator's network is allowed to access can be represented by allowed S-NSSAI. Among them, the core network element can be the access and mobility management function (AMF) network element in the 5G system, or the network slice selection function (NSSF) network element, or unified data Management (unified data management, UDM) network elements.

When the terminal device receives the allowed NSSAI, it can carry the corresponding allowed NSSAI in the non-access stratum (NAS) message of the session establishment request according to the allowed NSSAI to request the access and mobility management function network element Access the corresponding network slice. The terminal device can also carry allowed NSSAI in the requested NSSAI when sending a registration request (carrying requested NSSAI) next time, and send the requested NSSAI to the access network device. When the access network device receives the requested NSSAI, it selects according to the requested NSSAI Access management network elements, such as AMF network elements, provide services for terminal devices.

When a terminal device sends a requested NSSAI to an access network device, it can be understood that the terminal device sends a requested NSSAI to the access network device through an access stratum (AS) message, that is, the requested NSSAI is carried in the AS message. Since the AS message is not protected for security and privacy, the content carried by the AS message is at risk of being leaked. For example, network slices that require higher privacy and security, such as police network slices or firefighting network slices. If the NSSAI corresponding to these network slices is carried in the AS message, the attacker can distinguish between police or firefighter users and ordinary users. . For another example, an eavesdropper can intercept the NSSAI in the AS message to determine whether there is a police station in a certain area. For another example, an eavesdropper can intercept the NSSAI in the AS message, determine the type of network slice that a user has recently accessed, and infer the user's recent behavior. Therefore, how to improve the security of information transmitted between the terminal equipment and the access network equipment is a technical problem to be solved urgently. Among them, the transmitted information can be network slice information, such as requested NSSAI; it can also be the capability information of the terminal device, such as whether the terminal device supports confidentiality protection.

In view of this, a solution is currently provided to solve the above technical problems. The solution is to pre-configure some information between the terminal device and the access network device; the terminal device uses the pre-configured information to protect the NSSAI carried in the AS message. Processing (for example, encrypting the S-NSSAI in the NSSAI, or using the S-NSSAI pseudonym); when the access network device receives the processed NSSAI, it uses the pre-configuration information to obtain the NSSAI. Because the pre-configuration information exists between the terminal device and the access network device, the security of NSSAI transmission over the air interface can be ensured.

In one implementation, the pre-configuration information is based on the granularity of the terminal device. This implementation can refer to the flowchart shown in Figure 1, and can include:

Step 100: The terminal device has been registered to the core network, and the 5G non-access stratum (NAS) has been established.

Step 101: The AMF network element generates random parameters (random, RAND), and calculates temporary S-NSSAI (temporary S-NSSAI, T-S-NSSAI) using allowed S-NSSAI and RAND. Random parameters can be understood as freshness parameters.

The AMF network element generates a RAND for the terminal device, and uses the RAND and the allowed NSSAI corresponding to the terminal device to calculate the T-S-NSSAI (for example, using RAND as the encryption key of the confidentiality algorithm 128-NEA1). It is understandable that T-S-NSSAI is a security-protected allowed NSSAI. The AMF network element can generate different RANDs for different terminal devices.

Step 102: The AMF network element sends a registration success message to the terminal device. The registration success message includes T-S-NSSAI and allowed S-NSSAI. Correspondingly, the terminal device receives the registration success message from the AMF network element.

Among them, T-S-NSSAI and allowed S-NSSAI can be carried in the registration success message in the form of a two-tuple. The registration success message is used to indicate that the terminal device is successfully registered to the core network. The registration success message may be an N1 message.

Step 103: The AMF network element sends an N2 message to the access network device, and the N2 message includes RAND. Correspondingly, the access network device receives the N2 message from the AMF network element.

Among them, the N2 message includes the RAND generated by the AMF network element for the terminal device.

It can be understood that step 100 to step 103 are a pre-configuration process, and the order of performing step 102 and step 103 is not limited. Step 104 and step 105 are the process of using the pre-configured information.

Step 104: The terminal device sends a registration request message to the access network device, where the registration request message includes T-S-NSSAI. Correspondingly, the access network device receives the registration request message from the terminal device.

Step 104 is that the terminal device sends a registration request message again. The registration request message includes the T-S-NSSAI received in step 102, and the requested NSSAI does not carry allowed NSSAI.

Step 105: The access network device calculates the allowed S-NSSAI according to RAND and T-S-NSSAI.

When the access network device receives the registration request message from the terminal device, it calculates the T-S-NSSAI according to the RAND received in step 103 to obtain the allowed NSSAI. For example, using RAND as the decryption key of the confidentiality algorithm 128-NEA1 to decrypt T-S-NSSAI to obtain allowed S-NSSAI.

In the process shown in Figure 1, the pre-configuration information (such as RAND) is based on the granularity of the terminal device and belongs to the context information of the terminal device. However, when the terminal device enters the idle state (idle), the access network device deletes the context information of the terminal device, so that when the terminal device initiates a registration request again, the access network device cannot obtain the RAND and thus cannot obtain the allowed NSSAI . In addition, in order for the newly connected access network device of the terminal device to correctly process the TS-NSSAI provided by the terminal device during its movement, the AMF network element needs to update the context information of the terminal device on the access network device under its jurisdiction , The signaling overhead is too large.

In another implementation manner, the pre-configuration information is based on the granularity of the public land mobile network (PLMN). Refer to the flowchart shown in Figure 2 for this implementation manner, which may include:

Step 201: The access network device sends an establishment request message to the AMF network element. Correspondingly, the AMF network element receives the establishment request message from the access network device.

Wherein, the establishment request message carries a two-tuple of S-NSSAI and T-S-NSSAI based on tracking area (TA) granularity.

Step 202: The AMF network element sends an establishment response message to the access network device. Correspondingly, the access network device receives the establishment response message from the AMF network element.

Among them, the establishment response message carries a two-tuple of S-NSSAI and T-S-NSSAI based on PLMN granularity, and a random parameter RAND.

It should be noted that in step 201 and step 202, the number of two-tuples can be one or more.

Step 203: The AMF network element sends a registration success message to the terminal device. The registration success message carries the same T-S-NSSAI and RAND as in step 202.

It can be understood that step 201 to step 203 are pre-configuration procedures, and step 204 and step 205 are procedures of using pre-configuration information.

Step 204: The terminal device sends an access layer message for connection establishment to the access network device. Correspondingly, the access network device receives the access layer message from the terminal device for connection establishment.

The terminal device inputs the T-S-NSSAI, S-TMSI, and RAND into the hash operation to obtain the first hash value, and carries the first hash value in the access layer message for connection establishment. Since the number of T-S-NSSAI may be multiple, the number of the first hash value may be multiple. An access layer message for connection establishment, such as a radio resource control (Radio Resource Control, RRC) connection establishment completion message.

Step 205: The access network device calculates the second hash value.

When the access network device receives the access layer message for connection establishment, it inputs the stored T-S-NSSAI and RAND and the S-TMSI of the terminal device into the hash operation to obtain the second hash value. The access network device compares the first hash value with the second hash value to determine the S-NSSAI (for example, if the first hash value and the second hash value are the same, it means that the terminal device requests to access the S-NSSAI at this time). -NSSAI is the allowed S-NSSAI corresponding to TS-NSSAI). Further, the access network device selects an AMF network element according to the determined S-NSSAI, and sends an initial NAS message to the selected AMF network element.

