CN109309566B - An authentication method, device, system, device and storage medium - Google Patents

Abstract

Translated fromChinese

本发明公开了一种认证方法、装置、系统、设备及存储介质，所述方法包括：AUSF设备接收包含随机数RAND、认证令牌AUTN、期望的响应和会话根密钥的认证矢量，并获取加密密钥，采用所述加密密钥对所述会话根密钥进行加密；向SEAF设备发送包括RAND、AUTN和加密后的会话根密钥的5G‑AIA消息，使SEAF设备将RAND、AUTN发送给UE，并根据UE返回的认证响应采用预设的算法确定解密密钥，对加密的会话根密钥进行解密；接收SEAF设备对加密后的会话根密钥解密成功后发送的5G‑AC消息，确定其完成对UE的认证。用以解决现有技术中存在会话根密钥明文传输，易被攻击者获取，影响用户通信安全的问题。

The invention discloses an authentication method, apparatus, system, equipment and storage medium. The method includes: an AUSF device receives an authentication vector including a random number RAND, an authentication token AUTN, an expected response and a session root key, and obtains Encryption key, using the encryption key to encrypt the session root key; sending a 5G-AIA message including RAND, AUTN and the encrypted session root key to the SEAF device, so that the SEAF device sends the RAND, AUTN to the UE, and use a preset algorithm to determine the decryption key according to the authentication response returned by the UE, and decrypt the encrypted session root key; receive a 5G‑AC message sent by the SEAF device after successfully decrypting the encrypted session root key , determine that it has completed the authentication to the UE. The method is used to solve the problem in the prior art that the session root key is transmitted in plain text, which is easily acquired by attackers and affects the security of user communication.

Description

Translated fromChinese

一种认证方法、装置、系统、设备及存储介质An authentication method, device, system, device and storage medium

技术领域technical field

本发明涉及通信技术领域，尤其涉及一种认证方法、装置、系统、设备及存储介质。The present invention relates to the field of communication technologies, and in particular, to an authentication method, apparatus, system, device and storage medium.

背景技术Background technique

为了应对未来爆炸性的移动数据流量增长、海量的设备连接、不断涌现的各类新业务和应用场景，第五代移动通信系统(5th-Generation，5G)应运而生。演进分组系统-认证与密钥协商协议(Evolved Packet System-Authentication and Key Agreement，EPS-AKA)是一种用于实时验证通信实体身份真实性的密码学协议，它在一个安全系统中起关键作用，除了身份认证外常附带有会话密钥建立的功能，因此也被称为认证密钥建立协议。3GPP TS 33.501已决定把EPS-AKA*作为5G中对3GPP用户进行接入认证的认证协议之一。EPS-AKA*是EPS-AKA的一个改进。EPS-AKA*相比EPS-AKA的改进之处增强了认证服务功能(Authentication Server Function，AUSF)设备对UE认证结果的监控，这样避免安全锚点功能(Security Anchor Function，SEAF)设备对AUSF设备可能进行的认证结果欺骗。其方法是在SEAF设备对UE成功认证后，SEAF设备还要把认证结果返回给AUSF设备，以确认UE是否在SEAF设备已认证。In order to cope with the explosive growth of mobile data traffic, massive device connections, and various new services and application scenarios emerging in the future, the fifth-generation mobile communication system (5th-Generation, 5G) came into being. Evolved Packet System-Authentication and Key Agreement (EPS-AKA) is a cryptographic protocol used to verify the authenticity of the identity of communicating entities in real time, and it plays a key role in a security system , which is often accompanied by the function of session key establishment in addition to identity authentication, so it is also called an authentication key establishment protocol. 3GPP TS 33.501 has decided to use EPS-AKA* as one of the authentication protocols for 3GPP user access authentication in 5G. EPS-AKA* is an improvement of EPS-AKA. Compared with EPS-AKA, EPS-AKA* enhances the monitoring of the UE authentication result by the Authentication Server Function (AUSF) device, so as to avoid the Security Anchor Function (SEAF) device to the AUSF device. Possible spoofing of authentication results. The method is that after the SEAF device successfully authenticates the UE, the SEAF device also returns the authentication result to the AUSF device to confirm whether the UE has been authenticated in the SEAF device.

然而，在这种认证方式下，EPS-AKA*与EPS-AKA一样会把会话根密钥从AUSF设备明文传输到SEAF设备，攻击者可以对传输的会话根密钥进行窃取，并根据会话根密钥窃听SEAF设备通信的内容，无法保证用户的通信安全，影响了用户体验。However, in this authentication method, EPS-AKA*, like EPS-AKA, will transmit the session root key from the AUSF device to the SEAF device in plaintext. The key eavesdropping on the content of the SEAF device communication cannot guarantee the user's communication security and affects the user experience.

发明内容SUMMARY OF THE INVENTION

本发明提供一种认证方法、装置、系统、设备及存储介质，用以解决现有技术中存在会话根密钥在AUSF设备及SEAF设备之间明文传输时，易被攻击者获取，影响用户通信安全及体验的问题。The present invention provides an authentication method, device, system, device and storage medium, which are used to solve the problem that in the prior art, when a session root key is transmitted in plain text between an AUSF device and a SEAF device, it is easy to be acquired by an attacker and affects user communication. Safety and experience issues.

本发明公开了一种认证方法，应用于认证服务功能AUSF设备，所述方法包括：The invention discloses an authentication method, which is applied to an authentication service function AUSF device. The method includes:

接收包含随机数RAND、认证令牌AUTN、期望的响应和会话根密钥的认证矢量，并获取加密密钥，采用所述加密密钥对所述会话根密钥进行加密，其中所述加密密钥根据期望的响应及预设的算法确定；Receive an authentication vector containing a random number RAND, an authentication token AUTN, a desired response, and a session root key, and obtain an encryption key, which is used to encrypt the session root key, wherein the encryption key is used to encrypt the session root key. The key is determined according to the expected response and the preset algorithm;

向安全锚点功能SEAF设备发送包括RAND、AUTN和加密后的会话根密钥的5G认证启动响应5G-AIA消息，使所述SEAF设备接收到所述5G-AIA消息后，将所述RAND、AUTN发送给所述UE，并根据所述UE返回的认证响应采用所述预设的算法生成解密密钥，对所述加密后的会话根密钥进行解密；Send a 5G authentication initiation response 5G-AIA message including RAND, AUTN and encrypted session root key to the security anchor function SEAF device, so that after the SEAF device receives the 5G-AIA message, the RAND, The AUTN is sent to the UE, and the preset algorithm is used to generate a decryption key according to the authentication response returned by the UE, and the encrypted session root key is decrypted;

接收SEAF设备发送的5G认证确认5G-AC消息，确定所述SEAF设备完成对UE的认证，其中所述5G-AC消息为所述SEAF设备对所述加密后的会话根密钥解密成功后发送的。Receive the 5G authentication confirmation 5G-AC message sent by the SEAF device, and determine that the SEAF device has completed the authentication of the UE, wherein the 5G-AC message is sent after the SEAF device successfully decrypts the encrypted session root key of.

进一步地，所述获取加密密钥包括：Further, the obtaining the encryption key includes:

根据所述认证矢量中包含的期望的响应，及预设的算法生成第一密钥，并根据生成的所述第一密钥获取加密密钥；或Generate a first key according to the expected response contained in the authentication vector and a preset algorithm, and obtain an encryption key according to the generated first key; or

接收认证凭证存储和处理功能ARPF设备发送的第一密钥，根据接收的所述第一密钥获取加密密钥，其中所述ARPF设备根据期望的响应，及预设的算法生成所述第一密钥。Receive the first key sent by the authentication credential storage and processing function ARPF device, and obtain the encryption key according to the received first key, wherein the ARPF device generates the first key according to the expected response and a preset algorithm key.

进一步地，根据所述第一密钥获取加密密钥包括：Further, obtaining the encryption key according to the first key includes:

将所述第一密钥作为加密密钥；或using the first key as an encryption key; or

在所述第一密钥中按照预设的第一方法，截取第一设定长度作为加密密钥。In the first key, according to a preset first method, a first set length is intercepted as an encryption key.

进一步地，所述向SEAF设备发送包括所述RAND、AUTN和加密后的会话根密钥的5G-AIA消息之前，所述方法还包括：Further, before the sending the 5G-AIA message including the RAND, AUTN and the encrypted session root key to the SEAF device, the method further includes:

获取第一子期望的响应；Get the response expected by the first child;

所述向SEAF设备发送包括所述RAND、AUTN和加密后的会话根密钥的5G-AIA消息包括：The sending the 5G-AIA message including the RAND, AUTN and the encrypted session root key to the SEAF device includes:

向SEAF设备发送包括所述RAND、AUTN、第一子期望的响应和加密后的会话根密钥的5G-AIA消息。A 5G-AIA message including the RAND, AUTN, the first sub-expected response and the encrypted session root key is sent to the SEAF device.

进一步地，所述获取第一子期望的响应包括：Further, the obtaining the first sub-expected response includes:

根据所述RAND、期望的响应、会话根密钥及预设的第一哈希算法生成第一哈希值；按照预设的第二方法，在所述第一哈希值中截取第二设定长度作为第一子期望的响应；或Generate a first hash value according to the RAND, the expected response, the session root key and the preset first hash algorithm; according to the preset second method, intercept the second set from the first hash value according to the preset second method fixed length as the response expected by the first sub; or

在所述第一密钥中按照预设的第三方法，截取第三设定长度作为第一子期望的响应。In the first key, according to a preset third method, a third set length is intercepted as a response of the first sub-expected.

进一步地，所述接收SEAF设备发送的5G认证确认消息之前，所述方法还包括：Further, before receiving the 5G authentication confirmation message sent by the SEAF device, the method further includes:

获取第二子期望的响应；Get the response expected by the second child;

接收SEAF设备发送的5G-AC消息，确定所述SEAF设备完成对UE的认证包括：Receiving the 5G-AC message sent by the SEAF device, and determining that the SEAF device has completed the authentication of the UE includes:

接收SEAF设备发送的包含第二子响应的5G-AC消息，根据所述第二子期望响应验证所述第二子响应，如果验证通过，确定所述SEAF设备完成对UE的认证。Receive the 5G-AC message containing the second sub-response sent by the SEAF device, verify the second sub-response according to the second sub-expected response, and if the verification passes, determine that the SEAF device has completed the authentication of the UE.

进一步地，所述获取第二子期望的响应包括：Further, the obtaining the response of the second sub-expectation includes:

根据所述RAND、期望的响应、会话根密钥及预设的第二哈希算法生成第二哈希值；按照预设的第四方法，在所述第二哈希值中截取第四设定长度作为第二子期望的响应；或A second hash value is generated according to the RAND, the expected response, the session root key and the preset second hash algorithm; according to the preset fourth method, a fourth set of hash values is intercepted from the second hash value. fixed length as the response expected by the second sub; or

在所述第一密钥中按照预设的第五方法，截取第五设定长度作为第二子期望的响应。In the first key, according to a preset fifth method, a fifth set length is intercepted as a response of the second sub-expected.

进一步地，根据期望的响应，及预设的算法生成第一密钥包括：Further, generating the first key according to the expected response and the preset algorithm includes:

根据所述RAND、所述期望的响应及预设的算法生成第一密钥。A first key is generated according to the RAND, the expected response and a preset algorithm.

本发明公开了一种认证方法，应用于安全锚点功能SEAF设备，所述方法包括：The invention discloses an authentication method, which is applied to a security anchor function SEAF device. The method includes:

接收认证服务功能AUSF设备发送的包括随机数RAND、认证令牌AUTN和加密后的会话根密钥的5G认证启动响应5G-AIA消息，将所述RAND、AUTN发送给所述UE，其中所述5G-AIA消息中的加密后的会话根密钥为，所述AUSF设备接收包含随机数RAND、认证令牌AUTN、期望的响应和会话根密钥的认证矢量，并根据期望的响应及预设的算法确定的；Receive the 5G authentication initiation response 5G-AIA message including the random number RAND, the authentication token AUTN and the encrypted session root key sent by the authentication service function AUSF device, and send the RAND and AUTN to the UE, wherein the The encrypted session root key in the 5G-AIA message is that the AUSF device receives the authentication vector containing the random number RAND, the authentication token AUTN, the expected response and the session root key, and according to the expected response and preset algorithm determined;

接收所述UE返回的认证响应，并根据所述认证响应及所述预设的算法确定解密密钥，对所述加密后的会话根密钥进行解密；receiving the authentication response returned by the UE, and determining a decryption key according to the authentication response and the preset algorithm, and decrypting the encrypted session root key;

如果对所述加密后的会话根密钥解密成功，则向所述AUSF设备发送5G认证确认5G-AC消息。If the encrypted session root key is successfully decrypted, a 5G authentication confirmation 5G-AC message is sent to the AUSF device.

进一步地，所述根据所述认证响应及所述预设的算法确定解密密钥包括：Further, the determining the decryption key according to the authentication response and the preset algorithm includes:

根据所述认证响应及预设的算法生成第二密钥，将所述第二密钥作为解密密钥；或Generate a second key according to the authentication response and a preset algorithm, and use the second key as a decryption key; or

根据所述认证响应及预设的算法生成第二密钥，在所述第二密钥中按照预设的第一方法，截取第一设定长度作为解密密钥。A second key is generated according to the authentication response and a preset algorithm, and a first set length is intercepted from the second key as a decryption key according to a preset first method.

进一步地，所述接收AUSF设备发送的包含RAND、AUTN和加密后的会话根密钥的5G-AIA消息包括：Further, the receiving the 5G-AIA message containing RAND, AUTN and encrypted session root key sent by the AUSF device includes:

接收AUSF设备发送的包含RAND、AUTN、第一子期望的响应和加密后的会话根密钥的5G-AIA消息；Receive a 5G-AIA message sent by the AUSF device that includes RAND, AUTN, the first sub-expected response, and the encrypted session root key;

所述向所述AUSF设备发送5G-AC消息之前，所述方法还包括：Before the sending the 5G-AC message to the AUSF device, the method further includes:

获取第一子响应；Get the first sub-response;

根据所述第一子期望响应验证所述第一子响应，如果验证通过，进行后续步骤。The first sub-response is verified according to the first sub-expected response, and if the verification is passed, the subsequent steps are performed.

进一步地，所述获取第一子响应包括：Further, the obtaining the first sub-response includes:

根据所述RAND、认证响应、会话根密钥及预设的第一哈希算法生成第一校验哈希值；按照预设的第二方法，在所述第一校验哈希值中截取第二设定长度作为第一子响应；或A first check hash value is generated according to the RAND, the authentication response, the session root key and the preset first hash algorithm; according to the second preset method, intercepted from the first check hash value the second set length as the first sub-response; or

在所述第二密钥中按照预设的第三方法，截取第三设定长度作为第一子响应。In the second key, according to a preset third method, a third set length is intercepted as the first sub-response.

进一步地，所述向所述AUSF设备发送5G-AC之前，所述方法还包括：Further, before the 5G-AC is sent to the AUSF device, the method further includes:

获取第二子响应；Get the second sub-response;

所述向AUSF设备发送5G-AC消息包括：The sending a 5G-AC message to the AUSF device includes:

向所述AUSF设备发送包含所述第二子响应的5G-AC消息。A 5G-AC message containing the second sub-response is sent to the AUSF device.

进一步地，所述获取第二子响应包括：Further, the obtaining the second sub-response includes:

根据所述RAND、认证响应、会话根密钥及预设的第二哈希算法生成第二校验哈希值；按照预设的第四方法，在所述第二校验哈希值中截取第四设定长度作为第二子响应；或Generate a second check hash value according to the RAND, the authentication response, the session root key and the preset second hash algorithm; according to the fourth preset method, intercept the second check hash value from the second check hash value the fourth set length as the second sub-response; or

在所述第二密钥中按照预设的第五方法，截取第五设定长度作为第二子响应。In the second key, according to the preset fifth method, a fifth set length is intercepted as the second sub-response.

进一步地，所述根据认证响应及预设的算法生成第二密钥包括：Further, generating the second key according to the authentication response and the preset algorithm includes:

根据所述RAND、所述认证响应及预设的算法生成第二密钥。A second key is generated according to the RAND, the authentication response and a preset algorithm.

本发明公开了一种认证装置，应用于认证服务功能AUSF设备，所述装置包括：The invention discloses an authentication device, which is applied to an authentication service function AUSF device. The device includes:

加密模块，用于接收包含随机数RAND、认证令牌AUTN、期望的响应和会话根密钥的认证矢量，并获取加密密钥，采用所述加密密钥对所述会话根密钥进行加密，其中所述加密密钥根据期望的响应及预设的算法确定；an encryption module, configured to receive an authentication vector including a random number RAND, an authentication token AUTN, an expected response and a session root key, obtain an encryption key, and encrypt the session root key by using the encryption key, wherein the encryption key is determined according to an expected response and a preset algorithm;

发送模块，用于向安全锚点功能SEAF设备发送包括RAND、AUTN和加密后的会话根密钥的5G认证启动响应5G-AIA消息，使所述SEAF设备接收到所述5G-AIA消息后，将所述RAND、AUTN发送给所述UE，并根据所述UE返回的认证响应采用所述预设的算法生成解密密钥，对所述加密后的会话根密钥进行解密；A sending module, configured to send a 5G authentication initiation response 5G-AIA message including RAND, AUTN and encrypted session root key to the security anchor function SEAF device, so that after the SEAF device receives the 5G-AIA message, sending the RAND and AUTN to the UE, and using the preset algorithm to generate a decryption key according to the authentication response returned by the UE, and decrypt the encrypted session root key;

接收确定模块，用于接收SEAF设备发送的5G认证确认消息5G-AC，确定所述SEAF设备完成对UE的认证，其中所述5G-AC为所述SEAF设备对所述加密后的会话根密钥解密成功后发送的。A receiving and determining module is configured to receive a 5G authentication confirmation message 5G-AC sent by the SEAF device, and determine that the SEAF device has completed the authentication of the UE, wherein the 5G-AC is the encrypted session root password of the SEAF device Sent after successful decryption of the key.

本发明公开了一种认证装置，应用于安全锚点功能SEAF设备，所述装置包括：The invention discloses an authentication device, which is applied to a safety anchor function SEAF device. The device includes:

收发模块，用于接收认证服务功能AUSF设备发送的包括随机数RAND、认证令牌AUTN和加密后的会话根密钥的5G-AIA消息，将所述RAND、AUTN发送给所述UE，其中所述5G-AIA消息中的加密后的会话根密钥为所述AUSF设备接收包含随机数RAND、认证令牌AUTN、期望的响应和会话根密钥的认证矢量，并根据期望的响应及预设的算法确定的；The transceiver module is configured to receive the 5G-AIA message including the random number RAND, the authentication token AUTN and the encrypted session root key sent by the authentication service function AUSF device, and send the RAND and AUTN to the UE, wherein the The encrypted session root key in the 5G-AIA message is the authentication vector received by the AUSF device that includes the random number RAND, the authentication token AUTN, the expected response and the session root key, and according to the expected response and preset algorithm determined;

接收解密模块，用于接收所述UE返回的认证响应，并根据所述认证响应及所述预设的算法确定解密密钥，对所述加密后的会话根密钥进行解密；a receiving decryption module, configured to receive the authentication response returned by the UE, determine a decryption key according to the authentication response and the preset algorithm, and decrypt the encrypted session root key;

发送模块，用于如果对所述加密后的会话根密钥解密成功，则向所述AUSF设备发送5G认证确认5G-AC消息。A sending module, configured to send a 5G authentication confirmation 5G-AC message to the AUSF device if the encrypted session root key is successfully decrypted.

本发明公开了一种认证服务功能AUSF设备，包括存储器、处理器和收发机；The invention discloses an authentication service function AUSF device, comprising a memory, a processor and a transceiver;

所述处理器，用于读取存储器中的程序，执行下列过程：通过收发机接收包含随机数RAND、认证令牌AUTN、期望的响应和会话根密钥的认证矢量，并获取加密密钥，采用所述加密密钥对所述会话根密钥进行加密，其中所述加密密钥根据期望的响应及预设的算法确定；向安全锚点功能SEAF设备发送包括RAND、AUTN和加密后的会话根密钥的5G认证启动响应5G-AIA消息，使所述SEAF设备接收到所述5G-AIA消息后，将所述RAND、AUTN发送给所述UE，并根据所述UE返回的认证响应采用所述预设的算法生成解密密钥，对所述加密后的会话根密钥进行解密；接收SEAF设备发送的5G认证确认消息5G-AC，确定所述SEAF设备完成对UE的认证，其中所述5G-AC为所述SEAF设备对所述加密后的会话根密钥解密成功后发送的。the processor, for reading the program in the memory, performs the following processes: receiving the authentication vector containing the random number RAND, the authentication token AUTN, the expected response and the session root key through the transceiver, and obtaining the encryption key, The session root key is encrypted by using the encryption key, wherein the encryption key is determined according to the expected response and a preset algorithm; the session root key including RAND, AUTN and encrypted session is sent to the security anchor function SEAF device The 5G authentication initiation response of the root key responds to the 5G-AIA message, so that after the SEAF device receives the 5G-AIA message, it sends the RAND and AUTN to the UE, and uses the authentication response returned by the UE to use The preset algorithm generates a decryption key, and decrypts the encrypted session root key; receives a 5G authentication confirmation message 5G-AC sent by the SEAF device, and determines that the SEAF device has completed the authentication of the UE, wherein the The 5G-AC is sent after the SEAF device successfully decrypts the encrypted session root key.

进一步地，所述处理器，具体用于根据所述认证矢量中包含的期望的响应，及预设的算法生成第一密钥，并根据生成的所述第一密钥获取加密密钥；或接收认证凭证存储和处理功能设备ARPF设备发送的第一密钥，根据接收的所述第一密钥获取加密密钥，其中所述ARPF设备根据期望的响应，及预设的算法生成所述密钥。Further, the processor is specifically configured to generate a first key according to the expected response contained in the authentication vector and a preset algorithm, and obtain an encryption key according to the generated first key; or Receive the first key sent by the authentication credential storage and processing function device ARPF device, and obtain the encryption key according to the received first key, wherein the ARPF device generates the encryption key according to the expected response and the preset algorithm. key.

进一步地，所述处理器，具体用于将所述第一密钥作为加密密钥；或在所述第一密钥中按照预设的第一方法，截取第一设定长度作为加密密钥。Further, the processor is specifically configured to use the first key as an encryption key; or according to a preset first method in the first key, intercept a first set length as an encryption key .

进一步地，所述处理器，还用于获取第一子期望的响应；通过收发机向SEAF设备发送包括所述RAND、AUTN、第一子期望的响应和加密后的会话根密钥的5G-AIA消息。Further, the processor is further configured to obtain the response of the first sub-expected; send the 5G-address including the RAND, AUTN, the response of the first sub-expected and the encrypted session root key to the SEAF device through the transceiver. AIA news.

