Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Authentication method, device and system

An authentication method and a technology for authenticating data, applied in the field of communication, can solve problems such as data being easily obtained and affecting user information security and experience

Active Publication Date: 2018-11-13
CHINA MOBILE COMM LTD RES INST +1
View PDF8 Cites 13 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] The present invention provides an authentication method, device and system to solve the problem in the prior art that the data of the data authentication request and authentication response are easily obtained during the authentication process, which affects the user's information security and experience

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Authentication method, device and system
  • Authentication method, device and system
  • Authentication method, device and system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0106] figure 2 A schematic diagram of an authentication process provided by an embodiment of the present invention, the process includes:

[0107] S201: Receive an authentication request including encrypted authentication data sent by a network side device.

[0108] The authentication method provided by the embodiment of the present invention is applied to UE.

[0109] In this embodiment of the present invention, the UE and the network-side device pre-deduce an encryption key, wherein the pre-derived encryption key may be a shared key generated by the UE and the network-side device using the DHIES protocol. Derived encryption key.

[0110] S202: Decrypt the encrypted authentication data by using a pre-derived encryption key, and generate an authentication response according to the decrypted authentication data.

[0111] Specifically, the UE receives the authentication request including encrypted authentication data sent by the network side device, decrypts the encrypted a...

Embodiment 2

[0116] In order to improve the accuracy of authentication, on the basis of the above-mentioned embodiments, in the embodiment of the present invention, the generation of the authentication response according to the decrypted authentication data includes:

[0117] judging whether the first message authentication code (Message Authentication Code, MAC) in the authentication data is correct;

[0118] If not, generate a first authentication response;

[0119] If yes, determine whether the serial number in the authentication data is correct;

[0120] If the serial number in the authentication data is incorrect, generate a second authentication response, and if the serial number in the authentication data is correct, generate a third authentication response.

[0121] Specifically, the authentication information carries the information of the first MAC and the serial number. After the encrypted authentication data is decrypted, in order to further ensure the security of data transmi...

Embodiment 3

[0141] In order to improve the authentication efficiency, on the basis of the above-mentioned embodiments, in the embodiment of the present invention, before receiving the authentication request including the encrypted authentication data sent by the network side device, the method further includes:

[0142] Judging whether the network side device has a globally unique temporary user identity (Globally Unique Temporary User Equipment Identity, GUTI);

[0143] If so, generate a one-time random number Nonce, and generate an encryption key and an integrity key according to the Nonce and the pre-derived shared key for the network side device, and send to the network side device including the Attachment request for Nonce and GUTI.

[0144] In this embodiment of the present invention, the UE stores a shared key and GUTI for each network-side device that has successfully authenticated itself before this authentication, where the shared key is the UE and the network-side device when t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an authentication method, device and system. The method comprises the following steps of receiving an authentication request which is sent by network side equipment and comprises encrypted authentication data; decrypting the encrypted authentication data by adopting a pre-derived encryption key, and generating an authentication response according to the decrypted authentication data; and encrypting the authentication response by adopting the pre-derived encryption key, and sending an authentication response comprising the encrypted authentication response to the networkside equipment. In the embodiments of the invention, UE decrypts the encrypted authentication data sent by the network side equipment according to the pre-derived encryption key and encrypts the generated authentication response according to the pre-derived encryption key, and the UE and the network side equipment transmit the encrypted authentication data and the authentication response during an authentication process, so that a third-party malicious attacker is prevented from acquiring the authentication data and the authentication response to carry out correlation attack on the UE and thenetwork side equipment, the information safety of the user is guaranteed, and the user experience is improved.

Description

technical field [0001] The present invention relates to the field of communication technology, in particular to an authentication method, device and system. Background technique [0002] In order to cope with the explosive growth of mobile data traffic, massive device connections, and emerging various new services and application scenarios in the future, the fifth-generation mobile communication system will emerge as the times require. The fifth-generation mobile communication system will penetrate into all fields of the future society, and build a comprehensive information ecosystem centered on users, which will promote the further development of the mobile Internet, bring about a thousand-fold increase in future mobile traffic, and promote mobile communication technology and A new round of transformation in the industry provides users with more immersive and extreme business experiences such as augmented reality, virtual reality, ultra-high-definition video, and mobile clo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L9/32H04W12/02H04W12/06H04W12/12H04W12/03H04W12/041H04W12/122
CPCH04L9/3271H04L63/0428H04L63/062H04L63/0853H04L63/0876H04W12/02H04W12/06H04W12/12
Inventor 刘福文左敏庄小君彭晋
Owner CHINA MOBILE COMM LTD RES INST
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products