WO2025152012A1 - Procédé de traitement d'informations, dispositif de réseau central, module d'identité d'abonné et équipement mobile - Google Patents

Procédé de traitement d'informations, dispositif de réseau central, module d'identité d'abonné et équipement mobile

Info

Publication number
WO2025152012A1
WO2025152012A1 PCT/CN2024/072412 CN2024072412W WO2025152012A1 WO 2025152012 A1 WO2025152012 A1 WO 2025152012A1 CN 2024072412 W CN2024072412 W CN 2024072412W WO 2025152012 A1 WO2025152012 A1 WO 2025152012A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
bits
terminal
bit
user identification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
PCT/CN2024/072412
Other languages
English (en)
Chinese (zh)
Inventor
梁浩然
陆伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Xiaomi Mobile Software Co Ltd
Original Assignee
Beijing Xiaomi Mobile Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Xiaomi Mobile Software Co Ltd filed Critical Beijing Xiaomi Mobile Software Co Ltd
Priority to PCT/CN2024/072412 priority Critical patent/WO2025152012A1/fr
Priority to CN202480000274.2A priority patent/CN120693893A/zh
Publication of WO2025152012A1 publication Critical patent/WO2025152012A1/fr
Pending legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0431Key distribution or pre-distribution; Key agreement

Definitions

  • the key processing mechanism needs to be adaptively adjusted.
  • an information processing method which is applied to a core network device, and the method includes:
  • the processing module is configured as follows:
  • An exclusive OR operation is performed on the first key and the second key.
  • processors one or more processors
  • a storage medium stores instructions, and when the instructions are executed on a communication device, the communication device executes the method provided in the first aspect.
  • Fig. 7b is a schematic diagram showing a network device according to an exemplary embodiment
  • Fig. 8b is a schematic structural diagram of a communication device according to an exemplary embodiment.
  • the embodiments of the present disclosure provide an information processing method, a core network device, a user identification module of a terminal, a mobile device of the terminal, a communication system and a storage medium.
  • an embodiment of the present disclosure provides an information processing method, characterized in that the method is executed by a core network device, and the method includes:
  • An operation of performing an XOR operation on the first key and the second key can be performed on the first key and the second key, or an operation of performing an XOR operation on the first key and the second key can be performed to obtain a third key for determining a fourth key, a fifth key, and/or a sixth key, thereby achieving adjustment of the first key and the second key, thereby being adaptable to the scenario of adjusting the number of bits of the user key.
  • the fourth key is the security key Kausf
  • the fifth key is the first encryption key CK’
  • the sixth key is the first integrity protection key IK’.
  • the first key is a second encryption key CK
  • the second key is a second integrity protection key IK.
  • the first operation is: an operation of reducing the number of bits of the first key and the second key
  • the third key includes: the first key after the number of bits is reduced and the second key after the number of bits is reduced.
  • the number of bits of the first key before the bit number is reduced is 256
  • the number of bits of the second key before the bit number is reduced is 256
  • the number of bits of the first key after the bit number is reduced is 128, and the number of bits of the second key after the bit number is reduced is 128.
  • the first operation is: performing an XOR operation on the first key and the second key
  • the third key includes: a result obtained after performing an XOR operation on the first key and the second key.
  • the third key includes a result obtained by performing an XOR operation on the first key and the second key.
  • the number of bits of the first key is 256
  • the number of bits of the second key is 256
  • the number of bits of the third key is 256.
  • the fourth key is Kausf; and the third key is used to determine the input key of the key derivation function KDF of the Kausf.
  • the third key may be input into KDF to obtain Kausf.
  • the third key can be input into KDF to obtain the first encryption key CK’.
  • the third key may be input into KDF to obtain the first integrity protection key IK'.
  • determining the first key and the second key includes:
  • the first key and the second key are determined based on a subscriber key K.
  • the first key and the second key may be determined based on K.
  • the method further includes:
  • the algorithm set is used to determine the first key and the second key.
  • the algorithm set for determining the first key and the second key may be determined based on the number of bits of K.
  • the first key is a second encryption key CK
  • the second key is a second integrity protection key IK
