CN101110672A

Movatterモバイル変換

Info

Publication number: CN101110672A
Application number: CNA2006101035249A
Authority: CN
Inventors: 梁文亮; 谢勇
Original assignee: Huawei Technologies Co Ltd
Current assignee: Huawei Technologies Co Ltd
Priority date: 2006-07-19
Filing date: 2006-07-19
Publication date: 2008-01-23

Abstract

一种通信系统中建立ESP安全联盟的方法，第一种是通过由AAA服务器直接生成ESP安全联盟的安全密钥、移动节点MN从AAA服务器获得安全密钥或独立计算出相同安全密钥、预先设定加密算法及预先配置的SPI；第二种是协商家乡代理HA和MN之间的ESP安全联盟参数、MN从AAA服务器获得安全密钥或独立计算出相同安全密钥；第三种是利用将MN接入鉴权认证过程中产生的用于本MN和HA进行绑定更新的共享密钥作为密钥交互协议过程的预配置密钥，完成密钥交互协议过程中双方相互验证，然后由密钥交互协议协商产生ESP安全联盟。通过上述三种方式建立HA和MN之间安全联盟，由此保证后续HA和MN之间业务的安全。

A method for establishing an ESP security association in a communication system. The first method is to directly generate the security key of the ESP security association by the AAA server, and the mobile node MN obtains the security key from the AAA server or independently calculates the same security key. Set the encryption algorithm and pre-configured SPI; the second is to negotiate the ESP security association parameters between the home agent HA and the MN, and the MN obtains the security key from the AAA server or independently calculates the same security key; the third is to use Use the shared key generated during the MN access authentication process for the binding update between the MN and the HA as the pre-configured key in the key exchange protocol process, complete the mutual authentication of the two parties in the key exchange protocol process, and then the The key exchange protocol negotiation generates an ESP security association. The security association between the HA and the MN is established through the above three methods, thereby ensuring the security of subsequent services between the HA and the MN.

Description

Translated fromChinese

通信系统中建立ESP安全联盟的方法和系统Method and system for establishing ESP security association in communication system

技术领域technical field

本发明涉及通信领域中通信系统中建立安全联盟的方法及系统，尤其涉及移动节点(Mobile Node，MN)和家乡代理(Home Agent，HA)之间建立ESP(Encapsulating Security Payload，安全载荷封装)安全联盟的方法和系统。The invention relates to a method and a system for establishing a security alliance in a communication system in the communication field, in particular to establishing an ESP (Encapsulating Security Payload, security load encapsulation) security between a mobile node (Mobile Node, MN) and a home agent (Home Agent, HA). Methods and systems for alliances.

背景技术Background technique

在现有的移动IP技术中，移动IPv6是今天最有效地可移动建议之一。如图1所示，其为一个基本的移动Ipv6组成示意图。移动Ipv6包含三个实体：移动节点MN、家乡代理HA和通信节点CN。一个Ipv6移动节点是一个多主机地址节点。它同时拥有一个转交地址和一个家乡地址，其中转交地址用来路由IP包，其前缀是所访问链路网络的前缀。转交地址是临时的，必须要对它进行返回路由能力检查之后才能使用该地址参与通信；家乡地址用来识别移动节点，其前缀是家乡链路网络的前缀。移动Ipv6允许移动节点从一个链路移动到另一个链路而无需改变家乡地址。Among existing mobile IP technologies, Mobile IPv6 is one of the most effective mobile proposals today. As shown in FIG. 1 , it is a schematic diagram of a basic mobile IPv6 composition. Mobile IPv6 includes three entities: mobile node MN, home agent HA and communication node CN. An IPv6 mobile node is a node with multiple host addresses. It has a care-of address and a home address at the same time, where the care-of address is used to route IP packets, and its prefix is the prefix of the visited link network. The care-of address is temporary, and it can only be used to participate in communication after the return routing capability check is performed on it; the home address is used to identify the mobile node, and its prefix is the prefix of the home link network. Mobile IPv6 allows mobile nodes to move from one link to another without changing their home address.

移动节点和通信节点有两种通信模式。第一种模式是从通信节点发出的数据包会路由到家乡代理，再通过隧道发往移动节点；从移动节点发出的数据包先通过隧道发往家乡代理，再路由到通信节点。在这种模式中，家乡代理在家乡链路上使用代理邻居发现协议截取指向移动节点家乡地址的数据包。被截取的数据包通过隧道发往到移动节点当前的转交地址。这种模式双向的数据都必须经过家乡代理HA，容易引出网络阻塞，并且当家乡代理和相关链路发生故障后影响移动节点和通信节点之间的通信。There are two modes of communication between mobile nodes and correspondent nodes. The first mode is that the data packet sent from the correspondent node will be routed to the home agent, and then sent to the mobile node through the tunnel; the data packet sent from the mobile node will be sent to the home agent through the tunnel first, and then routed to the correspondent node. In this mode, the home agent uses the proxy neighbor discovery protocol on the home link to intercept data packets directed to the mobile node's home address. The intercepted data packet is sent to the current care-of address of the mobile node through the tunnel. In this mode, the bidirectional data must go through the home agent HA, which is easy to lead to network congestion, and when the home agent and related links fail, the communication between the mobile node and the communication node will be affected.

第二种模式是路由优化模式。双方通信的数据不必经由HA，而直接经过路由进行通信。这种模式由于对路由进行了优化而得到了极大的发展。在路由优化模式下，移动Ipv6引入了一个返回可路由过程(RRP)，通过它保证MN与CN通信时的安全，其原理是通过对MN与CN之间交换的信令进行加密来对它们之间的登记进行认证。通过RRP，CN知道是否能够使用MN通告的转交地址和家乡地址访问MN；如果RRP测试失败，CN将既不能直接发送分组到MN的转交地址。其测试方法是通过两个消息对(HoTI和HoT，CoTI和CoT)分别测试目的地址是家乡地址和转换地址的分组是否能够到达MN，据此接收来自MN的绑定(请参阅图2)。The second mode is route optimization mode. The data communicated by both parties does not need to go through HA, but communicates directly through routing. This pattern has been greatly developed due to the optimization of routing. In the routing optimization mode, Mobile IPv6 introduces a return routable process (RRP), which ensures the security of the communication between the MN and the CN. The principle is to encrypt the signaling exchanged between the MN and the CN. The registration between them is authenticated. Through RRP, the CN knows whether the MN can be accessed using the care-of address and home address advertised by the MN; if the RRP test fails, the CN will neither be able to directly send packets to the MN's care-of address. The test method is to test whether the packet whose destination address is the home address and the translation address can reach the MN through two message pairs (HoTI and HoT, CoTI and CoT), and then receive the binding from the MN (see Figure 2).

