Network authentication method, and related device and system
First Claim
1. A network authentication system, wherein the network authentication system comprises user equipment, a network authentication device, and a service authentication device, whereinthe service authentication device is configured to obtain reference information and generate a second shared key based on the reference information and a first shared key, wherein the first shared key is a shared key pre-configured between the user equipment and the service authentication device, and the reference information comprises information associated with at least one of the user equipment, the network authentication device, and the service authentication device;
- the user equipment is configured to obtain the reference information and generate the second shared key with reference to the reference information and the first shared key;
the service authentication device is configured to send the second shared key to the network authentication device; and
the network authentication device is configured to receive the second shared key, wherein the second shared key is used by the user equipment and the network authentication device to generate a target shared key, and the target shared key is a shared key that protects secure data transmission and that is negotiated and agreed on by the network authentication device and the user equipment.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the present invention disclose a network system. The system includes user equipment, a network authentication device, and a service authentication device. The service authentication device is configured to obtain reference information and generate a second shared key with reference to the reference information and a first shared key, where the first shared key is a shared key pre-configured between the user equipment and the service authentication device; the user equipment is configured to obtain the reference information and generate the second shared key with reference to the reference information and the first shared key; the service authentication device is configured to send the second shared key to the network authentication device; and the network authentication device is configured to receive the second shared key, where the second shared key is used by the user equipment and the network authentication device to generate a target shared key.
13 Citations
20 Claims
-
1. A network authentication system, wherein the network authentication system comprises user equipment, a network authentication device, and a service authentication device, wherein
the service authentication device is configured to obtain reference information and generate a second shared key based on the reference information and a first shared key, wherein the first shared key is a shared key pre-configured between the user equipment and the service authentication device, and the reference information comprises information associated with at least one of the user equipment, the network authentication device, and the service authentication device; -
the user equipment is configured to obtain the reference information and generate the second shared key with reference to the reference information and the first shared key; the service authentication device is configured to send the second shared key to the network authentication device; and the network authentication device is configured to receive the second shared key, wherein the second shared key is used by the user equipment and the network authentication device to generate a target shared key, and the target shared key is a shared key that protects secure data transmission and that is negotiated and agreed on by the network authentication device and the user equipment. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. User equipment, comprising:
-
an obtaining unit, configured to obtain reference information and generate a second shared key with reference to the reference information and a first shared key, wherein the first shared key is a shared key pre-configured between the user equipment and a service authentication device, the service authentication device is configured to obtain the reference information and generate the second shared key based on the reference information and the first shared key, and the service authentication device is further configured to send the second shared key to a network authentication device; and a generating unit, configured to generate a target shared key based on the second shared key, wherein the target shared key or a shared key derived from the target shared key is a shared key that protects secure data transmission and that is negotiated and agreed on by the network authentication device and the user equipment. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification