A 3GPP Evolved Packet System (EPS) is composed of an Evolved UMTS Terrestrial Radio Access Network (EUTRAN) and an Evolved Packet Core (EPC).
Wherein, an EPC includes a MME (mobility management entity), which is responsible for control plane-related works such as mobility management, processing of non-access layer signaling, and user security mode management. Wherein, the MME stores Key Access Security Management Entity (KASME) of the EUTRAN, and uses the KASME and an uplink NAS SQN (non-access layer sequence number) to generate a Key eNB (KeNB) of the access layer to be used by the eNB.
Wherein, in the evolved UTRAN, the base station is an evolved Node-B (eNB), which is mainly responsible for wireless communication, wireless communication management and mobility context management.
Wherein, the communication between the eNB and EPC is encrypted using network domain security mechanism, i.e., the EPC encrypts a message using the public key of the eNB, and the target eNB decrypts the message using its own private key.
An eNB in 3GPP includes a plurality of cells, and a handover of a User Equipment (UE) is between the cells, therefore, the handover of a UE may be implemented within the same eNB, or between two different eNBs.
The latest method for generating a handover state key is:
in initial connection, a MME generating a Next Hop parameter (NH), a NH Chaining Counter (NCC) and Kenb.
Kenb=KDF (Kasme, NasCount);
(note: KDF is a key generating function, NasCount is non-access layer uplink message count)
NH=NULL; NCC=0;
After the above initialization, the MME sends the Kenb to the eNB, generates an initial key Kenb. The UE also obtains the Kenb in the same way as the MME.
During a handover, a source eNB calculates out a Kenb* according to the Kenb, and transmits the NH and the Kenb* to the target eNB, the source eNB carries NCC in a handover reconfiguration message and sends it to the UE. The UE calculates out the Kenb according to the NH that is stored by itself. The calculation formula is:
Kenb=KDF (Kenb*, NH);
The target eNB also calculates out the Kenb in the same way.
The MME updates the NH value in the following way:
NH=KDF (Kasme, NH);
and at every time of updating, the NCC is added with 1.
After updating the NH, the MME transmits the updated NH value and NCC to the target eNB, and the UE compares the received NCC with the NCC that is stored by itself, and calculates a new NH value according to the difference between times of the NCC.
During the entire handover process, the UE, eNB and MME need to negotiate on NCC and the NH value, and obtain the key Kenb by means of updating the NH value for multiple times.
The disadvantage of the scheme is that the source eNB can obtain the key Kenb in the next hop of the UE through deduction, thus causing potential safety hazard, meanwhile the whole calculation process is complicated, and many parameters need to be synchronized.