进一步地，所述处理器，具体用于根据所述RAND、期望的响应、会话根密钥及预设的第一哈希算法生成第一哈希值；按照预设的第二方法，在所述第一哈希值中截取第二设定长度作为第一子期望的响应；或在所述密钥中按照预设的第三方法，截取第三设定长度作为第一子期望的响应。Further, the processor is specifically configured to generate the first hash value according to the RAND, the expected response, the session root key and the preset first hash algorithm; according to the preset second method, in the The second set length is intercepted from the first hash value as the response of the first sub-expected; or the third preset length is intercepted in the key according to the preset third method as the response of the first sub-expected.

进一步地，所述处理器，还用于获取第二子期望的响应；通过收发机接收SEAF设备发送的包含第二子响应的5G-AC消息，根据所述第二子期望响应验证所述第二子响应，如果验证通过，确定所述SEAF设备完成对UE的认证。Further, the processor is further configured to obtain a second sub-expected response; receive a 5G-AC message including a second sub-response sent by the SEAF device through a transceiver, and verify the second sub-expected response according to the second sub-expected response. In the second sub-response, if the verification is passed, it is determined that the SEAF device has completed the authentication of the UE.

进一步地，所述处理器，具体用于根据所述RAND、期望的响应、会话根密钥及预设的第二哈希算法生成第二哈希值；按照预设的第四方法，在所述第二哈希值中截取第四设定长度作为第二子期望的响应；或在所述密钥中按照预设的第五方法，截取第五设定长度作为第二子期望的响应。Further, the processor is specifically configured to generate the second hash value according to the RAND, the expected response, the session root key and the preset second hash algorithm; according to the preset fourth method, in the intercepting the fourth set length from the second hash value as the response of the second sub-expectation; or intercepting the fifth preset length from the key according to the preset fifth method as the response of the second sub-expectation.

进一步地，所述处理器，具体用于根据所述RAND、所述期望的响应及预设的算法生成第一密钥。Further, the processor is specifically configured to generate the first key according to the RAND, the expected response and a preset algorithm.

本发明公开了一种安全锚点功能SEAF设备，包括：存储器、处理器和收发机；The invention discloses a safety anchor function SEAF device, comprising: a memory, a processor and a transceiver;

所述处理器，用于读取存储器中的程序，执行下列过程：通过收发机接收认证服务功能AUSF设备发送的包括随机数RAND、认证令牌AUTN和加密后的会话根密钥的5G认证启动响应5G-AIA消息，将所述RAND、AUTN发送给所述UE，其中所述5G-AIA消息中的加密后的会话根密钥为，所述AUSF设备接收包含随机数RAND、认证令牌AUTN、期望的响应和会话根密钥的认证矢量，并根据期望的响应及预设的算法确定的；接收所述UE返回的认证响应，并根据所述认证响应及所述预设的算法确定解密密钥，对所述加密后的会话根密钥进行解密；如果对所述加密后的会话根密钥解密成功，则向所述AUSF设备发送5G认证确认5G-AC消息。The processor, configured to read the program in the memory, executes the following process: Receive the 5G authentication startup including the random number RAND, the authentication token AUTN and the encrypted session root key sent by the authentication service function AUSF device through the transceiver In response to the 5G-AIA message, the RAND and AUTN are sent to the UE, wherein the encrypted session root key in the 5G-AIA message is, the AUSF device receives a random number RAND, an authentication token AUTN , the expected response and the authentication vector of the session root key, and determined according to the expected response and the preset algorithm; receive the authentication response returned by the UE, and determine the decryption according to the authentication response and the preset algorithm key, decrypt the encrypted session root key; if the encrypted session root key is successfully decrypted, send a 5G authentication confirmation 5G-AC message to the AUSF device.

进一步地，所述处理器，具体用于根据所述认证响应及预设的算法生成第二密钥，将所述第二密钥作为解密密钥；或根据所述认证响应及预设的算法生成第二密钥，在所述第二密钥中按照预设的第一方法，截取第一设定长度作为解密密钥。Further, the processor is specifically configured to generate a second key according to the authentication response and a preset algorithm, and use the second key as a decryption key; or according to the authentication response and the preset algorithm A second key is generated, and a first set length is intercepted in the second key according to a preset first method as a decryption key.

进一步地，所述处理器，具体用于通过收发机接收AUSF设备发送的包含RAND、AUTN、第一子期望的响应和加密后的会话根密钥的5G-AIA消息；获取第一子响应；根据所述第一子期望响应验证所述第一子响应，如果验证通过，进行后续步骤。Further, the processor is specifically configured to receive, through the transceiver, a 5G-AIA message including RAND, AUTN, the first sub-expected response and the encrypted session root key sent by the AUSF device; obtain the first sub-response; The first sub-response is verified according to the first sub-expected response, and if the verification is passed, the subsequent steps are performed.

进一步地，所述处理器，具体用于根据所述RAND、认证响应、会话根密钥及预设的第一哈希算法生成第一校验哈希值；按照预设的第二方法，在所述第一校验哈希值中截取第二设定长度作为第一子响应；或在所述第二密钥中按照预设的第三方法，截取第三设定长度作为第一子响应。Further, the processor is specifically configured to generate a first verification hash value according to the RAND, the authentication response, the session root key and the preset first hash algorithm; according to the preset second method, in the The second set length is intercepted from the first check hash value as the first sub-response; or the second key is intercepted according to a preset third method, and the third set length is intercepted as the first sub-response .

进一步地，所述处理器，还用于获取第二子响应；通过收发机向所述AUSF设备发送包含所述第二子响应的5G-AC消息。Further, the processor is further configured to acquire a second sub-response; and send a 5G-AC message including the second sub-response to the AUSF device through the transceiver.

进一步地，所述处理器，具体用于根据所述RAND、认证响应、会话根密钥及预设的第二哈希算法生成第二校验哈希值；按照预设的第四方法，在所述第二校验哈希值中截取第四设定长度作为第二子响应；或在所述第二密钥中按照预设的第五方法，截取第五设定长度作为第二子响应。Further, the processor is specifically configured to generate a second verification hash value according to the RAND, the authentication response, the session root key and the preset second hash algorithm; according to the preset fourth method, in the The fourth set length is intercepted from the second check hash value as the second sub-response; or the fifth set length is intercepted as the second sub-response in the second key according to the preset fifth method .

进一步地，所述处理器，具体用于根据所述RAND、所述认证响应及预设的算法生成第二密钥。Further, the processor is specifically configured to generate a second key according to the RAND, the authentication response and a preset algorithm.

本发明公开了一种认证系统，所述认证系统包括UE、认证服务功能AUSF设备和安全锚点功能SEAF设备；其中，The invention discloses an authentication system, which includes a UE, an authentication service function AUSF device and a security anchor function SEAF device; wherein,

所述AUSF设备，用于接收包含随机数RAND、认证令牌AUTN、期望的响应和会话根密钥的认证矢量，并获取加密密钥，采用所述加密密钥对所述会话根密钥进行加密，其中所述加密密钥根据期望的响应及预设的算法确定；并向所述SEAF设备发送包括RAND、AUTN和加密后的会话根密钥的5G认证启动响应5G-AIA消息；The AUSF device is configured to receive an authentication vector including a random number RAND, an authentication token AUTN, an expected response, and a session root key, and obtain an encryption key, and perform an encryption process on the session root key using the encryption key. Encryption, wherein the encryption key is determined according to the expected response and a preset algorithm; and send a 5G authentication initiation response 5G-AIA message including RAND, AUTN and encrypted session root key to the SEAF device;

所述SEAF设备，用于接收AUSF设备发送的包括随机数RAND、认证令牌AUTN和加密后的会话根密钥的5G-AIA消息，并将所述RAND、AUTN发送给所述UE；the SEAF device, configured to receive a 5G-AIA message including a random number RAND, an authentication token AUTN and an encrypted session root key sent by an AUSF device, and send the RAND and AUTN to the UE;

所述UE，用于接收所述SEAF设备发送的RAND、AUTN，根据所述RAND、AUTN生成认证响应，并将所述认证响应发送给所述SEAF设备；The UE is configured to receive the RAND and AUTN sent by the SEAF device, generate an authentication response according to the RAND and AUTN, and send the authentication response to the SEAF device;

所述SEAF设备，还用于接收所述UE返回的认证响应，并根据所述认证响应及所述预设的算法确定解密密钥，对所述加密后的会话根密钥进行解密；并且如果对所述加密后的会话根密钥解密成功，则向所述AUSF设备发送5G认证确认5G-AC消息；The SEAF device is further configured to receive the authentication response returned by the UE, determine a decryption key according to the authentication response and the preset algorithm, and decrypt the encrypted session root key; and if If the encrypted session root key is successfully decrypted, send a 5G authentication confirmation 5G-AC message to the AUSF device;

所述AUSF设备，还用于接收所述SEAF设备发送的5G-AC消息，确定所述SEAF设备完成对UE的认证。The AUSF device is further configured to receive a 5G-AC message sent by the SEAF device, and determine that the SEAF device completes authentication to the UE.

进一步地，所述AUSF设备，具体用于根据所述认证矢量中包含的期望的响应，及预设的算法生成第一密钥，并根据生成的所述第一密钥获取加密密钥；或接收认证凭证存储和处理功能设备ARPF设备发送的第一密钥，根据接收的所述第一密钥获取加密密钥，其中所述ARPF设备根据期望的响应，及预设的算法生成所述密钥；其中，根据所述第一密钥获取加密密钥包括：将所述第一密钥作为加密密钥；或在所述第一密钥中按照预设的第一方法，截取第一设定长度作为加密密钥；Further, the AUSF device is specifically configured to generate a first key according to the expected response included in the authentication vector and a preset algorithm, and obtain an encryption key according to the generated first key; or Receive the first key sent by the authentication credential storage and processing function device ARPF device, and obtain the encryption key according to the received first key, wherein the ARPF device generates the encryption key according to the expected response and the preset algorithm. wherein, obtaining the encryption key according to the first key includes: using the first key as the encryption key; or intercepting the first encryption key according to a preset first method in the first key A fixed length as the encryption key;

所述SEAF设备，具体用于根据所述认证响应及预设的算法生成第二密钥，将所述第二密钥作为解密密钥；或根据所述认证响应及预设的算法生成第二密钥，在所述第二密钥中按照预设的第一方法，截取第一设定长度作为解密密钥。The SEAF device is specifically configured to generate a second key according to the authentication response and a preset algorithm, and use the second key as a decryption key; or generate a second key according to the authentication response and the preset algorithm. The key, in the second key, according to the preset first method, intercept the first set length as the decryption key.

进一步地，所述AUSF设备，还用于获取第一子期望的响应；向SEAF设备发送包括所述RAND、AUTN、第一子期望的响应和加密后的会话根密钥的5G-AIA消息；Further, the AUSF device is further configured to obtain the response of the first sub-expected; send a 5G-AIA message including the RAND, AUTN, the response of the first sub-expected and the encrypted session root key to the SEAF device;

所述SEAF设备，具体用于接收AUSF设备发送的包含RAND、AUTN、第一子期望的响应和加密后的会话根密钥的5G-AIA消息；获取第一子响应；根据所述第一子期望响应验证所述第一子响应，如果验证通过，向所述AUSF设备发送5G-AC消息。The SEAF device is specifically configured to receive a 5G-AIA message including RAND, AUTN, the first sub-expected response and the encrypted session root key sent by the AUSF device; obtain the first sub-response; according to the first sub-response; The expected response verifies the first sub-response, and if the verification passes, a 5G-AC message is sent to the AUSF device.

进一步地，所述AUSF设备，具体用于根据所述RAND、期望的响应、会话根密钥及预设的第一哈希算法生成第一哈希值；按照预设的第二方法，在所述第一哈希值中截取第二设定长度作为第一子期望的响应；或在所述密钥中按照预设的第三方法，截取第三设定长度作为第一子期望的响应；Further, the AUSF device is specifically configured to generate the first hash value according to the RAND, the expected response, the session root key and the preset first hash algorithm; according to the preset second method, in the intercepting the second set length from the first hash value as the response expected by the first sub; or according to a preset third method in the key, intercepting the third set length as the response expected by the first sub;

所述SEAF设备，具体用于根据所述RAND、认证响应、会话根密钥及预设的第一哈希算法生成第一校验哈希值；按照预设的第二方法，在所述第一校验哈希值中截取第二设定长度作为第一子响应；或在所述第二密钥中按照预设的第三方法，截取第三设定长度作为第一子响应。The SEAF device is specifically configured to generate a first check hash value according to the RAND, the authentication response, the session root key and the preset first hash algorithm; according to the preset second method, in the first A second set length is intercepted from a check hash value as the first sub-response; or a third set length is intercepted from the second key as the first sub-response according to a preset third method.

进一步地，所述AUSF设备，还用于获取第二子期望的响应；Further, the AUSF device is also used to obtain the response of the second sub-expected;

所述SEAF设备，还用于获取第二子响应；向所述AUSF设备发送包含所述第二子响应的5G认证确认消息；The SEAF device is further configured to acquire a second sub-response; send a 5G authentication confirmation message including the second sub-response to the AUSF device;

所述AUSF设备，具体用于接收SEAF设备发送的包含第二子响应的5G认证确认消息，根据所述第二子期望响应验证所述第二子响应，如果验证通过，确定所述SEAF设备完成对UE的认证。The AUSF device is specifically configured to receive a 5G authentication confirmation message containing a second sub-response sent by the SEAF device, verify the second sub-response according to the second sub-expected response, and if the verification is passed, determine that the SEAF device has completed Authentication to the UE.

进一步地，所述AUSF设备，具体用于根据所述RAND、期望的响应、会话根密钥及预设的第二哈希算法生成第二哈希值；按照预设的第四方法，在所述第二哈希值中截取第四设定长度作为第二子期望的响应；或在所述密钥中按照预设的第五方法，截取第五设定长度作为第二子期望的响应；Further, the AUSF device is specifically configured to generate the second hash value according to the RAND, the expected response, the session root key and the preset second hash algorithm; according to the preset fourth method, in the intercepting the fourth set length from the second hash value as the response of the second sub-expectation; or according to the preset fifth method in the key, intercepting the fifth set length as the response of the second sub-expectation;

所述SEAF设备，具体用于根据所述RAND、认证响应、会话根密钥及预设的第二哈希算法生成第二校验哈希值；按照预设的第四方法，在所述第二校验哈希值中截取第四设定长度作为第二子响应；或在所述第二密钥中按照预设的第五方法，截取第五设定长度作为第二子响应。The SEAF device is specifically configured to generate a second check hash value according to the RAND, the authentication response, the session root key and the preset second hash algorithm; according to the preset fourth method, in the first The fourth set length is intercepted from the two-check hash value as the second sub-response; or the second key is intercepted according to the preset fifth method, and the fifth set length is intercepted as the second sub-response.

进一步地，所述AUSF设备，具体用于根据所述RAND、所述期望的响应及预设的算法生成第一密钥；Further, the AUSF device is specifically configured to generate a first key according to the RAND, the expected response and a preset algorithm;

所述SEAF设备，具体用于根据所述RAND、所述认证响应及预设的算法生成第二密钥。The SEAF device is specifically configured to generate a second key according to the RAND, the authentication response and a preset algorithm.

本发明公开了一种电子设备，包括：处理器、通信接口、存储器和通信总线，其中，处理器，通信接口，存储器通过通信总线完成相互间的通信；The invention discloses an electronic device, comprising: a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory communicate with each other through the communication bus;

所述存储器中存储有计算机程序，当所述程序被所述处理器执行时，使得所述处理器执行上述任一项所述方法的步骤。A computer program is stored in the memory, and when the program is executed by the processor, the processor causes the processor to perform the steps of any one of the methods described above.

本发明公开了一种电子设备，包括：处理器、通信接口、存储器和通信总线，其中，处理器，通信接口，存储器通过通信总线完成相互间的通信；The invention discloses an electronic device, comprising: a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory communicate with each other through the communication bus;

所述存储器中存储有计算机程序，当所述程序被所述处理器执行时，使得所述处理器执行上述任一项所述方法的步骤。A computer program is stored in the memory, and when the program is executed by the processor, the processor causes the processor to perform the steps of any one of the methods described above.

本发明公开了一种计算机可读存储介质，其存储有可由电子设备执行的计算机程序，当所述程序在所述电子设备上运行时，使得所述电子设备执行上述任一项所述方法的步骤。The present invention discloses a computer-readable storage medium, which stores a computer program executable by an electronic device, and when the program runs on the electronic device, makes the electronic device execute any one of the above-mentioned methods. step.

本发明公开了一种计算机可读存储介质，其存储有可由电子设备执行的计算机程序，当所述程序在所述电子设备上运行时，使得所述电子设备执行上述任一项所述方法的步骤。The present invention discloses a computer-readable storage medium, which stores a computer program executable by an electronic device, and when the program runs on the electronic device, makes the electronic device execute any one of the above-mentioned methods. step.

本发明公开了一种认证方法、装置、系统、设备及存储介质，所述方法包括：AUSF设备接收包含随机数RAND、认证令牌AUTN、期望的响应和会话根密钥的认证矢量，并获取加密密钥，采用所述加密密钥对所述会话根密钥进行加密，其中所述加密密钥根据期望的响应及预设的算法确定；向安全锚点功能SEAF设备发送包括RAND、AUTN和加密后的会话根密钥的5G-AIA消息，使所述SEAF设备接收到所述5G-AIA消息后，将所述RAND、AUTN发送给所述UE，并根据所述UE返回的认证响应采用所述预设的算法生成解密密钥，对所述加密后的会话根密钥进行解密；接收SEAF设备发送的5G认证确认5G-AC消息，确定所述SEAF设备完成对UE的认证，其中所述5G-AC消息为所述SEAF设备对所述加密后的会话根密钥解密成功后发送的。由于在本发明实施例中，AUSF设备获取根据期望的响应及预设的算法确定加密密钥，采用所述加密密钥对所述会话根密钥进行加密，向SEAF设备发送包括加密后的会话根密钥的5G-AIA消息，SEAF设备根据UE返回的认证响应采用所述预设的算法生成解密密钥，对所述加密后的会话根密钥进行解密，避免了会话根密钥明文在AUSF设备和SEAF设备之间传输，增加了会话根密钥传输的安全性，保证了用户的通信安全，提高了用户体验。The invention discloses an authentication method, apparatus, system, equipment and storage medium. The method includes: an AUSF device receives an authentication vector including a random number RAND, an authentication token AUTN, an expected response and a session root key, and obtains Encryption key, using the encryption key to encrypt the session root key, wherein the encryption key is determined according to the expected response and the preset algorithm; send to the security anchor function SEAF device including RAND, AUTN and The encrypted 5G-AIA message of the session root key, so that after the SEAF device receives the 5G-AIA message, it sends the RAND and AUTN to the UE, and adopts the authentication response returned by the UE according to the The preset algorithm generates a decryption key, and decrypts the encrypted session root key; receives a 5G authentication confirmation 5G-AC message sent by the SEAF device, and determines that the SEAF device has completed the authentication of the UE, wherein the The 5G-AC message is sent after the SEAF device successfully decrypts the encrypted session root key. Because in this embodiment of the present invention, the AUSF device obtains the encryption key determined according to the expected response and the preset algorithm, uses the encryption key to encrypt the session root key, and sends the encrypted session including the encrypted session to the SEAF device. The 5G-AIA message of the root key, the SEAF device uses the preset algorithm to generate a decryption key according to the authentication response returned by the UE, and decrypts the encrypted session root key to avoid the session root key plaintext in the The transmission between the AUSF device and the SEAF device increases the security of the session root key transmission, ensures the user's communication security, and improves the user experience.

附图说明Description of drawings

为了更清楚地说明本发明实施例或现有技术中的技术方案，下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍，显而易见地，下面描述中的附图仅仅是本发明的一些实施例，对于本领域普通技术人员来讲，在不付出创造性劳动的前提下，还可以根据这些附图获得其他的附图。In order to explain the embodiments of the present invention or the technical solutions in the prior art more clearly, the following briefly introduces the accompanying drawings that need to be used in the description of the embodiments or the prior art. Obviously, the accompanying drawings in the following description are only These are some embodiments of the present invention. For those of ordinary skill in the art, other drawings can also be obtained from these drawings without creative efforts.

图1为本发明实施例1提供的一种认证过程示意图；1 is a schematic diagram of an authentication process provided in Embodiment 1 of the present invention;

图2为本发明实施例4提供的一种认证过程示意图；2 is a schematic diagram of an authentication process according to Embodiment 4 of the present invention;

图3为本发明实施例6提供的一种认证过程示意图；3 is a schematic diagram of an authentication process according to Embodiment 6 of the present invention;

图4为本发明实施例7提供的一种认证过程示意图；4 is a schematic diagram of an authentication process according to Embodiment 7 of the present invention;

图5为本发明实施例9提供的一种认证过程示意图；5 is a schematic diagram of an authentication process according to Embodiment 9 of the present invention;

图6为本发明实施例9提供的一种认证过程示意图；6 is a schematic diagram of an authentication process according to Embodiment 9 of the present invention;

图7为本发明实施例11提供的一种认证装置结构示意图；7 is a schematic structural diagram of an authentication device according to Embodiment 11 of the present invention;

图8为本发明实施例12提供的一种认证装置结构示意图；8 is a schematic structural diagram of an authentication device according to Embodiment 12 of the present invention;

图9为本发明实施例13提供的AUSF设备的结构示意图；FIG. 9 is a schematic structural diagram of an AUSF device according to Embodiment 13 of the present invention;

图10为本发明实施例14提供的SEAF设备的结构示意图；10 is a schematic structural diagram of a SEAF device according to Embodiment 14 of the present invention;

图11为本发明实施例15提供的一种认证系统结构示意图；11 is a schematic structural diagram of an authentication system according to Embodiment 15 of the present invention;

图12为本发明实施例16提供的一种电子设备；12 is an electronic device according to Embodiment 16 of the present invention;

图13为本发明实施例18提供的一种电子设备。FIG. 13 is an electronic device according to Embodiment 18 of the present invention.

具体实施方式Detailed ways

下面将结合本发明实施例中的附图，对本发明实施例中的技术方案进行清楚、完整地描述，显然，所描述的实施例仅仅是本发明一部分实施例，而不是全部的实施例。基于本发明中的实施例，本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例，都属于本发明保护的范围。The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only a part of the embodiments of the present invention, but not all of the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts shall fall within the protection scope of the present invention.