Although the process shown in Figure 2 can solve the problem of the process shown in Figure 1, all terminal devices will be configured with the same information (for example, T-S-NSSAI) to determine the S-NSSAI. If the attacker also obtains the information carried in step 203 through the network registration process, the attacker also has the ability to monitor and obtain the S-NSSAI sent by the terminal device, resulting in the access network device performing step 205 and still cannot guarantee the complete privacy of the T-S-NSSAI.

Therefore, the embodiments of the present application provide an information protection method and communication device, which can provide the security of information transmission between terminal equipment and access network equipment, and can also solve the problems existing in the processes shown in Figures 1 and 2, thereby improving The security and reliability of the network.

In the drawings in the embodiments of the present application, the steps shown in the various embodiments and the sequence between the steps are used as examples, and do not constitute a limitation to the embodiments of the present application. It should be understood that implementing some of the steps in the figure or adjusting the order of the steps for specific implementation falls within the protection scope of the present application.

The technology described in the embodiments of this application can be used in various communication systems, such as fourth-generation (4G) communication systems, 4.5G communication systems, 5G communication systems, systems that integrate multiple communication systems, or future-evolving communication systems .

The terminal device (also referred to as a terminal) involved in the embodiments of this application can be a device with wireless transceiver function, which can be deployed on land, including indoor or outdoor, handheld or vehicle-mounted; or on the water (such as a ship Etc.); can also be deployed in the air (such as aircraft, balloons and satellites, etc.). The terminal device may be a UE, and the UE includes a handheld device, a vehicle-mounted device, a wearable device, or a computing device with wireless communication functions. Exemplarily, the UE may be a mobile phone, a tablet computer, or a computer with a wireless transceiver function. Terminal equipment can also be virtual reality (VR) terminal equipment, augmented reality (augmented reality, AR) terminal equipment, smart vehicle terminal equipment, wireless terminal in industrial control, wireless terminal in unmanned driving , Wireless terminal in telemedicine, wireless terminal in smart grid, wireless terminal in smart city, wireless terminal in smart home, etc. In the embodiments of the present application, the device used to implement the function of the terminal device may be a terminal device; it may also be a device capable of supporting the terminal device to implement the function, such as a chip system. The device may be installed in the terminal device or connected to the terminal device. Matching use, such as a processor. In the technical solutions provided by the embodiments of the present application, the device for realizing the functions of the terminal device is a terminal device as an example to describe the technical solutions provided by the embodiments of the present application.

The access network equipment involved in the embodiments of the present application may include a base station (base station, BS), and may be a device that is deployed in a wireless access network and can communicate with a terminal device wirelessly. Among them, the base station may have many forms, such as macro base stations, micro base stations, relay stations, and access points. Exemplarily, the access network equipment involved in the embodiments of the present application may be a base station in 5G or a base station in long term evolution (LTE), where the base station in 5G may also be referred to as a transmission point (transmission and reception point). reception point, TRP) or next generation Node B (gNB). In the embodiments of the present application, the device used to implement the function of the access network device may be the access network device; it may also be a device capable of supporting the access network device to implement the function, such as a chip system, which can be installed in the access network device. Used in or matched with access network equipment, such as a processor. In the embodiments of the present application, the chip system may be composed of chips, or may include chips and other discrete devices. In the technical solutions provided in the embodiments of the present application, the device used to implement the functions of the access network equipment is the access network equipment as an example to describe the technical solutions provided in the embodiments of the present application.

Please refer to FIG. 3, which is a schematic diagram of a network architecture to which an embodiment of the present application is applied. FIG. 3 includes an access network device 301 and a terminal device 302.

In an implementation manner, the terminal device 302 generates a second key according to the first key, random parameters, and the first function, and uses the second key to perform protection information such as network slice information or the capability information of the terminal device 302. Encrypt to obtain the first encrypted protection information; send a first request message to the access network device 301, the first request message including the first key identifier, device identification information, random parameters, and first encrypted protection information. When the access network device 301 receives the first request message, it determines the first function and the second function corresponding to the device identification information; according to the first key identifier, random parameters, the first function, and the second function, a second secret is generated Key; Use the second key to decrypt the first encrypted protection information to obtain protection information such as network slice information or capability information of the terminal device 302.

Optionally, FIG. 3 also includes an access management network element 303. The access management network element 303 may be an AMF network element in a 5G system, or a network element with the same function as the AMF network element in a future communication system. The access management network element 303 can provide the access network device 301 with the correspondence between the device identification information and the identification information of the first function and the identification information of the second function, so that the access network device 301 can determine the corresponding relationship between the device identification information The first function and the second function.

In one implementation, the terminal device 302 encrypts protection information such as network slice information or the capability information of the terminal device 302 according to the second key, random parameters, and the first encryption algorithm to obtain the first encrypted protection information; The network device 301 sends a first request message, and the first request message includes the first key identifier, device identification information, random parameters, and first encryption protection information. When the access network device 301 receives the first request message, it determines the first function, the second function, and the first encryption algorithm corresponding to the device identification information; according to the first key identification, the first function, and the second function, the first function is generated. Two keys: decrypt the first encrypted protection information according to the second key, random parameters and the first encryption algorithm to obtain protection information such as network slice information or capability information of the terminal device 302.

Optionally, the access management network element 303 may provide the access network device 301 with the correspondence between the device identification information and the identification information of the first function, the identification information of the second function, and the algorithm identification of the first encryption algorithm, so that The access network device 301 may determine the first function, the second function, and the first encryption algorithm corresponding to the device identification information.

The information protection method provided in the embodiments of the present application can not only be applied to a scenario where a terminal device and an access network device transmit network slice information, but also can be applied to a scenario where a terminal device and an access network device transmit capability information of the terminal device.

The information protection method provided in the embodiments of the present application will be described in detail below. The terminal device is a UE as an example, and the access management network element is an AMF as an example. It should be noted that the name of the message between each network element or the name of each parameter in the message in the following embodiments of this application is just an example, and other names may also be used in specific implementations. The embodiments of this application do not make specific details about this. limited.

Please refer to FIG. 4, which is a schematic diagram of the flow of the information protection method provided in Embodiment 1 of this application. The flow may include but is not limited to the following steps:

Step 401: The UE generates a second key according to the first key, random parameters and the first function, and uses the second key to encrypt the protection information to obtain the first encrypted protection information.

Among them, the first key can be expressed as Key_1; the random parameter is a random parameter RAND generated by the UE; the first function is an irreversible function, which can be a hash function, which can be expressed as hash_1. The first key, the random parameters and the first function can be obtained through step 400c. For details, please refer to the description of step 400c. The first function can also be pre-configured on the UE, so that the UE can directly use the first function.

The UE inputs Key_1 and RAND into hash_1 to obtain the second key, which can be expressed as Key_2. Optionally, the UE inputs Key_1, RAND, and UE identifier (identifier, ID) into hash_1 to obtain the second key. The UE ID may be the UE's equipment identity, international mobile subscriber identity (international mobile subscriber identity, IMSI), temporary mobile subscriber identity (temporary mobile subscriber identity, TMSI), GUTI or S-TMSI, etc. The process of UE generating the second key can be seen in Fig. 4a, and the dotted line in Fig. 4a indicates optional.

In the case of generating the second key, the UE uses the second key to encrypt the protection information to obtain the first encrypted protection information. Among them, the protection information can be network slice information, such as requested NSSAI or allowed NSSAI; it can also be UE capability information; it can also be sensitive information that needs to be protected at the AS layer. For the convenience of description, the protection information is described using S-NSSAI as an example. S-NSSAI can be requested NSSAI or allowed S-NSSAI. The first encrypted protection information is the information obtained by using Key_2 to encrypt and protect the S-NSSAI.