  • determining the first key and the second key includes:
  • the algorithm set is used to determine the first key and the second key.
  • the fourth key is the security key Kausf; the fifth key is the first encryption key CK’; and the sixth key is the first integrity protection key IK’.
  • the first key is a second encryption key CK
  • the second key is a second integrity protection key IK.
  • the first operation is: an operation of reducing the number of bits of the first key and the second key
  • the third key includes: the first key after the number of bits is reduced and the second key after the number of bits is reduced.
  • the first operation is an operation of performing an XOR operation on the first key and the second key; the number of bits of the first key is 256; the number of bits of the second key is 256, and the number of bits of the third key is 256.
  • the sixth key is a first integrity protection key IK'; the third key is used to determine the input key of a key derivation function KDF of the first integrity protection key IK'.
  • an embodiment of the present disclosure provides an information indication method, the method comprising:
  • an embodiment of the present disclosure provides a core network device, the core network device comprising:
  • prefixes such as “first” and “second” in the embodiments of the present disclosure are only used to distinguish different description objects, and do not constitute restrictions on the position, order, priority, quantity or content of the description objects.
  • the statement of the description object refers to the description in the context of the claims or embodiments, and should not constitute unnecessary restrictions due to the use of prefixes.
  • the description object is a "field”
  • the ordinal number before the "field” in the "first field” and the "second field” does not limit the position or order between the "fields”
  • the "first” and “second” do not limit whether the "fields” they modify are in the same message, nor do they limit the order of the "first field” and the "second field”.
  • terms such as “greater than”, “greater than or equal to”, “not less than”, “more than”, “more than or equal to”, “not less than”, “higher than”, “higher than or equal to”, “not lower than”, and “above” can be replaced with each other, and terms such as “less than”, “less than or equal to”, “not greater than”, “less than”, “less than or equal to”, “no more than”, “lower than”, “lower than or equal to”, “not higher than”, and “below” can be replaced with each other.
  • devices and equipment may be interpreted as physical or virtual, and their names are not limited to the names recorded in the embodiments. In some cases, they may also be understood as “equipment”, “device”, “circuit”, “network element”, “node”, “function”, “unit”, “section”, “system”, “network”, “chip”, “chip system”, “entity”, “subject”, etc.
  • network can be interpreted as devices included in the network, such as access network equipment, core network equipment, etc.
  • access network device may also be referred to as “radio access network device (RAN device)", “base station (BS)”, “radio base station (radio base station)”, “fixed station” and in some embodiments may also be understood as “node”, “access point (access point)”, “transmission point (TP)”, “reception point (RP)”, “transmission and/or reception point (transmission/reception point, TRP)", “panel”, “antenna panel”, “antenna array”, “cell”, “macro cell”, “small cell”, “femto cell”, “pico cell”, “sector”, “cell group”, “serving cell”, “carrier”, “component carrier”, “bandwidth part (bandwidth part, BWP)", etc.
  • RAN device radio access network device
  • base station base station
  • RP radio base station
  • TRP transmission and/or reception point
  • acquisition of data, information, etc. may comply with the laws and regulations of the country where the data is obtained.
  • the technical solution of the present disclosure may be applicable to the Open RAN architecture.
  • the interfaces between access network devices or within access network devices involved in the embodiments of the present disclosure may become internal interfaces of Open RAN, and the processes and information interactions between these internal interfaces may be implemented through software or programs.
  • LTE Long Term Evolution
  • LTE-A LTE-Advanced
  • LTE-B LTE-Beyond
  • SUPER 3G IMT-Advanced
  • fourth generation mobile communication system 4th generation mobile communication system, 4G
  • fifth generation mobile communication system 5G
  • 5G new radio NR
  • future radio access FX
  • new radio access technology RAT
  • new radio NR
  • new radio access NX
  • future generation radio access FX
  • GSM registered trademark
  • CDMA2000 Code Division Multiple Access
  • UMB Ultra Mobile Broadband
  • IEEE 802.11 Wi-Fi (registered trademark)
  • IEEE 802.16 WiMAX (registered trademark)
  • IEEE 802.20 Ultra-WideBand (UWB), Bluetooth (registered trademark), Public Land Mobile Network (PLMN) network, Device-to-Device (D2D) system, Machine to Machine (Machine to Machine) Machine (M2M) systems, Internet of Things (IoT) systems
  • PLMN Public Land Mobile Network
  • D2D
  • the algorithm set in order for the authentication process to work under potential quantum threats, the algorithm set must support 256-bit subscriber keys.
  • IK and CK are the outputs of the algorithm set, if MILENAGE-256-R is selected, the length of the integrity protection key (IK, Cipher Key or Confidentiality Key) and the encryption key (CK, Integrity Key) is 256 bits.
  • the 128-bit CK and the 128-bit IK should be concatenated as a 256-bit input key of the key derivation function (KDF).
  • KDF key derivation function
  • 5G AKA or EAP-AKA' calculates the 256-bit CK and the 256-bit IK into a 256-bit input key for generating K AUSF .
  • the core network device can be (UDM, Unified Data Management) or authentication credential storage and processing function (ARPF, AuthenticationcredentialRepository and Processing Function), but is not limited to this.
  • UDM Unified Data Management
  • ARPF AuthenticationcredentialRepository and Processing Function
  • the core network device determines the first key and the second key.
  • the core network device may receive identification information sent by the terminal, and the core network device determines K based on the identification information.
  • the core network device may determine the algorithm set based on the number of bits of K.
  • the set of algorithms is used to determine the first key and the second key.
  • Step S2102 The core network device performs a first operation.
  • the core network device performs a first operation.
  • the core network device performs a first operation on the first key and the second key to obtain a third key.
  • the third key is used to determine the fourth key.
  • the fifth key is the first encryption key CK’; the third key is used to determine the input key of the key derivation function KDF of the first encryption key CK’.
  • the term "information” can be interchangeably with terms such as “message”, “signal”, “signaling”, “report”, “configuration”, “indication”, “instruction”, “command”, “channel”, “parameter”, “field”, and "data”.
  • the term “send” can be interchangeable with terms such as “transmit”, “report”, and “transmit”.
  • step S2101 may be implemented as an independent embodiment
  • step S2102 may be implemented as an independent embodiment, but is not limited thereto.
  • FIG2b is an interactive schematic diagram of an information processing method according to an embodiment of the present disclosure. As shown in FIG2b, the present disclosure embodiment relates to an information processing method, which is used in a communication system 100, and the method includes:
  • the first key is a second encryption key (CK, Cipher Key or Confidentiality Key), and the second key is a second integrity protection key (IK, Integrity Key).
  • CK Cipher Key
  • IK Integrity Key
  • the user identification module determines the first key and the second key based on the subscriber key K.
  • the user identification module determines that the number of bits of K is a first number, and the user identification module determines that the algorithm set is at least one of the following:
  • the sixth key is the first integrity protection key IK’.
  • the first key sent to the ME is a key processed by a first operation; the second key sent to the ME is a key processed by the first operation; wherein the first operation includes an operation of reducing the number of bits of the first key and the second key.
  • the first operation includes an operation to reduce the number of bits of the first key and the second key.
  • the operation of reducing the number of bits of the first key and the second key may be to shorten or truncate the first key and the second key.
  • the user identification module truncates the 256-bit CK and the 256-bit IK to 128 bits.
  • the 128 most or least significant bits (most/least significant 128 bits) of the 256-bit CK can be used as the 128-bit CK; the 128 most or least significant bits (most/least significant 128 bits) of the 256-bit IK can be used as the 128-bit IK.
  • the operation of reducing the number of bits of the first key and the second key may be selecting 128 bits of data from a 256-bit CK and using the 128 bits of data as a 128-bit CK.
  • the number of bits of the first key before the bit number reduction is 256
  • the number of bits of the second key before the bit number reduction is 256
  • the number of bits of the first key after the bit number reduction is 128, and the number of bits of the second key after the bit number reduction is 128.
  • the first operation is: performing an XOR operation on the first key and the second key
  • the user identification module may also send the result of the XOR operation to the ME, and the result may be used by the ME to directly determine the third key
  • the third key includes: the result obtained by performing an XOR operation on the first key and the second key. This is not limited here.
  • the term "information” can be interchangeably with terms such as “message”, “signal”, “signaling”, “report”, “configuration”, “indication”, “instruction”, “command”, “channel”, “parameter”, “field”, and "data”.
  • the term “send” can be interchangeable with terms such as “transmit”, “report”, and “transmit”.
  • Step S2301 The mobile equipment (ME, Mobile Equipment) receives the first key and the second key sent by the user identification module of the terminal.
  • ME Mobile Equipment
  • the user identification module of the terminal can be a Universal Subscriber Identity Module (USIM), but is not limited to this.
  • USIM Universal Subscriber Identity Module
  • the ME receives a 256-bit first key and a 256-bit second key sent by the subscriber identity module.
  • the first key and the second key are used by the ME to obtain a third key.
  • the third key is used to determine the fourth key, the fifth key and/or the sixth key.
  • the first key is a second encryption key (CK, Cipher Key or Confidentiality Key), and the second key is a second integrity protection key (IK, Integrity Key).
  • CK Cipher Key
  • IK Integrity Key
  • the number of bits of the subscriber key K is 256.
  • step S3101 may be implemented as an independent embodiment
  • step S3102 may be implemented as an independent embodiment, but is not limited thereto.
  • FIG3b is a flow chart of an information processing method according to an embodiment of the present disclosure. As shown in FIG3b, the present disclosure embodiment relates to an information processing method, which is executed by a core network device, and the method includes:
  • step S3202 can refer to the optional implementation of step S2102 in Figure 2a and other related parts of the embodiment involved in Figure 2a, which will not be repeated here.
  • the fourth key is a security key Kausf
  • the fifth key is a first encryption key CK’
  • the sixth key is a first integrity protection key IK’.
  • the first key is a second encryption key CK
  • the second key is a second integrity protection key IK.
  • the first operation is an operation of reducing the number of bits of the first key and the second key
  • the third key includes: the first key with a reduced number of bits and the second key with a reduced number of bits.
  • the number of bits of the first key before the bit number reduction is 256
  • the number of bits of the second key before the bit number reduction is 256
  • the number of bits of the first key after the bit number reduction is 128, and the number of bits of the second key after the bit number reduction is 128.
  • the first operation is: performing an XOR operation on the first key and the second key
  • the third key includes: a result obtained by performing an XOR operation on the first key and the second key.
  • the number of bits of the first key is 256
  • the number of bits of the second key is 256
  • the number of bits of the third key is 256.
  • the fifth key is the first encryption key CK’; the third key is used to determine the input key of the key derivation function KDF of the first encryption key CK’.
  • the method further comprises:
  • the method further comprises:
  • the algorithm set is used to determine the first key and the second key.
  • the method further comprises:
  • FIG5a is a flow chart of an information processing method according to an embodiment of the present disclosure. As shown in FIG5a, the present disclosure embodiment relates to an information processing method, which is executed by an ME of a terminal, and the method includes:
  • step S5101 can refer to the optional implementation of step S2301 in Figure 2c and other related parts of the embodiment involved in Figure 2c, which will not be repeated here.
  • Step S5201 Receive a first key and a second key sent by a user identification module of a terminal.
  • a first operation is performed on the first key and the second key to obtain the third key; wherein the first operation includes at least one of the following: an operation of reducing the number of bits of the first key and the second key; an operation of performing an exclusive OR operation on the first key and the second key.
  • the sixth key is a first integrity protection key IK'; and the third key is used to determine an input key of a key derivation function KDF of the first integrity protection key IK'.
  • an embodiment of the present disclosure provides an information indication method, the method comprising:
  • MILENAGE-256-R or Tuak By using MILENAGE-256-R or Tuak (it should be noted that in some embodiments, if the number of bits of the subscriber key is 256, the UDM/ARPF selects the Tuak algorithm and obtains a 256-bit CK and a 256-bit IK based on the Tuak algorithm), the number of bits of CK and IK in the 5G HE authentication vector (AV, Authenticate Vector) is 256. Then, the UDM or ARPF will derive K AUSF and calculate XRES*. Finally, UDM or ARPF will create 5G HE AV based on RAND, AUTN, XRES* (expected response value) and K AUSF .
  • UDM or ARPF should truncate the 256-bit CK to generate a 128-bit CK.
  • UDM or ARPF should truncate the 256-bit IK to generate a 128-bit IK.
  • the 128 most or least significant bits of a 256-bit CK or a 256-bit IK can be used as a 128-bit CK or a 128-bit IK.