实施例1：Example 1:

图1为本发明实施例提供的一种认证过程示意图，该过程包括：FIG. 1 is a schematic diagram of an authentication process according to an embodiment of the present invention, and the process includes:

S101：接收包含随机数(RAND)、认证令牌(AUTN)、期望的响应(XRES*)和会话根密钥(KASME*)的认证矢量，并获取加密密钥，采用所述加密密钥对所述会话根密钥进行加密，其中所述加密密钥根据期望的响应及预设的算法确定。S101: Receive an authentication vector including a random number (RAND), an authentication token (AUTN), an expected response (XRES*), and a session root key (KASME*), and obtain an encryption key, and use the encryption key pair The session root key is encrypted, wherein the encryption key is determined according to the expected response and a preset algorithm.

在5G网络中定义的网络逻辑实体包括：终端(UE)、SEAF设备、AUSF设备、认证凭证存储和处理功能(Authentication Credential Repository and Processing Function，ARPF)设备。本发明实施例提供的认证方法应用于UE的归属网络设备AUSF设备。本发明实施例中的SEAF设备是UE的漫游网络设备。The network logical entities defined in the 5G network include: a terminal (UE), a SEAF device, an AUSF device, and an Authentication Credential Repository and Processing Function (ARPF) device. The authentication method provided by the embodiment of the present invention is applied to the home network device AUSF device of the UE. The SEAF device in the embodiment of the present invention is a roaming network device of the UE.

具体的，UE的归属网络设备中的AUSF设备向ARPF设备发送认证矢量请求消息(AV-Req)，ARPF设备接收到AUSF设备发送的AV-Req后，生成包含RAND、AUTN、XRES*和KASME*的认证矢量(AV)。Specifically, the AUSF device in the UE's home network device sends an authentication vector request message (AV-Req) to the ARPF device. After receiving the AV-Req sent by the AUSF device, the ARPF device generates a message including RAND, AUTN, XRES* and KASME* Authentication Vector (AV).

其中所述XRES*可由如下公式计算得出：XRES*＝PRF(CK，IK，RES，RAND，漫游网络名)，其中PRF为第一设定哈希函数、CK为加密密钥、IK为完整性检验密钥、RES为预期响应、RAND为随机数；KASME*可由如下公式计算得出：KASME*＝PRF(CK，IK，

漫游网络名)，其中PRF为第二设定哈希函数、CK为加密密钥、IK为完整性检验密钥、SQN为网络侧接收到的序号、AK为匿名密钥；其中第一设定哈希函数和第二设定哈希函数可以分别根据用户需求的XRES*的长度和KASME*长度进行设定，例如：可以选择安全散列算法(Secure HashAlgorithm，SHA)中输出长度为224比特的SHA-3作为第一设定哈希函数，并在SHA-3输出的224比特的哈希值中按照预设的方法截取128比特作为XRES*，例如可以截取起始部分的128比特，当然了也可以是截取中间部分的128比特，选择输出长度为256比特的SHA-256作为第二设定哈希函数。在本发明实施例中RAND、AUTN、CK、IK、RES、SQN、AK的确定过程与现有的EPS-AKA中RAND、AUTN、CK、IK、RES、SQN、AK的确定过程相同，不再进行赘述。The XRES* can be calculated by the following formula: XRES*=PRF(CK, IK, RES, RAND, roaming network name), wherein PRF is the first set hash function, CK is the encryption key, and IK is the complete check key, RES is the expected response, and RAND is a random number; KASME* can be calculated by the following formula: KASME*=PRF(CK, IK,

Roaming network name), wherein PRF is the second setting hash function, CK is the encryption key, IK is the integrity check key, SQN is the serial number received by the network side, and AK is the anonymous key; wherein the first set The hash function and the second set hash function can be set according to the length of XRES* and the length of KASME* respectively according to user requirements. SHA-3 is used as the first set hash function, and 128 bits are intercepted as XRES* in the 224-bit hash value output by SHA-3 according to the preset method. For example, 128 bits of the initial part can be intercepted, of course. Alternatively, 128 bits of the middle part may be intercepted, and SHA-256 with an output length of 256 bits is selected as the second set hash function. In the embodiment of the present invention, the determination process of RAND, AUTN, CK, IK, RES, SQN, and AK is the same as the determination process of RAND, AUTN, CK, IK, RES, SQN, and AK in the existing EPS-AKA. Repeat.

生成认证矢量后，UE的归属网络设备中的AUSF设备或ARPF设备都可以根据XRES*及预设的哈希函数确定加密密钥，其中预设的哈希函数可以为SHA-224、SHA-256、SHA-384等中的任意一种。其中，对可采用如下公式对所述会话根密钥进行加密：

其中EKASME*为加密后的会话根密钥，KASME*为会话根密钥，MASK为加密密钥。After the authentication vector is generated, the AUSF device or ARPF device in the UE's home network device can determine the encryption key according to XRES* and a preset hash function, where the preset hash function can be SHA-224, SHA-256 , SHA-384, etc. Wherein, the following formula can be used to encrypt the session root key:

Where EKASME* is the encrypted session root key, KASME* is the session root key, and MASK is the encryption key.

另外，如果是由AUSF设备确定密钥，并采用所述加密密钥对所述会话根密钥进行加密，ARPF设备在生成包含RAND、AUTN、XRES*和KASME*的认证矢量后，将包含所述RAND、AUTN、XRES*和KASME*的认证矢量的认证矢量响应消息(AV-Resp)发送给AUSF设备。AUSF设备根据所述XRES*及预设的算法生成密钥，根据生成的密钥获取加密密钥，采用所述加密密钥对所述KASME*进行加密生成EKASME*。In addition, if the AUSF device determines the key and uses the encryption key to encrypt the session root key, the ARPF device will include the The authentication vector response message (AV-Resp) of the authentication vector of the RAND, AUTN, XRES* and KASME* is sent to the AUSF device. The AUSF device generates a key according to the XRES* and a preset algorithm, obtains an encryption key according to the generated key, and encrypts the KASME* with the encryption key to generate EKASME*.

如果是由ARPF设备确定密钥，ARPF设备根据所述XRES*及预设的算法生成密钥，将该密钥携带在认证矢量中发送给AUSF设备，或者通过一条新的信息将该密钥发送给AUSF设备。AUSF设备接收到密钥后，获取加密密钥，对接收到的认证矢量中包含的KASME*进行加密生成EKASME*。If the key is determined by the ARPF device, the ARPF device generates the key according to the XRES* and the preset algorithm, carries the key in the authentication vector and sends it to the AUSF device, or sends the key through a new message to AUSF equipment. After receiving the key, the AUSF device obtains the encryption key, and encrypts the KASME* contained in the received authentication vector to generate EKASME*.

S102：向SEAF设备发送包括所述RAND、AUTN和加密后的会话根密钥的5G认证启动响应(5G-Authentication Initiation Answer，5G-AIA)消息，使所述SEAF设备接收到所述5G-AIA消息后，将所述RAND、AUTN发送给所述UE，并根据所述UE返回的认证响应采用所述预设的算法生成解密密钥，对所述加密后的会话根密钥进行解密；S102: Send a 5G authentication initiation response (5G-Authentication Initiation Answer, 5G-AIA) message including the RAND, AUTN and encrypted session root key to the SEAF device, so that the SEAF device receives the 5G-AIA After the message, send the RAND and AUTN to the UE, and use the preset algorithm to generate a decryption key according to the authentication response returned by the UE, and decrypt the encrypted session root key;

具体的，UE的归属网络设备中的AUSF设备向SEAF设备发送包括所述RAND、AUTN和加密后的会话根密钥的5G-AIA消息，SEAF设备接收到所述5G-AIA消息后，向UE发送包含所述RAND和AUTN的认证请求消息(Auth-req)，UE接收到所述Auth-req后，根据所述RAND和AUTN生成认证响应(RES*)，并将包含所述RES*的认证响应消息(Auth-Resp)，发送给所述SEAF设备，SEAF设备根据所述RES*及所述预设的算法生成解密密钥，并根据所述解密密钥对所述加密后的会话根密钥进行异或运算得到会话根密钥。UE根据RAND和AUTN生成认证响应的过程属于现有技术，在本发明实施例中对该过程不进行赘述。Specifically, the AUSF device in the UE's home network device sends a 5G-AIA message including the RAND, AUTN and the encrypted session root key to the SEAF device. After receiving the 5G-AIA message, the SEAF device sends the 5G-AIA message to the UE. Send an authentication request message (Auth-req) containing the RAND and AUTN. After receiving the Auth-req, the UE generates an authentication response (RES*) according to the RAND and AUTN, and sends the authentication containing the RES*. A response message (Auth-Resp) is sent to the SEAF device, and the SEAF device generates a decryption key according to the RES* and the preset algorithm, and performs the encrypted session root key according to the decryption key. The key is XORed to obtain the session root key. The process of the UE generating the authentication response according to the RAND and the AUTN belongs to the prior art, and the process is not described repeatedly in the embodiment of the present invention.

S103：接收SEAF设备发送的5G认证确认(5G-Authentication confirmation，5G-AC)消息，确定所述SEAF设备完成对UE的认证，其中所述5G-AC消息为所述SEAF设备对所述加密后的会话根密钥解密成功后发送的。S103 : Receive a 5G authentication confirmation (5G-Authentication confirmation, 5G-AC) message sent by the SEAF device, and determine that the SEAF device has completed the authentication of the UE, wherein the 5G-AC message is obtained after the encryption by the SEAF device Sent after successful decryption of the session root key.

如果SEAF设备对所述加密后的会话根密钥成功解密得到会话根密钥，SEAF设备向UE的归属网络设备AUSF设备发送5G-AC消息，UE的归属网络设备AUSF设备接收到所述5G-AC消息，确定所述SEAF设备完成对UE的认证。If the SEAF device successfully decrypts the encrypted session root key to obtain the session root key, the SEAF device sends a 5G-AC message to the UE's home network device AUSF device, and the UE's home network device AUSF device receives the 5G-AC message. AC message to determine that the SEAF device has completed the authentication to the UE.

由于在本发明实施例中，AUSF设备获取根据期望的响应及预设的算法确定的加密密钥，采用所述加密密钥对所述会话根密钥进行加密，向SEAF设备发送包括加密后的会话根密钥的5G-AIA消息，SEAF设备根据UE返回的认证响应采用所述预设的算法生成解密密钥，对所述加密后的会话根密钥进行解密，避免了会话根密钥明文在AUSF设备和SEAF设备之间传输，增加了会话根密钥传输的安全性，保证了用户的通信安全，提高了用户体验。In this embodiment of the present invention, the AUSF device obtains the encryption key determined according to the expected response and the preset algorithm, uses the encryption key to encrypt the session root key, and sends the encrypted data including the encrypted session root key to the SEAF device. The 5G-AIA message of the session root key, the SEAF device uses the preset algorithm to generate a decryption key according to the authentication response returned by the UE, and decrypts the encrypted session root key to avoid the session root key plaintext The transmission between the AUSF device and the SEAF device increases the security of the session root key transmission, ensures the user's communication security, and improves the user experience.

实施例2：Example 2:

在本发明实施例中密钥可以由AUSF设备生成，也可以由ARPF设备生成，当生成了密钥后，由AUSF设备获取加密密钥，在上述实施例的基础上，在本发明实施例中，获取加密密钥包括：In this embodiment of the present invention, the key may be generated by the AUSF device or by the ARPF device. After the key is generated, the AUSF device obtains the encryption key. On the basis of the above embodiment, in the embodiment of the present invention , obtaining the encryption key includes:

根据所述认证矢量中包含的期望的响应，及预设的算法生成第一密钥，并根据生成的所述第一密钥获取加密密钥；或Generate a first key according to the expected response contained in the authentication vector and a preset algorithm, and obtain an encryption key according to the generated first key; or

接收ARPF设备发送的第一密钥，根据接收的所述第一密钥获取加密密钥，其中所述ARPF设备根据期望的响应，及预设的算法生成所述第一密钥。The first key sent by the ARPF device is received, and an encryption key is obtained according to the received first key, wherein the ARPF device generates the first key according to an expected response and a preset algorithm.

具体的，如果该第一密钥由ARPF设备生成，当ARPF设备生成了包含随机数RAND、认证令牌AUTN、期望的响应和会话根密钥的认证矢量后，根据期望的响应和预设的算法，生成第一密钥，并将该对密钥发送给AUSF设备，由AUSF设备根据自身的需求，获取加密密钥。其中该第一密钥可以携带在ARPF设备向AUSF设备发送的认证矢量中，也可以是通过一条新的信息，将该第一密钥发送给AUSF设备。Specifically, if the first key is generated by the ARPF device, after the ARPF device generates the authentication vector including the random number RAND, the authentication token AUTN, the expected response and the session root key, according to the expected response and the preset algorithm, generate a first key, and send the pair of keys to the AUSF device, and the AUSF device obtains the encryption key according to its own requirements. The first key may be carried in the authentication vector sent by the ARPF device to the AUSF device, or the first key may be sent to the AUSF device through a new piece of information.

如果第一密钥由AUSF设备生成，当AUSF设备接收到ARPF设备发送的认证矢量后，根据该认证矢量中携带的期望的响应，以及预设的算法生成第一密钥，生成第一密钥后，根据自身的需求，获取加密密钥。If the first key is generated by the AUSF device, after the AUSF device receives the authentication vector sent by the ARPF device, it generates the first key according to the expected response carried in the authentication vector and the preset algorithm, and generates the first key Then, obtain the encryption key according to your own needs.

具体的，在本发明实施例中为了增加灵活性，根据所述第一密钥获取加密密钥包括：Specifically, in order to increase flexibility in this embodiment of the present invention, obtaining the encryption key according to the first key includes:

将所述第一密钥作为加密密钥；或using the first key as an encryption key; or

在所述第一密钥中按照预设的第一方法，截取第一设定长度作为加密密钥。In the first key, according to a preset first method, a first set length is intercepted as an encryption key.

也就是说，当AUSF设备获取到第一密钥后，可以直接将该第一密钥作为加密密钥，也可以在该第一密钥中截取一部分作为加密密钥。具体采用哪种方式，根据用户需求灵活选择，例如如果需要的加密密钥为256比特，而生成的第一密钥即为256比特，则可以将该第一密钥作为加密密钥，而如果此时生成的第一密钥为512比特，则需要在该512比特中截取256比特作为加密密钥。That is, after the AUSF device obtains the first key, the first key can be directly used as the encryption key, or a part of the first key can be intercepted as the encryption key. Which method is adopted can be selected flexibly according to user needs. For example, if the required encryption key is 256 bits and the generated first key is 256 bits, the first key can be used as the encryption key, and if the required encryption key is 256 bits and the generated first key is 256 bits At this time, the generated first key is 512 bits, and 256 bits need to be truncated from the 512 bits as the encryption key.

另外，为了进一步增加会话根密钥的安全性，本发明实施例中，根据期望的响应及预设的算法生成所述第一密钥包括：In addition, in order to further increase the security of the session root key, in this embodiment of the present invention, generating the first key according to an expected response and a preset algorithm includes:

根据所述RAND、所述期望的响应及预设的算法生成第一密钥。A first key is generated according to the RAND, the expected response and a preset algorithm.

也就是说在生成第一密钥时，可以根据RAND和期望的响应一并生成，因为RAND的存在，可以进一步保证生成的第二密钥的安全性，从而可以保证加密后的会话根密钥的安全性。具体的，在本发明实施例中该预设的算法，可以是哈希算法等。That is to say, when the first key is generated, it can be generated according to RAND and the expected response. Because of the existence of RAND, the security of the generated second key can be further guaranteed, so that the encrypted session root key can be guaranteed. security. Specifically, in this embodiment of the present invention, the preset algorithm may be a hash algorithm or the like.

例如可以通过如下公式计算得出第一密钥，MASK₁＝PRF₁(XRES*‖RAND)，其中MASK₁为第一密钥，PRF₁为预设的第一哈希函数、XRES*为期望的响应、RAND为随机数。For example, the first key can be calculated by the following formula: MASK₁ =PRF₁ (XRES*‖RAND), where MASK₁ is the first key, PRF₁ is the preset first hash function, and XRES* is the expected The response, RAND is a random number.

具体的，在生成第一密钥时，根据可以加密密钥的长度选择合适的哈希算法，例如如果生成256比特的第一密钥，则预设的第一哈希算法可以为SHA-256或SHA-3-256。如果需要生成512比特的第一密钥，则预设的第一哈希算法可以为SHA-512或SHA-3-512中的任意一种。Specifically, when generating the first key, an appropriate hash algorithm is selected according to the length of the encrypted key. For example, if a 256-bit first key is generated, the preset first hash algorithm may be SHA-256 or SHA-3-256. If a 512-bit first key needs to be generated, the preset first hash algorithm can be any one of SHA-512 or SHA-3-512.

实施例3：Example 3:

为了保证UE的归属网络设备和漫游网络设备间通信的安全性，在上述各实施例的基础上，在本发明实施例中，所述向SEAF设备发送包括所述RAND、AUTN和加密后的会话根密钥的5G-AIA消息之前，所述方法还包括：In order to ensure the security of the communication between the UE's home network device and the roaming network device, on the basis of the above embodiments, in this embodiment of the present invention, the sending to the SEAF device includes the RAND, AUTN and encrypted session Before the 5G-AIA message of the root key, the method further includes:

获取第一子期望的响应；Get the response expected by the first child;

所述向SEAF设备发送包括所述RAND、AUTN和加密后的会话根密钥的5G-AIA消息包括：The sending the 5G-AIA message including the RAND, AUTN and the encrypted session root key to the SEAF device includes:

向SEAF设备发送包括所述RAND、AUTN、第一子期望的响应和加密后的会话根密钥的5G-AIA消息。A 5G-AIA message including the RAND, AUTN, the first sub-expected response and the encrypted session root key is sent to the SEAF device.

采用加密密钥对会话根密钥进行加密，是为了保证在UE的归属网络设备和UE的漫游网络设备间传输的会话根密钥的安全性，但为了进一步保证UE的归属网络设备和漫游网络设备间通信的安全性，可以在5G-AIA消息携带第一子期望的响应。Encrypting the session root key with an encryption key is to ensure the security of the session root key transmitted between the UE's home network device and the UE's roaming network device, but to further ensure the UE's home network device and roaming network device. For the security of inter-device communication, the 5G-AIA message can carry the first sub-expected response.

具体的，在本发明实施例中，可以根据随机数和某一算法，获取第一子期望的响应，在向SEAF设备发送5G-AIA消息时，可以将该第一子期望的响应携带在该5G-AIA消息中，其中该算法可以是SHA-256、SHA-384、SHA-512等算法中的任意一种。另外也可以根据AUSF设备和SEAF设备都知道的其他数据，生成第一子期望的响应，例如也可以是AUTN。因为该5G-AIA消息中包含RAND、AUTN，因此UE在接收漫游网络设备发送的RAND、AUTN后，可以返回认证响应，从而使UE的漫游网络设备根据认证响应以及预设的算法与生成第二密钥，及采用与获取加密密钥相同的方法，获取解密密钥，并对加密后的会话根密钥进行解密。Specifically, in this embodiment of the present invention, the first sub-expected response can be obtained according to a random number and a certain algorithm, and the first sub-expected response can be carried in the SEAF device when sending a 5G-AIA message to the SEAF device. In the 5G-AIA message, the algorithm can be any one of SHA-256, SHA-384, SHA-512 and other algorithms. In addition, the first sub-expected response may also be generated according to other data known by both the AUSF device and the SEAF device, for example, the AUTN may also be used. Because the 5G-AIA message contains RAND and AUTN, the UE can return an authentication response after receiving the RAND and AUTN sent by the roaming network device, so that the UE's roaming network device can generate a second authentication response according to the authentication response and the preset algorithm. and obtain the decryption key using the same method as obtaining the encryption key, and decrypt the encrypted session root key.

另外，UE的漫游网络设备可以采用与AUSF设备相同的方法，生成第一子响应，从而根据所述第一子期望的响应验证所述第一子响应，保证了UE的归属网络设备和漫游网络设备间通信的安全性。In addition, the roaming network device of the UE can use the same method as the AUSF device to generate the first sub-response, so as to verify the first sub-response according to the first sub-expected response, ensuring that the home network device of the UE and the roaming network Security of communication between devices.

实施例4：Example 4:

为了进一步保证会话根密钥的完整性，或有效的提高数据传输的效率，在上述各实施例的基础上，在本发明实施例中，所述获取第一子期望的响应包括：In order to further ensure the integrity of the session root key, or to effectively improve the efficiency of data transmission, on the basis of the foregoing embodiments, in this embodiment of the present invention, the obtaining the response of the first sub-expected includes:

根据所述RAND、期望的响应、会话根密钥及预设的第一哈希算法生成第一哈希值；按照预设的第二方法，在所述第一哈希值中截取第二设定长度作为第一子期望的响应；或，Generate a first hash value according to the RAND, the expected response, the session root key and the preset first hash algorithm; according to the preset second method, intercept the second set from the first hash value according to the preset second method fixed length as the expected response of the first sub; or,

在所述第一密钥中按照预设的第三方法，截取第三设定长度作为第一子期望的响应。In the first key, according to a preset third method, a third set length is intercepted as a response of the first sub-expected.

具体的，在本发明实施例中为了保证会话根密钥的完整性，UE的归属网络设备中的AUSF设备，采用加密密钥对会话根密钥进行加密后，还可以根据RAND、期望的响应、会话根密钥及预设的第一哈希算法生成第一哈希值，其中所述第一哈希算法可以为SHA-256或SHA-3-256中的任意一种。Specifically, in this embodiment of the present invention, in order to ensure the integrity of the session root key, the AUSF device in the UE's home network device encrypts the session root key with an encryption key, and can also use the encryption key to encrypt the session root key. , a session root key, and a preset first hash algorithm to generate a first hash value, where the first hash algorithm may be any one of SHA-256 or SHA-3-256.

所述第一哈希值可以根据如下公式计算得出：TEMP₂＝PRF₂(XRES*‖RAND‖KASME*)，其中TEMP₂为第一哈希值、PRF₂为预设的第一哈希算法，XRES*为期望的响应、RAND为随机数、KASME*为会话根密钥。另外如果采用的预设的第一哈希算法为SHA-256或SHA-3-256，则确定出的第一哈希值的长度与为256比特。The first hash value can be calculated according to the following formula: TEMP₂ =PRF₂ (XRES*‖RAND‖KASME*), where TEMP₂ is the first hash value, and PRF₂ is the preset first hash value Algorithm, XRES* is the expected response, RAND is a random number, and KASME* is the session root key. In addition, if the adopted preset first hash algorithm is SHA-256 or SHA-3-256, the length sum of the determined first hash value is 256 bits.

确定出第一哈希值后，生成第一哈希值的AUSF设备，按照预设的第二方法，在所述第一哈希值中截取第二设定长度作为第一子期望的响应。具体的，在该第一哈希值中截取第一子期望的响应时，可以采用任意的方法，只要保证UE的归属网络设备和漫游网络设备采用相同的截取方法即可。After the first hash value is determined, the AUSF device that generates the first hash value intercepts a second set length from the first hash value as a response of the first sub-expected according to a preset second method. Specifically, when intercepting the response of the first sub-expected from the first hash value, any method may be used, as long as it is ensured that the UE's home network device and roaming network device use the same interception method.