Exemplarily, the UE encrypting the S-NSSAI may be: S-NSSAI XOR hash_1 (Key_1 XOR RAND). Among them, XOR represents an exclusive OR operation, the exclusive OR result of Key_1 and RAND is input to hash_1, and the output result of S-NSSAI and hash_1 is XORed to obtain the encrypted protected S-NSSAI. Using hash operation and XOR operation, the calculation overhead is small. In the embodiments of the present application, the method of using the second key to encrypt the protected information is not limited.

Step 402: The UE sends a first request message to the access network device. Correspondingly, the access network device receives the first request message from the UE.

Wherein, the first request message includes the first key identification, device identification information, random parameters, and first encryption protection information. The first key identifier may be identified as Key_1ID, the first key identifier may be used to generate the first key, and the UE may obtain the first key identifier through step 400c. For details, refer to the description of step 400c. The device identification information may include the UE ID. There is a corresponding relationship between the UE ID and the AMF network element ID. The correspondence relationship may be that the AMF network element ID corresponding to the UE is determined through the UE ID, or the UE ID includes the AMF network element ID. The AMF network element ID can be used to assist in determining the first function and the second function corresponding to the device identification information. The random parameter is the random parameter RAND generated by the UE.

Step 403: The access network device determines the first function and the second function corresponding to the device identification information.

When receiving the first request message, the access network device determines the first function and the second function corresponding to the device identification information. The correspondence can be the first function and the second function corresponding to the device identification information, the first function and the second function corresponding to the UE ID in the device identification information, or the AMF network element ID in the UE ID. The first function and the second function. The second function is also an irreversible function, which can be a hash function, which can be expressed as hash_2. The first function and the second function can be different functions of the same type or different types of functions. It is understandable that the access network device determines the hash_1 and hash_2 corresponding to the AMF network element.

In an implementation manner, the access network device receives a first message from each AMF network element, the first message includes the identification information of the first function and the identification information of the second function, and establishes the ID of each AMF network element and the first function The corresponding relationship between the identification information of the second function and the identification information of the second function. In this way, when the access network device receives the first request message, it can determine its corresponding first function and second function according to the AMF network element ID carried in the first request message.

Optionally, the first message further includes a first calculation parameter, and the first calculation parameter may be expressed as a_1. When establishing the corresponding relationship, the access network device establishes the corresponding relationship between the identification information of each AMF network element and the first function, the identification information of the second function, and the first calculation parameter. In this way, when the access network device receives the first request message, it can determine the first function, the second function, and the first calculation parameter corresponding to the AMF network element. The first calculation parameter, the first key identifier and the second function can be used to determine the first key.

In an implementation manner, the identification information of the first function and the identification information of the second function are stored on the access network device. When receiving the first request message, the access network device defaults the stored first function and second function as the first function and second function corresponding to the AMF network element.

Optionally, the first calculation parameter also exists on the access network device, and the access network device uses the stored first calculation parameter as the first calculation parameter corresponding to the AMF network element by default.

The identification information of the above-mentioned first function may be the version number (version) or function identification of the first function, for example, hash_1version. The identification information of the above-mentioned second function may be the version number or function identification of the second function.

Step 404: The access network device generates a second key according to the first key identifier, the random parameter, the first function, and the second function.

The access network device generates a first key according to the first key identifier and the second function; and generates a second key according to the first key, random parameters and the first function.

Optionally, the access network device generates the first key according to the first key identifier, the second function, and the first calculation parameter. For example, the first key identifier and the first calculation parameter are input into the second function, and the first key is output.

Optionally, the access network device generates the second key according to the first key, random parameters, UE ID, and the first function. For example, input the first key, random parameters, and UE ID into the first function, and output the second key.

The process of generating the second key by the access network device can be seen in Fig. 4b, and the dotted line in Fig. 4b indicates optional.

Step 405: The access network device uses the second key to decrypt the first encrypted protection information to obtain the protection information.

The access network device uses the second key to decrypt the first encrypted protection information to obtain the protected information. In this way, the sensitive information of the AS layer sent by the UE to the access network device is protected, effectively preventing eavesdroppers from the AS layer message Obtain sensitive information. For example, get S-NSSAI. In this way, the protection of the S-NSSAI sent by the UE to the access network device can be realized, which can effectively prevent the eavesdropper from obtaining the S-NSSAI.

Optionally, after step 405, the access network device continues to perform the UE registration process according to the obtained S-NSSAI and the information carried in the first request message.

Optionally, step 401 also includes steps 400a-400c before step 401. It can be understood that steps 400a-400c are the pre-configuration process in the initial registration process, and the first request message is the registration request message in the subsequent registration process.

Step 400a: The access network device sends a request message to the AMF network element. Correspondingly, the AMF network element receives the request message from the access network device.

During the initial registration process, the access network device sends a request message to the AMF network element. The request message is used to request the AMF network element to perform the initial configuration of the access network device and inform the AMF network element of the capability information supported by the access network device. . The request message can be understood as a configuration request message or a network access request message. The request message may be, for example, a setup request (setup request) message.

Step 400b, the AMF network element sends the first message to the access network device. Correspondingly, the access network device receives the first message from the AMF network element.

When the AMF network element receives the request message, it sends a first message to the access network device. The first message is used to respond to the request message, and may be, for example, a setup response (setup response) message. The response message is used by the AMF network element to perform initial configuration of the access network device, and can be understood as a configuration request response message or a network access request response message.

以便接入网设备在接收到设备标识信息时，可以根据AMF网元ID确定出该AMF网元ID对应的第一函数和第二函数。 Wherein, the first message includes identification information of the first function and identification information of the second function. When the access network device receives the first message, it establishes the correspondence between the AMF network element ID and the identification information of the first function and the identification information of the second function. For example, the correspondence may be expressed as an AMF network element.

Therefore, when the access network device receives the device identification information, it can determine the first function and the second function corresponding to the AMF network element ID according to the AMF network element ID.

以便接入网设备在接收到设备标识信息时，可以从设备标识信息中获取AMF网元ID，进一步确定出AMF网元ID对应的第一函数、第二函数和第一计算参数。 Optionally, the first message further includes the first calculation parameter. The access network device establishes the correspondence between the AMF network element ID and the identification information of the first function, the identification information of the second function, and the first calculation parameter. For example, the correspondence may be expressed as an AMF network element

So that when the access network device receives the device identification information, it can obtain the AMF network element ID from the device identification information, and further determine the first function, the second function, and the first calculation parameter corresponding to the AMF network element ID.

Step 400c, the AMF network element sends a third message to the UE. Correspondingly, the UE receives the third message from the AMF network element.

During the initial registration process, the AMF network element sends a third message (for example, a registration success message) to the UE. The third message includes the identification information of the first function, the first key identification, and the first key. The first key identifier and the first key may be carried in the third message in the form of a two-tuple. The specific third message is what kind of message in the initial registration process, which is not limited in the embodiment of the present application.

The AMF network element sends the first key and the identification information of the first function to the UE, so that the UE inputs the first key and random parameters into the first function to obtain the second key. The AMF network element sends the first key identifier to the UE, so that the UE sends the first key identifier to the access network device, so that the access network device generates the first key according to the first key identifier and the second function, and then according to The first key and the first function generate the second key.

