In an application scenario of proximity communication, an operator network is not required in communication between two user equipments (UE). An objective of a proximity communication service (ProSe) technology is to set up a secure communication channel between two UEs in order to exchange data securely.
The ProSe technology mainly includes two aspects: ProSe discovery and ProSe communication. In a stage of ProSe discovery, the two UEs can detect each other to implement authentication of identities of the two UEs. In a stage of ProSe communication, the two UEs may set up a secure communication channel and then perform secure data communication. Because a communication channel between UEs is susceptible to interception and tampering by an attacker, confidentiality protection and integrity protection need to be performed on communication data. However, the confidentiality protection and integrity protection need to be supported by a secure key and a crypto algorithm. Because security algorithms supported by UEs may be not identical, negotiation of a security algorithm needs to be performed before secure communication.
Therefore, how two UEs in proximity communication perform negotiation of a security algorithm becomes a technical problem to be resolved urgently.