在RRP过程中，HoTI用于把MN的家乡地址和Cookie通知CN，请求CN提供家乡密钥生成令牌。而CoTI主要是把MN的转交地址和Cookie通知CN，请求CN提供转交密钥生成令牌。MN通过对家乡密钥生成令牌、转交密钥生成令牌进行SHA1散列运算得到一个共享密钥Kbm。通过该共享密钥Kbm对后续MN和CN之间的BU(绑定更新)和BA(绑定响应)进行认证。During the RRP process, HoTI is used to notify the CN of the MN's home address and Cookie, and requests the CN to provide the home key to generate a token. The CoTI mainly notifies the CN of the MN's care-of address and Cookie, and requests the CN to provide a care-of key to generate a token. The MN obtains a shared key Kbm by performing SHA1 hash operation on the home key generation token and the care-of key generation token. The BU (Binding Update) and BA (Binding Response) between the subsequent MN and CN are authenticated through the shared key Kbm.

在PPR过程中，HoTI和HoT这两个消息是以明文方式进行传输，无法保证移动节点MN和家乡代理HA之间返回可路由过程的私密性，由此容易被监听。当恶意攻击者得到HoT和CoT消息中的H-Token以及C-Token后，可以计算出后续MN和CN之间BU过程的密钥信息kbm，由此不能保证后续通信如预期那样发生在移动节点MN和相关节点CN之间。最终，WiMax等无线网络将无法正常支持路由优化R0，降低了WiMax网络效率。也就是说WiMAX等无线网络如果要支持IPv6的R0，就必须考虑移动节点MN和家乡代理HA之间的ESP安全联盟，以保证路由优化R0信令的私密性。In the PPR process, the two messages HoTI and HoT are transmitted in plain text, which cannot guarantee the privacy of the returning routable process between the mobile node MN and the home agent HA, so it is easy to be monitored. After the malicious attacker obtains the H-Token and C-Token in the HoT and CoT messages, he can calculate the key information kbm of the subsequent BU process between the MN and the CN, so it cannot be guaranteed that the subsequent communication will occur in the mobile node as expected between the MN and the associated node CN. Eventually, wireless networks such as WiMax will not be able to support routing optimization R0 normally, reducing the efficiency of WiMax networks. That is to say, if wireless networks such as WiMAX want to support R0 of IPv6, the ESP security association between the mobile node MN and the home agent HA must be considered to ensure the privacy of routing optimization R0 signaling.

除了上述提到的RRP过程需要预先建立MN和HA之间的ESP安全联盟，在其它一些场合，如移动前缀请求过程、MN和HA的数据传输过程都需要保证MN和HA之间业务的安全性，同样也需要建立MN和HA之间的ESP安全联盟。In addition to the RRP process mentioned above, the ESP security association between the MN and the HA needs to be established in advance. In some other occasions, such as the mobile prefix request process, the data transmission process between the MN and the HA, it is necessary to ensure the security of the business between the MN and the HA. , it is also necessary to establish an ESP security association between the MN and the HA.

发明内容Contents of the invention

本发明的目的在于提供一种通信系统中建立ESP安全联盟的方法和系统，以增加MN和HA之间业务的安全性。The purpose of the present invention is to provide a method and system for establishing an ESP security association in a communication system, so as to increase the security of services between MN and HA.

为了达到上述目的，本发明提供了公开了一种通信系统中建立ESP安全联盟的方法，包括以下步骤：In order to achieve the above object, the present invention provides and discloses a method for establishing an ESP security association in a communication system, comprising the following steps:

(1)AAA服务器生成ESP安全联盟的安全密钥，并将所述安全密钥通知家乡代理HA；(1) The AAA server generates the security key of the ESP security association, and notifies the home agent HA of the security key;

(2)移动节点MN接收从AAA服务器发送的安全密钥，或者MN按照与AAA服务器预约定的生成规则生成相同的安全密钥；(2) The mobile node MN receives the security key sent from the AAA server, or the MN generates the same security key according to the generation rules predetermined with the AAA server;

(3)MN和HA采用所述安全密钥、预先设定或由AAA服务器指定的加密算法及预先配置的安全参数索引SPI建立ESP安全联盟。(3) The MN and the HA use the security key, the encryption algorithm preset or specified by the AAA server, and the preconfigured security parameter index SPI to establish an ESP security association.

步骤(1)具体为：AAA服务器直接将第一密钥或第一密钥的根密钥作为所述安全密钥，或者由第一密钥或由第一密钥的根密钥派生出所述安全密钥，其中，所述第一密钥为移动节点MN接入鉴权认证过程或HA和MN绑定更新初始过程中产生的用于该MN和HA进行绑定更新的共享密钥。Step (1) is specifically: the AAA server directly uses the first key or the root key of the first key as the security key, or derives all security keys from the first key or the root key of the first key. The above security key, wherein the first key is a shared key generated during the MN access authentication process or the HA and MN initial binding update process for the MN and the HA to perform binding update.

优选地，步骤(1)中，AAA服务器在下发第一密钥至HA的同时，将所述安全密钥发送至HA。步骤(2)中AAA服务器是在MN接入鉴权认证过程将安全密钥通知MN。Preferably, in step (1), the AAA server sends the security key to the HA while delivering the first key to the HA. In step (2), the AAA server notifies the MN of the security key during the MN access authentication process.

本发明公开的第二种通信系统中建立ESP安全联盟的方法，包括：The method for establishing the ESP security association in the second communication system disclosed by the present invention includes:

(1)AAA服务器协商移动节点MN和家乡代理HA之间的安全联盟参数，并将协商好的安全联盟参数分别通知MN和HA，所述安全联盟参数包括加密算法或者包括加密算法和安全参数索引SPI；(1) The AAA server negotiates the security association parameters between the mobile node MN and the home agent HA, and notifies the MN and the HA of the negotiated security association parameters respectively. The security association parameters include encryption algorithms or include encryption algorithms and security parameter indexes SPI;

(2)AAA服务器生成ESP安全联盟的安全密钥，并通知HA；(2) The AAA server generates the security key of the ESP security association and notifies the HA;

(3)MN从AAA服务器上获得所述安全密钥或者按照与AAA服务器预约定的生成规则生成相同的安全密钥；(3) The MN obtains the security key from the AAA server or generates the same security key according to a pre-determined generation rule with the AAA server;

(4)MN和HA采用所述安全密钥、加密算法及预配置或协商好的SPI建立ESP安全联盟。(4) The MN and the HA use the security key, the encryption algorithm and the pre-configured or negotiated SPI to establish the ESP security association.

优选地，步骤(2)中AAA服务器生成所述安全密钥具体为：AAA服务器直接将第一密钥或第一密钥的根密钥作为所述安全密钥，或者由第一密钥或由第一密钥的根密钥派生出所述安全密钥，其中，所述第一密钥为移动节点MN接入鉴权认证过程或HA和MN绑定更新初始过程中产生的用于该MN和HA进行绑定更新的共享密钥。Preferably, the generation of the security key by the AAA server in step (2) specifically includes: the AAA server directly uses the first key or the root key of the first key as the security key, or uses the first key or The security key is derived from the root key of the first key, wherein the first key is generated during the MN access authentication process or the initial process of HA and MN binding update for the mobile node MN. Shared key for binding update between MN and HA.

