In an application scenario of proximity communication, communication between two user equipment (UE) does not need to go through an operator network. An objective of a proximity service (ProSe) technology is to establish a secure communication channel between two UEs such that data can be exchanged securely.
The ProSe technology mainly includes two aspects, ProSe Discovery and ProSe communication. At a ProSe Discovery stage, two UEs may detect each other mutually in order to complete verification of identities of the two parties. At a ProSe Communication stage, the two UEs may establish a secure communication channel and then perform secure data communication. Because a communication channel between UEs may be eavesdropped and tampered by an attacker, it is required to perform confidentiality and integrity protection on communication data. Confidentiality and integrity protection needs support of a secure key and cryptographic algorithm, and therefore, it is required to perform key negotiation before secure communication.
Therefore, how two UEs that perform proximity communication perform key negotiation becomes an urgent technical problem to be resolved.