例如：例如需求的第一子期望的响应的长度为128比特，如果第一哈希值为256比特位，则可以截取所述第一哈希值中第1比特位至第128比特位的长度为128比特的哈希值为第一子期望的响应，也可以截取所述第一哈希值中第129比特位至256比特位的长度为128比特的哈希值作为第一子期望的响应，当然也可以从中间截取128比特作为第一子期望的响应。For example: for example, the length of the first sub-expected response of the requirement is 128 bits, if the first hash value is 256 bits, the length from the 1st bit to the 128th bit in the first hash value can be intercepted The 128-bit hash value is the response of the first sub-expectation, and the hash value with a length of 128 bits from the 129th bit to the 256-bit in the first hash value can also be intercepted as the response of the first sub-expectation , of course, 128 bits can also be truncated from the middle as the response of the first sub-expected.

为了有效的提高数据传输效率，因为第一密钥已经生成，因此可以在所述第一密钥中按照预设的第三方法，截取第三设定长度作为第一子期望的响应。其中在第一密钥中截取第一子期望的响应，与截取的加密密钥可以相同，也可以不同，或者部分相同，在具体实施时，可以根据需要灵活选择。只要保证UE的归属网络设备和漫游网络设备采用相同的方法，获取第一子响应即可。In order to effectively improve the data transmission efficiency, since the first key has been generated, a third preset length can be intercepted in the first key as the response of the first sub-expected according to a preset third method. The first sub-expected response intercepted from the first key may be the same, different, or partially the same as the intercepted encryption key, and can be selected flexibly as required during specific implementation. As long as it is ensured that the UE's home network device and the roaming network device use the same method to obtain the first sub-response.

在本发明的上述实施例中，生成第一密钥可以是ARPF设备，也可以是AUSF设备。下面以生成第一密钥的为ARPF设备为例，进行详细说明。In the above embodiments of the present invention, generating the first key may be an ARPF device or an AUSF device. In the following, the ARPF device that generates the first key is taken as an example for detailed description.

图2为本发明实施例提供的一种认证过程示意图，该过程包括以下步骤：FIG. 2 is a schematic diagram of an authentication process provided by an embodiment of the present invention, and the process includes the following steps:

S201：AUSF设备向ARPF设备发送认证矢量请求消息(AV-Req)，ARPF设备接收到AUSF设备发送的AV-Req后，生成包含RAND、AUTN、XRES*和KASME*的第一认证矢量(AV)。S201: The AUSF device sends an authentication vector request message (AV-Req) to the ARPF device. After receiving the AV-Req sent by the AUSF device, the ARPF device generates a first authentication vector (AV) including RAND, AUTN, XRES* and KASME* .

S202：ARPF设备根据RAND和XRES*，以及第一预设的哈希算法，生成256比特的第一密钥，向AUSF设备发送生成包含RAND、AUTN、XRES*、KASME*和第一密钥的第二认证矢量(AV)。S202: The ARPF device generates a 256-bit first key according to RAND, XRES*, and the first preset hash algorithm, and sends the generated key including RAND, AUTN, XRES*, KASME* and the first key to the AUSF device Second Authentication Vector (AV).

具体的，ARPF设备也可以根据RAND和XRES*，以及SHA-512或SHA-3-512中的任意一种，生成512比特的第一密钥。Specifically, the ARPF device can also generate a 512-bit first key according to RAND and XRES*, and any one of SHA-512 or SHA-3-512.

S203：AUSF设备根据接收到的第二认证矢量，将接收到第一密钥作为加密密钥。S203: The AUSF device uses the received first key as an encryption key according to the received second authentication vector.

具体的，如果AUSF设备需要的加密密钥为256比特，AUSF设备接收到的第一密钥为512比特时，则AUSF设备在该512比特中截取256比特作为加密密钥，例如可以截取512比特中的前256比特，或者后面的256比特，或者从某一设定比特位开始的256比特等。Specifically, if the encryption key required by the AUSF device is 256 bits, and the first key received by the AUSF device is 512 bits, the AUSF device intercepts 256 bits from the 512 bits as the encryption key, for example, 512 bits can be intercepted The first 256 bits in , or the next 256 bits, or the 256 bits starting from a certain set bit, etc.

S204：AUSF设备根据所述RAND、期望的响应、会话根密钥及预设的第一哈希算法生成第一哈希值，按照预设的第二方法，在所述第一哈希值中截取第二设定长度作为第一子期望的响应。S204: The AUSF device generates a first hash value according to the RAND, the expected response, the session root key and the preset first hash algorithm, and according to the preset second method, in the first hash value Truncate the second set length as the first sub-expected response.

而在获取第一子期望的响应时，如果需要的第一子期望的响应为128比特，则AUSF设备根据所述RAND、期望的响应、会话根密钥，及SHA-256或SHA-3-256中的一种生成256比特的第一哈希值，则AUSF设备在该256比特的第一哈希值中截取128比特作为第一子期望的响应，具体的可以截取256比特的前128比特，或者后128比特，或者从某一设定的比特位开始的128比特。And when acquiring the first sub-expected response, if the required first sub-expected response is 128 bits, the AUSF device will use the RAND, expected response, session root key, and SHA-256 or SHA-3- One of 256 generates a 256-bit first hash value, then the AUSF device intercepts 128 bits in the 256-bit first hash value as the response of the first sub-expected, specifically, the first 128 bits of the 256-bit can be intercepted , or the last 128 bits, or the 128 bits starting from a certain set bit.

如果AUSF设备接收到的第一密钥为512比特，则为了提高数据传输的效率，AUSF设备可以直接在该第一密钥中截取128比特作为第一子期望的响应，例如可以截取512比特中的前128比特，或者后面的128比特，或者从某一设定比特位开始的128比特等。截取的加密密钥和第一子期望的响应可以相同，可以不同，也可以部分相同，例如可以截取512比特中前128比特作为第一子期望的响应，并在剩余的比特位中截取256比特作为加密密钥。If the first key received by the AUSF device is 512 bits, in order to improve the efficiency of data transmission, the AUSF device can directly truncate 128 bits in the first key as the response of the first sub-expected, for example, truncate 512 bits in the The first 128 bits, or the next 128 bits, or the 128 bits starting from a certain set bit, etc. The intercepted encryption key and the first sub-expected response can be the same, different, or partially the same. For example, the first 128 bits of the 512 bits can be intercepted as the first sub-expected response, and 256 bits can be intercepted from the remaining bits. as the encryption key.

S205：AUSF设备采用加密密钥对KASME*加密，生成EKASME*，向SEAF设备发送包含RAND、AUTN、第一子期望的响应和EKASME*的5G-AIA消息。S205: The AUSF device encrypts KASME* with an encryption key, generates EKASME*, and sends a 5G-AIA message including RAND, AUTN, the first sub-expected response, and EKASME* to the SEAF device.

S206：SEAF设备根据接收到的5G-AIA消息，向UE发送包含RAND、AUTN的认证请求消息，UE根据RAND、AUTN生成认证响应，并将该认证响应携带在认证响应消息中发送给SEAF设备。S206: The SEAF device sends an authentication request message including RAND and AUTN to the UE according to the received 5G-AIA message, and the UE generates an authentication response according to the RAND and AUTN, and carries the authentication response in the authentication response message and sends it to the SEAF device.

S207：SEAF设备根据所述认证响应、RAND及预设的第一预设的哈希算法，生成256比特的第一校验哈希值，根据该第一校验哈希值确定解密密钥，采用该解密密钥对所述加密后的会话根密钥进行解密。S207: The SEAF device generates a 256-bit first check hash value according to the authentication response, the RAND, and a preset first preset hash algorithm, and determines a decryption key according to the first check hash value, The encrypted session root key is decrypted by using the decryption key.

SEAF设备在生成第一校验哈希值的方法，与ARPF设备生成第一密钥的方法相同，根据第一校验哈希值，确定解密密钥的方法，与AUSF设备根据第一密钥获取加密密钥的方法相同，具体参见上述过程，在此不再赘述。SEAF设备在解密成功后，采用与AUSF设备获取第一子期望的响应对应的方法，生成第一子响应。The method for the SEAF device to generate the first check hash value is the same as the method for the ARPF device to generate the first key. The method for obtaining the encryption key is the same. For details, please refer to the above process, which will not be repeated here. After successful decryption, the SEAF device generates the first sub-response by using a method corresponding to the response that the AUSF device obtains the first sub-expected response.

S208：SEAF设备在解密成功，并采用第一子期望的响应对所述第一子响应验证通过后，向AUSF设备发送5G-AC消息，AUSF设备接收到5G-AC消息确认SEAF设备完成对UE的认证。S208: The SEAF device sends a 5G-AC message to the AUSF device after the decryption is successful and the first sub-expected response is used to verify the first sub-response, and the AUSF device receives the 5G-AC message to confirm that the SEAF device has completed the verification of the UE. certification.

实施例5：Example 5:

为了进一步保证UE的漫游网络设备与归属网络设备间通信的安全性，所述接收SEAF设备发送的5G-AC消息之前，所述方法还包括：In order to further ensure the security of communication between the roaming network device of the UE and the home network device, before the receiving the 5G-AC message sent by the SEAF device, the method further includes:

获取第二子期望的响应；Get the response expected by the second child;

接收SEAF设备发送的5G-AC消息，确定所述SEAF设备完成对UE的认证包括：Receiving the 5G-AC message sent by the SEAF device, and determining that the SEAF device has completed the authentication of the UE includes:

接收SEAF设备发送的包含第二子响应的5G-AC消息，根据所述第二子期望响应验证所述第二子响应，如果验证通过，确定所述SEAF设备完成对UE的认证。Receive the 5G-AC message containing the second sub-response sent by the SEAF device, verify the second sub-response according to the second sub-expected response, and if the verification passes, determine that the SEAF device has completed the authentication of the UE.

为了进一步保证UE的漫游网络设备和归属网络设备间通信的安全性，可以在5G-AC消息携带第二子响应。相应的AUSF设备需要获取第二子期望的响应。In order to further ensure the security of the communication between the UE's roaming network device and the home network device, a second sub-response may be carried in the 5G-AC message. The corresponding AUSF device needs to obtain the response of the second sub-expected.

具体的，在本发明实施例中，可以根据随机数和预设的某一算法，获取第二子期望的响应，其中该预设的某一算法可以是SHA-256、SHA-384、SHA-512等算法中的任意一种。另外也可以根据AUSF设备和SEAF设备都知道的其他数据，生成第二子期望的响应，例如也可以是AUTN。SEAF设备向AUSF设备发送的5G-AC消息中相应的携带第二子响应。UE的漫游网络设备采用与AUSF设备相同的方法，生成第二子响应，从而根据所述第二子期望的响应验证所述第二子响应，保证了UE的漫游网络设备与归属网络设备间通信的安全性。Specifically, in this embodiment of the present invention, the response of the second sub-expected may be obtained according to a random number and a preset algorithm, where the preset algorithm may be SHA-256, SHA-384, SHA- 512 and other algorithms. In addition, the second sub-expected response may also be generated according to other data known by both the AUSF device and the SEAF device, for example, the AUTN may also be used. The 5G-AC message sent by the SEAF device to the AUSF device correspondingly carries the second sub-response. The roaming network device of the UE uses the same method as the AUSF device to generate a second sub-response, so as to verify the second sub-response according to the second sub-expected response, ensuring the communication between the roaming network device of the UE and the home network device security.

实施例6：Example 6:

为了进一步保证会话根密钥的完整性，或有效的提高数据传输的效率，在上述各实施例的基础上，在本发明实施例中，所述获取第二子期望的响应包括：In order to further ensure the integrity of the session root key, or to effectively improve the efficiency of data transmission, on the basis of the foregoing embodiments, in this embodiment of the present invention, the obtaining the response of the second sub-expectation includes:

根据所述RAND、期望的响应、会话根密钥及预设的第二哈希算法生成第二哈希值；按照预设的第四方法，在所述第二哈希值中截取第四设定长度作为第二子期望的响应；或A second hash value is generated according to the RAND, the expected response, the session root key and the preset second hash algorithm; according to the preset fourth method, a fourth set of hash values is intercepted from the second hash value. fixed length as the response expected by the second sub; or

在所述第一密钥中按照预设的第五方法，截取第五设定长度作为第二子期望的响应。In the first key, according to a preset fifth method, a fifth set length is intercepted as a response of the second sub-expected.

在本发明实施例中为了保证会话根密钥的完整性，UE的归属网络设备中的AUSF设备，采用加密密钥对会话根密钥进行加密后，还可以根据RAND、期望的响应、会话根密钥及预设的第二哈希算法生成第二哈希值，其中所述第二哈希算法可以为SHA-256或SHA-3-256中的任意一种。In this embodiment of the present invention, in order to ensure the integrity of the session root key, the AUSF device in the UE's home network device encrypts the session root key with an encryption key, and can also encrypt the session root key according to the RAND, expected response, session root The key and a preset second hash algorithm generate a second hash value, where the second hash algorithm can be any one of SHA-256 or SHA-3-256.

具体的第二哈希值的生成过程可以参见实施例4，在此不再赘述。For a specific process of generating the second hash value, reference may be made to Embodiment 4, and details are not repeated here.

确定出第二哈希值后，生成第二哈希值的AUSF设备，按照预设的第四方法，在所述第二哈希值中截取第四设定长度作为第二子期望的响应。具体的，在该第二哈希值中截取第二子期望的响应时，可以采用任意的方法，只要保证UE的归属网络设备和漫游网络设备采用相同的截取方法即可。After the second hash value is determined, the AUSF device that generates the second hash value intercepts a fourth set length from the second hash value as a response of the second sub-expected according to a preset fourth method. Specifically, when intercepting the response of the second sub-expected from the second hash value, any method may be used, as long as the home network device and the roaming network device of the UE can use the same interception method.

例如：如果第二哈希值为256比特位，则可以截取所述第二哈希值中第1比特位至第128比特位的长度为128比特的哈希值为第二子期望的响应，也可以截取所述第二哈希值中第129比特位至256比特位的长度为128比特的哈希值作为第二子期望的响应，当然也可以从中间截取256比特作为第二子期望的响应。For example: if the second hash value is 256 bits, the hash value of the length of 128 bits from the 1st bit to the 128th bit in the second hash value can be intercepted to be the response of the second sub-expected, The hash value with a length of 128 bits from the 129th bit to the 256th bit in the second hash value can also be intercepted as the response of the second sub-expected, and of course, 256 bits can also be intercepted from the middle as the second sub-expected. response.

因为在获取第一子期望的响应，也是根据第二哈希值获取的，所以第一子期望的响应和第二子期望的响应可以同时获取，都可以从第二哈希值中获取，例如可以将第二哈希值中第1比特位至第128比特位的长度为128比特的哈希值为第一子期望的响应，并截取所述第二哈希值中第129比特位至256比特位的长度为128比特的哈希值作为第二子期望的响应。反之也可以，当然了第一子期望的响应和第二子期望的响应也可以部分相同，或全部相同。Because the expected response of the first child is obtained according to the second hash value, the expected response of the first child and the expected response of the second child can be obtained at the same time, and both can be obtained from the second hash value, for example The 128-bit hash value from the 1st bit to the 128th bit in the second hash value can be used as the response expected by the first sub, and the 129th bit to the 256th bit in the second hash value can be intercepted. A hash value with a length of 128 bits is used as the response of the second sub-expected. The opposite is also possible. Of course, the expected response of the first sub and the expected response of the second sub may be partially or completely the same.

为了有效的提高数据传输效率，因为第一密钥已经生成，因此可以在所述第一密钥中按照预设的第五方法，截取第五设定长度作为第二期望的响应。其中在第一密钥中截取第二期望的响应，与截取的加密密钥、第一子期望的响应可以相同，也可以不公，或者部分相同，在具体实施时，可以根据需要灵活选择。只要保证UE的归属网络设备和漫游网络设备采用相同的方法，获取第一子响应即可。例如，生成的第一密钥为512比特，则可以将512比特中前128比特作为第一期望的响应，将最后128比特作为第二期望的响应，则剩余的比特位为加密密钥。In order to effectively improve the data transmission efficiency, because the first key has been generated, a fifth preset length may be intercepted in the first key as the second expected response according to the preset fifth method. Wherein, the intercepted second expected response from the first key may be the same as the intercepted encryption key and the first sub-expected response, or may not be fair, or partially the same, and can be flexibly selected according to needs during specific implementation. As long as it is ensured that the UE's home network device and the roaming network device use the same method to obtain the first sub-response. For example, if the generated first key is 512 bits, the first 128 bits of the 512 bits can be used as the first expected response, the last 128 bits can be used as the second expected response, and the remaining bits are the encryption key.

在本发明的上述实施例中，生成第一密钥可以是ARPF设备，也可以是AUSF设备。下面以生成第一密钥的为AUSF设备为例，进行详细说明。In the above embodiments of the present invention, generating the first key may be an ARPF device or an AUSF device. The following will take the AUSF device that generates the first key as an example for detailed description.

图3为本发明实施例提供的一种认证过程示意图，该过程包括以下步骤：3 is a schematic diagram of an authentication process provided by an embodiment of the present invention, and the process includes the following steps:

S301：AUSF设备向ARPF设备发送认证矢量请求消息(AV-Req)，ARPF设备接收到AUSF设备发送的AV-Req后，生成包含RAND、AUTN、XRES*和KASME*的认证矢量(AV)，并向所述AUSF设备发送该认证矢量。S301: The AUSF device sends an authentication vector request message (AV-Req) to the ARPF device. After receiving the AV-Req sent by the AUSF device, the ARPF device generates an authentication vector (AV) including RAND, AUTN, XRES* and KASME*, and The authentication vector is sent to the AUSF device.

S302:AUSF设备接收到认证矢量，根据认证矢量中的RAND和XRES*及第一预设的哈希算法，生成512比特的第一密钥，在所述第一密钥中按照预设的第一方法，截取第一设定长度作为加密密钥。S302: The AUSF device receives the authentication vector, and generates a 512-bit first key according to the RAND and XRES* in the authentication vector and the first preset hash algorithm, in the first key according to the preset first key In a method, the first set length is intercepted as the encryption key.

具体的，如果AUSF设备需要的加密密钥为256比特，AUSF设备生成512比特的第一密钥后，则在该512比特中截取256比特作为加密密钥，例如可以截取512比特中的前256比特，或者后面的256比特，或者从某一设定比特位开始的256比特等。Specifically, if the encryption key required by the AUSF device is 256 bits, after the AUSF device generates the first key of 512 bits, 256 bits of the 512 bits are intercepted as the encryption key, for example, the first 256 bits of the 512 bits can be intercepted. bit, or the following 256 bits, or 256 bits starting from a certain set bit, etc.

另外，AUSF设备也可以根据RAND和XRES*，以及SHA-256或SHA-3-256中的任意一种，生成256比特的第一密钥，直接将所述256比特的第一密钥作为加密密钥。In addition, the AUSF device can also generate a 256-bit first key according to RAND and XRES*, and any one of SHA-256 or SHA-3-256, and directly use the 256-bit first key as encryption key.

S303：AUSF设备在所述第一密钥中按照预设的第三方法，截取第三设定长度作为第一子期望的响应，在所述第一密钥中按照预设的第五方法，截取第五设定长度作为第二子期望的响应。S303: The AUSF device intercepts a third set length in the first key according to a preset third method as a response of the first sub-expectation, and according to the preset fifth method in the first key, Truncate the fifth set length as the second sub-desired response.

如果AUSF设备需要的第一子期望响应和第二子期望的响应都为128比特，为了提高数据传输的效率，AUSF设备可以直接在该512比特的第一密钥中，截取两个128比特作为第一子期望的响应和第二子期望的响应，例如可以将所述第一密钥第1比特位至第128比特位的，长度为128比特的哈希值为第一子期望的响应，并将所述第一密钥第385比特位至512比特位的，长度为128比特的哈希值作为第二子期望的响应。反之也可以，当然了第一子期望的响应和第二子期望的响应也可以部分相同，或全部相同。If the first sub-expected response and the second sub-expected response required by the AUSF device are both 128 bits, in order to improve the efficiency of data transmission, the AUSF device can directly intercept two 128 bits in the 512-bit first key as The first sub-expected response and the second sub-expected response, for example, the hash value of the 128-bit length from the first bit to the 128-bit of the first key can be the response of the first sub-expected, The hash value of the first key from the 385th bit to the 512th bit and a length of 128 bits is used as the response of the second sub-expected. The opposite is also possible. Of course, the expected response of the first sub and the expected response of the second sub may be partially or completely the same.

AUST可以根据所述RAND、期望的响应、会话根密钥及预设的第一哈希算法生成第一哈希值，按照预设的第二方法，在所述第一哈希值中截取第二设定长度作为第一子期望的响应；按照预设的第四方法，在所述第二哈希值中截取第四设定长度作为第二子期望的响应。AUST can generate a first hash value according to the RAND, the expected response, the session root key and the preset first hash algorithm, and intercept the first hash value from the first hash value according to the preset second method. The second set length is used as the response expected by the first sub; according to a preset fourth method, the fourth set length is intercepted from the second hash value as the response expected by the second sub.

例如：可以将第一哈希值中第1比特位至第128比特位的，长度为128比特的哈希值为第一子期望的响应，截取所述第二哈希值中第129比特位至256比特位的，长度为128比特的哈希值作为第二子期望的响应。反之也可以，当然了第一子期望的响应和第二子期望的响应也可以部分相同，或全部相同。For example, the 128-bit hash value from the 1st bit to the 128th bit in the first hash value can be the response of the first sub-expected, and the 129th bit in the second hash value can be intercepted. To 256 bits, the hash value of length 128 bits is used as the response of the second sub-expected. The opposite is also possible. Of course, the expected response of the first sub and the expected response of the second sub may be partially or completely the same.

S304：AUSF设备采用加密密钥对KASME*加密，生成EKASME*，AUSF设备向SEAF设备发送包含RAND、AUTN、第一子期望的响应和EKASME*的5G-AIA消息。S304: The AUSF device encrypts KASME* with an encryption key to generate EKASME*, and the AUSF device sends a 5G-AIA message including RAND, AUTN, the first sub-expected response and EKASME* to the SEAF device.

S305：SEAF设备根据接收到的5G-AIA消息，向UE发送包含RAND、AUTN的认证请求消息，UE根据RAND、AUTN生成认证响应，并将该认证响应携带在认证响应消息中发送给SEAF设备。S305: The SEAF device sends an authentication request message including RAND and AUTN to the UE according to the received 5G-AIA message, and the UE generates an authentication response according to the RAND and AUTN, and carries the authentication response in the authentication response message and sends it to the SEAF device.

