End-to-end session key consultation method and system for supporting lawful interception

Abstract

A method and system for end-to-end session key negotiation which support lawful interception are disclosed. The method includes: a first terminal carries out a session root key negotiation with a first Identification Location Register (ILR) to which said first terminal belongs, generates a session root key Kas for the session and saves it; said first terminal then generates a session key according to a first parameter including a first self-generated random number and Kas, and initiates an end-to-end session key request to a second terminal; the key negotiating parameters carried in said request include a first ciphertext containing the first random number information encrypted by Kas and a first identification information of the session. The second terminal sends the received key negotiating parameters to the first ILR; using Kas, said first ILR obtains the first random number from decryption of the first ciphertext, generates the session key in the same way as the first terminal and saves the key, then sends it to the second terminal in ciphertext. The second terminal then decrypts the ciphertext and acquires the session key contained within it. The first terminal then carries out a session with the second terminal by using the session key, said session key including the session encryption key.

Description

technical field [0001] The invention relates to the Internet field, in particular to an end-to-end session key negotiation method and system supporting lawful interception. Background technique [0002] The IP-based Internet is an open network composed of networks of multiple countries and organizations. Therefore, if an end-to-end session is established, it is likely to need to pass through multiple intermediate nodes (such as routers, etc.), because these nodes may not be completely The network belongs to the same country or organization, so for highly confidential conversations, there is a possibility of being intercepted or modified by third-party illegal agencies. [0003] Therefore, in order to prevent confidential information from being stolen or modified, people usually use end-to-end encryption to conduct conversations; however, due to the needs of police information such as anti-terrorism, laws of various countries often stipulate that the business carried out by t...

AI Technical Summary

Problems solved by technology

[0010] 1. In "Otway-Rees", from UE A to UE B TICKETs passed between each time use the same shared root key K a encryption; if K a is not renegotiated every session, then K a easily broken, once K a is compromised, the subsequent session keys are compromised; if K a Each session is negotiated, because there are more signaling interactions during the GBA establishment process, which will reduce the efficiency of key negotiation

[0011] 2. In "Otway-Rees", the key is generated in KMS, UE A Has no control over what keys are assigned, in a multiparty session or a conference session, if the UE A Need to assign the same key to the peers, which is not possible in "Otway-Rees"

[0012] 3. In "Otway-Rees", the final session key is generated by the UE B Pass to UE A , but there is no integrity verification measure, if the intermediary modifies the encrypted key, due to the lack of integrity verification when passing the key, the UE A It is impossible to know whether the key has been modified, and a wrong key can still be decrypted, resulting in UE A and UE B Each has a different key, so that the subsequent data will be seriously confused when encrypting and decrypting, and it also increases the possibility of man-in-the-middle attacks

Images