The above-mentioned first key may also be described as a first-level key, and the above-mentioned second key may also be described as a second-level key.

In the embodiment shown in FIG. 4, the calculation idea of a hierarchical key is adopted, so that the encryption key for protecting information can be replaced frequently, thereby increasing security. The pre-configuration information on the access network device is the first function and the second function (optionally including the first calculation parameter), and the pre-configuration information on the UE is the first function, the first key identifier, and the first key The pre-configuration information does not belong to the context information of the UE, thereby overcoming the technical shortcomings of FIG. 1. The RANDs generated by different UEs are different, and the second keys obtained are different, so that the keys for encrypting and protecting the protected information are different, thereby overcoming the technical defect of FIG. 2.

Please refer to FIG. 5, which is a schematic diagram of the flow of the information protection method provided in the second embodiment of this application. The flow may include but is not limited to the following steps:

Step 501: The UE encrypts the protection information according to the second key, random parameters and the first encryption algorithm to obtain the first encryption protection information.

Among them, the random parameter is a random parameter generated by the UE. The first encryption algorithm is an algorithm for encrypting or decrypting protected information. The second key and the first encryption algorithm can be obtained through step 500c, and for details, please refer to the detailed description of step 500c. The second key and the first encryption algorithm may also be default information pre-configured on the UE.

Exemplarily, the UE uses the second key, random parameters and the first encryption algorithm to encrypt the S-NSSAI to obtain the encrypted protected S-NSSAI, that is, the first encrypted protection information.

Step 502: The UE sends a first request message to the access network device. Correspondingly, the access network device receives the first request message from the UE.

Wherein, the first request message includes the first key identification, device identification information, random parameters, and first encryption protection information. The first key identifier can be used to determine the first key. For the device identification information, refer to the detailed description of the device identification information in the embodiment shown in FIG. 4. The random parameter is the random parameter generated by the UE.

Step 503: The access network device determines the first function, the second function, and the first encryption algorithm corresponding to the device identification information.

When receiving the first request message, the access network device determines the first function, the second function, and the first encryption algorithm corresponding to the device identification information. Both the first function and the second function are irreversible functions, the first function can be expressed as f1(x), and the second function can be expressed as f2(x). The first function and the second function can be different functions of the same type or different types of functions. It is understandable that the access network device determines f1(x), f2(x) and the first encryption algorithm corresponding to the AMF network element.

In one implementation, the access network device receives a first message from each AMF network element, the first message includes the identification information of the first function, the identification information of the second function, and the algorithm identification of the first encryption algorithm, and establishes each Correspondence between the AMF network element ID and the identification information of the first function, the identification information of the second function, and the algorithm identification of the first encryption algorithm. In this way, when the access network device receives the first request message, it can determine its corresponding first function, second function, and first encryption algorithm according to the AMF network element ID carried in the first request message.

In an implementation manner, the identification information of the first function, the identification information of the second function, and the algorithm identification of the first encryption algorithm are stored on the access network device. When receiving the first request message, the access network device defaults the stored first function, second function, and first encryption algorithm as the first function, second function, and first encryption algorithm corresponding to the AMF network element.

Step 504: The access network device generates a second key according to the first key identifier, the first function, and the second function.

The access network device generates the first key according to the first key identifier and the first function. That is, the first key identifier is used as the input of the first function, and the output of the first function is the first key. Optionally, the first key is generated according to the first key identifier, the UE ID, and the first function. That is, the first key identifier and the UE ID are used as the input of the first function, and the output of the first function is the first key.

The access network device generates a second key identifier according to the first key and the second function. That is, the first key is used as the input of the second function, and the output of the first function is the second key identifier. Optionally, the second key identifier is generated according to the first key identifier, the first key, and the second function. That is, the first key identifier and the first key are used as the input of the second function, and the output of the second function is the second key identifier. Optionally, the second key identifier is generated according to the first key, the UE ID, and the second function. That is, the first key and the UE ID are used as the input of the second function, and the output of the second function is the second key identifier. Optionally, the second key identifier is generated according to the first key identifier, the first key, the UE ID, and the second function. That is, the first key identifier, the first key, and the UE ID are used as the input of the second function, and the output of the second function is the second key identifier.

The access network device generates a second key according to the second key identifier and the first function. That is, the second key identifier is used as the input of the first function, and the output of the first function is the second key. Optionally, the second key is generated according to the second key identifier, the UE ID, and the first function. That is, the second key identifier and the UE ID are used as the input of the first function, and the output of the first function is the second key.

In the case that the first request message includes the first key identifier, the process of generating the second key by the access network device can be referred to as shown in FIG. 5a. The dotted line in Figure 5a indicates optional.

Step 505: The access network device decrypts the first encrypted protection information according to the second key, random parameters and the first encryption algorithm to obtain the protection information.

After obtaining the second key, the access network device uses the second key, random parameters included in the first request message, and the determined first encryption algorithm to decrypt the first encrypted protection information to obtain the protection information.

Exemplarily, the access network device uses the second key, random parameters and the first encryption algorithm to encrypt the first encrypted protection information to obtain the S-NSSAI.

Optionally, after step 505, the access network device continues to perform the UE registration process according to the obtained S-NSSAI and the information carried in the first request message.

Optionally, step 501 also includes steps 500a to 500c before step 501. It can be understood that steps 500a to 500c are the pre-configuration process in the initial registration process, and the first request message is the registration request message in the subsequent registration process.

Step 500a: The access network device sends a request message to the AMF network element. Correspondingly, the AMF network element receives the request message from the access network device. The function and example of the request message can be seen in 400a, which will not be repeated here.

In step 500b, the AMF network element sends the first message to the access network device. Correspondingly, the access network device receives the first message from the AMF network element.

以便接入网设备在接收到设备标识信息时，可以根据设备标识信息中的AMF网元ID，进一步确定出AMF网元ID对应的第一函数、第二函数以及第一加密算法。 Wherein, the first message includes identification information of the first function, identification information of the second function, and algorithm identification of the first encryption algorithm. When the access network device receives the first message, it establishes the correspondence between the AMF network element ID and the identification information of the first function, the identification information of the second function, and the algorithm identification of the first encryption algorithm. For example, the correspondence may be Expressed as AMF network element

Therefore, when the access network device receives the device identification information, it can further determine the first function, the second function, and the first encryption algorithm corresponding to the AMF network element ID according to the AMF network element ID in the device identification information.

In step 500c, the AMF network element sends a third message to the UE. Correspondingly, the UE receives the third message from the AMF network element.

Wherein, the third message includes the first key identifier, the second key, and the algorithm identifier of the first encryption algorithm. The UE may carry the first key identifier in the first request message, so that the access network device can obtain the second key according to the process shown in FIG. 5a. The second key and the first encryption algorithm are used for the UE to encrypt and protect the protected information. Among them, the definition of the third message can refer to step 400c, which will not be repeated here.

In the embodiment shown in FIG. 5, the calculation idea of a hierarchical key is adopted, so that the encryption key for protecting information can be replaced frequently, thereby increasing security. The pre-configuration information on the access network device is the first function, the second function, and the first encryption algorithm. The pre-configuration information on the UE is the second key, the first key identifier, and the first encryption algorithm. These pre-configuration information It does not belong to the context information of the UE, thereby overcoming the technical defect of FIG. 1. The RANDs generated by different UEs are different, and the second keys obtained are different, so that the keys for encrypting and protecting the protected information are different, thereby overcoming the technical defect of FIG. 2.