S306：SEAF设备根据所述认证响应、RAND及预设的第一预设哈希算法，生成512比特的第一校验哈希值，根据该第一校验哈希值确定解密密钥，采用该解密密钥对所述加密后的会话根密钥进行解密。S306: The SEAF device generates a 512-bit first verification hash value according to the authentication response, the RAND and the preset first preset hash algorithm, determines the decryption key according to the first verification hash value, and adopts The decryption key decrypts the encrypted session root key.

SEAF设备在生成第一校验哈希值的方法，与AUSF设备生成第一密钥的方法相同，根据第一校验哈希值，确定解密密钥的方法，与AUSF设备根据第一密钥获取加密密钥的方法相同，具体参见上述过程，在此不再赘述。SEAF设备在解密成功后，采用与AUSF设备获取第一子期望的响应对应的方法，生成第一子响应。并且，采用与AUSF设备相同的获取第二子期望的响应对应的方法，生成第二子响应。The method for the SEAF device to generate the first check hash value is the same as the method for the AUSF device to generate the first key. The method for obtaining the encryption key is the same. For details, please refer to the above process, which will not be repeated here. After successful decryption, the SEAF device generates the first sub-response by using a method corresponding to the response that the AUSF device obtains the first sub-expected response. And, the second sub-response is generated by adopting the same method as the AUSF device corresponding to acquiring the response of the second sub-expected.

S307：SEAF设备在解密成功，并采用第一子期望的响应对所述第一子响应验证通过后，向AUSF设备发送包含第二子响应的5G-AC消息。S307: The SEAF device sends a 5G-AC message including the second sub-response to the AUSF device after the decryption is successful and the first sub-response is verified by using the first sub-expected response.

S308：AUSF设备接收到5G-AC消息，采用第二子期望的响应对5G-AC消息中的第二子响应进行验证，如果验证通过，确认SEAF设备完成对UE的认证。S308: The AUSF device receives the 5G-AC message, and uses the second sub-expected response to verify the second sub-response in the 5G-AC message. If the verification is passed, it is confirmed that the SEAF device has completed the authentication of the UE.

实施例7：Example 7:

图4为本发明实施例提供的一种认证过程示意图，该过程包括：FIG. 4 is a schematic diagram of an authentication process provided by an embodiment of the present invention, and the process includes:

S401：接收认证服务功能AUSF设备发送的包括随机数(RAND)、认证令牌(AUTN)和加密后的会话根密钥的5G-AIA消息，将所述RAND、AUTN发送给所述UE，其中所述5G-AIA消息中的加密后的会话根密钥为，所述AUSF设备接收包含随机数RAND、认证令牌AUTN、期望的响应和会话根密钥的认证矢量，并根据期望的响应及预设的算法确定的。S401: Receive a 5G-AIA message including a random number (RAND), an authentication token (AUTN) and an encrypted session root key sent by an AUSF device with an authentication service function, and send the RAND and AUTN to the UE, wherein The encrypted session root key in the 5G-AIA message is that the AUSF device receives the authentication vector including the random number RAND, the authentication token AUTN, the expected response and the session root key, and according to the expected response and determined by a preset algorithm.

本发明实施例提供的认证方法应用于UE的漫游网络设备SEAF设备。本发明实施例中的AUSF设备是UE的归属网络设备。The authentication method provided by the embodiment of the present invention is applied to a roaming network device SEAF device of a UE. The AUSF device in the embodiment of the present invention is the home network device of the UE.

具体的，SEAF设备接收AUSF设备发送的包括RAND、AUTN和加密后的会话根密钥的5G-AIA消息，并将包含所述RAND和AUTN的认证请求消息(Auth-req)发送给UE。Specifically, the SEAF device receives the 5G-AIA message including RAND, AUTN and encrypted session root key sent by the AUSF device, and sends an authentication request message (Auth-req) including the RAND and AUTN to the UE.

其中，所述5G-AIA消息中的加密后的会话根密钥(EKASME*)为AUSF设备接收包含随机数RAND、认证令牌AUTN、期望的响应和会话根密钥的认证矢量，并根据期望的响应及预设的算法确定的。具体的该加密密钥的确定过程，参见上述其他实施例。Wherein, the encrypted session root key (EKASME*) in the 5G-AIA message is the authentication vector received by the AUSF device including the random number RAND, the authentication token AUTN, the expected response and the session root key, and according to the expected The response and the preset algorithm are determined. For a specific process of determining the encryption key, refer to other embodiments above.

S402：接收所述UE返回的认证响应，并根据所述认证响应及所述预设的算法确定解密密钥，对所述加密后的会话根密钥进行解密。S402: Receive the authentication response returned by the UE, determine a decryption key according to the authentication response and the preset algorithm, and decrypt the encrypted session root key.

具体的，UE接收到所述包含RAND和AUTN的Auth-req后，根据所述RAND和AUTN生成认证响应(RES*)，并将包含所述RES*的认证响应消息(Auth-Resp)发送给所述SEAF设备。SEAF设备接收到所述包含RES*的Auth-Resp后，根据RES*及预设的算法确定解密密钥，并根据所述解密密钥对所述加密后的会话根密钥进行异或运算得到会话根密钥。UE的漫游网络设备生成解密密钥的方法与UE的归属网络设备生成加密密钥的方法相同。Specifically, after receiving the Auth-req including the RAND and AUTN, the UE generates an authentication response (RES*) according to the RAND and AUTN, and sends the authentication response message (Auth-Resp) including the RES* to the the SEAF device. After receiving the Auth-Resp containing RES*, the SEAF device determines the decryption key according to RES* and the preset algorithm, and performs XOR operation on the encrypted session root key according to the decryption key to obtain Session root key. The method of generating the decryption key by the roaming network device of the UE is the same as the method of generating the encryption key by the home network device of the UE.

具体的，SEAF设备可以根据RES*以及预设的哈希函数确定解密密钥，其中预设的哈希函数可以为安全散列算法(Secure Hash Algorithm，SHA-224)、SHA-256、SHA-384等中的任意一种。Specifically, the SEAF device can determine the decryption key according to RES* and a preset hash function, where the preset hash function can be a secure hash algorithm (Secure Hash Algorithm, SHA-224), SHA-256, SHA- 384, etc.

S403：如果对所述加密后的会话根密钥解密成功，则向所述AUSF设备发送5G-AC消息。S403: If the encrypted session root key is successfully decrypted, send a 5G-AC message to the AUSF device.

SEAF设备如果对加密后的会话根密钥解密成功，得到会话根密钥，SEAF设备向所述AUSF设备发送5G-AC消息，使所述AUSF设备接收到所述5G-AC消息后，确定SEAF设备完成对UE的认证。If the SEAF device successfully decrypts the encrypted session root key and obtains the session root key, the SEAF device sends a 5G-AC message to the AUSF device, so that the AUSF device determines the SEAF after receiving the 5G-AC message The device completes the authentication of the UE.

由于在本发明实施例中，SEAF设备接收AUSF设备发送的包含加密后的会话根密钥的5G-AIA消息，并根据UE返回的认证响应，采用与UE的归属网络设备相同的预设的算法确定解密密钥，对所述加密后的会话根密钥进行解密，避免了会话根密钥明文在AUSF设备和SEAF设备之间传输，增加了会话根密钥传输的安全性，保证了用户的通信安全，提高了用户体验。In this embodiment of the present invention, the SEAF device receives the 5G-AIA message containing the encrypted session root key sent by the AUSF device, and adopts the same preset algorithm as the UE's home network device according to the authentication response returned by the UE. Determine the decryption key, decrypt the encrypted session root key, avoid the transmission of the session root key plaintext between the AUSF device and the SEAF device, increase the security of the session root key transmission, and ensure the user's Communication security improves user experience.

实施例8：Example 8:

为了保证会话根密钥的私密性，在上述实施例的基础上，在本发明实施例中，所述根据所述认证响应及所述预设的算法确定解密密钥包括：In order to ensure the privacy of the session root key, on the basis of the foregoing embodiment, in this embodiment of the present invention, the determining of the decryption key according to the authentication response and the preset algorithm includes:

根据所述认证响应及预设的算法生成第二密钥，将所述第二密钥作为解密密钥；或Generate a second key according to the authentication response and a preset algorithm, and use the second key as a decryption key; or

根据所述认证响应及预设的算法生成第二密钥，在所述第二密钥中按照预设的第一方法，截取第一设定长度作为解密密钥。A second key is generated according to the authentication response and a preset algorithm, and a first set length is intercepted from the second key as a decryption key according to a preset first method.

具体的，SEAF设备接收到UE发送的认证响应后，采用与UE的归属网络设备生成第一密钥的方法相同的方式，生成第二密钥。并采用与AUSF设备相同的从第一密钥中获取加密密钥相同的方法，从第二密钥中获取解密密钥。Specifically, after receiving the authentication response sent by the UE, the SEAF device generates the second key in the same manner as the method used by the UE's home network device to generate the first key. And obtain the decryption key from the second key by using the same method of obtaining the encryption key from the first key as the AUSF device.

根据AUSF设备获取加密密钥的方法，当SEAF设备获取到第二密钥后，可以直接将该第二密钥作为解密密钥，也可以在该第二密钥中截取一部分作为解密密钥。具体采用哪种方式，根据用户需求灵活选择，例如如果需要的解密密钥为256比特，而生成的第二密钥即为256比特，则可以将该第二密钥作为解密密钥，而如果此时生成的第二密钥为512比特，则需要在该512比特中截取256比特作为解密密钥。According to the method for obtaining the encryption key by the AUSF device, after the SEAF device obtains the second key, the second key can be directly used as the decryption key, or a part of the second key can be intercepted as the decryption key. Which method to use can be selected flexibly according to user needs. For example, if the required decryption key is 256 bits, and the generated second key is 256 bits, the second key can be used as the decryption key, and if The second key generated at this time is 512 bits, and 256 bits need to be intercepted from the 512 bits as the decryption key.

为了进一步增加会话根密钥的安全性，本发明实施例中，根据认证响应及预设的算法生成所述第二密钥包括：In order to further increase the security of the session root key, in this embodiment of the present invention, generating the second key according to the authentication response and the preset algorithm includes:

根据所述RAND、所述认证响应及预设的算法生成第二密钥。A second key is generated according to the RAND, the authentication response and a preset algorithm.

也就是说在生成第二密钥时，可以根据随机数和认证响应一并生成，因为随机数的存在，可以进一步保证生成的第二密钥的安全性，从而可以保证加密后的会话根密钥的安全性。具体的，在本发明实施例中该预设的算法，可以是哈希算法等。That is to say, when the second key is generated, it can be generated according to the random number and the authentication response. Because of the existence of the random number, the security of the generated second key can be further guaranteed, so that the encrypted session root key can be guaranteed. key security. Specifically, in this embodiment of the present invention, the preset algorithm may be a hash algorithm or the like.

具体的，SEAF设备根据所述RAND、所述认证响应及预设的算法生成第二密钥时，因为SEAF设备已知生成第一密钥的方法，因此在生成第二密钥时，可以采用对应的方法。例如如果生成了256比特的第一密钥，则预设的算法可以为SHA-256或SHA-3-256。则SEAF设备也根据该SHA-256或SHA-3-256，生成256比特的第二密钥，如果采用SHA-512，生成了512比特的第一密钥，则SEAF设备也根据SHA-512，生成了512比特的第二密钥。Specifically, when the SEAF device generates the second key according to the RAND, the authentication response and the preset algorithm, because the SEAF device knows the method for generating the first key, when generating the second key, it can use corresponding method. For example, if a 256-bit first key is generated, the preset algorithm may be SHA-256 or SHA-3-256. Then the SEAF device also generates a 256-bit second key according to the SHA-256 or SHA-3-256. If SHA-512 is used to generate a 512-bit first key, the SEAF device also generates a 512-bit first key according to SHA-512. A second key of 512 bits is generated.

实施例9：Example 9:

为了保证UE的归属网络设备和漫游网络设备间通信的安全性，在上述各实施例的基础上，在本发明实施例中，所述接收AUSF设备发送的包含RAND、AUTN和加密后的会话根密钥的5G-AIA消息包括：In order to ensure the security of the communication between the UE's home network device and the roaming network device, on the basis of the above embodiments, in this embodiment of the present invention, the receiving AUSF device sends a message including RAND, AUTN and encrypted session root. The key's 5G-AIA message includes:

接收AUSF设备发送的包含RAND、AUTN、第一子期望的响应和加密后的会话根密钥的5G-AIA消息；Receive a 5G-AIA message sent by the AUSF device that includes RAND, AUTN, the first sub-expected response, and the encrypted session root key;

所述向所述AUSF设备发送5G-AC消息之前，所述方法还包括：Before the sending the 5G-AC message to the AUSF device, the method further includes:

获取第一子响应；Get the first sub-response;

根据所述第一子期望响应验证所述第一子响应，如果验证通过，进行后续步骤。The first sub-response is verified according to the first sub-expected response, and if the verification is passed, the subsequent steps are performed.

采用加密密钥对会话根密钥进行加密，是为了保证在UE的归属网络设备和UE的漫游网络设备间传输的会话根密钥的安全性，但为了进一步保证UE的归属网络设备和漫游网络设备间通信的安全性，可以在5G-AIA消息携带第一子期望的响应。Encrypting the session root key with an encryption key is to ensure the security of the session root key transmitted between the UE's home network device and the UE's roaming network device, but to further ensure the UE's home network device and roaming network device. For the security of inter-device communication, the 5G-AIA message can carry the first sub-expected response.

为了保证UE的归属网络设备和漫游网络设备间通信的安全性，SEAF设备接收到5G-AIA消息后，获取第一子响应，根据所述第一子期望响应验证所述第一子响应。具体的，SEAF设备获取第一子响应的过程，与AUSF设备获取第一子期望的响应的过程相同。In order to ensure the security of the communication between the UE's home network device and the roaming network device, the SEAF device obtains the first sub-response after receiving the 5G-AIA message, and verifies the first sub-response according to the first sub-expected response. Specifically, the process of acquiring the first sub-response by the SEAF device is the same as the process of acquiring the first sub-expected response by the AUSF device.

具体的，根据AUSF设备获取第一子期望的响应的方法，在本发明实施例中，可以根据随机数和某一算法，获取第一子响应，其中该算法可以是SHA-256、SHA-384、SHA-512等算法中的任意一种。另外也可以根据AUSF设备和SEAF设备都知道的其他数据，生成第一子响应，例如也可以是AUTN。Specifically, according to the method for the AUSF device to obtain the first sub-expected response, in this embodiment of the present invention, the first sub-response may be obtained according to a random number and a certain algorithm, where the algorithm may be SHA-256, SHA-384 , SHA-512 and other algorithms. In addition, the first sub-response may also be generated according to other data known by both the AUSF device and the SEAF device, for example, the AUTN may also be used.

为了进一步保证会话根密钥的完整性，或有效的提高数据传输的效率，在上述各实施例的基础上，在本发明实施例中，所述获取第一子响应包括：In order to further ensure the integrity of the session root key or effectively improve the efficiency of data transmission, on the basis of the foregoing embodiments, in this embodiment of the present invention, the obtaining the first sub-response includes:

根据所述RAND、认证响应、会话根密钥及预设的第一哈希算法生成第一校验哈希值；按照预设的第二方法，在所述第一校验哈希值中截取第二设定长度作为第一子响应；或A first check hash value is generated according to the RAND, the authentication response, the session root key and the preset first hash algorithm; according to the second preset method, intercepted from the first check hash value the second set length as the first sub-response; or

在所述第二密钥中按照预设的第三方法，截取第三设定长度作为第一子响应。In the second key, according to a preset third method, a third set length is intercepted as the first sub-response.

具体的，在本发明实施例中为了保证会话根密钥的完整性，UE的归属网络设备中的AUSF设备，采用加密密钥对会话根密钥进行加密后，还可以根据RAND、期望的响应、会话根密钥及预设的第一哈希算法生成第一哈希值，并根据该第一哈希值生成第一子期望的响应，其中所述第一哈希算法可以为SHA-256或SHA-3-256中的任意一种。Specifically, in this embodiment of the present invention, in order to ensure the integrity of the session root key, the AUSF device in the UE's home network device encrypts the session root key with an encryption key, and can also use the encryption key to encrypt the session root key. , the session root key and a preset first hash algorithm to generate a first hash value, and generate a first sub-expected response according to the first hash value, wherein the first hash algorithm can be SHA-256 or any of SHA-3-256.

相应的作为UE的漫游网络设备，采用与AUSF设备相同的方法生成第一子响应。如果第一子期望的响应是从第一哈希值中截取的，则SEAF设备采用相同的方法生成了第一校验哈希值后，采用与从第一哈希值中截取第一子期望的响应相同的方法，从第一校验哈希值中截取第一子响应。Correspondingly, the roaming network device serving as the UE generates the first sub-response using the same method as the AUSF device. If the response of the first sub-expectation is intercepted from the first hash value, the SEAF device uses the same method to generate the first verification hash value, and adopts the same method as intercepting the first sub-expectation from the first hash value. In the same way as the response, intercept the first sub-response from the first check hash value.

为了有效的提高数据传输效率，因为第一密钥已经生成，因此第一子期望的响应可以是从第一密钥中截取的。相应的，SEAF设备采用相应的方法，从第二密钥中截取第一子响应。In order to effectively improve the data transmission efficiency, since the first key has been generated, the first sub-expected response may be intercepted from the first key. Correspondingly, the SEAF device uses a corresponding method to intercept the first sub-response from the second key.

图5为本发明实施例提供的一种认证过程示意图，该过程包括以下步骤：FIG. 5 is a schematic diagram of an authentication process provided by an embodiment of the present invention, and the process includes the following steps:

S501：AUSF设备向ARPF设备发送AV-Req，ARPF设备接收到AUSF设备发送的AV-Req后，生成包含RAND、AUTN、XRES*和KASME*的AV，并发送给AUSF设备。S501: The AUSF device sends an AV-Req to the ARPF device. After receiving the AV-Req sent by the AUSF device, the ARPF device generates an AV including RAND, AUTN, XRES* and KASME*, and sends it to the AUSF device.

S502：AUSF设备接收AV，根据RAND和XRES*，以及第一预设的哈希算法，生成256比特的第一密钥，将第一密钥作为加密密钥。S502: The AUSF device receives the AV, generates a 256-bit first key according to RAND and XRES*, and a first preset hash algorithm, and uses the first key as an encryption key.

S503：AUSF设备根据所述RAND、期望的响应、会话根密钥及SHA-256生成256比特的第一哈希值，将256比特中前128比特作为第一子期望的响应。S503: The AUSF device generates a 256-bit first hash value according to the RAND, the expected response, the session root key, and SHA-256, and uses the first 128 bits of the 256 bits as the first sub-expected response.

S504：AUSF设备采用加密密钥对KASME*加密，生成EKASME*，向SEAF设备发送包含RAND、AUTN、第一子期望的响应和EKASME*的5G-AIA消息。S504: The AUSF device encrypts KASME* with an encryption key, generates EKASME*, and sends a 5G-AIA message including RAND, AUTN, the first sub-expected response, and EKASME* to the SEAF device.

S505：SEAF设备根据接收到的5G-AIA消息，向UE发送包含RAND、AUTN的认证请求消息，UE根据RAND、AUTN生成认证响应，并将该认证响应携带在认证响应消息中发送给SEAF设备。S505: The SEAF device sends an authentication request message including RAND and AUTN to the UE according to the received 5G-AIA message, and the UE generates an authentication response according to the RAND and AUTN, and carries the authentication response in the authentication response message and sends it to the SEAF device.

S506：SEAF设备根据所述认证响应、RAND及预设的第一预设的哈希算法，生成256比特的第二密钥，将第二密钥作为解密密钥，采用该解密密钥对EKASME*进行解密。S506: The SEAF device generates a 256-bit second key according to the authentication response, the RAND, and the preset first preset hash algorithm, uses the second key as a decryption key, and uses the decryption key to perform an EKASME * to decrypt.

S507：如果解密成功，SEAF设备根据所述RAND、认证响应、会话根密钥及SHA-256，生成256比特的第一校验哈希值，将256比特中前128比特作为第一子响应。S507: If the decryption is successful, the SEAF device generates a 256-bit first check hash value according to the RAND, the authentication response, the session root key and SHA-256, and uses the first 128 bits of the 256 bits as the first sub-response.

S508：SEAF设备采用第一子期望的响应对所述第一子响应验证，当验证通过后，向AUSF设备发送5G-AC消息。S508: The SEAF device verifies the first sub-response by using the first sub-expected response, and sends a 5G-AC message to the AUSF device after the verification is passed.

实施例10：Example 10:

为了进一步保证UE的漫游网络设备与归属网络设备间通信的安全性，所述向所述AUSF设备发送5G-AC之前，所述方法还包括：In order to further ensure the security of the communication between the roaming network device of the UE and the home network device, before the 5G-AC is sent to the AUSF device, the method further includes:

获取第二子响应；Get the second sub-response;

所述向AUSF设备发送5G-AC消息包括：The sending a 5G-AC message to the AUSF device includes:

向所述AUSF设备发送包含所述第二子响应的5G-AC消息。A 5G-AC message containing the second sub-response is sent to the AUSF device.

为了进一步保证UE的漫游网络设备和归属网络设备间通信的安全性，可以在5G-AC消息携带第二子响应。具体的，获取第二子响应的过程，与AUSF设备获取第二子期望的响应的过程相同。In order to further ensure the security of the communication between the UE's roaming network device and the home network device, a second sub-response may be carried in the 5G-AC message. Specifically, the process of acquiring the second sub-response is the same as the process of acquiring the second sub-expected response by the AUSF device.

具体的，根据AUSF设备获取第二子期望的响应的方法，在本发明实施例中，可以根据随机数和某一算法，获取第二子响应，其中该算法可以是SHA-256、SHA-384、SHA-512等算法中的任意一种。另外也可以根据AUSF设备和SEAF设备都知道的其他数据，生成第二子响应，例如也可以是AUTN。Specifically, according to the method for the AUSF device to obtain the second sub-expected response, in this embodiment of the present invention, the second sub-response may be obtained according to a random number and a certain algorithm, where the algorithm may be SHA-256, SHA-384 , SHA-512 and other algorithms. In addition, the second sub-response may also be generated according to other data known by both the AUSF device and the SEAF device, for example, the AUTN may also be used.

为了进一步保证会话根密钥的完整性，或有效的提高数据传输的效率，在上述各实施例的基础上，在本发明实施例中，所述获取第二子响应包括：In order to further ensure the integrity of the session root key or effectively improve the efficiency of data transmission, on the basis of the foregoing embodiments, in this embodiment of the present invention, the obtaining the second sub-response includes:

根据所述RAND、认证响应、会话根密钥及预设的第二哈希算法生成第二校验哈希值；按照预设的第四方法，在所述第二校验哈希值中截取第四设定长度作为第二子响应；或Generate a second check hash value according to the RAND, the authentication response, the session root key and the preset second hash algorithm; according to the fourth preset method, intercept the second check hash value from the second check hash value the fourth set length as the second sub-response; or

在所述第二密钥中按照预设的第五方法，截取第五设定长度作为第二子响应。In the second key, according to the preset fifth method, a fifth set length is intercepted as the second sub-response.