步骤(1)中AAA服务器协商移动节点MN和家乡代理HA之间的安全联盟参数具体为：(11)移动节点MN通知AAA服务器本节点所支持的所有加密算法以及分配给本节点MN和HA之间ESP安全联盟的SPI；(12)AAA服务器获得家乡代理HA为本HA与MN之间ESP安全联盟分配的SPI，并从MN能够支持的加密算法之中选择HA能够支持的一种加密算法作为协商好的加密算法。In step (1), the AAA server negotiates the security association parameters between the mobile node MN and the home agent HA specifically as follows: (11) The mobile node MN notifies the AAA server of all encryption algorithms supported by the node and the encryption algorithms assigned to the node MN and the HA. (12) The AAA server obtains the SPI allocated by the home agent HA for the ESP security association between the HA and the MN, and selects an encryption algorithm that the HA can support from the encryption algorithms that the MN can support as Negotiated encryption algorithm.

MN是在接入鉴权过程将所述加密算法和所述SPI发送至AAA服务器。The MN sends the encryption algorithm and the SPI to the AAA server during the access authentication process.

步骤(12)中AAA服务器是在MN接入鉴权认证过程或绑定更新BU过程中，询问HA所支持所有加密算法和HA为本HA与MN之间ESP安全联盟分配的SPI。In step (12), the AAA server inquires all encryption algorithms supported by the HA and the SPI allocated by the ESP security association between the HA and the MN for the AAA server during the MN access authentication process or the binding update BU process.

步骤(12)进一步包括：预先将HA和AAA服务器配置成支持相同的加密算法或者将HA配置成支持所有的加密算法；协商好的加密算法是AAA服务器从MN能够支持的加密算法中选择本服务器能够支持的一种加密算法。Step (12) further includes: pre-configuring the HA and the AAA server to support the same encryption algorithm or configuring the HA to support all encryption algorithms; the negotiated encryption algorithm is that the AAA server selects the server from the encryption algorithms that the MN can support An encryption algorithm that can be supported.

本发明公开的第三种通信系统中建立ESP安全联盟的方法，包括：(1)将移动节点MN接入鉴权认证过程中或HA和MN绑定更新BU过程中产生的用于本MN和HA进行绑定更新的共享密钥作为密钥交互协议过程的预配置密钥；(2)在密钥交互协议过程中，协商建立MN和HA之间的ESP安全联盟。步骤(2)具体为：(21)MN和HA之间协商建立一安全通道；(22)利用所述预配置密钥进行MN和HA的互相验证，建立交互过程中的第一个Ipsec安全联盟；(23)将所述第一个Ipsec安全联盟作为MN和HA之间用于加密的ESP安全联盟或者，利用第一个Ipsec安全联盟重新协商用于加密的ESP安全联盟。The third method for establishing an ESP security association in a communication system disclosed by the present invention includes: (1) using the mobile node MN access authentication authentication process or the HA and MN binding update BU process generated for the MN and the MN The shared key used by the HA for binding update is used as the pre-configured key in the key exchange protocol process; (2) In the key exchange protocol process, negotiate to establish the ESP security association between the MN and the HA. Step (2) is specifically: (21) Negotiate between MN and HA and set up a safe channel; (22) Utilize described pre-configured key to carry out the mutual authentication of MN and HA, establish the first IPsec security association in the interactive process (23) Use the first IPsec security association as the ESP security association for encryption between the MN and the HA or use the first IPsec security association to renegotiate the ESP security association for encryption.

所述ESP安全联盟中的生成密钥的方法是在密钥交互协商过程设定的，或者所述ESP安全联盟中的生成密钥的方法是在预先完成的MN接入鉴权认证过程中设定的。The method for generating the key in the ESP security association is set during the key exchange negotiation process, or the method for generating the key in the ESP security association is set in the pre-completed MN access authentication process fixed.

对应地，本发明公开的第一种通信系统中建立ESP安全联盟的系统，还包括AAA服务器，所述AAA服务器包括第一安全密钥生成单元，用于生成ESP安全联盟的安全密钥，并将所述安全密钥通知家乡代理HA；Correspondingly, the system for establishing an ESP security association in the first communication system disclosed in the present invention further includes an AAA server, and the AAA server includes a first security key generation unit for generating a security key for an ESP security association, and Notifying the home agent HA of the security key;

所述移动节点还包括第二安全密钥生成单元和第一建立安全联盟单元，所述第一安全密钥生成单元：用于按照预保存的与AAA服务器约定的相同生成规则生成安全密钥；所述第一建立安全联盟单元，用于通过预保存的加密算法、预配置的安全参数索引和生成的安全密钥建立与家乡代理HA的ESP安全联盟；The mobile node also includes a second security key generation unit and a first security association establishment unit, the first security key generation unit is configured to generate a security key according to the same pre-saved generation rule agreed with the AAA server; The first security association establishment unit is used to establish an ESP security association with the home agent HA through a pre-saved encryption algorithm, a pre-configured security parameter index, and a generated security key;

所述家乡代理包括第二建立安全联盟单元，用于通过预保存的加密算法、预配置的安全参数与接收到的安全密钥建立与MN的ESP安全联盟。The home agent includes a second security association establishment unit, configured to establish an ESP security association with the MN through a pre-stored encryption algorithm, a pre-configured security parameter, and a received security key.

所述AAA服务器还包括加密算法指定单元，用于指定HA与MN之间的ESP安全联盟的加密算法，并通知HA和MN。The AAA server also includes an encryption algorithm specifying unit for specifying the encryption algorithm of the ESP security association between the HA and the MN, and notifying the HA and the MN.

本发明公开的第二种通信系统中建立ESP安全联盟的系统，还包括AAA服务器，所述AAA服务器包括第一安全密钥生成单元，用于生成ESP安全联盟的安全密钥，并将所述安全密钥通知家乡代理HA和移动节点MN；The system for establishing an ESP security association in the second communication system disclosed by the present invention also includes an AAA server, and the AAA server includes a first security key generating unit for generating a security key of the ESP security association, and the The security key notifies the home agent HA and the mobile node MN;

所述移动节点还包括第一建立安全联盟单元，用于通过预保存的加密算法、预配置的安全参数和接收到安全密钥建立与家乡代理HA的ESP安全联盟；The mobile node also includes a first security association establishment unit, which is used to establish an ESP security association with the home agent HA through the pre-saved encryption algorithm, the pre-configured security parameters and the received security key;

本发明公开的第三种通信系统中建立ESP安全联盟的系统，还包括AAA服务器，所述AAA服务器包括协商单元和第一安全密钥生成单元，The system for establishing an ESP security association in the third communication system disclosed by the present invention also includes an AAA server, and the AAA server includes a negotiation unit and a first security key generation unit,

协商单元，用于协商移动节点MN和家乡代理HA之间的安全联盟参数，并将协商好的安全联盟参数分别通知MN和HA，所述安全联盟参数包括加密算法或者包括加密算法和安全参数索引SPI；The negotiating unit is used to negotiate the security association parameters between the mobile node MN and the home agent HA, and notify the MN and the HA of the negotiated security association parameters respectively, and the security association parameters include an encryption algorithm or include an encryption algorithm and a security parameter index SPI;

第一安全密钥生成单元，用于生成ESP安全联盟的安全密钥，并将所述安全密钥通知家乡代理HA；The first security key generating unit is configured to generate a security key of the ESP security association, and notify the home agent HA of the security key;

所述移动节点还包括第二安全密钥生成单元和第一建立安全联盟单元，所述第一安全密钥生成单元：用于按照预保存的与AAA服务器约定的相同生成规则生成安全密钥；所述第一建立安全联盟单元，用于通过接收到的加密算法、预配置或接收到的安全参数索引和生成的安全密钥建立与家乡代理HA的ESP安全联盟；The mobile node also includes a second security key generation unit and a first security association establishment unit, the first security key generation unit is configured to generate a security key according to the same pre-saved generation rule agreed with the AAA server; The first security association establishment unit is configured to establish an ESP security association with the home agent HA through the received encryption algorithm, the pre-configured or received security parameter index and the generated security key;

所述家乡代理包括第二建立安全联盟单元，用于通过接收到加密算法和安全密钥、预配置或接收到的安全参数建立与MN的ESP安全联盟。The home agent includes a second security association establishing unit, configured to establish an ESP security association with the MN by receiving an encryption algorithm and a security key, pre-configured or received security parameters.

本发明公开的第四种通信系统中建立ESP安全联盟的系统，还包括AAA服务器，The system for establishing an ESP security association in the fourth communication system disclosed by the present invention also includes an AAA server,

所述AAA服务器包括协商单元和第一安全密钥生成单元，The AAA server includes a negotiation unit and a first security key generation unit,

第一安全密钥生成单元，用于生成ESP安全联盟的安全密钥，并将所述安全密钥通知家乡代理HA和移动节点MN；The first security key generating unit is used to generate the security key of the ESP security association, and notify the home agent HA and the mobile node MN of the security key;

所述移动节点还包括第一建立安全联盟单元，用于通过接收到的加密算法、预配置或接收到的安全参数和接收到的安全密钥建立与家乡代理HA的ESP安全联盟；The mobile node also includes a first security association establishment unit, which is used to establish an ESP security association with the home agent HA through the received encryption algorithm, the pre-configured or received security parameters and the received security key;

所述家乡代理包括第二建立安全联盟单元，用于通过接收到的加密算法、预配置或接收到的安全参数与接收到的安全密钥建立与MN的ESP安全联盟。The home agent includes a second security association establishment unit, configured to establish an ESP security association with the MN by using the received encryption algorithm, pre-configured or received security parameters, and the received security key.

本发明公开的第五种通信系统中建立ESP安全联盟的系统，所述移动节点和家乡代理中都设有预配置密钥单元和协商单元，In the fifth communication system disclosed by the present invention, a system for establishing an ESP security association, both the mobile node and the home agent are provided with a pre-configured key unit and a negotiation unit,

所述预配置密钥：用于将移动节点MN接入鉴权认证过程中或HA和MN绑定更新初始过程中产生的用于本MN和HA进行绑定更新的共享密钥作为密钥交互协议过程的预配置密钥；协商单元：用于在密钥交互协议过程中，协商建立MN和HA之间的ESP安全联盟。The pre-configured key: used to exchange the shared key used for the binding update between the MN and the HA, which is generated during the access authentication process of the mobile node MN or during the initial process of binding update between the HA and the MN. Pre-configured keys for the protocol process; negotiation unit: used for negotiating and establishing the ESP security association between the MN and the HA during the key exchange protocol process.

本发明可以通过三种方式建立HA与MN之间的ESP安全联盟，能够保证HA与MN之间业务的私密性。特别是，当该安全联盟用于加密RRP过程中涉及到的相关信令时，能够增加路由优化过程中的安全性。使得WiMax等网络可以正常支持路由优化R0，提高了网络的效率。The present invention can establish the ESP security alliance between the HA and the MN in three ways, and can guarantee the privacy of the business between the HA and the MN. In particular, when the security association is used to encrypt related signaling involved in the RRP process, it can increase the security in the route optimization process. This enables networks such as WiMax to normally support route optimization R0, and improves network efficiency.

附图说明Description of drawings

图1为一个基本的移动Ipv6组成示意图；Figure 1 is a schematic diagram of a basic mobile IPv6 composition;

图2为现有RRP过程示意图；FIG. 2 is a schematic diagram of an existing RRP process;

图3为本发明公开的第一种通信系统中建立ESP安全联盟的方法的流程图；Fig. 3 is the flow chart of the method for establishing ESP security alliance in the first kind of communication system disclosed by the present invention;

图4为本发明公开的第一种通信系统中建立ESP安全联盟的系统结构示意图；FIG. 4 is a schematic diagram of the system structure of establishing an ESP security association in the first communication system disclosed by the present invention;

图5为本发明公开的第二种通信系统中建立ESP安全联盟的系统结构示意图；5 is a schematic diagram of the system structure of establishing an ESP security association in the second communication system disclosed by the present invention;

图6为本发明公开的第二种通信系统中建立ESP安全联盟的方法的流程图；6 is a flowchart of a method for establishing an ESP security association in a second communication system disclosed by the present invention;

图7为本发明公开的第三种通信系统中建立ESP安全联盟的系统结构示意图；7 is a schematic diagram of the system structure of establishing an ESP security association in the third communication system disclosed by the present invention;

图8为本发明公开的第四种通信系统中建立ESP安全联盟的系统的结构示意图；FIG. 8 is a schematic structural diagram of a system for establishing an ESP security association in a fourth communication system disclosed by the present invention;

图9为本发明公开的第三种通信系统中建立ESP安全联盟的方法的流程图；9 is a flowchart of a method for establishing an ESP security association in a third communication system disclosed by the present invention;

图10为本发明公开的第五种通信系统中建立ESP安全联盟的系统的结构示意图。FIG. 10 is a schematic structural diagram of a system for establishing an ESP security association in a fifth communication system disclosed in the present invention.

具体实施方式Detailed ways

以下结合附图，具体说明本发明。The present invention will be described in detail below in conjunction with the accompanying drawings.

为了保证HA和MN之间业务的安全性，需要预先进行HA和MN之间建立安全联盟。本发明的核心在于：本发明提供了三种HA和MN之间建立安全联盟的方法，第一种建立方案为：通过由AAA服务器直接生成ESP安全联盟的安全密钥、移动节点MN从AAA服务器获得安全密钥或者是独立计算出相同安全密钥、预先设定加密算法及预先配置的SPI；第二种建立方案为：协商家乡代理HA和MN之间包括加密算法或包括加密算法和SPI的ESP安全联盟参数、移动节点MN从AAA服务器获得安全密钥或者是独立计算出相同安全密钥；第三种方案为：利用将移动节点MN接入鉴权认证过程中产生的用于本MN和HA进行绑定更新的共享密钥作为密钥交互协议过程的预配置密钥，完成密钥交互协议过程中双方相互证验证，然后由密钥交互协议协商产生ESP安全联盟。通过上述三种方式建立HA和MN之间安全联盟，以此保证后续HA和MN之间的业务的安全。所述HA和MN之间的业务包括RRP过程、移动前缀请求过程、MN和HA的数据传输过程等。后续就以RRP过程为例来说明本发明。In order to ensure the security of services between the HA and the MN, it is necessary to establish a security association between the HA and the MN in advance. The core of the present invention is: the present invention provides three kinds of methods for establishing a security association between HA and MN, the first establishment scheme is: by directly generating the security key of ESP security association by the AAA server, mobile node MN from the AAA server Obtain the security key or independently calculate the same security key, pre-set encryption algorithm and pre-configured SPI; the second establishment scheme is: negotiate the encryption algorithm or the encryption algorithm and SPI between the home agent HA and the MN The ESP security association parameters, the mobile node MN obtains the security key from the AAA server or independently calculates the same security key; the third solution is: use the mobile node MN generated during the access authentication process for the MN and The shared key used by the HA for binding update is used as the pre-configured key in the key exchange protocol process to complete the mutual authentication between the two parties in the key exchange protocol process, and then the ESP security association is generated through the key exchange protocol negotiation. The security association between the HA and the MN is established through the above three methods, so as to ensure the security of subsequent services between the HA and the MN. The business between the HA and the MN includes the RRP process, the mobile prefix request process, the data transmission process between the MN and the HA, and the like. In the following, the present invention will be described by taking the RRP process as an example.

随着网络技术的迅速发展，网上数据的安全问题是最受关注的问题。现在，许多通信协议和方法中都提供了对数据的加密或验证功能，以此来保证数据的安全传输。应用较为广泛的是IPSec(Internet Protocol Security)协议。IPSec协议是一种协议套件，包括AH(Authentication Header)验证头协议、ESP(Encapsulation Security Protocol)封装安全载荷协议、IKE(InternetKey Exchange)互联网密钥交换协议等。IPSec协议支持手动配置方式或IKE协议自动协商方式生成安全联盟SA(Security Association)。安全联盟是IPSec的基础，它决定了用于保护数据包安全的IPSec协议中的密钥以及密钥生成时间等，安全联盟的主要参数有SPI、密钥、算法等。也就是说，安全联盟是对数据进行加密或验证的基本依据，也可以说每一个需要进行加密或验证处理的数据包都会配置或生成特定的安全联盟SA。另外，本发明HA和MN之间建立的是ESP安全联盟。With the rapid development of network technology, the security of online data is the most concerned issue. Now, many communication protocols and methods provide data encryption or verification functions, so as to ensure the safe transmission of data. The most widely used is the IPSec (Internet Protocol Security) protocol. IPSec protocol is a protocol suite, including AH (Authentication Header) authentication header protocol, ESP (Encapsulation Security Protocol) encapsulation security payload protocol, IKE (InternetKey Exchange) Internet key exchange protocol, etc. The IPSec protocol supports manual configuration or IKE protocol auto-negotiation to generate a Security Association (SA). Security association is the basis of IPSec. It determines the key and key generation time in the IPSec protocol used to protect data packet security. The main parameters of security association include SPI, key, algorithm, etc. That is to say, the security association is the basic basis for encrypting or verifying data. It can also be said that each data packet that needs to be encrypted or verified will be configured or generated with a specific security association SA. In addition, the ESP security association is established between the HA and the MN in the present invention.

请参阅图3，其为本发明公开的第一种通信系统中建立ESP安全联盟的方法的流程图。它包括以下步骤：Please refer to FIG. 3 , which is a flowchart of a method for establishing an ESP security association in the first communication system disclosed in the present invention. It includes the following steps:

S110：AAA服务器生成ESP安全联盟的安全密钥，并将所述安全密钥通知家乡代理HA；S110: The AAA server generates a security key of the ESP security association, and notifies the home agent HA of the security key;

S120：移动节点MN接收从AAA服务器发送的安全密钥，或者MN按照与AAA服务器预约定的生成规则生成相同的安全密钥；S120: The mobile node MN receives the security key sent from the AAA server, or the MN generates the same security key according to the predetermined generation rule with the AAA server;

S130：MN和HA采用所述安全密钥、预先设定或由AAA服务器指定的加密算法及预先配置的安全参数索引SPI建立ESP安全联盟。S130: The MN and the HA establish an ESP security association using the security key, the encryption algorithm preset or specified by the AAA server, and the security parameter index SPI configured in advance.

以下具体说明每一步骤。Each step is described in detail below.

一、步骤S1101. Step S110

MN在接入鉴权认证过程和首次家乡代理HA注册过程后，MN和HA之间有一个共享密钥信息，该共享密钥信息主要用于保护后续MN和HA之间的BU(绑定更新)/BA(绑定响应)过程的完整性，本发明将该共享密钥称之为第一密钥。AAA服务器可以直接将该第一密钥作为ESP安全联盟的安全密钥，也可以由第一密钥派生出所述安全密钥。较佳地实施方式是通过AAA服务器由第一密钥派生出安全密钥。派生主要是指根据预先设定的一计算公式或函数，将第一密钥作为一公式或函数的已知因子得到对应的安全密钥。After the MN access authentication process and the first home agent HA registration process, there is a shared key information between the MN and the HA, which is mainly used to protect the subsequent BU (binding update) between the MN and the HA. )/BA (Binding Response) process integrity, the present invention refers to the shared key as the first key. The AAA server may directly use the first key as the security key of the ESP security association, or may derive the security key from the first key. A preferred implementation manner is to derive the security key from the first key through the AAA server. Derivation mainly refers to obtaining a corresponding security key by using the first key as a known factor of a formula or function according to a preset calculation formula or function.

除了第一密钥外，也可以由接入鉴权认证过程第一密钥的根密钥MSK或EMSK来产生安全密钥。即，直接将第一密钥的根密钥MSK或EMSK作为安全密钥，或者，由第一密钥的根密钥派生出安全密钥。当然，除了第一密钥和第一密钥的根密钥外，AAA服务器也可以利用其它MN和AAA服务器或者MN和HA之前保有的密钥信息，生成MN和HA之间的ESP安全联盟的密钥。In addition to the first key, the security key may also be generated by the root key MSK or EMSK of the first key in the access authentication process. That is, directly use the root key MSK or EMSK of the first key as the security key, or derive the security key from the root key of the first key. Of course, in addition to the first key and the root key of the first key, the AAA server can also use the key information previously held by other MNs and AAA servers or MN and HA to generate the key information of the ESP security association between the MN and the HA. key.