Please refer to FIG. 6, which is a schematic diagram of the flow of the information protection method provided in the third embodiment of this application. The flow may include but is not limited to the following steps:

Step 600a: The access network device sends a request message to the AMF network element. Correspondingly, the AMF network element receives the request message from the access network device.

In step 600b, the AMF network element sends the first message to the access network device. Correspondingly, the access network device receives the first message from the AMF network element.

Wherein, the first message includes the identification information of the first function and the algorithm identification of the first encryption algorithm.

In step 600c, the AMF network element sends a third message to the UE. Correspondingly, the UE receives the third message from the AMF network element.

Wherein, the third message includes the second key identifier, the second key, and the algorithm identifier of the first encryption algorithm. The UE may carry the second key identifier in the first request message, so that the access network device generates the second key according to the second key identifier and the first function. The second key and the first encryption algorithm are used for the UE to encrypt and protect the protected information.

Step 601: The UE encrypts the protection information according to the second key, the random parameter and the first encryption algorithm to obtain the first encryption protection information. For step 601, refer to the specific description of step 501, which will not be repeated here.

Step 602: The UE sends a first request message to the access network device. Correspondingly, the access network device receives the first request message from the UE.

Wherein, the first request message includes the second key identification, device identification information, random parameters, and first encryption protection information.

Step 603: The access network device determines the first function and the first encryption algorithm corresponding to the device identification information.

Step 604: The access network device generates a second key according to the second key identifier and the first function.

The access network device inputs the second key identifier into the first function, and the output of the first function is the second key. Optionally, the access network device inputs the second key identifier and the UE ID into the first function, and the output of the first function is the second key.

In the case that the first request message includes the second key identifier, the process of generating the second key by the access network device can be referred to as shown in FIG. 6a. The dotted line in Figure 6a indicates optional.

Step 605: The access network device decrypts the first encrypted protection information according to the second key, random parameters and the first encryption algorithm to obtain the protection information. For step 605, refer to the specific description of step 505, which will not be repeated here.

The difference between the embodiment shown in FIG. 6 and the embodiment shown in FIG. 5 is that the contents carried in the first message, the third message, and the first request message are different. Compared with the embodiment shown in FIG. 5, the implementation shown in FIG. 6 is simpler. The embodiment shown in FIG. 6 can protect the protection information sent by the UE to the access network device, and can overcome the technical defects of FIG. 1 and FIG. 2.

Please refer to FIG. 7, which is a schematic flowchart of the information protection method provided in the fourth embodiment of this application. Figure 7 In the scenario where the AMF network element senses that the access network device 1 is compromised by an attacker, it sends a second message to other access network devices other than the access network device 1, such as the access network device 2, and sends the second message to the UE. Four news. The process shown in Figure 7 may include but is not limited to the following steps:

In step 701, the AMF network element senses that the access network device 1 is compromised by an attacker.

The AMF network element can sense that the access network device 1 is breached by an attacker when it detects that the access network device 1 has abnormal traffic or the access network device 1 does not report information. The specific method for detecting that the access network device is compromised by an attacker is not limited in this application.

Step 702: The AMF network element sends a second message to the access network device 2. Correspondingly, the access network device 2 receives the second message from the AMF network element.

Wherein, the second message includes identification information of the third function and identification information of the fourth function. When receiving the second message, the access network device establishes a correspondence between the AMF network element ID and the identification information of the third function and the identification information of the fourth function.

Optionally, the second message further includes a second calculation parameter. The access network device establishes a correspondence between the AMF network element ID and the identification information of the third function, the identification information of the fourth function, and the second calculation parameter.

Step 703: The AMF network element sends a fourth message to the UE. Correspondingly, the UE receives the fourth message from the AMF network element.

Wherein, the fourth message includes the identification information of the third function, the third key identification and the third key.

Step 704: The UE generates a fourth key according to the third key, random parameters and the third function, and uses the fourth key to encrypt the protection information to obtain the second encrypted protection information.

Step 705: The UE sends a second request message to the access network device 2. Correspondingly, the access network device 2 receives the second request message from the UE.

Wherein, the second request message includes the third key identification, device identification information, random parameters, and second encryption protection information. The random parameter carried in the second request message may be the same as or different from the random parameter carried in the first request message. For example, before the UE receives the fourth message and sends the second request message, it regenerates a random parameter, then the random parameter is different from the random parameter carried in the first request message.

Step 706: The access network device 2 determines the third function and the fourth function corresponding to the device identification information.

Step 707: The access network device 2 generates a fourth key according to the third key identifier, random parameters, third function, and fourth function.

Step 708: The access network device 2 uses the fourth key to decrypt the second encrypted protection information to obtain the protection information.

The embodiment shown in Fig. 7 is based on the embodiment shown in Fig. 4. For the same or similar parts, please refer to the specific description of the embodiment shown in Fig. 4. The difference is that the access network equipment in Fig. 4 has not been compromised by an attacker. In Fig. 7, the access network device 1 is compromised by an attacker, and the AMF network element updates the pre-configuration information of other access network devices and the pre-configuration information of the UE. In this way, when the access network device 1 receives the second encrypted protection information, it cannot use the previous second key to obtain the protection information, which can effectively prevent attackers from obtaining the protection information, thereby improving the security and reliability of the network.

The idea of the embodiment shown in FIG. 7 can also be applied to the embodiment shown in FIG. 5 or FIG. To update the pre-configuration information of other access network equipment and the pre-configuration information of the UE. As applied to the embodiment shown in FIG. 5 or FIG. 6, the pre-configuration information message updated to other access network devices is the identification information of the third function, the identification information of the fourth function, and the algorithm identification of the second encryption algorithm. . The pre-configuration information updated for the UE in the embodiment corresponding to FIG. 5 is the third key identifier, the fourth key, and the algorithm identifier of the second encryption algorithm. The pre-configuration information updated for the UE in the embodiment corresponding to FIG. 6 is the fourth key identifier, the fourth key, and the algorithm identifier of the second encryption algorithm.

Please refer to FIG. 8, which is a schematic flowchart of the information protection method provided in the fifth embodiment of this application. Figure 8 tells the access network device to reject the registration request message from the UE in the scenario where the AMF network element perceives the UE as an attacker. The process shown in Figure 8 may include but is not limited to the following steps:

In step 801, the AMF network element perceives that the UE is an attacker.

The method by which the AMF network element perceives the UE as an attacker is not limited in the embodiment of this application. The UE may obtain the pre-configuration information through the pre-configuration process in the flow shown in FIG. 4 or FIG. 5 or FIG. 6.

Step 802: The AMF network element sends an indication message to the access network device. Correspondingly, the access network device receives the indication message from the AMF network element.

Among them, the indication message is used to indicate the illegal key identification information.

Step 803: The UE sends a first request message to the access network device. Correspondingly, the access network device receives the first request message from the UE.

Step 804: If the key identification included in the first request message matches the illegal key identification information, the first request message is rejected.

Based on the embodiment shown in FIG. 4, the first request message includes the first key identifier. If the first key identification matches the illegal key identification information, the access network device rejects the first request message.

Based on the embodiment shown in FIG. 5, the first request message includes the first key identifier. If the first key identification matches the illegal key identification information, the access network device rejects the first request message.

Based on the embodiment shown in FIG. 6, the first request message includes the second key identifier. If the second key identification matches the illegal key identification information, the access network device rejects the first request message.