具体的，在本发明实施例中为了保证会话根密钥的完整性，UE的归属网络设备中的AUSF设备，采用加密密钥对会话根密钥进行加密后，还可以根据RAND、期望的响应、会话根密钥及预设的第二哈希算法生成第二哈希值，并根据该第二哈希值生成第二子期望的响应，其中所述第二哈希算法可以为SHA-256或SHA-3-256中的任意一种。Specifically, in this embodiment of the present invention, in order to ensure the integrity of the session root key, the AUSF device in the UE's home network device encrypts the session root key with an encryption key, and can also use the encryption key to encrypt the session root key. , the session root key and a preset second hash algorithm to generate a second hash value, and generate a second sub-expected response according to the second hash value, wherein the second hash algorithm can be SHA-256 or any of SHA-3-256.

相应的作为UE的漫游网络设备，采用与AUSF设备相同的方法生成第二子响应。如果第二子期望的响应是从第二哈希值中截取的，则SEAF设备采用相同的方法生成了第二校验哈希值后，采用与从第二哈希值中截取第二子期望的响应相同的方法，从第二校验哈希值中截取第二子响应。Correspondingly, the roaming network device as the UE generates the second sub-response using the same method as the AUSF device. If the response of the second sub-expectation is intercepted from the second hash value, the SEAF device uses the same method to generate the second verification hash value, and adopts the same method as intercepting the second sub-expectation from the second hash value. In the same way as the response, intercept the second sub-response from the second check hash value.

为了有效的提高数据传输效率，因为第二密钥已经生成，因此第二子期望的响应可以是从第二密钥中截取的。相应的，SEAF设备采用相应的方法，从第二密钥中截取第二子响应。In order to effectively improve the data transmission efficiency, since the second key has been generated, the response of the second sub-expected can be intercepted from the second key. Correspondingly, the SEAF device uses a corresponding method to intercept the second sub-response from the second key.

图6为本发明实施例提供的一种认证过程示意图，该过程包括以下步骤：FIG. 6 is a schematic diagram of an authentication process provided by an embodiment of the present invention, and the process includes the following steps:

S601：AUSF设备向ARPF设备发送AV-Req，ARPF设备接收到AUSF设备发送的AV-Req后，生成包含RAND、AUTN、XRES*和KASME*的AV，并发送给AUSF设备。S601: The AUSF device sends an AV-Req to the ARPF device. After receiving the AV-Req sent by the AUSF device, the ARPF device generates an AV including RAND, AUTN, XRES* and KASME*, and sends it to the AUSF device.

S602：AUSF设备接收AV，根据RAND、XRES*，以及SHA-512生成512比特的第一密钥，将512比特中前128比特作为第一子期望的响应，最后128比特作为第二子期望的响应，剩余的256比特位作为加密密钥。S602: The AUSF device receives the AV, generates a 512-bit first key according to RAND, XRES*, and SHA-512, uses the first 128 bits of the 512 bits as the first sub-expected response, and the last 128 bits as the second sub-expected response In response, the remaining 256 bits are used as the encryption key.

S603：AUSF设备采用加密密钥对KASME*加密，生成EKASME*，向SEAF设备发送包含RAND、AUTN、第一子期望的响应和EKASME*的5G-AIA消息。S603: The AUSF device encrypts KASME* with an encryption key, generates EKASME*, and sends a 5G-AIA message including RAND, AUTN, the first sub-expected response, and EKASME* to the SEAF device.

S604：SEAF设备根据接收到的5G-AIA消息，向UE发送包含RAND、AUTN的认证请求消息，UE根据RAND、AUTN生成认证响应，并将该认证响应携带在认证响应消息中发送给SEAF设备。S604: The SEAF device sends an authentication request message including RAND and AUTN to the UE according to the received 5G-AIA message, and the UE generates an authentication response according to the RAND and AUTN, and carries the authentication response in the authentication response message and sends it to the SEAF device.

S605：SEAF设备根据所述认证响应、RAND及SHA-512，生成512比特的第二密钥，将该第二密钥中前128比特作为第一子响应，最后128比特作为第二响应，剩余的256比特位作为解密密钥。S605: The SEAF device generates a 512-bit second key according to the authentication response, RAND and SHA-512, the first 128 bits in the second key are used as the first sub-response, the last 128 bits are used as the second response, and the remaining 128 bits are used as the second response. 256 bits as the decryption key.

S606：SEAF设备采用解密密钥对EKASME*解密，当解密成功时，采用第一子期望的响应对所述第一子响应验证，当验证通过后，向AUSF设备发送包含第二子响应的5G-AC消息。S606: The SEAF device uses the decryption key to decrypt EKASME*, and when the decryption succeeds, uses the first expected response to verify the first sub-response, and when the verification is passed, sends the 5G containing the second sub-response to the AUSF device -AC message.

S607：AUSF设备接收5G-AC消息，采用第二子期望的响应对所述第二子响应验证，当验证通过后，确认SEAF设备完成对UE的认证。S607: The AUSF device receives the 5G-AC message, uses the second sub-expected response to verify the second sub-response, and when the verification is passed, confirms that the SEAF device has completed the authentication of the UE.

实施例11：Example 11:

图7为本发明实施例提供的一种认证装置结构示意图，应用于认证服务功能AUSF设备，该装置包括：7 is a schematic structural diagram of an authentication apparatus provided by an embodiment of the present invention, which is applied to an AUSF device with an authentication service function, and the apparatus includes:

加密模块71，用于接收包含随机数RAND、认证令牌AUTN、期望的响应和会话根密钥的认证矢量，并获取加密密钥，采用所述加密密钥对所述会话根密钥进行加密，其中所述加密密钥根据期望的响应及预设的算法确定；Theencryption module 71 is used to receive the authentication vector including the random number RAND, the authentication token AUTN, the expected response and the session root key, and obtain the encryption key, and use the encryption key to encrypt the session root key , wherein the encryption key is determined according to an expected response and a preset algorithm;

发送模块72，用于向安全锚点功能SEAF设备发送包括RAND、AUTN和加密后的会话根密钥的5G-AIA消息，使所述SEAF设备接收到所述5G-AIA消息后，将所述RAND、AUTN发送给所述UE，并根据所述UE返回的认证响应采用所述预设的算法生成解密密钥，对所述加密后的会话根密钥进行解密；The sendingmodule 72 is configured to send a 5G-AIA message including RAND, AUTN and an encrypted session root key to the security anchor function SEAF device, so that after the SEAF device receives the 5G-AIA message, it sends the 5G-AIA message. The RAND and AUTN are sent to the UE, and the preset algorithm is used to generate a decryption key according to the authentication response returned by the UE, and the encrypted session root key is decrypted;

接收确定模块73，用于接收SEAF设备发送的5G认证确认消息5G-AC，确定所述SEAF设备完成对UE的认证，其中所述5G-AC为所述SEAF设备对所述加密后的会话根密钥解密成功后发送的。The receiving and determiningmodule 73 is configured to receive the 5G authentication confirmation message 5G-AC sent by the SEAF device, and determine that the SEAF device has completed the authentication of the UE, wherein the 5G-AC is the encrypted session root of the SEAF device. Sent after the key is successfully decrypted.

所述加密模块71，具体用于根据所述认证矢量中包含的期望的响应，及预设的算法生成第一密钥，并根据生成的所述第一密钥获取加密密钥；或接收认证凭证存储和处理功能ARPF设备发送的第一密钥，根据接收的所述第一密钥获取加密密钥，其中所述ARPF根据期望的响应，及预设的算法生成所述第一密钥。Theencryption module 71 is specifically configured to generate a first key according to the expected response contained in the authentication vector and a preset algorithm, and obtain an encryption key according to the generated first key; or receive authentication The first key sent by the credential storage and processing function ARPF device obtains an encryption key according to the received first key, wherein the ARPF generates the first key according to an expected response and a preset algorithm.

所述加密模块71，具体用于将所述第一密钥作为加密密钥；或在所述第一密钥中按照预设的第一方法，截取第一设定长度作为加密密钥。Theencryption module 71 is specifically configured to use the first key as an encryption key; or intercept a first set length from the first key as an encryption key according to a preset first method.

所述加密模块71，具体还用于获取第一子期望的响应；Theencryption module 71 is specifically also used to obtain the response of the first sub-expected;

所述发送模块72，具体用于向SEAF设备发送包括所述RAND、AUTN、第一子期望的响应和加密后的会话根密钥的5G-AIA消息。The sendingmodule 72 is specifically configured to send the 5G-AIA message including the RAND, the AUTN, the first sub-expected response and the encrypted session root key to the SEAF device.

所述加密模块71，具体用于根据所述RAND、期望的响应、会话根密钥及预设的第一哈希算法生成第一哈希值；按照预设的第二方法，在所述第一哈希值中截取第二设定长度作为第一子期望的响应；或在所述第一密钥中按照预设的第三方法，截取第三设定长度作为第一子期望的响应。Theencryption module 71 is specifically configured to generate a first hash value according to the RAND, the expected response, the session root key and the preset first hash algorithm; A second set length is intercepted from a hash value as the response of the first sub-expectation; or a third preset length is intercepted from the first key according to a preset third method as the response of the first sub-expectation.

所述加密模块71，还用于获取第二子期望的响应；Theencryption module 71 is further configured to obtain the response of the second sub-expected;

所述接收确定模块73，具体用于接收SEAF设备发送的包含第二子响应的5G-AC消息，根据所述第二子期望响应验证所述第二子响应，如果验证通过，确定所述SEAF设备完成对UE的认证。The receivingdetermination module 73 is specifically configured to receive the 5G-AC message containing the second sub-response sent by the SEAF device, verify the second sub-response according to the second sub-expected response, and determine the SEAF if the verification is passed. The device completes the authentication of the UE.

所述加密模块71，具体用于根据所述RAND、期望的响应、会话根密钥及预设的第二哈希算法生成第二哈希值；按照预设的第四方法，在所述第二哈希值中截取第四设定长度作为第二子期望的响应；或在所述第一密钥中按照预设的第五方法，截取第五设定长度作为第二子期望的响应。Theencryption module 71 is specifically configured to generate a second hash value according to the RAND, the expected response, the session root key and the preset second hash algorithm; The fourth set length is intercepted from the two hash values as the response of the second sub-expectation; or the fifth set length is intercepted from the first key according to the preset fifth method as the response of the second sub-expectation.

所述加密模块71，具体用于根据所述RAND、所述期望的响应及预设的算法生成第一密钥。Theencryption module 71 is specifically configured to generate a first key according to the RAND, the expected response and a preset algorithm.

实施例12：Example 12:

图8为本发明实施例提供的一种认证装置结构示意图，应用于安全锚点功能SEAF设备，该装置包括：8 is a schematic structural diagram of an authentication device provided by an embodiment of the present invention, which is applied to a security anchor function SEAF device, and the device includes:

收发模块81，用于接收认证服务功能AUSF设备发送的包括随机数RAND、认证令牌AUTN和加密后的会话根密钥的5G-AIA消息，将所述RAND、AUTN发送给所述UE，其中所述5G-AIA消息中的加密后的会话根密钥为所述AUSF设备接收包含随机数RAND、认证令牌AUTN、期望的响应和会话根密钥的认证矢量，并根据期望的响应及预设的算法确定的；Thetransceiver module 81 is configured to receive the 5G-AIA message including the random number RAND, the authentication token AUTN and the encrypted session root key sent by the authentication service function AUSF device, and send the RAND and AUTN to the UE, wherein The encrypted session root key in the 5G-AIA message is the authentication vector that the AUSF device receives including the random number RAND, the authentication token AUTN, the expected response and the session root key, and the determined by the set algorithm;

接收解密模块82，用于接收所述UE返回的认证响应，并根据所述认证响应及所述预设的算法确定解密密钥，对所述加密后的会话根密钥进行解密；A receiving and decryptingmodule 82, configured to receive the authentication response returned by the UE, and determine a decryption key according to the authentication response and the preset algorithm, and decrypt the encrypted session root key;

发送模块83，用于如果对所述加密后的会话根密钥解密成功，则向所述AUSF设备发送5G认证确认5G-AC消息。The sendingmodule 83 is configured to send a 5G authentication confirmation 5G-AC message to the AUSF device if the encrypted session root key is successfully decrypted.

所述接收解密模块82，具体用于根据所述认证响应及预设的算法生成第二密钥，将所述第二密钥作为解密密钥；或根据所述认证响应及预设的算法生成第二密钥，在所述第二密钥中按照预设的第一方法，截取第一设定长度作为解密密钥。The receivingdecryption module 82 is specifically configured to generate a second key according to the authentication response and a preset algorithm, and use the second key as a decryption key; or generate a second key according to the authentication response and the preset algorithm The second key, in the second key, according to the preset first method, intercepting the first set length as the decryption key.

所述收发模块81，具体用于接收AUSF设备发送的包含RAND、AUTN、第一子期望的响应和加密后的会话根密钥的5G-AIA消息；Thetransceiver module 81 is specifically configured to receive a 5G-AIA message including RAND, AUTN, the first sub-expected response and the encrypted session root key sent by the AUSF device;

所述接收解密模块82，还用于获取第一子响应；根据所述第一子期望响应验证所述第一子响应，如果验证通过，触发发送模块。The receiving and decryptingmodule 82 is further configured to obtain the first sub-response; verify the first sub-response according to the first sub-expected response, and trigger the sending module if the verification is passed.

所述接收解密模块82，具体用于根据所述RAND、认证响应、会话根密钥及预设的第一哈希算法生成第一校验哈希值；按照预设的第二方法，在所述第一校验哈希值中截取第二设定长度作为第一子响应；或在所述第二密钥中按照预设的第三方法，截取第三设定长度作为第一子响应。The receiving and decryptingmodule 82 is specifically configured to generate a first check hash value according to the RAND, the authentication response, the session root key and the preset first hash algorithm; intercepting the second set length from the first check hash value as the first sub-response; or intercepting the third set length from the second key as the first sub-response according to a preset third method.

所述接收解密模块82，还用于获取第二子响应；The receivingdecryption module 82 is also used to obtain the second sub-response;

所述发送模块83，还用于向所述AUSF设备发送包含所述第二子响应的5G-AC消息。The sendingmodule 83 is further configured to send a 5G-AC message including the second sub-response to the AUSF device.

所述接收解密模块82，具体用于根据所述RAND、认证响应、会话根密钥及预设的第二哈希算法生成第二校验哈希值；按照预设的第四方法，在所述第二校验哈希值中截取第四设定长度作为第二子响应；或在所述第二密钥中按照预设的第五方法，截取第五设定长度作为第二子响应。The receiving and decryptingmodule 82 is specifically configured to generate a second check hash value according to the RAND, the authentication response, the session root key and the preset second hash algorithm; intercepting the fourth set length from the second check hash value as the second sub-response; or intercepting the fifth set length from the second key as the second sub-response according to the preset fifth method.

所述接收解密模块82，具体用于根据所述RAND、所述认证响应及预设的算法生成第二密钥。The receiving and decryptingmodule 82 is specifically configured to generate a second key according to the RAND, the authentication response and a preset algorithm.

实施例13：Example 13:

基于同一发明构思，本发明实施例中还提供了一种认证服务功能AUSF设备，由于上述认证服务功能AUSF设备解决问题的原理与应用于认证服务功能AUSF设备的认证方法相似，因此上述认证服务功能AUSF设备的实施可以参见方法的实施，重复之处不再赘述。Based on the same inventive concept, the embodiment of the present invention also provides an authentication service function AUSF device. Since the above-mentioned authentication service function AUSF device solves the problem in a similar way to the authentication method applied to the authentication service function AUSF device, the above authentication service function AUSF device For the implementation of the AUSF device, reference may be made to the implementation of the method, and repeated details will not be repeated.

如图9所示，其为本发明实施例提供的AUSF设备的结构示意图，其中在图9中，总线架构可以包括任意数量的互联的总线和桥，具体有处理器91代表的一个或多个处理器91和存储器93代表的存储器93的各种电路链接在一起。总线架构还可以将诸如外围设备、稳压器和功率管理电路等之类的各种其他电路链接在一起，这些都是本领域所公知的，因此，本文不再对其进行进一步描述。总线接口提供接口。收发机92可以是多个元件，即包括发送机和收发机92，提供用于在传输介质上与各种其他装置通信的单元。处理器91负责管理总线架构和通常的处理，存储器93可以存储处理器91在执行操作时所使用的数据。As shown in FIG. 9 , which is a schematic structural diagram of an AUSF device provided by an embodiment of the present invention, wherein in FIG. 9 , the bus architecture may include any number of interconnected buses and bridges, and specifically one or more interconnected buses and bridges represented by the processor 91 The various circuits ofmemory 93 represented by processor 91 andmemory 93 are linked together. The bus architecture may also link together various other circuits, such as peripherals, voltage regulators, and power management circuits, which are well known in the art and, therefore, will not be described further herein. The bus interface provides the interface. Transceiver 92 may be a number of elements, including a transmitter and transceiver 92, providing a means for communicating with various other devices over a transmission medium. The processor 91 is responsible for managing the bus architecture and general processing, and thememory 93 may store data used by the processor 91 in performing operations.

在本发明实施例提供的AUSF设备中：In the AUSF device provided in the embodiment of the present invention:

所述处理器91，用于读取存储器93中的程序，执行下列过程：通过收发机92接收包含随机数RAND、认证令牌AUTN、期望的响应和会话根密钥的认证矢量，并获取加密密钥，采用所述加密密钥对所述会话根密钥进行加密，其中所述加密密钥根据期望的响应及预设的算法确定；向安全锚点功能SEAF设备发送包括RAND、AUTN和加密后的会话根密钥的5G-AIA消息，使所述SEAF设备接收到所述5G-AIA消息后，将所述RAND、AUTN发送给所述UE，并根据所述UE返回的认证响应采用所述预设的算法生成解密密钥，对所述加密后的会话根密钥进行解密；接收SEAF设备发送的5G认证确认消息5G-AC，确定所述SEAF设备完成对UE的认证，其中所述5G-AC为所述SEAF设备对所述加密后的会话根密钥解密成功后发送的。The processor 91, for reading the program in thememory 93, performs the following process: receiving the authentication vector containing the random number RAND, the authentication token AUTN, the expected response and the session root key through the transceiver 92, and obtaining the encrypted key, using the encryption key to encrypt the session root key, wherein the encryption key is determined according to the expected response and the preset algorithm; send to the security anchor function SEAF device including RAND, AUTN and encryption After receiving the 5G-AIA message, the SEAF device sends the RAND and AUTN to the UE, and adopts the authentication response returned by the UE according to the 5G-AIA message. The preset algorithm generates a decryption key, and decrypts the encrypted session root key; receives the 5G authentication confirmation message 5G-AC sent by the SEAF device, and determines that the SEAF device has completed the authentication of the UE, wherein the 5G-AC is sent after the SEAF device successfully decrypts the encrypted session root key.

优选地，所述处理器91，具体用于根据所述认证矢量中包含的期望的响应，及预设的算法生成第一密钥，并根据生成的所述第一密钥获取加密密钥；或接收认证凭证存储和处理功能设备ARPF设备发送的第一密钥，根据接收的所述第一密钥获取加密密钥，其中所述ARPF设备根据期望的响应，及预设的算法生成所述密钥。Preferably, the processor 91 is specifically configured to generate a first key according to the expected response contained in the authentication vector and a preset algorithm, and obtain an encryption key according to the generated first key; Or receive the first key sent by the authentication credential storage and processing function device ARPF device, and obtain the encryption key according to the received first key, wherein the ARPF device generates the encryption key according to the expected response and the preset algorithm. key.

优选地，所述处理器91，具体用于将所述第一密钥作为加密密钥；或在所述第一密钥中按照预设的第一方法，截取第一设定长度作为加密密钥。Preferably, the processor 91 is specifically configured to use the first key as an encryption key; or intercept a first set length from the first key as an encryption key according to a preset first method key.

优选地，所述处理器91，还用于获取第一子期望的响应；通过收发机92向SEAF设备发送包括所述RAND、AUTN、第一子期望的响应和加密后的会话根密钥的5G-AIA消息。Preferably, the processor 91 is further configured to obtain the response of the first sub-expectation; sending a response including the RAND, AUTN, the first sub-expected response and the encrypted session root key to the SEAF device through the transceiver 92 5G-AIA news.

优选地，所述处理器91，具体用于根据所述RAND、期望的响应、会话根密钥及预设的第一哈希算法生成第一哈希值；按照预设的第二方法，在所述第一哈希值中截取第二设定长度作为第一子期望的响应；或在所述密钥中按照预设的第三方法，截取第三设定长度作为第一子期望的响应。Preferably, the processor 91 is specifically configured to generate the first hash value according to the RAND, the expected response, the session root key and the preset first hash algorithm; according to the preset second method, in The second set length is intercepted from the first hash value as the response of the first sub-expectation; or the third preset length is intercepted in the key according to the preset third method as the response of the first sub-expectation .

优选地，所述处理器91，还用于获取第二子期望的响应；通过收发机92接收SEAF设备发送的包含第二子响应的5G-AC消息，根据所述第二子期望响应验证所述第二子响应，如果验证通过，确定所述SEAF设备完成对UE的认证。Preferably, the processor 91 is further configured to acquire the response of the second sub-expected; receive the 5G-AC message containing the second sub-response sent by the SEAF device through the transceiver 92, and verify all the responses according to the second sub-expected response. In the second sub-response, if the verification is passed, it is determined that the SEAF device has completed the authentication of the UE.

优选地，所述处理器91，具体用于根据所述RAND、期望的响应、会话根密钥及预设的第二哈希算法生成第二哈希值；按照预设的第四方法，在所述第二哈希值中截取第四设定长度作为第二子期望的响应；或在所述密钥中按照预设的第五方法，截取第五设定长度作为第二子期望的响应。Preferably, the processor 91 is specifically configured to generate the second hash value according to the RAND, the expected response, the session root key and the preset second hash algorithm; according to the preset fourth method, in The fourth set length is intercepted from the second hash value as the response of the second sub-expectation; or according to the preset fifth method in the key, the fifth set length is intercepted as the response of the second sub-expectation .

优选地，所述处理器91，具体用于根据所述RAND、所述期望的响应及预设的算法生成第一密钥。Preferably, the processor 91 is specifically configured to generate the first key according to the RAND, the expected response and a preset algorithm.