  • UDM or ARPF uses the truncated CK (i.e., a 128-bit CK) and IK (i.e., a 128-bit IK) to construct a 256-bit input key for KDF. Then, UDM or ARPF generates K AUSF based on the newly derived 256-bit input key.
  • Step S6102 UDM or ARPF sends Nudm_UEAuthentication_Get Response (response message) to the authentication service function (AUSF, Authentication Server Function);
  • AUSF Authentication Server Function
  • Nudm_UEAuthentication_Get Response may include:
  • Step S6103 AUSF stores XRES* (response parameter value);
  • Step S6105 AUSF sends Nausf_UEAuthentication_Authenticate Response (response message) to SEAF;
  • Step S6106 SEAF sends an Authentication Request to the UE
  • Step S6107 UE calculates Authentication Response (RES*);
  • the ME In order to generate K AUSF , if a 256-bit CK and a 256-bit IK are received from the USIM, the ME shall truncate the 256-bit CK and 256-bit IK to 128-bit CK and 128-bit IK in the same manner as the UDM or ARPF side.
  • the ME uses the truncated CK (i.e., 128-bit CK) and IK (i.e., 128-bit IK) to generate the 256-bit input key of the KDF.
  • the ME then generates K AUSF using the derived 256-bit input key.
  • the ME shall calculate K SEAF from K AUSF .
  • Nausf_UEAuthentication_Authenticate Request contains:
  • an embodiment of the present disclosure provides an information indication method, the method comprising:
  • the UDM or ARPF should select the MILENAGE-256-R algorithm set, the MILENAGE-256-A algorithm set, the 256-bit algorithm set based on ZUC and/or the Tuak algorithm set.
  • MILENAGE-256-R or Tuak it should be noted that in some embodiments, if the number of bits of the subscriber key is 256, the UDM/ARPF selects the Tuak algorithm and obtains a 256-bit CK and a 256-bit IK based on the Tuak algorithm), the number of bits of CK and IK in the authentication vector is 256.
  • the UDM or ARPF will calculate CK’ and IK’ and replace CK and IK with CK’ and IK’.
  • the UDM or ARPF should truncate the 256-bit CK to generate a 128-bit CK.
  • UDM or ARPF shall truncate the 256-bit IK to generate a 128-bit IK.
  • the 128 most or least significant bits of the 256-bit CK or the 256-bit IK may be used as the 128-bit CK or the 128-bit IK.
  • Step S6206 UE sends Auth-Resp (authentication response message) to SEAF;
  • Step S6209 performing optional further EAP message exchange between the UE and the AUSF;
  • the N1 message includes:
  • the embodiments of the present disclosure also propose a device for implementing any of the above methods, for example, a device is proposed, the above device includes a unit or module for implementing each step performed by the terminal in any of the above methods.
  • a device is also proposed, including a unit or module for implementing each step performed by a network device (such as an access network device, a core network function node, a core network device, etc.) in any of the above methods.
  • a network device such as an access network device, a core network function node, a core network device, etc.
  • the division of the units or modules in the above device is only a division of logical functions, which can be fully or partially integrated into one physical entity or physically separated in actual implementation.
  • the units or modules in the device can be implemented in the form of a processor calling software: for example, the device includes a processor, the processor is connected to a memory, and instructions are stored in the memory.
  • the processor calls the instructions stored in the memory to implement any of the above methods or implement the functions of the units or modules of the above device, wherein the processor is, for example, a general-purpose processor, such as a central processing unit (CPU) or a microprocessor, and the memory is a memory inside the device or a memory outside the device.
  • CPU central processing unit
  • microprocessor a microprocessor
  • the units or modules in the device may be implemented in the form of hardware circuits, and the functions of some or all of the units or modules may be implemented by designing the hardware circuits.
  • the hardware circuits may be understood as one or more processors; for example, in one implementation, the hardware circuits are application-specific integrated circuits (ASICs), and the functions of some or all of the above units or modules may be implemented by designing the logical relationship of the components in the circuits; for another example, in another implementation, the hardware circuits may be implemented by programmable logic devices (PLDs), and Field Programmable Gate Arrays (FPGAs) may be used as an example, which may include a large number of logic gate circuits, and the connection relationship between the logic gate circuits may be configured by configuring the configuration files, thereby implementing the functions of some or all of the above units or modules. All units or modules of the above devices may be implemented in the form of software called by the processor, or in the form of hardware circuits, or in the form of software called by the processor, and the remaining part may be implemented in