AAA服务器在下发第一密钥至HA的同时，可以将该安全密钥发送至HA。换句话说，AAA服务器将第一密钥和安全密钥包含在AAA到HA的交互消息Access-Accept中进行发送。另外，当ESP安全联盟的加密算法是由AAA服务器指定时，AAA服务器可以将第一密钥、安全密钥和指定的加密算法同时发送至HA。When delivering the first key to the HA, the AAA server may also send the security key to the HA. In other words, the AAA server sends the first key and the security key in the Access-Accept exchange message from the AAA to the HA. In addition, when the encryption algorithm of the ESP security association is specified by the AAA server, the AAA server may simultaneously send the first key, the security key and the specified encryption algorithm to the HA.

二、步骤S1202. Step S120

MN可以由两种方式获得安全密钥，第一种方式是通过接收AAA服务器发送的安全密钥获得所述安全密钥，比如，AAA服务器在MN接入鉴权认证过程将安全密钥发送至MN；第二种方式是MN预先保存有用于生成安全密钥的生成规则，所述生成规则和AAA服务器上生成安全密钥的生成规则相同，这样，MN按照该规则生成的安全密钥和AAA服务器上生成的安全密钥相同。所述生成规则主要是指步骤S110中AAA服务器如何得到安全密钥的流程及对应的参数。The MN can obtain the security key in two ways. The first way is to obtain the security key by receiving the security key sent by the AAA server. For example, the AAA server sends the security key to the MN; the second way is that the MN pre-stores a generation rule for generating a security key, and the generation rule is the same as the generation rule for generating a security key on the AAA server, so that the security key generated by the MN according to this rule is the same as the AAA The same security key is generated on the server. The generation rule mainly refers to the process of how the AAA server obtains the security key in step S110 and the corresponding parameters.

当加密算法是由AAA服务器指定时，AAA服务器也可以将指定后的加密算法在MN接入鉴权认证过程同安全密钥一起发送至MN。When the encryption algorithm is specified by the AAA server, the AAA server may also send the specified encryption algorithm together with the security key to the MN during the MN access authentication process.

三、步骤S1303. Step S130

SPI(Security Parameter Index安全参数索引)在一个实体中是唯一的。这里实体为HA和MN，可以动态的为安全联盟分配SPI，一个简单的例子就是新增一个安全联盟就为它分配一个没有使用过的SPI。可以预先预留一个SPI，不能再分配给其他用途的安全联盟，而仅仅使用于返回可路由过程。当然如果有其他应用场景，可以另外预定义一个SPI，或者就共享使用。SPI (Security Parameter Index Security Parameter Index) is unique in an entity. The entities here are HA and MN, which can dynamically allocate SPIs to security associations. A simple example is to add an unused SPI to a new security association. An SPI can be reserved in advance, and cannot be allocated to other security associations, but only used to return the routable process. Of course, if there are other application scenarios, you can pre-define an additional SPI, or just share it.

MN和HA之间默认的ESP安全联盟所必须满足的其它参数：如加密算法不为空、ESP模式为隧道模式、SPI为双方都知道的数值，这些信息都预先配置。Other parameters that must be satisfied by the default ESP security association between the MN and the HA: such as the encryption algorithm is not empty, the ESP mode is the tunnel mode, and the SPI is a value known to both parties. These information are pre-configured.

HA和MN之间利用安全密钥、SPI和加密算法建立ESP安全联盟。HA and MN use security key, SPI and encryption algorithm to establish ESP security association.

请参阅图4，其为本发明公开的第一种通信系统中建立ESP安全联盟的系统的结构原于理示意图。还包括AAA服务器，所述AAA服务器包括第一安全密钥生成单元，用于生成ESP安全联盟的安全密钥，并将所述安全密钥通知家乡代理HA；Please refer to FIG. 4 , which is a schematic structural diagram of a system for establishing an ESP security association in the first communication system disclosed in the present invention. An AAA server is also included, and the AAA server includes a first security key generating unit for generating a security key of the ESP security association, and notifying the home agent HA of the security key;

所述AAA服务器还包括加密算法指定单元，用于指定HA与MN之间的ESP安全联盟的加密算法，并通知HA和MN。若通过加密算法指定单元指定加密算法，则HA与MN之间无需预先保存加密算法。The AAA server also includes an encryption algorithm specifying unit for specifying the encryption algorithm of the ESP security association between the HA and the MN, and notifying the HA and the MN. If the encryption algorithm is specified by the encryption algorithm specifying unit, there is no need to store the encryption algorithm in advance between the HA and the MN.

上述系统中移动节点是通过自身的第二安全密钥生成单元来生成安全密钥，另外，也可以直接接收从AAA服务器发送的安全密钥。即，In the above system, the mobile node generates the security key through its own second security key generation unit, and can also directly receive the security key sent from the AAA server. Right now,

请参阅图5，其为本发明公开的第二种通信系统中建立ESP安全联盟的系统的结构示意图。它还包括AAA服务器，所述AAA服务器包括第一安全密钥生成单元，用于生成ESP安全联盟的安全密钥，并将所述安全密钥通知家乡代理HA和移动节点MN；Please refer to FIG. 5 , which is a schematic structural diagram of a system for establishing an ESP security association in the second communication system disclosed in the present invention. It also includes an AAA server, and the AAA server includes a first security key generating unit for generating a security key of an ESP security association, and notifying the home agent HA and the mobile node MN of the security key;

请参阅图6，其为本发明公开的第二种通信系统中建立ESP安全联盟的方法的流程图。它包括：Please refer to FIG. 6 , which is a flowchart of a method for establishing an ESP security association in a second communication system disclosed in the present invention. it includes:

S210：AAA服务器协商移动节点MN和家乡代理HA之间的安全联盟参数，并将协商好的安全联盟参数分别通知MN和HA，所述安全联盟参数包括加密算法或者包括加密算法和安全参数索引SPI；S210: The AAA server negotiates the security association parameters between the mobile node MN and the home agent HA, and notifies the MN and the HA of the negotiated security association parameters respectively, and the security association parameters include an encryption algorithm or an encryption algorithm and a security parameter index SPI ;

S220：AAA服务器生成ESP安全联盟的安全密钥，并通知HA；S220: the AAA server generates the security key of the ESP security association, and notifies the HA;

S230：MN从AAA服务器上获得所述安全密钥或者按照与AAA服务器预约定的生成规则生成相同的安全密钥；S230: The MN obtains the security key from the AAA server or generates the same security key according to a predetermined generation rule with the AAA server;

S240：MN和HA采用所述安全密钥、加密算法及预配置或协商好的SPI建立ESP安全联盟。S240: The MN and the HA establish an ESP security association using the security key, the encryption algorithm, and the pre-configured or negotiated SPI.

步骤S210中AAA服务器协商移动节点MN和家乡代理HA之间的安全联盟参数可以通过以下步骤完成：In step S210, the AAA server negotiates the security association parameters between the mobile node MN and the home agent HA and can be completed through the following steps:

(1)MN通知AAA服务器本节点所支持的所有加密算法以及分配给本节点MN和HA之间ESP安全联盟的SPI。MN可以在接入鉴权过程将所述加密算法和所述SPI发送至AAA服务器。(1) The MN notifies the AAA server of all the encryption algorithms supported by the node and the SPI assigned to the ESP security association between the node MN and the HA. The MN may send the encryption algorithm and the SPI to the AAA server during the access authentication process.