In the embodiment shown in FIG. 8, the AMF network element can notify the access network device to reject the registration request message of the UE when it perceives that the UE is an attacker, thereby improving security.

Corresponding to the methods given in the foregoing method embodiments, the embodiments of the present application also provide corresponding devices, including corresponding units for executing the foregoing embodiments. The unit may be software, hardware, or a combination of software and hardware.

Please refer to FIG. 9, which is a schematic structural diagram of a communication device provided by this application. The communication device 900 shown in FIG. 9 includes a transceiving unit 901 and a processing unit 902.

In one design, the device 900 is an access network device:

Exemplarily, the transceiver unit 901 is configured to receive a first request message from a terminal device, where the first request message includes a first key identifier, device identification information, random parameters, and first encryption protection information; determining that the device identification information corresponds to The first function and the second function;

The processing unit 902 is configured to generate a second key according to the first key identifier, random parameters, the first function, and the second function; use the second key to decrypt the first encrypted protection information to obtain the protection information.

When the device 900 is an access network device, it is used to implement the functions of the access network device in the embodiment shown in FIG. 4, FIG. 5, FIG. 6, FIG. 7 or FIG. 8. For details, refer to FIG. 4, FIG. 5, and FIG. 6, Corresponding description of the access network equipment in the embodiment shown in FIG. 7 or FIG. 8.

In one design, the device 900 is a terminal device:

The processing unit 902 is configured to generate a second key according to the first key, random parameters, and the first function, and use the second key to encrypt the protection information to obtain the first encrypted protection information;

The transceiver unit 901 is configured to send a first request message to the access network device, where the first request message includes a first key identifier, device identification information, random parameters, and first encryption protection information; the first key identifier is used to generate the first key identifier One key.

When the device 900 is a terminal device, it is used to implement the functions of the UE in the embodiment shown in FIG. 4, FIG. 5, FIG. 6, FIG. 7 or FIG. 8. For details, refer to FIG. 4, FIG. 5, FIG. 6, FIG. 7 or FIG. 8. The corresponding description of the UE in the illustrated embodiment.

Please refer to FIG. 10, which is a schematic structural diagram of another communication device provided by this application. The communication device 1000 shown in FIG. 10 includes at least one processor 1001, a memory 1002, and optionally, a communication interface 1003.

The memory 1002 may be a volatile memory, such as random access memory; the memory may also be a non-volatile memory, such as read-only memory, flash memory, hard disk drive (HDD) or solid-state drive (solid-state drive, SSD) or the memory 1002 is any other medium that can be used to carry or store desired program codes in the form of instructions or data structures and that can be accessed by a computer, but is not limited thereto. The memory 1002 may be a combination of the above-mentioned memories.

The specific connection medium between the foregoing processor 1001 and the memory 1002 is not limited in the embodiment of the present application. In the embodiment of the present application, the memory 1002 and the processor 1001 are connected through a bus 1004 in the figure, and the bus 1004 is represented by a thick line in the figure. The connection mode between other components is only for schematic description, and is not quoted. Is limited. The bus 1004 can be divided into an address bus, a data bus, a control bus, and the like. For ease of representation, only one thick line is used to represent in FIG. 10, but it does not mean that there is only one bus or one type of bus.

The processor 1001 may have a data transceiver function and can communicate with other devices. In the device shown in Figure 10, an independent data transceiver module, such as a communication interface 1003, may be used to send and receive data; the processor 1001 is communicating with other devices. During communication, data transmission can be performed through the communication interface 1003.

In an example, when the access network device adopts the form shown in FIG. 10, the processor in FIG. 10 can call the computer execution instruction stored in the memory 1002, so that the access network device executes any of the foregoing method embodiments. The method implemented by the access network equipment.

In an example, when the terminal device adopts the form shown in FIG. 10, the processor in FIG. 10 may invoke the computer execution instructions stored in the memory 1002 to cause the UE to execute the method executed by the UE in any of the foregoing method embodiments. .

Specifically, the functions/implementation processes of the processing unit and the transceiver unit in FIG. 9 may be implemented by the processor 1001 in FIG. 10 calling a computer execution instruction stored in the memory 1002. Alternatively, the function/implementation process of the processing unit in FIG. 9 may be implemented by the processor 1001 in FIG. 10 calling computer execution instructions stored in the memory 1002, and the function/implementation process of the transceiver unit in FIG. 9 may be implemented through the communication in FIG. Interface 1003 is implemented.

An embodiment of the present application also provides a communication system, which may include the access network device and UE in FIG. 4, FIG. 5, FIG. 6, FIG. 7 or FIG. 8. Optionally, it also includes AMF network elements.

It is understandable that some optional features in the embodiments of the present application, in some scenarios, may not depend on other features, such as the solutions they are currently based on, but are implemented independently to solve the corresponding technical problems and achieve the corresponding The effect can also be combined with other features according to requirements in certain scenarios. Correspondingly, the devices given in the embodiments of the present application can also implement these features or functions accordingly, which will not be repeated here.

Those skilled in the art can also understand that various illustrative logical blocks and steps listed in the embodiments of the present application can be implemented by electronic hardware, computer software, or a combination of the two. Whether such a function is realized by hardware or software depends on the specific application and the design requirements of the entire system. For corresponding applications, those skilled in the art can use various methods to implement the functions described, but such implementation should not be understood as going beyond the protection scope of the embodiments of the present application.

The solution described in this application can be implemented in various ways. For example, these technologies can be implemented in hardware, software, or a combination of hardware. For hardware implementation, the processing unit used to execute these technologies at a communication device (for example, a base station, a terminal, a network entity, a core network network element, or a chip) can be implemented in one or more general-purpose processors, digital signal processors ( digital signal processor, DSP), digital signal processing device, application specific integrated circuit (ASIC), programmable logic device, field programmable gate array (FPGA), or other programmable logic device, Discrete gate or transistor logic, discrete hardware components, or any combination of the above. The general-purpose processor may be a microprocessor. Alternatively, the general-purpose processor may also be any traditional processor, controller, microcontroller, or state machine. The processor can also be implemented by a combination of computing devices, such as a digital signal processor and a microprocessor, multiple microprocessors, one or more microprocessors combined with a digital signal processor core, or any other similar configuration. accomplish.

It can be understood that the memory in the embodiments of the present application may be a volatile memory or a non-volatile memory, or may include both volatile and non-volatile memory. Among them, the non-volatile memory can be a read-only memory (ROM), a programmable read-only memory (programmable ROM, PROM), an erasable programmable read-only memory (erasable PROM, EPROM), a Erase programmable read-only memory (electrically EPROM, EEPROM) or flash memory. The volatile memory may be random access memory (RAM), which is used as an external cache. By way of exemplary but not restrictive description, many forms of RAM are available, such as static random access memory (static RAM, SRAM), dynamic random access memory (dynamic RAM, DRAM), and synchronous dynamic random access memory (synchronous DRAM, SDRAM), double data rate synchronous dynamic random access memory (double data rate SDRAM, DDR SDRAM), enhanced synchronous dynamic random access memory (enhanced SDRAM, ESDRAM), synchronous connection dynamic random access memory (synchlink DRAM, SLDRAM) ) And direct memory bus random access memory (direct rambus RAM, DR RAM). It should be noted that the memories of the systems and methods described herein are intended to include, but are not limited to, these and any other suitable types of memories.

The present application also provides a computer-readable medium on which a computer program is stored, and when the computer program is executed by a computer, the function of any of the foregoing method embodiments is realized.