实施例14：Example 14:

基于同一发明构思，本发明实施例中还提供了一种安全锚点功能SEAF设备，由于上述SEAF设备解决问题的原理与应用于SEAF设备的认证方法相似，因此上述SEAF设备的实施可以参见方法的实施，重复之处不再赘述。Based on the same inventive concept, an embodiment of the present invention also provides a security anchor function SEAF device. Since the principle of the above SEAF device to solve the problem is similar to the authentication method applied to the SEAF device, the implementation of the above SEAF device can refer to the method. Implementation, the repetition will not be repeated.

如图10所示，其为本发明实施例提供的SEAF设备的结构示意图，其中在图10中，总线架构可以包括任意数量的互联的总线和桥，具体有处理器111代表的一个或多个处理器111和存储器113代表的存储器113的各种电路链接在一起。总线架构还可以将诸如外围设备、稳压器和功率管理电路等之类的各种其他电路链接在一起，这些都是本领域所公知的，因此，本文不再对其进行进一步描述。总线接口提供接口。收发机112可以是多个元件，即包括发送机和收发机112，提供用于在传输介质上与各种其他装置通信的单元。处理器111负责管理总线架构和通常的处理，存储器113可以存储处理器111在执行操作时所使用的数据。As shown in FIG. 10 , which is a schematic structural diagram of a SEAF device provided by an embodiment of the present invention, in which, in FIG. 10 , the bus architecture may include any number of interconnected buses and bridges, and specifically one or more interconnected buses and bridges represented by the processor 111 Processor 111 and various circuits of memory 113 represented by memory 113 are linked together. The bus architecture may also link together various other circuits, such as peripherals, voltage regulators, and power management circuits, which are well known in the art and, therefore, will not be described further herein. The bus interface provides the interface. Transceiver 112 may be a number of elements, including a transmitter and transceiver 112, providing a means for communicating with various other devices over a transmission medium. The processor 111 is responsible for managing the bus architecture and general processing, and the memory 113 may store data used by the processor 111 when performing operations.

在本发明实施例提供的SEAF设备中：In the SEAF device provided in the embodiment of the present invention:

所述处理器111，用于读取存储器113中的程序，执行下列过程：通过收发机112接收认证服务功能AUSF设备发送的包括随机数RAND、认证令牌AUTN和加密后的会话根密钥的5G-AIA消息，将所述RAND、AUTN发送给所述UE，其中所述5G-AIA消息中的加密后的会话根密钥为，所述AUSF设备接收包含随机数RAND、认证令牌AUTN、期望的响应和会话根密钥的认证矢量，并根据期望的响应及预设的算法确定的；接收所述UE返回的认证响应，并根据所述认证响应及所述预设的算法确定解密密钥，对所述加密后的会话根密钥进行解密；如果对所述加密后的会话根密钥解密成功，则向所述AUSF设备发送5G认证确认5G-AC消息。The processor 111 is configured to read the program in the memory 113, and perform the following process: receive the random number RAND, the authentication token AUTN and the encrypted session root key sent by the authentication service function AUSF device through the transceiver 112; 5G-AIA message, sending the RAND and AUTN to the UE, wherein the encrypted session root key in the 5G-AIA message is, the AUSF device receives a random number RAND, an authentication token AUTN, The expected response and the authentication vector of the session root key are determined according to the expected response and the preset algorithm; the authentication response returned by the UE is received, and the decryption password is determined according to the authentication response and the preset algorithm. key, decrypt the encrypted session root key; if the encrypted session root key is successfully decrypted, send a 5G authentication confirmation 5G-AC message to the AUSF device.

优选地，所述处理器111，具体用于根据所述认证响应及预设的算法生成第二密钥，将所述第二密钥作为解密密钥；或根据所述认证响应及预设的算法生成第二密钥，在所述第二密钥中按照预设的第一方法，截取第一设定长度作为解密密钥。Preferably, the processor 111 is specifically configured to generate a second key according to the authentication response and a preset algorithm, and use the second key as a decryption key; or according to the authentication response and a preset algorithm The algorithm generates a second key, and in the second key, according to a preset first method, a first set length is intercepted as a decryption key.

优选地，所述处理器111，具体用于通过收发机112接收AUSF设备发送的包含RAND、AUTN、第一子期望的响应和加密后的会话根密钥的5G-AIA消息；获取第一子响应；根据所述第一子期望响应验证所述第一子响应，如果验证通过，进行后续步骤。Preferably, the processor 111 is specifically configured to receive, through the transceiver 112, a 5G-AIA message including RAND, AUTN, the expected response of the first sub, and the encrypted session root key sent by the AUSF device; obtain the first sub Response; verify the first sub-response according to the first sub-expected response, and if the verification is passed, proceed to the subsequent steps.

优选地，所述处理器111，具体用于根据所述RAND、认证响应、会话根密钥及预设的第一哈希算法生成第一校验哈希值；按照预设的第二方法，在所述第一校验哈希值中截取第二设定长度作为第一子响应；或在所述第二密钥中按照预设的第三方法，截取第三设定长度作为第一子响应。Preferably, the processor 111 is specifically configured to generate a first check hash value according to the RAND, the authentication response, the session root key and the preset first hash algorithm; according to the preset second method, intercepting the second set length from the first check hash value as the first sub-response; or intercepting the third set length from the second key according to a preset third method as the first sub-response response.

优选地，所述处理器111，还用于获取第二子响应；通过收发机112向所述AUSF设备发送包含所述第二子响应的5G-AC消息。Preferably, the processor 111 is further configured to acquire a second sub-response; send a 5G-AC message including the second sub-response to the AUSF device through the transceiver 112 .

优选地，所述处理器111，具体用于根据所述RAND、认证响应、会话根密钥及预设的第二哈希算法生成第二校验哈希值；按照预设的第四方法，在所述第二校验哈希值中截取第四设定长度作为第二子响应；或在所述第二密钥中按照预设的第五方法，截取第五设定长度作为第二子响应。Preferably, the processor 111 is specifically configured to generate a second check hash value according to the RAND, the authentication response, the session root key and the preset second hash algorithm; according to the preset fourth method, intercepting a fourth set length from the second check hash value as a second sub-response; or intercepting a fifth set length from the second key as a second sub-response according to a preset fifth method response.

优选地，所述处理器111，具体用于根据所述RAND、所述认证响应及预设的算法生成第二密钥。Preferably, the processor 111 is specifically configured to generate the second key according to the RAND, the authentication response and a preset algorithm.

实施例15：Example 15:

图11为本发明实施例提供的一种认证系统结构示意图，所述认证系统包括UE121、AUSF设备122和SEAF设备123；其中，FIG. 11 is a schematic structural diagram of an authentication system according to an embodiment of the present invention, where the authentication system includes a UE121, anAUSF device 122, and aSEAF device 123; wherein,

所述AUSF设备122，用于接收包含随机数RAND、认证令牌AUTN、期望的响应和会话根密钥的认证矢量，并获取加密密钥，采用所述加密密钥对所述会话根密钥进行加密，其中所述加密密钥根据期望的响应及预设的算法确定；并向所述SEAF设备123发送包括RAND、AUTN和加密后的会话根密钥的5G-AIA消息；TheAUSF device 122 is configured to receive an authentication vector containing a random number RAND, an authentication token AUTN, an expected response and a session root key, and obtain an encryption key, and use the encryption key to pair the session root key with the encryption key. performing encryption, wherein the encryption key is determined according to the expected response and a preset algorithm; sending a 5G-AIA message including RAND, AUTN and the encrypted session root key to theSEAF device 123;

所述SEAF设备123，用于接收AUSF设备122发送的包括随机数RAND、认证令牌AUTN和加密后的会话根密钥的5G-AIA消息，并将所述RAND、AUTN发送给所述UE121；TheSEAF device 123 is configured to receive the 5G-AIA message including the random number RAND, the authentication token AUTN and the encrypted session root key sent by theAUSF device 122, and send the RAND and AUTN to the UE121;

所述UE121，用于接收所述SEAF设备123发送的RAND、AUTN，根据所述RAND、AUTN生成认证响应，并将所述认证响应发送给所述SEAF设备123；The UE121 is configured to receive the RAND and AUTN sent by theSEAF device 123, generate an authentication response according to the RAND and the AUTN, and send the authentication response to theSEAF device 123;

所述SEAF设备123，还用于接收所述UE121返回的认证响应，并根据所述认证响应及所述预设的算法确定解密密钥，对所述加密后的会话根密钥进行解密；并且如果对所述加密后的会话根密钥解密成功，则向所述AUSF设备122发送5G认证确认5G-AC消息；TheSEAF device 123 is further configured to receive the authentication response returned by the UE 121, determine a decryption key according to the authentication response and the preset algorithm, and decrypt the encrypted session root key; and If the encrypted session root key is successfully decrypted, send a 5G authentication confirmation 5G-AC message to theAUSF device 122;

所述AUSF设备122，还用于接收所述SEAF设备123发送的5G-AC消息，确定所述SEAF设备123完成对UE121的认证。TheAUSF device 122 is further configured to receive the 5G-AC message sent by theSEAF device 123, and determine that theSEAF device 123 has completed the authentication of the UE 121.

所述AUSF设备122，具体用于根据所述认证矢量中包含的期望的响应，及预设的算法生成第一密钥，并根据生成的所述第一密钥获取加密密钥；或接收认证凭证存储和处理功能设备ARPF设备发送的第一密钥，根据接收的所述第一密钥获取加密密钥，其中所述ARPF设备根据期望的响应，及预设的算法生成所述密钥；其中，根据所述第一密钥获取加密密钥包括：将所述第一密钥作为加密密钥；或在所述第一密钥中按照预设的第一方法，截取第一设定长度作为加密密钥；TheAUSF device 122 is specifically configured to generate a first key according to the expected response included in the authentication vector and a preset algorithm, and obtain an encryption key according to the generated first key; or receive authentication The first key sent by the credential storage and processing function device ARPF device, and the encryption key is obtained according to the received first key, wherein the ARPF device generates the key according to an expected response and a preset algorithm; Wherein, obtaining the encryption key according to the first key includes: using the first key as the encryption key; or intercepting the first set length in the first key according to a preset first method as an encryption key;

所述SEAF设备123，具体用于根据所述认证响应及预设的算法生成第二密钥，将所述第二密钥作为解密密钥；或根据所述认证响应及预设的算法生成第二密钥，在所述第二密钥中按照预设的第一方法，截取第一设定长度作为解密密钥。TheSEAF device 123 is specifically configured to generate a second key according to the authentication response and a preset algorithm, and use the second key as a decryption key; or generate a first key according to the authentication response and the preset algorithm. Second key, in the second key, according to the preset first method, intercept the first set length as the decryption key.

所述AUSF设备122，还用于获取第一子期望的响应；向SEAF设备123发送包括所述RAND、AUTN、第一子期望的响应和加密后的会话根密钥的5G-AIA消息；TheAUSF device 122 is further configured to obtain the response of the first sub-expected; send a 5G-AIA message including the RAND, AUTN, the response of the first sub-expected and the encrypted session root key to theSEAF device 123;

所述SEAF设备123，具体用于接收AUSF设备122发送的包含RAND、AUTN、第一子期望的响应和加密后的会话根密钥的5G-AIA消息；获取第一子响应；根据所述第一子期望响应验证所述第一子响应，如果验证通过，向所述AUSF设备122发送5G-AC消息。TheSEAF device 123 is specifically configured to receive the 5G-AIA message sent by theAUSF device 122 and include the RAND, AUTN, the first sub-expected response and the encrypted session root key; obtain the first sub-response; according to the first sub-response; A sub-expected response verifies the first sub-response, and if the verification passes, a 5G-AC message is sent to theAUSF device 122 .

所述AUSF设备122，具体用于根据所述RAND、期望的响应、会话根密钥及预设的第一哈希算法生成第一哈希值；按照预设的第二方法，在所述第一哈希值中截取第二设定长度作为第一子期望的响应；或在所述密钥中按照预设的第三方法，截取第三设定长度作为第一子期望的响应；TheAUSF device 122 is specifically configured to generate a first hash value according to the RAND, the expected response, the session root key and the preset first hash algorithm; A second set length is intercepted from a hash value as the response of the first sub-expectation; or according to a preset third method in the key, the third set length is intercepted as the response of the first sub-expectation;

所述SEAF设备123，具体用于根据所述RAND、认证响应、会话根密钥及预设的第一哈希算法生成第一校验哈希值；按照预设的第二方法，在所述第一校验哈希值中截取第二设定长度作为第一子响应；或在所述第二密钥中按照预设的第三方法，截取第三设定长度作为第一子响应。TheSEAF device 123 is specifically configured to generate a first check hash value according to the RAND, the authentication response, the session root key and the preset first hash algorithm; according to the preset second method, in the The second set length is intercepted from the first check hash value as the first sub-response; or the third set length is intercepted from the second key according to a preset third method as the first sub-response.

所述AUSF设备122，还用于获取第二子期望的响应；TheAUSF device 122 is further configured to obtain the response of the second sub-expected;

所述SEAF设备123，还用于获取第二子响应；向所述AUSF设备122发送包含所述第二子响应的5G认证确认消息；TheSEAF device 123 is further configured to acquire a second sub-response; send a 5G authentication confirmation message including the second sub-response to theAUSF device 122;

所述AUSF设备122，具体用于接收SEAF设备123发送的包含第二子响应的5G认证确认消息，根据所述第二子期望响应验证所述第二子响应，如果验证通过，确定所述SEAF设备123完成对UE121的认证。TheAUSF device 122 is specifically configured to receive a 5G authentication confirmation message containing a second sub-response sent by theSEAF device 123, verify the second sub-response according to the second sub-expected response, and determine the SEAF if the verification is passedDevice 123 completes authentication of UE 121 .

所述AUSF设备122，具体用于根据所述RAND、期望的响应、会话根密钥及预设的第二哈希算法生成第二哈希值；按照预设的第四方法，在所述第二哈希值中截取第四设定长度作为第二子期望的响应；或在所述密钥中按照预设的第五方法，截取第五设定长度作为第二子期望的响应；TheAUSF device 122 is specifically configured to generate the second hash value according to the RAND, the expected response, the session root key and the preset second hash algorithm; according to the preset fourth method, in the first The fourth set length is intercepted from the two hash values as the response of the second sub-expectation; or according to the preset fifth method in the key, the fifth set length is intercepted as the response of the second sub-expectation;

所述SEAF设备123，具体用于根据所述RAND、认证响应、会话根密钥及预设的第二哈希算法生成第二校验哈希值；按照预设的第四方法，在所述第二校验哈希值中截取第四设定长度作为第二子响应；或在所述第二密钥中按照预设的第五方法，截取第五设定长度作为第二子响应。TheSEAF device 123 is specifically configured to generate a second check hash value according to the RAND, the authentication response, the session root key and the preset second hash algorithm; according to the preset fourth method, in the The fourth set length is intercepted from the second check hash value as the second sub-response; or the fifth set length is intercepted from the second key according to the preset fifth method as the second sub-response.

所述AUSF设备122，具体用于根据所述RAND、所述期望的响应及预设的算法生成第一密钥；TheAUSF device 122 is specifically configured to generate a first key according to the RAND, the expected response and a preset algorithm;

所述SEAF设备123，具体用于根据所述RAND、所述认证响应及预设的算法生成第二密钥。TheSEAF device 123 is specifically configured to generate a second key according to the RAND, the authentication response and a preset algorithm.

实施例16：Example 16:

在上述各实施例的基础上，本发明实施例还提供了一种电子设备，如图12所示，包括：处理器131、通信接口132、存储器133和通信总线134，其中，处理器131，通信接口132，存储器133通过通信总线134完成相互间的通信；On the basis of the foregoing embodiments, an embodiment of the present invention further provides an electronic device, as shown in FIG. 12 , including: aprocessor 131, acommunication interface 132, amemory 133, and acommunication bus 134, wherein theprocessor 131, Thecommunication interface 132 and thememory 133 complete the communication with each other through thecommunication bus 134;

所述存储器133中存储有计算机程序，当所述程序被所述处理器131执行时，使得所述处理器131执行上述实施例1-6所述的认证过程。A computer program is stored in thememory 133, and when the program is executed by theprocessor 131, theprocessor 131 is caused to perform the authentication process described in the foregoing embodiments 1-6.

本发明实施例提供的电子设备具体可以为桌面计算机、便携式计算机、智能手机、平板电脑、个人数字助理(Personal Digital Assistant，PDA)、网络侧设备等。The electronic device provided by the embodiment of the present invention may specifically be a desktop computer, a portable computer, a smart phone, a tablet computer, a personal digital assistant (Personal Digital Assistant, PDA), a network side device, and the like.

上述电子设备提到的通信总线可以是外设部件互连标准(Peripheral ComponentInterconnect，PCI)总线或扩展工业标准结构(Extended Industry StandardArchitecture，EISA)总线等。该通信总线可以分为地址总线、数据总线、控制总线等。为便于表示，图中仅用一条粗线表示，但并不表示仅有一根总线或一种类型的总线。The communication bus mentioned in the above electronic device may be a peripheral component interconnect standard (Peripheral Component Interconnect, PCI) bus or an Extended Industry Standard Architecture (Extended Industry Standard Architecture, EISA) bus or the like. The communication bus can be divided into an address bus, a data bus, a control bus, and the like. For ease of presentation, only one thick line is used in the figure, but it does not mean that there is only one bus or one type of bus.

通信接口132用于上述电子设备与其他设备之间的通信。Thecommunication interface 132 is used for communication between the aforementioned electronic device and other devices.

存储器可以包括随机存取存储器(Random Access Memory，RAM)，也可以包括非易失性存储器(Non-Volatile Memory，NVM)，例如至少一个磁盘存储器。可选地，存储器还可以是至少一个位于远离前述处理器的存储装置。The memory may include random access memory (Random Access Memory, RAM), and may also include non-volatile memory (Non-Volatile Memory, NVM), such as at least one disk memory. Optionally, the memory may also be at least one storage device located remotely from the aforementioned processor.

上述处理器可以是通用处理器，包括中央处理器、网络处理器(NetworkProcessor，NP)等；还可以是数字信号处理器(Digital Signal Processing，DSP)、专用集成电路、现场可编程门陈列或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件等。The above-mentioned processor may be a general-purpose processor, including a central processing unit, a network processor (Network Processor, NP), etc.; it may also be a digital signal processor (Digital Signal Processing, DSP), an application-specific integrated circuit, a field programmable gate array, or other Programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc.

实施例17：Example 17:

在上述各实施例的基础上，本发明实施例还提供了一种计算机存储可读存储介质，所述计算机可读存储介质内存储有可由电子设备执行的计算机程序，当所述程序在所述电子设备上运行时，使得所述电子设备执行时实现上述实施例1-6所述的认证过程。On the basis of the foregoing embodiments, embodiments of the present invention further provide a computer storage-readable storage medium, where a computer program executable by an electronic device is stored in the computer-readable storage medium. When running on an electronic device, the electronic device implements the authentication process described in Embodiments 1-6 when executed.

实施例18：Example 18:

在上述各实施例的基础上，本发明实施例还提供了一种电子设备，如图13所示，包括：处理器141、通信接口142、存储器143和通信总线144，其中，处理器141，通信接口142，存储器143通过通信总线144完成相互间的通信；On the basis of the foregoing embodiments, an embodiment of the present invention further provides an electronic device, as shown in FIG. 13 , including: aprocessor 141, acommunication interface 142, amemory 143, and acommunication bus 144, wherein theprocessor 141, Thecommunication interface 142 and thememory 143 complete the communication with each other through thecommunication bus 144;

所述存储器143中存储有计算机程序，当所述程序被所述处理器141执行时，使得所述处理器141执行上述实施例7-10所述的认证过程。A computer program is stored in thememory 143, and when the program is executed by theprocessor 141, theprocessor 141 is caused to perform the authentication process described in the foregoing embodiments 7-10.

本发明实施例提供的电子设备具体可以为桌面计算机、便携式计算机、智能手机、平板电脑、个人数字助理(Personal Digital Assistant，PDA)、网络侧设备等。The electronic device provided by the embodiment of the present invention may specifically be a desktop computer, a portable computer, a smart phone, a tablet computer, a personal digital assistant (Personal Digital Assistant, PDA), a network side device, and the like.

上述电子设备提到的通信总线可以是外设部件互连标准(Peripheral ComponentInterconnect，PCI)总线或扩展工业标准结构(Extended Industry StandardArchitecture，EISA)总线等。该通信总线可以分为地址总线、数据总线、控制总线等。为便于表示，图中仅用一条粗线表示，但并不表示仅有一根总线或一种类型的总线。The communication bus mentioned in the above electronic device may be a peripheral component interconnect standard (Peripheral Component Interconnect, PCI) bus or an Extended Industry Standard Architecture (Extended Industry Standard Architecture, EISA) bus or the like. The communication bus can be divided into an address bus, a data bus, a control bus, and the like. For ease of presentation, only one thick line is used in the figure, but it does not mean that there is only one bus or one type of bus.

通信接口142用于上述电子设备与其他设备之间的通信。Thecommunication interface 142 is used for communication between the aforementioned electronic device and other devices.

存储器可以包括随机存取存储器(Random Access Memory，RAM)，也可以包括非易失性存储器(Non-Volatile Memory，NVM)，例如至少一个磁盘存储器。可选地，存储器还可以是至少一个位于远离前述处理器的存储装置。The memory may include random access memory (Random Access Memory, RAM), and may also include non-volatile memory (Non-Volatile Memory, NVM), such as at least one disk memory. Optionally, the memory may also be at least one storage device located remotely from the aforementioned processor.

上述处理器可以是通用处理器，包括中央处理器、网络处理器(NetworkProcessor，NP)等；还可以是数字信号处理器(Digital Signal Processing，DSP)、专用集成电路、现场可编程门陈列或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件等。The above-mentioned processor may be a general-purpose processor, including a central processing unit, a network processor (Network Processor, NP), etc.; it may also be a digital signal processor (Digital Signal Processing, DSP), an application-specific integrated circuit, a field programmable gate array, or other Programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc.

实施例19：Example 19:

在上述各实施例的基础上，本发明实施例还提供了一种计算机存储可读存储介质，所述计算机可读存储介质内存储有可由电子设备执行的计算机程序，当所述程序在所述电子设备上运行时，使得所述电子设备执行时实现上述实施例7-10所述的认证过程。On the basis of the foregoing embodiments, embodiments of the present invention further provide a computer storage-readable storage medium, where a computer program executable by an electronic device is stored in the computer-readable storage medium. When running on an electronic device, the authentication process described in the foregoing Embodiments 7-10 is implemented when the electronic device is executed.