(2)AAA服务器获得家乡代理HA为本HA与MN之间ESP安全联盟分配的SPI，并从MN能够支持的加密算法之中选择HA能够支持的一种加密算法作为协商好的加密算法。(2) The AAA server obtains the SPI allocated by the home agent HA for the ESP security association between the HA and the MN, and selects an encryption algorithm supported by the HA from the encryption algorithms supported by the MN as the negotiated encryption algorithm.

在网络规划时，HA和AAA服务器可以预配置成支持相同的加密算法，并且预定义用于该业务的SPI。AAA服务器接收到MN所有加密算法后，从该些加密算法中找到AAA服务器所支持的其中一种加密算法作为HA和MN之间的ESP安全联盟的加密算法。During network planning, the HA and AAA servers can be preconfigured to support the same encryption algorithm and predefine the SPI used for this service. After receiving all the encryption algorithms of the MN, the AAA server finds one of the encryption algorithms supported by the AAA server as the encryption algorithm of the ESP security association between the HA and the MN.

另外，还可以在HA上预设定所有加密算法，这样，AAA服务器接收到MN所有加密算法后，从该些加密算法中找到AAA服务器所支持的其中一种加密算法作为HA和MN之间的ESP安全联盟的加密算法。In addition, all encryption algorithms can also be preset on the HA. In this way, after the AAA server receives all the encryption algorithms of the MN, it can find one of the encryption algorithms supported by the AAA server from these encryption algorithms as the link between the HA and the MN. The encryption algorithm of the ESP security association.

还有，AAA服务器还可以在MN接入鉴权认证过程或绑定更新BU过程中，询问HA所支持所有加密算法和HA为本HA与MN之间ESP安全联盟分配的SPI，并且，AAA服务器从HA、MN和AAA服务器都支持的加密算法中找到其中一种算法作为HA与MN之间的ESP安全联盟的加密算法。In addition, the AAA server can also inquire about all encryption algorithms supported by the HA and the SPI allocated by the HA for the ESP security association between the HA and the MN during the MN access authentication process or the binding update BU process, and the AAA server Find one of the encryption algorithms supported by the HA, the MN and the AAA server as the encryption algorithm of the ESP security association between the HA and the MN.

AAA服务器通知MN最终确定的加密算法和HA预分配的用于该业务的ESP安全联盟的SPI。AAA服务器可以在MN接入鉴权认证过程将加密算法和SPI通知至MN。并且，AAA服务器将最终确定的加密算法和MN分配给HA与本MN之间ESP安全联盟的SPI。The AAA server notifies the MN of the final encryption algorithm and the SPI of the ESP security association pre-allocated by the HA for this service. The AAA server may notify the MN of the encryption algorithm and SPI during the MN access authentication process. And, the AAA server assigns the finally determined encryption algorithm and the MN to the SPI of the ESP security association between the HA and the MN.

步骤S220至步骤S240和上述公开的第一种HA与MN之间建立ESP安全联盟方法中的步骤S110至步骤S130类似，在此先省略。需要说明的是，安全密钥可以和加密算法、SPI一起在接入鉴权认证过程中通知至MN。Steps S220 to S240 are similar to steps S110 to S130 in the above disclosed first method for establishing an ESP security association between the HA and the MN, and are omitted here. It should be noted that the security key can be notified to the MN together with the encryption algorithm and the SPI during the access authentication process.

另外需要说明的一点是：HA与MN在MN接入鉴权认证过程协商完成ESP安全联盟的建立时，它和移动IP注册过程可以没有前后关系。Another point that needs to be explained is: when the HA and the MN negotiate and complete the establishment of the ESP security association in the MN access authentication process, it may have no context with the mobile IP registration process.

请参阅图7，其为本发明公开的第三种通信系统中建立ESP安全联盟的系统的结构示意图。它还包括AAA服务器，所述AAA服务器包括协商单元和第一安全密钥生成单元，Please refer to FIG. 7 , which is a schematic structural diagram of a system for establishing an ESP security association in a third communication system disclosed in the present invention. It also includes an AAA server, the AAA server includes a negotiating unit and a first security key generating unit,

所述移动节点还包括第二安全密钥生成单元和第一建立安全联盟单元，所述第二安全密钥生成单元：用于按照预保存的与AAA服务器约定的相同生成规则生成安全密钥；所述第一建立安全联盟单元，用于通过接收到的加密算法、预配置或接收到的安全参数索引和生成的安全密钥建立与家乡代理HA的ESP安全联盟；The mobile node also includes a second security key generation unit and a first security association establishment unit, the second security key generation unit: used to generate the security key according to the same pre-saved generation rules agreed with the AAA server; The first security association establishment unit is configured to establish an ESP security association with the home agent HA through the received encryption algorithm, the pre-configured or received security parameter index and the generated security key;

请参阅图8，其为本发明公开的第四种通信系统中建立ESP安全联盟的系统的结构示意图。它还包括AAA服务器，所述AAA服务器包括协商单元和第一安全密钥生成单元，Please refer to FIG. 8 , which is a schematic structural diagram of a system for establishing an ESP security association in a fourth communication system disclosed in the present invention. It also includes an AAA server, the AAA server includes a negotiating unit and a first security key generating unit,

请参阅图9，其为本发明公开的第三种通信系统中建立ESP安全联盟的方法的流程图。它包括：Please refer to FIG. 9 , which is a flowchart of a method for establishing an ESP security association in a third communication system disclosed in the present invention. it includes:

S310：将移动节点MN接入鉴权认证过程或中或HA和MN绑定更新初始过程中产生的用于本MN和HA进行绑定更新的共享密钥作为密钥交互协议过程的预配置密钥；S310: Use the shared key used for the binding update between the MN and the HA, which is generated during the access authentication process of the mobile node MN or during the initial process of the binding update between the HA and the MN, as the pre-configured key for the key exchange protocol process. key;

S320：在密钥交互协议过程中，协商建立MN和HA之间的ESP安全联盟S320: During the key exchange protocol process, negotiate to establish an ESP security association between the MN and the HA

S21：MN和HA之间协商建立一安全通道；S21: Negotiate between the MN and the HA to establish a secure channel;

S22：利用所述预配置密钥进行MN和HA的互相验证，建立交互过程中的第一个Ipsec安全联盟；S22: Use the pre-configured key to perform mutual authentication between the MN and the HA, and establish the first IPsec security association in the interaction process;

S23：将所述第一个Ipsec安全联盟作为MN和HA之间的ESP安全联盟或者，利用第一个Ipsec安全联盟重新协商ESP安全联盟。S23: Use the first IPsec security association as the ESP security association between the MN and the HA or use the first IPsec security association to renegotiate the ESP security association.