  • the processor is a circuit with signal processing capability.
  • the processor may be a circuit with instruction reading and running capability, such as a central processing unit (CPU), a microprocessor, a graphics processing unit (GPU) (which may be understood as a microprocessor), or a digital signal processor (DSP); in another implementation, the processor may implement certain functions through the logical relationship of a hardware circuit, and the logical relationship of the above hardware circuit may be fixed or reconfigurable, such as a hardware circuit implemented by an application-specific integrated circuit (ASIC) or a programmable logic device (PLD), such as an FPGA.
  • ASIC application-specific integrated circuit
  • PLD programmable logic device
  • the process of the processor loading a configuration document to implement the hardware circuit configuration may be understood as the process of the processor loading instructions to implement the functions of some or all of the above units or modules.
  • it can also be a hardware circuit designed for artificial intelligence, which can be understood as ASIC, such as Neural Network Processing Unit (NPU), Tensor Processing Unit (TPU), Deep Learning Processing Unit (DPU), etc.
  • ASIC Neural Network Processing Unit
  • NPU Neural Network Processing Unit
  • TPU Tensor Processing Unit
  • DPU Deep Learning Processing Unit
  • FIG7b is a schematic diagram of the structure of a network device 7200 (which may be a core network device) proposed in an embodiment of the present disclosure.
  • the network device 7200 may include: at least one of a transceiver module 7201, a processing module 7202, etc.
  • the transceiver module 7201 is used to send and receive information.
  • the transceiver module 7201 is used to execute at least one of the communication steps such as sending and/or receiving performed by the network device in any of the above methods, which will not be repeated here.
  • the processing module 7202 is used to execute at least one of the other steps performed by the network device in any of the above methods, which will not be repeated here.
  • FIG8a is a schematic diagram of the structure of a communication device 8100 proposed in an embodiment of the present disclosure.
  • the communication device 8100 may be a network device (e.g., an access network device, a core network device, etc.), or a terminal (e.g., a user device, etc.), or a chip, a chip system, or a processor that supports a network device to implement any of the above methods, or a chip, a chip system, or a processor that supports a terminal to implement any of the above methods.
  • the communication device 8100 may be used to implement the method described in the above method embodiment, and the details may refer to the description in the above method embodiment.
  • the communication device 8100 includes one or more processors 8101.
  • the processor 8101 may be a general-purpose processor or a dedicated processor, for example, a baseband processor or a central processing unit.
  • the baseband processor may be used to process the communication protocol and the communication data
  • the central processing unit may be used to control the communication device (such as a base station, a baseband chip, a terminal device, a terminal device chip, a DU or a CU, etc.), execute a program, and process the data of the program.
  • the communication device 8100 is used to execute any of the above methods.
  • the communication device 8100 further includes one or more memories 8102 for storing instructions.
  • the memory 8102 may also be outside the communication device 8100.
  • the communication device 8100 further includes one or more transceivers 8103.
  • the transceiver 8103 performs at least one of the communication steps such as sending and/or receiving in the above method.
  • processor 8101 executes at least one of the other steps.
  • the transceiver may include a receiver and/or a transmitter, and the receiver and the transmitter may be separate or integrated.
  • the terms such as transceiver, transceiver unit, transceiver, transceiver circuit, etc. may be replaced with each other, the terms such as transmitter, transmission unit, transmitter, transmission circuit, etc. may be replaced with each other, and the terms such as receiver, receiving unit, receiver, receiving circuit, etc. may be replaced with each other.
  • Fig. 8b is a schematic diagram of the structure of a chip 8200 provided in an embodiment of the present disclosure.
  • the communication device 8100 may be a chip or a chip system
  • the chip 8200 further includes one or more interface circuits 8202.
  • the interface circuit 8202 is connected to the memory 8203.
  • the interface circuit 8202 can be used to receive signals from the memory 8203 or other devices, and the interface circuit 8202 can be used to send signals to the memory 8203 or other devices.
  • the interface circuit 8202 can read instructions stored in the memory 8203 and send the instructions to the processor 8201.
  • interface circuit interface circuit
  • transceiver pin transceiver