本发明公开了一种认证方法、装置、系统、设备及存储介质，所述方法包括：AUSF设备接收包含随机数RAND、认证令牌AUTN、期望的响应和会话根密钥的认证矢量，并获取加密密钥，采用所述加密密钥对所述会话根密钥进行加密，其中所述加密密钥根据期望的响应及预设的算法确定；向安全锚点功能SEAF设备发送包括RAND、AUTN和加密后的会话根密钥的5G-AIA消息，使所述SEAF设备接收到所述5G-AIA消息后，将所述RAND、AUTN发送给所述UE，并根据所述UE返回的认证响应采用所述预设的算法生成解密密钥，对所述加密后的会话根密钥进行解密；接收SEAF设备发送的5G认证确认5G-AC消息，确定所述SEAF设备完成对UE的认证，其中所述5G-AC消息为所述SEAF设备对所述加密后的会话根密钥解密成功后发送的。由于在本发明实施例中，AUSF设备获取根据期望的响应及预设的算法确定的加密密钥，采用所述加密密钥对所述会话根密钥进行加密，向SEAF设备发送包括加密后的会话根密钥的5G-AIA消息，SEAF设备根据UE返回的认证响应采用所述预设的算法生成解密密钥，对所述加密后的会话根密钥进行解密，避免了会话根密钥明文在AUSF设备和SEAF设备之间传输，增加了会话根密钥传输的安全性，保证了用户的通信安全，提高了用户体验。The invention discloses an authentication method, apparatus, system, equipment and storage medium. The method includes: an AUSF device receives an authentication vector including a random number RAND, an authentication token AUTN, an expected response and a session root key, and obtains Encryption key, using the encryption key to encrypt the session root key, wherein the encryption key is determined according to the expected response and the preset algorithm; send to the security anchor function SEAF device including RAND, AUTN and The encrypted 5G-AIA message of the session root key, so that after the SEAF device receives the 5G-AIA message, it sends the RAND and AUTN to the UE, and adopts the authentication response returned by the UE according to the UE. The preset algorithm generates a decryption key, and decrypts the encrypted session root key; receives a 5G authentication confirmation 5G-AC message sent by the SEAF device, and determines that the SEAF device has completed the authentication of the UE, wherein the The 5G-AC message is sent after the SEAF device successfully decrypts the encrypted session root key. In this embodiment of the present invention, the AUSF device obtains the encryption key determined according to the expected response and the preset algorithm, uses the encryption key to encrypt the session root key, and sends the encrypted data including the encrypted session root key to the SEAF device. The 5G-AIA message of the session root key, the SEAF device uses the preset algorithm to generate a decryption key according to the authentication response returned by the UE, and decrypts the encrypted session root key to avoid the session root key plaintext The transmission between the AUSF device and the SEAF device increases the security of the session root key transmission, ensures the user's communication security, and improves the user experience.

对于系统/装置实施例而言，由于其基本相似于方法实施例，所以描述的比较简单，相关之处参见方法实施例的部分说明即可。For the system/apparatus embodiment, since it is basically similar to the method embodiment, the description is relatively simple, and for related parts, please refer to the partial description of the method embodiment.

本领域内的技术人员应明白，本申请的实施例可提供为方法、系统、或计算机程序产品。因此，本申请可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且，本申请可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。As will be appreciated by those skilled in the art, the embodiments of the present application may be provided as a method, a system, or a computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.

本申请是参照根据本申请实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器，使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the present application. It will be understood that each flow and/or block in the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to the processor of a general purpose computer, special purpose computer, embedded processor or other programmable data processing device to produce a machine such that the instructions executed by the processor of the computer or other programmable data processing device produce Means for implementing the functions specified in a flow or flow of a flowchart and/or a block or blocks of a block diagram.

这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中，使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品，该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。These computer program instructions may also be stored in a computer-readable memory capable of directing a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory result in an article of manufacture comprising instruction means, the instructions The apparatus implements the functions specified in the flow or flow of the flowcharts and/or the block or blocks of the block diagrams.

这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上，使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理，从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded on a computer or other programmable data processing device to cause a series of operational steps to be performed on the computer or other programmable device to produce a computer-implemented process such that The instructions provide steps for implementing the functions specified in the flow or blocks of the flowcharts and/or the block or blocks of the block diagrams.

尽管已描述了本申请的优选实施例，但本领域内的技术人员一旦得知了基本创造性概念，则可对这些实施例做出另外的变更和修改。所以，所附权利要求意欲解释为包括优选实施例以及落入本申请范围的所有变更和修改。While the preferred embodiments of the present application have been described, additional changes and modifications to these embodiments may occur to those skilled in the art once the basic inventive concepts are known. Therefore, the appended claims are intended to be construed to include the preferred embodiment and all changes and modifications that fall within the scope of this application.

显然，本领域的技术人员可以对本发明进行各种改动和变型而不脱离本发明的精神和范围。这样，倘若本发明的这些修改和变型属于本发明权利要求及其等同技术的范围之内，则本发明也意图包含这些改动和变型在内。It will be apparent to those skilled in the art that various modifications and variations can be made in the present invention without departing from the spirit and scope of the invention. Thus, provided that these modifications and variations of the present invention fall within the scope of the claims of the present invention and their equivalents, the present invention is also intended to include these modifications and variations.

Claims (43)

1. An authentication method, applied to an authentication service function (AUSF) device, includes:

receiving an authentication vector containing a random number RAND, an authentication token AUTN, an expected response and a session root key, acquiring an encryption key, and encrypting the session root key by using the encryption key, wherein the encryption key is determined according to the expected response and a preset algorithm;

sending a 5G authentication start response 5G-AIA message comprising an RAND, an AUTN and an encrypted session root key to a security anchor point function SEAF device, so that the SEAF device sends the RAND and the AUTN to UE after receiving the 5G-AIA message, generates a decryption key by adopting the preset algorithm according to an authentication response returned by the UE, and decrypts the encrypted session root key;

and receiving a 5G authentication confirmation 5G-AC message sent by the SEAF equipment, and determining that the SEAF equipment completes the authentication of the UE, wherein the 5G-AC message is sent after the SEAF equipment successfully decrypts the encrypted session root key.

2. The method of claim 1, wherein the obtaining an encryption key comprises:

generating a first key according to an expected response contained in the authentication vector and a preset algorithm, and acquiring an encryption key according to the generated first key; or

Receiving a first key sent by an authentication credential storage and processing function (ARPF) device, and acquiring an encryption key according to the received first key, wherein the ARPF device generates the first key according to an expected response and a preset algorithm.

3. The method of claim 2, wherein obtaining an encryption key based on the first key comprises:

using the first key as an encryption key; or

And intercepting a first set length as an encryption key in the first key according to a preset first method.

4. The method of claim 2, wherein prior to sending a 5G-AIA message to a SEAF device comprising the RAND, AUTN, and encrypted session root key, the method further comprises:

obtaining a first sub-expected response;

the sending the 5G-AIA message including the RAND, the AUTN and the encrypted session root key to the SEAF device includes:

sending a 5G-AIA message to the SEAF device including the RAND, the AUTN, the first sub-expected response, and the encrypted session root key.

5. The method of claim 4, wherein the obtaining the first sub-expected response comprises:

generating a first hash value according to the RAND, the expected response, the session root key and a preset first hash algorithm; intercepting a second set length from the first hash value as a first sub-expected response according to a preset second method; or

And intercepting a third set length as a first sub-expected response in the first secret key according to a preset third method.

6. The method of claim 2, wherein prior to receiving the 5G authentication confirmation message sent by the SEAF device, the method further comprises:

obtaining a second sub-expected response;

receiving a 5G-AC message sent by a SEAF device, and determining that the SEAF device completes authentication on UE comprises:

and receiving a 5G-AC message which is sent by the SEAF equipment and contains a second sub-response, verifying the second sub-response according to the second sub-expected response, and determining that the SEAF equipment completes the authentication of the UE if the verification is passed.

7. The method of claim 6, wherein the obtaining a second sub-expected response comprises:

generating a second hash value according to the RAND, the expected response, the session root key and a preset second hash algorithm; intercepting a fourth set length from the second hash value as a second sub-expected response according to a preset fourth method; or

And intercepting a fifth set length as a second sub-expected response in the first key according to a preset fifth method.

8. The method of any of claims 2-7, wherein generating the first key based on the expected response and a predetermined algorithm comprises:

and generating a first secret key according to the RAND, the expected response and a preset algorithm.

9. An authentication method applied to a secure anchor function (SEAF) device, the method comprising:

receiving a 5G authentication start response 5G-AIA message which is sent by AUSF equipment and comprises a random number RAND, an authentication token AUTN and an encrypted session root key, and sending the RAND and the AUTN to UE, wherein the encrypted session root key in the 5G-AIA message is that the AUSF equipment receives an authentication vector which comprises the random number RAND, the authentication token AUTN, an expected response and the session root key and is determined according to the expected response and a preset algorithm;

receiving an authentication response returned by the UE, determining a decryption key according to the authentication response and the preset algorithm, and decrypting the encrypted session root key;

and if the encrypted session root key is decrypted successfully, sending a 5G authentication confirmation 5G-AC message to the AUSF device.

10. The method of claim 9, wherein the determining a decryption key according to the authentication response and the predetermined algorithm comprises:

generating a second key according to the authentication response and a preset algorithm, and taking the second key as a decryption key; or

And generating a second key according to the authentication response and a preset algorithm, and intercepting a first set length as a decryption key in the second key according to a preset first method.

11. The method of claim 10, wherein receiving the 5G-AIA message sent by the AUSF device containing the RAND, the AUTN, and the encrypted session root key comprises:

receiving a 5G-AIA message which is sent by AUSF equipment and contains RAND, AUTN, a first sub-expected response and an encrypted session root key;

before the sending the 5G-AC message to the AUSF device, the method further includes:

acquiring a first sub-response;

and verifying the first sub-response according to the first sub-expected response, and if the verification is passed, performing subsequent steps.

12. The method of claim 11, wherein the obtaining the first sub-response comprises:

generating a first check hash value according to the RAND, the authentication response, the session root key and a preset first hash algorithm; according to a preset second method, intercepting a second set length from the first check hash value as a first sub-response; or

And intercepting a third set length as a first sub-response in the second secret key according to a preset third method.

13. The method of claim 10, wherein prior to the sending of the 5G-AC message to the AUSF device, the method further comprises:

acquiring a second sub-response;

the sending the 5G-AC message to the AUSF device includes:

and sending a 5G-AC message containing the second sub-response to the AUSF equipment.

14. The method of claim 13, wherein the obtaining a second sub-response comprises:

generating a second check hash value according to the RAND, the authentication response, the session root key and a preset second hash algorithm; according to a preset fourth method, intercepting a fourth set length from the second check hash value as a second sub-response; or

And intercepting a fifth set length as a second sub-response in the second secret key according to a preset fifth method.

15. The method of any of claims 10-14, wherein generating the second key based on the authentication response and a predetermined algorithm comprises:

and generating a second secret key according to the RAND, the authentication response and a preset algorithm.

16. An authentication apparatus, applied to an authentication service function, AUSF, device, the apparatus comprising:

the encryption module is used for receiving an authentication vector containing a random number RAND, an authentication token AUTN, an expected response and a session root key, acquiring an encryption key, and encrypting the session root key by adopting the encryption key, wherein the encryption key is determined according to the expected response and a preset algorithm;

a sending module, configured to send a 5G authentication initiation response 5G-AIA message including an RAND, an AUTN, and an encrypted session root key to a security anchor point function SEAF device, so that the SEAF device sends the RAND and the AUTN to a UE after receiving the 5G-AIA message, and generates a decryption key according to an authentication response returned by the UE by using the preset algorithm, and decrypts the encrypted session root key;

and the receiving determining module is used for receiving a 5G authentication confirmation 5G-AC message sent by the SEAF equipment and determining that the SEAF equipment completes the authentication of the UE, wherein the 5G-AC message is sent after the SEAF equipment successfully decrypts the encrypted session root key.

17. An authentication apparatus, applied to a security anchor function SEAF device, the apparatus comprising:

a transceiver module, configured to receive a 5G-AIA message sent by an au sf device and including a random number RAND, an authentication token AUTN, and an encrypted session root key, and send the RAND and the AUTN to a UE, where the encrypted session root key in the 5G-AIA message is determined by the au sf device receiving an authentication vector including the random number RAND, the authentication token AUTN, an expected response, and a session root key, and according to the expected response and a preset algorithm;

the receiving decryption module is used for receiving the authentication response returned by the UE, determining a decryption key according to the authentication response and the preset algorithm, and decrypting the encrypted session root key;

and the sending module is used for sending a 5G authentication confirmation 5G-AC message to the AUSF device if the encrypted session root key is decrypted successfully.

18. An AUSF device comprising a memory, a processor, and a transceiver;

the processor is used for reading the program in the memory and executing the following processes: receiving an authentication vector containing a random number RAND, an authentication token AUTN, an expected response and a session root key through a transceiver, acquiring an encryption key, and encrypting the session root key by using the encryption key, wherein the encryption key is determined according to the expected response and a preset algorithm; sending a 5G authentication start response 5G-AIA message comprising an RAND, an AUTN and an encrypted session root key to a security anchor point function SEAF device, so that the SEAF device sends the RAND and the AUTN to UE after receiving the 5G-AIA message, generates a decryption key by adopting the preset algorithm according to an authentication response returned by the UE, and decrypts the encrypted session root key; and receiving a 5G authentication confirmation message 5G-AC sent by the SEAF equipment, and determining that the SEAF equipment completes the authentication of the UE, wherein the 5G-AC is sent after the SEAF equipment successfully decrypts the encrypted session root key.

19. The AUSF device of claim 18, wherein the processor is specifically configured to generate a first key according to an expected response included in the authentication vector and a predetermined algorithm, and obtain an encryption key according to the generated first key; or receiving a first key sent by an ARPF (authentication, authorization and accounting) device, and acquiring an encryption key according to the received first key, wherein the ARPF device generates the key according to an expected response and a preset algorithm.

20. The AUSF device of claim 19, wherein the processor is specifically configured to use the first key as a ciphering key; or intercepting a first set length as an encryption key in the first key according to a preset first method.

21. The AUSF device of claim 19, wherein the processor is further configured to obtain a first sub-expected response; sending, by the transceiver, a 5G-AIA message to the SEAF device including the RAND, the AUTN, the first sub-expected response, and the encrypted session root key.

22. The AUSF device of claim 21, wherein the processor is specifically configured to generate a first hash value based on the RAND, an expected response, a session root key, and a preset first hash algorithm; intercepting a second set length from the first hash value as a first sub-expected response according to a preset second method; or intercepting a third set length as a first sub-expected response in the key according to a preset third method.

23. The AUSF device of claim 19, wherein the processor is further configured to obtain a second sub-expected response; and receiving a 5G-AC message which is sent by the SEAF equipment and contains a second sub-response through the transceiver, verifying the second sub-response according to the second sub-expected response, and determining that the SEAF equipment completes the authentication of the UE if the verification is passed.

24. The AUSF device of claim 23, wherein the processor is specifically configured to generate a second hash value based on the RAND, an expected response, a session root key, and a preset second hash algorithm; intercepting a fourth set length from the second hash value as a second sub-expected response according to a preset fourth method; or intercepting a fifth set length as a second sub-expected response in the key according to a preset fifth method.

25. The AUSF device of any one of claims 19-24, wherein the processor is specifically configured to generate a first key based on the RAND, the expected response, and a predetermined algorithm.

26. A secure anchor function SEAF device, comprising: a memory, a processor, and a transceiver;

the processor is used for reading the program in the memory and executing the following processes: receiving, by a transceiver, a 5G authentication initiation response 5G-AIA message including a random number RAND, an authentication token AUTN, and an encrypted session root key, which is sent by an authentication service function AUSF device, sending the RAND and the AUTN to a UE, where the encrypted session root key in the 5G-AIA message is, and the AUSF device receives an authentication vector including the random number RAND, the authentication token AUTN, an expected response, and the session root key, and determines the authentication vector according to the expected response and a preset algorithm; receiving an authentication response returned by the UE, determining a decryption key according to the authentication response and the preset algorithm, and decrypting the encrypted session root key; and if the encrypted session root key is decrypted successfully, sending a 5G authentication confirmation 5G-AC message to the AUSF device.

27. The SEAF device of claim 26, wherein the processor is specifically configured to generate a second key according to the authentication response and a predetermined algorithm, and use the second key as a decryption key; or generating a second key according to the authentication response and a preset algorithm, and intercepting a first set length in the second key as a decryption key according to a preset first method.

28. The SEAF device of claim 27, wherein the processor is specifically configured to receive, via the transceiver, a 5G-AIA message sent by the AUSF device containing the RAND, the AUTN, the first sub-expected response, and the encrypted session root key; acquiring a first sub-response; and verifying the first sub-response according to the first sub-expected response, and if the verification is passed, performing subsequent steps.

29. The SEAF device of claim 28, wherein the processor is specifically configured to generate a first check hash value based on the RAND, an authentication response, a session root key, and a preset first hash algorithm; according to a preset second method, intercepting a second set length from the first check hash value as a first sub-response; or intercepting a third set length as a first sub-response in the second key according to a preset third method.

30. The SEAF device of claim 27, wherein the processor is further configured to obtain a second sub-response; transmitting, by a transceiver, a 5G-AC message including the second sub-response to the AUSF device.

31. The SEAF device of claim 30, wherein the processor is further configured to generate a second check hash value based on the RAND, an authentication response, a session root key, and a predetermined second hash algorithm; according to a preset fourth method, intercepting a fourth set length from the second check hash value as a second sub-response; or intercepting a fifth set length as a second sub-response in the second key according to a preset fifth method.

32. The SEAF device of any one of claims 27-31, wherein the processor is specifically configured to generate a second key based on the RAND, the authentication response, and a predetermined algorithm.

33. An authentication system, characterized in that the authentication system comprises a UE, an authentication service function AUSF device and a security anchor point function SEAF device; wherein,

the AUSF equipment is used for receiving an authentication vector containing a random number RAND, an authentication token AUTN, an expected response and a session root key, acquiring an encryption key, and encrypting the session root key by adopting the encryption key, wherein the encryption key is determined according to the expected response and a preset algorithm; sending a 5G authentication start response 5G-AIA message comprising the RAND, the AUTN and the encrypted session root key to the SEAF equipment;

the SEAF equipment is used for receiving a 5G-AIA message which is sent by AUSF equipment and comprises a RAND (random access network), an AUTN (autonomous integrity network) and an encrypted session root key, and sending the RAND and the AUTN to the UE;

the UE is used for receiving the RAND and the AUTN sent by the SEAF equipment, generating an authentication response according to the RAND and the AUTN, and sending the authentication response to the SEAF equipment;

the SEAF equipment is further configured to receive an authentication response returned by the UE, determine a decryption key according to the authentication response and the preset algorithm, and decrypt the encrypted session root key; if the encrypted session root key is decrypted successfully, a 5G authentication confirmation 5G-AC message is sent to the AUSF device;

the AUSF equipment is further configured to receive a 5G-AC message sent by the SEAF equipment, and determine that the SEAF equipment completes authentication on the UE.

34. The system according to claim 33, wherein the AUSF device is specifically configured to generate a first key according to an expected response included in the authentication vector and a predetermined algorithm, and obtain an encryption key according to the generated first key; or receiving a first key sent by an ARPF (authentication, authorization and accounting) device, and acquiring an encryption key according to the received first key, wherein the ARPF device generates the key according to an expected response and a preset algorithm; wherein obtaining an encryption key from the first key comprises: using the first key as an encryption key; or intercepting a first set length as an encryption key in the first key according to a preset first method;

the SEAF device is specifically configured to generate a second key according to the authentication response and a preset algorithm, and use the second key as a decryption key; or generating a second key according to the authentication response and a preset algorithm, and intercepting a first set length in the second key as a decryption key according to a preset first method.

35. The system of claim 34, wherein the AUSF device is further configured to obtain a first sub-expected response; sending a 5G-AIA message including the RAND, the AUTN, the first sub-expected response and the encrypted session root key to the SEAF device;

the SEAF device is specifically configured to receive a 5G-AIA message that includes the RAND, the AUTN, the first sub-expected response, and the encrypted session root key and is sent by the AUSF device; acquiring a first sub-response; and verifying the first sub-response according to the first sub-expected response, and if the first sub-response passes the verification, sending a 5G-AC message to the AUSF device.

36. The system according to claim 35, wherein the AUSF device is specifically configured to generate a first hash value based on the RAND, the expected response, a session root key, and a preset first hash algorithm; intercepting a second set length from the first hash value as a first sub-expected response according to a preset second method; or intercepting a third set length as a first sub-expected response in the secret key according to a preset third method;

the SEAF device is specifically configured to generate a first check hash value according to the RAND, the authentication response, the session root key and a preset first hash algorithm; according to a preset second method, intercepting a second set length from the first check hash value as a first sub-response; or intercepting a third set length as a first sub-response in the second key according to a preset third method.

37. The system of claim 36, wherein the AUSF device is further configured to obtain a second sub-expected response;

the SEAF equipment is also used for acquiring a second sub-response; sending a 5G authentication confirmation message containing the second sub-response to the AUSF equipment;

the AUSF device is specifically configured to receive a 5G authentication confirmation message including a second sub-response sent by the SEAF device, verify the second sub-response according to the second sub-expected response, and determine that the SEAF device completes authentication of the UE if the verification passes.

38. The system according to claim 37, wherein the AUSF device is specifically configured to generate a second hash value based on the RAND, the expected response, a session root key, and a preset second hash algorithm; intercepting a fourth set length from the second hash value as a second sub-expected response according to a preset fourth method; or intercepting a fifth set length as a second sub-expected response in the secret key according to a preset fifth method;

the SEAF device is specifically configured to generate a second check hash value according to the RAND, the authentication response, the session root key and a preset second hash algorithm; according to a preset fourth method, intercepting a fourth set length from the second check hash value as a second sub-response; or intercepting a fifth set length as a second sub-response in the second key according to a preset fifth method.

39. The system according to any of claims 34-38, wherein said AUSF device, in particular for generating a first key based on said RAND, said expected response and a predetermined algorithm;

the SEAF device is specifically configured to generate a second key according to the RAND, the authentication response, and a preset algorithm.

40. An electronic device, comprising: the system comprises a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory complete mutual communication through the communication bus;

the memory has stored therein a computer program which, when executed by the processor, causes the processor to carry out the steps of the method of any of claims 1-8.

41. An electronic device, comprising: the system comprises a processor, a communication interface, a memory and a communication bus, wherein the processor, the communication interface and the memory complete mutual communication through the communication bus;

the memory has stored therein a computer program which, when executed by the processor, causes the processor to carry out the steps of the method of any of claims 9-15.

42. A computer-readable storage medium, having stored thereon a computer program executable by an electronic device, for causing the electronic device to perform the steps of the method of any one of claims 1-8, when the program is run on the electronic device.

43. A computer-readable storage medium, having stored thereon a computer program executable by an electronic device, for causing the electronic device to perform the steps of the method of any one of claims 9-15, when the program is run on the electronic device.

Images