目前的密钥交互协议主要就是IKEv1和IKEv2。IKE过程都可以分为初始化子过程、验证子过程以及子安全联盟协商子过程。在初始化子过程中，交互双方互相发送Diffie-Hellman方法所需要的数据、协商算法以及随机数，创建一个专属于IKE协商过程的安全联盟；在初始化子过程所建立的安全联盟的私密性保护下，交互双方进行互相的验证，验证可以基于电子证书或者是预共享密钥，验证成功后第一个子安全联盟也被建立；当验证子过程成功完成以后，交互双方就可以协商创建更多的子安全联盟。The current key exchange protocols are mainly IKEv1 and IKEv2. The IKE process can be divided into initialization sub-process, verification sub-process and sub-SA negotiation sub-process. In the initialization sub-process, the two sides of the interaction send each other the data required by the Diffie-Hellman method, the negotiation algorithm and the random number, and create a security association dedicated to the IKE negotiation process; under the privacy protection of the security association established in the initialization sub-process , the two sides of the interaction conduct mutual verification, and the verification can be based on electronic certificates or pre-shared keys. After the verification is successful, the first sub-SA is also established; when the verification sub-process is successfully completed, the two parties can negotiate to create more sub security association.

本方法主要是通过密钥交互协议完成移动节点MN和家乡代理HA之间的ESP安全联盟的建立，即引入密钥交互协议过程来协商建立MN和HA之间的安全联盟的建立，同时由于密钥交互协议(IKEv2为例)过程本身也需要预配置密钥在端点之间相互验证，本发明通过密钥交互协议(IKEv2为例)过程协商建立MN和HA之间的安全联盟，并且将移动节点MN和AAA服务器之间的鉴权认证过程中协商产生的密钥信息作为密钥交互协议(IKEv2为例)中的预配置密钥。This method mainly completes the establishment of the ESP security association between the mobile node MN and the home agent HA through the key exchange protocol, that is, introduces the key exchange protocol process to negotiate the establishment of the security association between the MN and the HA. The key exchange protocol (IKEv2 as an example) process itself also needs pre-configured keys to authenticate each other between endpoints. The present invention negotiates and establishes a security association between the MN and HA through the key exchange protocol (IKEv2 as an example) process, and the mobile The key information generated during the negotiation between the node MN and the AAA server is used as the pre-configured key in the key exchange protocol (IKEv2 as an example).

如果移动节点MN和家乡代理HA之间不存在一个ESP的安全联盟，移动节点MN和家乡代理HA之间必须发起一个密钥交互过程(这里以IKEv2为例)。If there is no ESP security association between the mobile node MN and the home agent HA, a key exchange process must be initiated between the mobile node MN and the home agent HA (here, IKEv2 is taken as an example).

首先IKE-SA-INIT过程(初始化子过程)移动节点MN和家乡代理HA之间协商建立一个相对于其他节点安全的通路，建立安全通路是已有技术，可以参考RFC4306。大致过程是，双方交换随机数，按照DH算法，计算出仅双方知道的密钥，然后所有的后续的交互都由这个密钥加密。其他节点由于没有这个密钥信息，也就无法看到上述双方的通信内容。Firstly, the IKE-SA-INIT process (initialization sub-process) negotiates between the mobile node MN and the home agent HA to establish a safe path relative to other nodes. Establishing a safe path is an existing technology, and RFC4306 can be referred to. The general process is that the two parties exchange random numbers, and calculate a key known only to both parties according to the DH algorithm, and then all subsequent interactions are encrypted by this key. Since other nodes do not have this key information, they cannot see the communication content of the above two parties.

然后在IKE-AUTH过程(验证子过程)中分别利用预共享密钥互相验证，并且建立IKE过程中的第一个IPsec安全联盟。双方身份验证通过后，可以在预先建立的安全通路上协商ESP安全联盟(包含相关密钥以及加密算法)，或者是已经商议了第一个IPsec安全联盟作为ESP安全联盟(包含相关密钥以及加密算法)，以保证有能力在移动节点MN和家乡代理HA之间提供信令或者数据的私密性。HA与MN之间建立的ESP安全联盟必须包含一个保证私密性的算法以及私密性密钥(即所述安全密钥)。Then in the IKE-AUTH process (authentication sub-process), respectively use the pre-shared key to authenticate each other, and establish the first IPsec security association in the IKE process. After both parties pass the authentication, they can negotiate the ESP security association (including related keys and encryption algorithms) on the pre-established security channel, or the first IPsec security association has been negotiated as the ESP security association (including related keys and encryption algorithms). Algorithm) to ensure the ability to provide signaling or data privacy between the mobile node MN and the home agent HA. The ESP security association established between the HA and the MN must include an algorithm for ensuring privacy and a privacy key (ie, the security key).

ESP安全联盟中的生成密钥的方法是在密钥交互协商过程设定的，或者所述ESP安全联盟中的生成密钥的方法是在预先完成的MN接入鉴权认证过程中设定的。The key generation method in the ESP security association is set during the key exchange negotiation process, or the key generation method in the ESP security association is set in the pre-completed MN access authentication process .

请参阅10，其为本发明提供第五种通信系统中建立ESP安全联盟的系统的结构示意图。所述移动节点和家乡代理中都设有预配置密钥单元和协商单元，Please refer to 10, which is a schematic structural diagram of a system for establishing an ESP security association in a fifth communication system provided by the present invention. Both the mobile node and the home agent are provided with a pre-configured key unit and a negotiation unit,

所述预配置密钥：用于将移动节点MN接入鉴权认证过程中或HA和MN绑定更新初始过程中产生的用于本MN和HA进行绑定更新的共享密钥作为密钥交互协议过程的预配置密钥；The pre-configured key: used to exchange the shared key used for the binding update between the MN and the HA, which is generated during the access authentication process of the mobile node MN or during the initial process of binding update between the HA and the MN. Pre-configured keys for the protocol process;

协商单元：用于在密钥交互协议过程中，协商建立MN和HA之间的ESP安全联盟。Negotiation unit: used for negotiating and establishing the ESP security association between the MN and the HA during the key exchange protocol process.

上述三种方法的其中之一产生HA与MN之间的ESP安全联盟后，在RRP过程中可以利用建立的ESP安全联盟进行通信，由此保证了MN和HA之间返回可路由过程的私密性，进而保证了后续MN和CN之间BU过程的密钥信息kbm的安全性。最终，WiMax等无线网络可以正常支持路由优化R0，保证路由优化R0信令的私密性。After one of the above three methods generates the ESP security association between the HA and the MN, the established ESP security association can be used for communication during the RRP process, thereby ensuring the privacy of the returning routable process between the MN and the HA , thereby ensuring the security of the key information kbm of the subsequent BU process between the MN and the CN. Finally, wireless networks such as WiMax can normally support routing optimization R0 to ensure the privacy of routing optimization R0 signaling.

以上公开的仅为本发明的几个具体实施例，但本发明并非局限于此，任何本领域的技术人员能思之的变化，都应落在本发明的保护范围内。The above disclosures are only a few specific embodiments of the present invention, but the present invention is not limited thereto, and any changes conceivable by those skilled in the art should fall within the protection scope of the present invention.