Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

End-to-end session key consultation method and system for supporting lawful interception

A session key and key negotiation technology, which is applied in the Internet field, can solve the problems of increasing the possibility of man-in-the-middle attacks, reducing the efficiency of key negotiation, and having no control over what keys are allocated.

Inactive Publication Date: 2011-05-04
ZTE CORP
View PDF3 Cites 21 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0010] 1. In "Otway-Rees", from UE A to UE B TICKETs passed between each time use the same shared root key K a encryption; if K a is not renegotiated every session, then K a easily broken, once K a is compromised, the subsequent session keys are compromised; if K a Each session is negotiated, because there are more signaling interactions during the GBA establishment process, which will reduce the efficiency of key negotiation
[0011] 2. In "Otway-Rees", the key is generated in KMS, UE A Has no control over what keys are assigned, in a multiparty session or a conference session, if the UE A Need to assign the same key to the peers, which is not possible in "Otway-Rees"
[0012] 3. In "Otway-Rees", the final session key is generated by the UE B Pass to UE A , but there is no integrity verification measure, if the intermediary modifies the encrypted key, due to the lack of integrity verification when passing the key, the UE A It is impossible to know whether the key has been modified, and a wrong key can still be decrypted, resulting in UE A and UE B Each has a different key, so that the subsequent data will be seriously confused when encrypting and decrypting, and it also increases the possibility of man-in-the-middle attacks

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • End-to-end session key consultation method and system for supporting lawful interception
  • End-to-end session key consultation method and system for supporting lawful interception
  • End-to-end session key consultation method and system for supporting lawful interception

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0118] The specific embodiments of the present invention will be described in detail below with reference to the accompanying drawings.

[0119] figure 1 Shown is a schematic diagram of the system architecture of this embodiment, and the system includes a user terminal (UserEquipment, UE): UE A and UE B ; Access Server (Access Server Node, ASN): ASN1 and ASN2; and Identity Location Register (Identification Location Register, ILR): ILR A and ILR B . Among them, the terminal UE A and UE B The data link between is an insecure link, such as an IP link, so the UE A and UE B The session key cannot be passed in clear text, because the UE A It is possible to communicate with one of hundreds of millions of other users at any time, UE A It is impossible to contain the pre-shared keys of all users, so UE A Cannot use pre-shared key with UE B To establish a secure end-to-end session, it is necessary to design an end-to-end session key negotiation mechanism to solve the securit...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses end-to-end session key consultation method and system for supporting lawful interception. A session key consultation process initiated from a first terminal to a second terminal comprises the following steps of: carrying out session root key consultation by the first terminal and a first identity location register (ILR) to which the first terminal belongs; after generating and storing the session root key Kas of the session, generating a session key by the first terminal, and initiating an end-to-end session key request to the second terminal; when a first ILR of the second terminal is the ILR to which the second terminal belongs, directly transmitting a received key consultation parameter to the first ILR; after the first ILR generates and stores the session key, transmitting to the second terminal directly in the mode of ciphertext; deciphering the ciphertext by the second terminal to obtain the session key therein; and making a session with the session key by the first terminal and the second terminal, wherein the session key comprises a session encryption key. When providing end-to-end encryption, the system also satisfies the requirement on intercepting the end-to-end conversion by a legitimate institution.

Description

technical field [0001] The invention relates to the Internet field, in particular to an end-to-end session key negotiation method and system supporting lawful interception. Background technique [0002] The IP-based Internet is an open network composed of networks of multiple countries and organizations. Therefore, if an end-to-end session is established, it is likely to need to pass through multiple intermediate nodes (such as routers, etc.), because these nodes may not be completely The network belongs to the same country or organization, so for highly confidential conversations, there is a possibility of being intercepted or modified by third-party illegal agencies. [0003] Therefore, in order to prevent confidential information from being stolen or modified, people usually use end-to-end encryption to conduct conversations; however, due to the needs of police information such as anti-terrorism, laws of various countries often stipulate that the business carried out by t...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L12/26H04L9/08H04L29/06
CPCH04L9/0844H04L63/061H04L63/306
Inventor 张世伟田甜朱允文
Owner ZTE CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com