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

Des modes de réalisation de la présente demande concernent un procédé de traitement d'informations, un dispositif de réseau central, un module d'identité d'abonné d'un terminal, un équipement mobile d'un terminal, un système de communication et un support de stockage. Le procédé est exécuté par un dispositif de réseau central. Le procédé consiste à : déterminer une première clé et une deuxième clé ; et exécuter une première opération sur la première clé et la deuxième clé pour obtenir une troisième clé, la troisième clé étant utilisée pour déterminer une quatrième clé, une cinquième clé et/ou une sixième clé, et la première opération comprenant au moins l'une parmi : une opération de réduction du nombre de bits de la première clé et de la deuxième clé, et une opération de réalisation d'une opération OU exclusif sur la première clé et la deuxième clé. De cette manière, la solution technique fournie par les modes de réalisation de la présente demande permet un traitement de clé pour s'adapter à des scénarios dans lesquels des clés d'utilisateur ayant un premier nombre de bits sont introduites.
PCT/CN2024/072412 2024-01-15 2024-01-15 Procédé de traitement d'informations, dispositif de réseau central, module d'identité d'abonné et équipement mobile Pending WO2025152012A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2024/072412 WO2025152012A1 (fr) 2024-01-15 2024-01-15 Procédé de traitement d'informations, dispositif de réseau central, module d'identité d'abonné et équipement mobile
CN202480000274.2A CN120693893A (zh) 2024-01-15 2024-01-15 信息处理方法、核心网设备、用户识别模块和移动设备

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2024/072412 WO2025152012A1 (fr) 2024-01-15 2024-01-15 Procédé de traitement d'informations, dispositif de réseau central, module d'identité d'abonné et équipement mobile

Publications (1)

Publication Number Publication Date
WO2025152012A1 true WO2025152012A1 (fr) 2025-07-24

Family

ID=96470551

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2024/072412 Pending WO2025152012A1 (fr) 2024-01-15 2024-01-15 Procédé de traitement d'informations, dispositif de réseau central, module d'identité d'abonné et équipement mobile

Country Status (2)

