METHOD AND DEVICE FOR KEY GENERATION
First Claim
1. A method for key generation, applied to a universal mobile telecommunications system (UMTS)-long term evolution (LTE) resource convergence scenario that has a base station as an anchor point, and comprising:
- deriving, according to a root key and a count value of an LTE system, or according to a random number and an LTE system root key, a UMTS integrity key and cipher key; and
sending the UMTS integrity key and cipher key to a UMTS control node, so that the UMTS control node implements cipher and integrity protection by using the UMTS integrity key and cipher key.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and a device for key generation are disclosed in embodiments of the present invention. The method for key generation is applied to a UMTS-LTE resource convergence scenario that has a base station as an anchor point, and includes: deriving, according to a root key and a count value of an LTE system, or according to a random number and an LTE system root key, a UMTS integrity key and cipher key, and sending the UMTS integrity key and cipher key to a UMTS control node. The embodiments of the present invention enable the derivation of the UMTS integrity key and cipher key in a UMTS-LTE resource convergence scenario that has a base station as an anchor point, enable a user equipment to communicate securely through a UMTS, and further improve security of data transmitted in the UMTS.
48 Citations
25 Claims
-
1. A method for key generation, applied to a universal mobile telecommunications system (UMTS)-long term evolution (LTE) resource convergence scenario that has a base station as an anchor point, and comprising:
-
deriving, according to a root key and a count value of an LTE system, or according to a random number and an LTE system root key, a UMTS integrity key and cipher key; and sending the UMTS integrity key and cipher key to a UMTS control node, so that the UMTS control node implements cipher and integrity protection by using the UMTS integrity key and cipher key. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for key generation, applied to a universal mobile telecommunications system (UMTS)-long term evolution (LTE) resource convergence scenario that has a base station as an anchor point, and comprising:
-
sending, by an access network node of an LTE system, a UMTS key derivation instruction message to a UMTS control node, wherein the UMTS key derivation instruction message carries a random number generated by the access network node, so that the UMTS control node generates, according to an internet protocol security key and the random number, a UMTS integrity key and cipher key; and deriving, by the access network node of the LTE system, according to the internet protocol security key and the random number, a UMTS integrity key and cipher key. - View Dependent Claims (8)
-
-
9. A method for key generation, applied to a universal mobile telecommunications system (UMTS)-long term evolution (LTE) resource convergence scenario that has a base station as an anchor point, and comprising:
-
receiving, by a user equipment, a UMTS key derivation instruction message; and deriving, by the user equipment, according to a count value and a root key to an LTE system, or according to an LTE system root key and a random number carried in the UMTS key derivation instruction message, a UMTS integrity key and cipher key. - View Dependent Claims (10, 11)
-
-
12. A message sending method, applied to a universal mobile telecommunications system (UMTS)-long term evolution (LTE) resource convergence scenario that has a base station as an anchor point, and comprising:
-
receiving, by a UMTS control node, a UMTS integrity key and cipher key as well as a user equipment security capability from an access network node of an LTE system; and sending, by the UMTS control node, through the access network node of the LTE system, a security mode command message under integrity protection to a user equipment, wherein the security mode command message carries;
an integrity algorithm and a cipher algorithm that are selected by the control node according to the user equipment security capability, the user equipment security capability and parameter values generated by the control node, and an integrity message authentication code generated by the control node according to the UMTS integrity key, the parameter values generated by the control node, an integrity sequence number, the security mode command message, and a direction indication. - View Dependent Claims (13)
-
-
14. A core network node, applied to a universal mobile telecommunications system (UMTS)-long term evolution (LTE) resource convergence scenario that has a base station as an anchor point, and comprising:
-
a first generation module, configured to derive, according to a non-access stratum root key to an LTE system and a current non-access stratum count value of the LTE system, or according to a non-access stratum root key to an LTE system and a random number generated by the core network node, a UMTS integrity key and cipher key; and a first sending module, configured to send the UMTS integrity key and cipher key derived by the first generation module to a control node of a UMTS, so that the control node of the UMTS implements cipher and integrity protection by using the UMTS integrity key and cipher key. - View Dependent Claims (15, 16)
-
-
17. An access network node, applied to a universal mobile telecommunications system (UMTS)-long term evolution (LTE) resource convergence scenario that has a base station as an anchor point, and comprising:
-
a second generation module, configured to derive, according to an access layer root key to an LTE system and a packet data convergence protocol count value of the LTE system, or according to an access layer root key to an LTE system and a random number generated by the access network node, a UMTS integrity key and cipher key; and a second sending module, configured to send the UMTS integrity key and cipher key derived by the second generation module to a control node of a UMTS, so that the control node of the UMTS implements cipher and integrity protection by using the UMTS integrity key and cipher key. - View Dependent Claims (18)
-
-
19. An access network node, applied to a universal mobile telecommunications system (UMTS)-long term evolution (LTE) resource convergence scenario that has a base station as an anchor point, and comprising:
-
a third sending module, configured to send a UMTS key derivation instruction message to a control node of a UMTS, wherein the UMTS key derivation instruction message carries a random number generated by the access network node, so that the control node of the UMTS generates, according to an internet protocol security key and the random number, a UMTS integrity key and cipher key; and a third generation module, configured to derive, according to the internet protocol security key and the random number, a UMTS integrity key and cipher key. - View Dependent Claims (20)
-
-
21. A user equipment, applied to a universal mobile telecommunications system (UMTS)-long term evolution (LTE) resource convergence scenario that has a base station as an anchor point, and comprising:
-
a fourth receiving module, configured to receive a UMTS key derivation instruction message; and a fourth generation module, configured to derive, according to a count value and a root key to an LTE system, or according to an LTE system root key and a random number carried in the UMTS key derivation instruction message, a UMTS integrity key and cipher key. - View Dependent Claims (22, 23)
-
-
24. A control node, applied to a universal mobile telecommunications system (UMTS)-long term evolution (LTE) resource convergence scenario that has a base station as an anchor point, and comprising:
-
a fifth receiving module, configured to receive a UMTS integrity key and cipher key as well as a user equipment security capability from an access network node on an LTE system; and a fourth sending module, configured to send, through the access network node on the LTE system, a security mode command message under integrity protection to a user equipment, wherein the security mode command message carries;
an integrity algorithm and a cipher algorithm that are selected by the control node according to the user equipment security capability, the user equipment security capability and parameter values generated by the control node, and an integrity message authentication code generated by the control node according to the UMTS integrity key, the parameter values generated by the control node, an integrity sequence number, the security mode command message, and a direction indication. - View Dependent Claims (25)
-
Specification