This application also provides a computer program product, which, when executed by a computer, realizes the functions of any of the foregoing method embodiments.

It can be understood that in this application, "when", "if", and "if" all refer to the device will make corresponding processing under certain objective circumstances, and it is not a time limit, and it does not require the device to be implemented. There must be a judgmental action, and it does not mean that there are other restrictions.

The "simultaneous" in this application can be understood as being at the same time point, or within a period of time, or as being within the same period.

The use of the singular element in this application is intended to mean "one or more", rather than "one and only one", unless otherwise specified. In this application, unless otherwise specified, "at least one" is intended to mean "one or more", and "multiple" is intended to mean "two or more".

In addition, the terms "system" and "network" in this article are often used interchangeably in this article. The term "and/or" in this article is only an association relationship that describes the associated objects, which means that there can be three relationships, for example, A and/or B, which can mean: A alone exists, A and B exist at the same time, exist alone In the three cases of B, A can be singular or plural, and B can be singular or plural.

It can be understood that in the embodiments of the present application, "B corresponding to A" means that B is associated with A, and B can be determined according to A. However, it should also be understood that determining B based on A does not mean that B is determined only based on A, and B can also be determined based on A and/or other information.

The corresponding relationships shown in the tables in this application can be configured or pre-defined. The value of the information in each table is only an example, and can be configured to other values, which is not limited in this application. When configuring the correspondence between the information and the parameters, it is not necessarily required to configure all the correspondences indicated in the tables. For example, in the table in this application, the corresponding relationship shown in some rows may not be configured. For another example, appropriate deformation adjustments can be made based on the above table, such as splitting, merging, and so on. The names of the parameters shown in the titles in the above tables may also adopt other names that can be understood by the communication device, and the values or expressions of the parameters may also be other values or expressions that can be understood by the communication device. When the above tables are implemented, other data structures can also be used, such as arrays, queues, containers, stacks, linear tables, pointers, linked lists, trees, graphs, structures, classes, heaps, hash tables, or hash tables. Wait.

The pre-definition in this application can be understood as definition, pre-definition, storage, pre-storage, pre-negotiation, pre-configuration, curing, or pre-fired.

Those of ordinary skill in the art can understand that, for the convenience and conciseness of the description, the specific working processes of the systems, devices, and units described above can refer to the corresponding processes in the foregoing method embodiments, and will not be repeated here.

The same or similar parts in the various embodiments of this application may be referred to each other. In each embodiment of this application, and each implementation method/implementation method/implementation method in each embodiment, if there is no special description and logical conflict, between different embodiments and each implementation manner in each embodiment/ The terms and/or descriptions between the implementation methods/implementation methods are consistent and can be cited each other. The technical features in different embodiments and various implementation modes/implementation methods/implementation methods in each embodiment are based on their inherent Logical relationships can be combined to form new embodiments, implementations, implementation methods, or implementation methods. The implementation manners of the application described above do not constitute a limitation on the protection scope of the application.

The above are only specific implementations of this application, but the protection scope of this application is not limited to this. Any person skilled in the art can easily think of changes or substitutions within the technical scope disclosed in this application. Should be covered within the scope of protection of this application.

Claims (36)