Country Link
CN (1) CN120693893A (fr)
WO (1) WO2025152012A1 (fr)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107210911A (zh) * 2014-10-09 2017-09-26 凯里赛克公司 安全系统中终端的改进安装
US20200221297A1 (en) * 2017-09-27 2020-07-09 Huawei Technologies Co., Ltd. Key derivation algorithm negotiation method and apparatus
CN112039657A (zh) * 2020-07-20 2020-12-04 北京邮电大学 一种用于生成密钥的方法、装置、设备以及存储介质
WO2023082161A1 (fr) * 2021-11-12 2023-05-19 Zte Corporation Poussée d'informations sécurisées par des applications de service dans des réseaux de communication
US20230362633A1 (en) * 2022-02-07 2023-11-09 Qualcomm Incorporated Encrypting discovery messages

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107210911A (zh) * 2014-10-09 2017-09-26 凯里赛克公司 安全系统中终端的改进安装
US20200221297A1 (en) * 2017-09-27 2020-07-09 Huawei Technologies Co., Ltd. Key derivation algorithm negotiation method and apparatus
CN112039657A (zh) * 2020-07-20 2020-12-04 北京邮电大学 一种用于生成密钥的方法、装置、设备以及存储介质
WO2023082161A1 (fr) * 2021-11-12 2023-05-19 Zte Corporation Poussée d'informations sécurisées par des applications de service dans des réseaux de communication
US20230362633A1 (en) * 2022-02-07 2023-11-09 Qualcomm Incorporated Encrypting discovery messages

Also Published As

Publication number Publication date
CN120693893A (zh) 2025-09-23

Similar Documents

Publication Publication Date Title
US12063498B2 (en) Key derivation method, communication system, communication terminal, and communication device
US20250132901A1 (en) Federated learning method, first device, and third device
WO2025010741A1 (fr) Procédé de traitement d'informations, dispositif, système de communication et support de stockage
WO2025015580A1 (fr) Procédé de traitement d'informations, terminal, système de communication et support de stockage
CN109246696B (zh) 密钥处理方法以及相关装置
CN113727342B (zh) 网络注册的方法和装置
WO2025025122A1 (fr) Procédé et appareil de réception de message
WO2024234313A1 (fr) Procédé et appareil de traitement d'informations, dispositif de communication, système de communication et support de stockage
WO2025035417A1 (fr) Procédé de traitement d'informations, appareil et support de stockage
KR102642804B1 (ko) 다중 대역 통신 방법 및 장치
WO2023137760A1 (fr) Procédés de communication sans fil, ue distant, ausf et amf
WO2025152012A1 (fr) Procédé de traitement d'informations, dispositif de réseau central, module d'identité d'abonné et équipement mobile
CN112825498B (zh) 一种认证向量的生成方法、获取方法及设备
CN115515130A (zh) 一种会话密钥生成的方法及装置
EP4380212A1 (fr) Procédé d'établissement d'un canal de transmission sécurisé, procédé de détermination de clé et appareil de communication
WO2025015513A1 (fr) Procédé de traitement d'informations, terminal, système de communication et support de stockage
WO2025065275A1 (fr) Procédé et appareil d'indication de ressources
WO2025043723A1 (fr) Procédé et appareil de traitement d'informations
WO2025035325A1 (fr) Procédé de traitement de communication, première entité, deuxième entité, troisième entité
WO2025213303A1 (fr) Procédés de traitement d'informations, dispositif réseau, terminal, système de communication et support de stockage
US20240380742A1 (en) Information protection mrthod and device
WO2025208534A1 (fr) Procédé de traitement d'informations, dispositif de communication et support de stockage
WO2026085823A1 (fr) Procédé de traitement de sécurité de données, dispositif de communication, système de communication, support de stockage et produit programme
US20230362631A1 (en) Secure storage and processing of sim data
WO2025175591A1 (fr) Procédés de communication sécurisée, terminal, udm, ausf, amf, dispositif de réseau d'accès, système et support

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 202480000274.2

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 24917640

Country of ref document: EP

Kind code of ref document: A1

WWP Wipo information: published in national office

Ref document number: 202480000274.2

Country of ref document: CN