Abstract:
Embodiments of the present invention disclose a data transmission method and a related device and system. The system includes an access network device AN and user equipment UE. The AN is configured to receive a base key sent by a key management device in a core network, where the base key is a key generated from two-way authentication between the UE and the core; the AN and the UE are configured to process the base key according to a preset rule to generate an air interface protection key; the UE is configured to: protect a target field in an uplink protocol data unit PDU by using the air interface protection key; and the AN is configured to parse the target field in the uplink protocol data unit by using the air interface protection key.
Abstract:
Embodiments of the present invention disclose a network system. The system includes user equipment, a network authentication device, and a service authentication device. The service authentication device is configured to obtain reference information and generate a second shared key with reference to the reference information and a first shared key, where the first shared key is a shared key pre-configured between the user equipment and the service authentication device; the user equipment is configured to obtain the reference information and generate the second shared key with reference to the reference information and the first shared key; the service authentication device is configured to send the second shared key to the network authentication device; and the network authentication device is configured to receive the second shared key, where the second shared key is used by the user equipment and the network authentication device to generate a target shared key.
Abstract:
Embodiments of the disclosure provide a pool element (PE) status information synchronization method. A pool register (PR) receives a first registration message sent by a first PE, where the first registration message is used to add the first PE to a pool; the PR receives a second registration message sent by a second PE, where the second registration message is used to add the second PE to the pool; the PR determines a role of the first PE in the pool according to an identifier of the first PE and an identifier of the second PE, where the role is an active PE or a standby PE, and sends a status synchronization manner, the identifier of the first PE, and information about the role of the first PE to the second PE.
Abstract:
Embodiments of this application are applicable to the field of communication technologies, and provide a method for authentication for an NSWO service, a device, and a storage medium, applicable to a 5G network. The method for authentication for an NSWO service includes: After determining to perform the NSWO service, the UE sends a SUCI to an AN device. The AN device sends a second request message to an NSWO network element. After determining to perform authentication for the NSWO service, the NSWO network element sends a first authentication request message to an AUSF. After determining to perform authentication for the NSWO service, the AUSF sends a second authentication request message to a UDM. The UDM determines to use an EAP-AKA′ authentication method. Then, the UDM, the AUSF, the NSWO network element, the AN device, and the UE sequentially complete an authentication procedure based on EAP-AKA′ authentication.
Abstract:
Example communication methods and apparatus are described. One example communication method includes that user equipment (UE) sends an N1 message to a security anchor function (SEAF), where the N1 message carries a Diffie-Hellman (DH) public parameter or a DH public parameter index, the N1 message further carries an encrypted identifier of the UE, and the encrypted identifier is obtained by encrypting a permanent identifier of the UE and a first DH public key. The UE receives an authentication request that carries a random number and that is sent by the SEAF. The UE sends, to the SEAF, an authentication response used to respond to the authentication request, where the authentication response carries an authentication result calculated based on a root key and the random number.
Abstract:
Embodiments of the present invention disclose a communication method, a related device, and a system. The system may include a terminal, a first access network node (AN), and a second AN. The first AN is configured to determine that the terminal meets a condition of being handed over from the first AN to the second AN, where a value of a target parameter used for encryption and/or integrity protection when the terminal and the first AN communicate with each other before the terminal is handed over to the second AN is equal to a first reference value. In the system, the first AN may further be configured to send a target message to the second AN to instruct the second AN to obtain a second reference value. The second AN may be configured to obtain the second reference value based on the target message. Furthermore, the terminal may be configured to obtain the second reference value, where the second reference value is used as a value of the target parameter used for encryption and/or integrity protection when the second AN and the terminal communicate with each other. According to the embodiments of the present invention, security performance of the terminal can be improved.
Abstract:
An authentication method, an authentication apparatus, and an authentication system for the communications field are described. The authentication includes sending, by first user equipment, a first random parameter to second user equipment. The second user equipment obtains a first user identifier, a second user identifier, and a second random parameter; and generates a second authentication feature based on the first user identifier, the second user identifier, the first random parameter, and the second random parameter. The second user equipment sends the second authentication feature to the first user equipment for authentication. The first user equipment, after authentication, generatesgenerates a first authentication feature. The first authentication feature is sent to the second user equipment for authentication.
Abstract:
The present disclosure relates to example key distribution and authentication methods and devices. In one example method, a second-level key is received by a terminal device from a user management server. The terminal device performs mutual authentication with a network authentication server based on the second-level key, to obtain a communication key for communication between the terminal device and a functional network element.
Abstract:
A mobile terminal includes a display module, a host module, and a hinge used to connect the display module and the host module. The hinge is disposed on a bottom border of the display module. The display module includes a top cover and a hinge cover that covers the hinge, and the top cover has an accommodating cavity. A screen body, a screen drive plate, and a screen cover plate that covers the screen body are accommodated in the accommodating cavity, and a part of the screen cover plate extends into a cavity of the hinge cover, so that the hinge cover overlaps the part of the screen cover plate. In this technical solution, a width of the bottom border of the display module can be effectively reduced, to facilitate implementation of a narrow border design of the display module.
Abstract:
A key obtaining method includes sending, by an authentication server function (AUSF), an authentication service request message to a unified data management (UDM) function. The method also includes receiving, by the AUSF, an authentication service response message sent by the UDM function. The authentication service response message includes first permission information. The first permission information is used to indicate to generate a key KAKMA for user equipment (UE). The method further includes generating, by the AUSF in response to the authentication service response message, the KAKMA and a key identifier (KID) corresponding to the KAKMA. The method additionally includes sending, by the AUSF, the generated KAKMA and the generated KID to an authentication and key management for applications anchor function.