At present, to improve a transmission rate of a wireless network and enhance user experience, the 3rd generation partnership (3GPP) organization is having a discussion to establish a new research project, that is, small cell network enhancements. As shown in FIG. 1, in the figure, F1 represents a low-frequency carrier with a feature of having relatively large coverage but relatively scarce resources; F2 represents a high-frequency carrier with a feature of having relatively small coverage but relatively rich resources. In a conventional 2G/3G network, generally, a carrier of a relatively low frequency is used, for example, a low-frequency carrier having a frequency of F1 is used to provide services for users.
With popularization of smartphones, users have a higher requirement on a wireless transmission rate. To meet the requirement of the users, high-frequency carriers that have rich resources need to be used gradually, to provide services for the users. Because high-frequency carriers have a feature of small coverage, a base station that uses a high-frequency carrier to provide small coverage is usually referred to as a small base station (or micro base station), and an area covered by the small base station is referred to as a small cell (Small Cell). A main idea of small cell enhancements is that user equipment (UE) may aggregate carriers from a macro cell and from a small cell to obtain more available radio resources, so as to improve a data transmission rate. FIG. 2A and FIG. 2B show a data scheduling method and a data transmission method of UE in dual connectivity mode, where in the figures, a Macro Cell is a cell of a macro base station, and a Small Cell is a cell of a micro base station. Generally, the macro base station is selected as a master base station (Master eNB, MeNB), and the micro base station is selected as a secondary base station (Secondary eNB, SeNB). In dual connectivity mode, one possible trend is that the macro base station serves as a primary control site and is responsible for mobility management of UE, data packet splitting, and the like.
Modes in which the UE performs a dual connectivity operation with the MeNB and the SeNB are mainly classified into the following two situations:
Situation 1: In a process in which the UE communicates with the MeNB and the SeNB, the MeNB can constantly provide reliable coverage, that is, the MeNB can constantly provide reliable signal quality for the UE.
Situation 2: In a process in which the UE communicates with the MeNB and the SeNB, the MeNB cannot ensure that reliable coverage can be constantly provided, that is, the MeNB cannot provide reliable signal quality for the UE constantly.
Data transmission between the UE and a base station requires keys, for example, a control-plane message cipher key, an integrity protection key, and a user-plane data cipher key. Refer to FIG. 3 for a process of generating a security key KeNB in an existing long term evolution (LTE) system, which includes:
1. In a process of accessing a network by UE, first, a mobility management entity (MME) and the UE separately generate an access security management entity key KASME based on UE security context information stored by the mobility management entity and by the UE, for example, parameters such as a key K (that is, Key), a cipher key (CK), and an integrity protection key (Integrity Key, IK) shown in FIG. 3.
2. The UE and the MME further generate a security key KeNB based on the generated KASME.
Specifically, in this step, a process of deducing, by the UE and the MME, KeNB based on KASME is as follows:
First, determine the following parameters:                FC=0x11;        P0=uplink non-access stratum COUNT, where a value of COUNT herein includes a hyper frame number and a sequence number;        L0=a length of the value of uplink non-access stratum COUNT;        
Then, combine the foregoing determined parameters to form an input string S.
Finally, perform calculation according to an HMAC-SHA-256 key derivation function to obtain: KeNB=HMAC-SHA-256(KASME, S), where the key derivation function is stipulated by standards IETF RFC 2104 (1997) and ISO/IEC 10118-3:2004.
After the UE and the MME both generate KeNB, the MME further sends KeNB to an eNB. Further, the UE and the eNB generate, based on KeNB, keys used for data transmission, for example, a control-plane message cipher key, an integrity protection key, and a user-plane data cipher key. A specific process is as follows:
First, determine the following parameters:                FC=0x15;        P0=algorithm similarity identification value (which is determined according to Table 1);        L0=a length of the algorithm similarity identification value;        P1=algorithm identifier; and        L1=a length of the algorithm identifier;        
TABLE 1Algorithm Similarity Identification ValueAlgorithm similarity identification valueValueRRC encryption algorithm0x03RRC integrity protection algorithm0x04User-plane data encryption algorithm0x05
Then, combine the foregoing determined parameters to form an input string S.
Finally, perform calculation according to an HMAC-SHA-256 key derivation function to obtain: Key=HMAC-SHA-256(KeNB, S), where for different parameters obtained according to Table 1, Kup-enc (that is, a user-plane data cipher key), KCP-enc (that is, a control-plane RRC cipher key), and KCP-int (that is, a control-plane RRC integrity protection key) can be separately obtained according to the foregoing formula. The key derivation function herein is stipulated by standards IETF RFC 2104 (1997) and ISO/IEC 10118-3:2004.
When the UE works in coverage of the MeNB and in coverage of the SeNB at the same time, the UE may need to separately perform data transmission with the two base stations based on different security keys; the UE may also separately perform data transmission with the two base stations based on a same security key. However, in an existing long term evolution (LTE) system, generation of a key used for data transmission is designed for a scenario in which the UE works in coverage of one base station, and cannot be directly applied to a dual connectivity mode scenario in which the UE works in coverage of the MeNB and in coverage of the SeNB at the same time. Therefore, when the UE communicates with the MeNB and the SeNB at the same time, how to generate a key for data transmission is an urgent problem to be resolved.