An information protection method, characterized in that it includes: The access network device receives a first request message from the terminal device, where the first request message includes a first key identifier, device identification information, random parameters, and first encryption protection information; Determining, by the access network device, the first function and the second function corresponding to the device identification information; Generating, by the access network device, a second key according to the first key identifier, the random parameter, the first function, and the second function; The access network device uses the second key to decrypt the first encrypted protection information to obtain the protection information. The method according to claim 1, wherein the determining of the first function and the second function corresponding to the device identification information by the access network device comprises: The access network device determines the first function and the second function corresponding to the device identification information according to the correspondence between the device identification information and the identification information of the first function and the identification information of the second function. The method according to claim 1 or 2, wherein the access network device generates a second function according to the first key identifier, the random parameter, the first function, and the second function. Key, including: Generating, by the access network device, a first key according to the first key identifier and the second function; The access network device generates a second key according to the first key, the random parameter, and the first function. The method according to claim 3, wherein the access network device generating a second key according to the first key, the random parameter, and the first function comprises: The access network device generates a second key according to the first key, the random parameter, the device identification information, and the first function. The method according to claim 1, wherein the method further comprises: The access network device determines the first calculation parameter corresponding to the device identification information according to the correspondence between the device identification information and the first calculation parameter; The access network device generating a second key according to the first key identifier, the random parameter, the first function, and the second function includes: The access network device generates a second key according to the first key identifier, the random parameter, the first function, the second function, and the first calculation parameter. The method according to claim 5, wherein the method further comprises: Receiving, by the access network device, a first message from an access management network element, the first message including identification information of the first function, identification information of the second function, and the first calculation parameter; The access network device establishes a correspondence between the identification information of the access management network element and the identification information of the first function, the identification information of the second function, and the first calculation parameter. The method according to claim 6, wherein the method further comprises: Receiving, by the access network device, a second message from the access management network element, the second message including identification information of the third function, identification information of the fourth function, and second calculation parameters; The access network device establishes a correspondence between the identification information of the access management network element and the identification information of the third function, the identification information of the fourth function, and the second calculation parameter. The method according to claim 7, wherein the method further comprises: Receiving, by the access network device, a second request message from the terminal device, the second request message including a third key identifier, the device identification information, the random parameter, and second encryption protection information; The access network device determines the corresponding relationship between the identification information of the access management network element and the identification information of the third function, the identification information of the fourth function, and the second calculation parameter. The third function, the fourth function, and the second calculation parameter corresponding to the device identification information; Generating, by the access network device, the fourth key according to the third key identifier, the random parameter, the third function, the fourth function, and the second calculation parameter; The access network device uses the fourth key to decrypt the second encrypted protection information to obtain the protection information. The method according to any one of claims 1-8, wherein the method further comprises: The access network device receives an indication message from an access management network element, where the indication message is used to indicate illegal key identification information; If the first key identification matches the illegal key identification information, the access network device rejects the first request message. An information protection method, characterized in that it includes: The terminal device generates a second key according to the first key, random parameters, and the first function, and uses the second key to encrypt the protection information to obtain the first encrypted protection information; The terminal device sends a first request message to the access network device, where the first request message includes a first key identifier, device identification information, the random parameter, and the first encryption protection information; the first secret The key identifier is used to generate the first key. The method according to claim 10, wherein the terminal device generating the second key according to the first key, random parameters and the first function comprises: The terminal device generates a second key according to the first key, random parameters, the device identification information, and the first function. The method according to claim 10 or 11, wherein the method further comprises: The terminal device receives a third message from an access management network element, where the third message includes identification information of the first function, the first key, and the first key identification. The method according to claim 12, wherein the method further comprises: Receiving, by the terminal device, a fourth message from the access management network element, where the fourth message includes identification information of the third function, a third key, and a third key identification; The terminal device generates a fourth key according to the third key, the random parameter, and the third function, and uses the fourth key to encrypt the protection information to obtain a second encryption protection information; The terminal device sends a second request message to the access network device, where the second request message includes the third key identifier, the device identification information, the random parameter, and the second encryption protection information , The third key identifier is used to generate the third key. A communication system, characterized in that it includes an access network device and a terminal device; The terminal device is configured to generate a second key according to the first key, random parameters and the first function, and use the second key to encrypt the protection information to obtain the first encrypted protection information; The network device sends a first request message, where the first request message includes a first key identifier, device identification information, the random parameter, and the first encryption protection information; the first key identifier is used to generate the First key The access network device is configured to receive the first request message; determine the first function and the second function corresponding to the device identification information; according to the first key identifier, the random parameter, and the first function A function and the second function are used to generate a second key; the second key is used to decrypt the first encrypted protection information to obtain the protection information. The system of claim 14, wherein: The access network device is further configured to determine the first calculation parameter corresponding to the device identification information according to the correspondence between the device identification information and the first calculation parameter. The system of claim 15, wherein: The access network device is further configured to receive a first message from an access management network element, where the first message includes identification information of the first function, identification information of the second function, and the first Calculation parameter; establishing a correspondence between the identification information of the access management network element and the identification information of the first function, the identification information of the second function, and the first calculation parameter; The terminal device is further configured to receive a third message from the access management network element, where the third message includes identification information of the first function, the first key, and the first key Logo. The system of claim 16, wherein: The access network device is further configured to receive a second message from the access management network element, where the second message includes identification information of the third function, identification information of the fourth function, and second calculation parameters; establish Correspondence between the identification information of the access management network element and the identification information of the third function, the identification information of the fourth function, and the second calculation parameter. The system of claim 17, wherein: The terminal device is further configured to receive a fourth message from the access management network element, where the fourth message includes the identification information of the third function, the third key, and the third key identification; according to the first Three keys, the random parameters and the third function, generate a fourth key, and use the fourth key to encrypt the protection information to obtain the second encrypted protection information; The device sends a second request message, where the second request message includes the third key identifier, the device identification information, the random parameter, and the second encryption protection information, and the third key identifier is used for Generating the third key; The access network device is further configured to receive the second request message according to the identification information of the access management network element and the identification information of the third function, the identification information of the fourth function, and the The correspondence between the second calculation parameters is determined, the third function, the fourth function, and the second calculation parameter corresponding to the device identification information are determined; according to the third key identification and the random parameter , The third function, the fourth function, and the second calculation parameter are used to generate the fourth key; the fourth key is used to decrypt the second encrypted protection information to obtain the protection information. The system according to any one of claims 16-18, wherein: The access network device is further configured to receive an indication message from the access management network element, where the indication message is used to indicate illegal key identification information; If the first key identification matches the illegal key identification information, the access network device is further configured to reject the first request message. A communication device, characterized in that the device includes a processing unit and a transceiver unit; The transceiver unit is configured to receive a first request message from a terminal device, where the first request message includes a first key identifier, device identification information, random parameters, and first encryption protection information; The processing unit is configured to determine a first function and a second function corresponding to the device identification information; generate according to the first key identifier, the random parameter, the first function, and the second function A second key; and using the second key to decrypt the first encrypted protection information to obtain protected information. The device of claim 20, wherein: When the processing unit is used to determine the first function and the second function corresponding to the device identification information, it is specifically used to: according to the difference between the device identification information and the identification information of the first function and the identification information of the second function The corresponding relationship determines the first function and the second function corresponding to the device identification information. The device according to claim 20 or 21, wherein: The processing unit is configured to generate a second key according to the first key identifier, the random parameter, the first function, and the second function, and is specifically configured to: according to the first key An identifier and the second function to generate a first key; according to the first key, the random parameter and the first function, a second key is generated. The device of claim 22, wherein: The processing unit is configured to generate a second key according to the first key, the random parameter, and the first function, and is specifically configured to: according to the first key, the random parameter, and the The device identification information and the first function are used to generate a second key. The device of claim 20, wherein: The processing unit is further configured to determine the first calculation parameter corresponding to the device identification information according to the correspondence between the device identification information and the first calculation parameter; The processing unit is configured to generate a second key according to the first key identifier, the random parameter, the first function, and the second function, and is specifically configured to: according to the first key The identification, the random parameter, the first function, the second function, and the first calculation parameter are used to generate a second key. The device of claim 24, wherein: The transceiver unit is further configured to receive a first message from an access management network element, the first message including identification information of the first function, identification information of the second function, and the first calculation parameter ； The processing unit is further configured to establish a correspondence between the identification information of the access management network element and the identification information of the first function, the identification information of the second function, and the first calculation parameter. The device of claim 25, wherein: The transceiver unit is further configured to receive a second message from the access management network element, where the second message includes identification information of the third function, identification information of the fourth function, and second calculation parameters; The processing unit is further configured to establish a correspondence between the identification information of the access management network element and the identification information of the third function, the identification information of the fourth function, and the second calculation parameter. The device of claim 26, wherein: The transceiver unit is further configured to receive a second request message from the terminal device, the second request message including a third key identifier, the device identification information, the random parameter, and second encryption protection information; The processing unit is further configured to, according to the correspondence between the identification information of the access management network element and the identification information of the third function, the identification information of the fourth function, and the second calculation parameter, Determine the third function, the fourth function, and the second calculation parameter corresponding to the device identification information; according to the third key identifier, the random parameter, the third function, and the first Four functions and the second calculation parameter are used to generate the fourth key; and the fourth key is used to decrypt the second encrypted protection information to obtain the protection information. The device according to any one of claims 20-27, wherein: The transceiver unit is further configured to receive an indication message from the access management network element, where the indication message is used to indicate illegal key identification information; The processing unit is further configured to reject the first request message if the first key identification matches the illegal key identification information. A communication device, characterized in that the device includes a processing unit and a transceiver unit; The processing unit is configured to generate a second key according to the first key, random parameters, and the first function, and use the second key to encrypt the protection information to obtain the first encrypted protection information; The transceiver unit is configured to send a first request message to an access network device, where the first request message includes a first key identifier, device identification information, the random parameter, and the first encryption protection information; The first key identifier is used to generate the first key. The device of claim 29, wherein: When the processing unit is used to generate the second key according to the first key, random parameters, and the first function, it is specifically used to: generate the second key according to the first key, random parameters, the device identification information, and the first function. Two keys. The device according to claim 29 or 30, wherein: The transceiver unit is further configured to receive a third message from an access management network element, where the third message includes identification information of the first function, the first key, and the first key identification. The device of claim 31, wherein: The transceiver unit is further configured to receive a fourth message from the access management network element, where the fourth message includes the identification information of the third function, the third key, and the third key identification; The processing unit is further configured to generate a fourth key according to the third key, the random parameter, and the third function, and use the fourth key to encrypt the protection information to obtain The second encryption protects the information; The transceiver unit is further configured to send a second request message to the access network device, where the second request message includes the third key identifier, the device identification information, the random parameter, and the first 2. Encryption protection information, the third key identifier is used to generate the third key. A communication device, characterized in that the device is used to implement the method according to any one of claims 1 to 9, or is used to implement the method according to any one of claims 10 to 13. A communication device, comprising: a processor, the processor is coupled with a memory, the memory is used to store a program or an instruction, when the program or an instruction is executed by the processor, the device is executed as claimed The method according to any one of 1 to 9 or the method according to any one of claims 10 to 13 is performed. A computer-readable storage medium with a computer program stored thereon, wherein when the computer program is executed, the computer executes the method according to any one of claims 1 to 9, or, as claimed in claim 10. The method of any one of to 13. A chip, characterized in that it comprises a processor, the processor is coupled with a memory, and the memory is used to store a program. When the program is executed by the processor, a device containing the chip is executed as the right The method of any one of claims 1 to 9, or the method of any one of claims 10 to 13.

Images