CN119277371A - A communication method and a communication device - Google Patents

Abstract

A communication method and a communication device, the method comprising: obtaining a first parameter and a first key, the first key corresponding to a plurality of terminal devices in a group to which the terminal device belongs, and a combination of the first parameter and the first key uniquely corresponding to the terminal device; generating a message authentication code MAC according to the first parameter and the first key; sending the MAC to a network device, the MAC being used by the network device to authenticate the terminal device. The first key used for the terminal device to generate the MAC corresponds to a plurality of terminal devices, that is, the plurality of terminal devices can share the same key, thereby reducing the cost of the network device managing the keys of the terminal devices.

Description

Communication method and communication device

Technical Field

The present application relates to the field of security management technology, and more particularly, to a communication method and a communication apparatus.

Background

Radio frequency identification, or radio frequency identification technology (radio frequency identification, RFID), is an automatic identification technology. The technology can perform non-contact bidirectional data communication in a wireless radio frequency mode, and perform read operation or write operation on a recording medium (such as an electronic tag or a radio frequency card), so as to achieve the purposes of identifying a target and exchanging data.

The RFID system may include a tag, a reader, and a radio frequency communication channel between the tag and the reader. The tag can have lower complexity and smaller overall dimension, so that the RFID system has wider application range, long service life and larger advantage in power consumption. However, the read range of RFID is limited, which results in a long time consuming operation. Thus, it is difficult for RFID to achieve a seamlessly covered large-scale network with densely deployed tags.

As can be seen, the RFID system cannot meet the requirements of trillion-level wide area coverage of the future internet of things at present, so that new internet of things technology is urgently needed to support an order of magnitude higher number of device connections and/or device density than the existing internet of things, and new use cases and scenes in the future internet of things are realized. As the number of devices is developed towards the billions level, new internet of things technology is faced with the problem that the management cost of device information is increased dramatically.

Disclosure of Invention

The embodiment of the application provides a communication method which can reduce the cost of managing the secret key of the terminal equipment by the network equipment.

In a first aspect, a communication method is provided, which may be performed by a terminal device, or may also be performed by a component part (e.g., a chip or a circuit) of the terminal device, which is not limited.

The method comprises the steps of obtaining a first parameter and a first key, wherein the first key corresponds to a plurality of terminal devices in a group to which the terminal device belongs, the combination of the first parameter and the first key uniquely corresponds to the terminal device, generating a Message Authentication Code (MAC) according to the first parameter and the first key, and sending the MAC to network devices, wherein the MAC is used for authenticating the terminal device by the network devices.

According to the communication method provided by the application, the first key used by the terminal equipment for generating the MAC is in the form of a group key, namely one or more terminal equipment can be preconfigured with the same key, or the first key can correspond to a number segment to which the identifier of the terminal equipment belongs, and one or more terminal equipment is included in the number segment, so that each terminal equipment is prevented from corresponding to one key, and the cost of managing the key of the terminal equipment by the network equipment is reduced.

With reference to the first aspect, in some possible implementations, the combination of the first parameter and the first key uniquely corresponds to the terminal device, including generating a second key according to the first parameter and the first key uniquely corresponds to the terminal device, and generating a message authentication code MAC according to the first parameter and the first key includes generating the MAC according to the second key and the first parameter.

Based on the above technical scheme, when the terminal device generates the MAC according to the first key and the first parameter, the terminal device may generate the second key according to the first key and the first parameter, and then generate the MAC according to the second key and the first parameter. The key used by the MAC generated by the terminal equipment is a new key determined by the terminal equipment according to the preset keys corresponding to the plurality of terminal equipment and the first parameters of the network equipment, and the MAC is not directly generated according to the first key, so that an attacker is prevented from easily acquiring the key used by the terminal equipment for authentication, and the communication safety is further ensured.

With reference to the first aspect, in some possible implementations, the generating the message authentication code MAC according to the first parameter and the first key includes generating the MAC according to the first parameter, the first key, and a second parameter, the second parameter being from an access network device, or the second parameter being from the network device.

With reference to the first aspect, in some possible implementations, the combination of the first parameter and the first key uniquely corresponds to the terminal device, including generating a second key based on the first parameter and the first key uniquely corresponds to the terminal device, and generating the MAC based on the first parameter.

Based on the above technical solution, the MAC of the terminal device is generated according to the second parameter and the second key, the second key is determined according to the first key and the first parameter, and the second key uniquely corresponds to the terminal device. Wherein the key (second key) used by the terminal device to generate the MAC is a new key determined by the terminal device according to the key (first key) preconfigured by the network device and corresponding to the plurality of terminal devices and the first parameter, and the MAC is not directly generated according to the first key. Meanwhile, the terminal equipment generates the MAC by adopting the second parameter and the second key from the access network equipment or the network equipment, so that an attacker is prevented from easily acquiring the key used for authentication of the terminal equipment, and the communication safety is further ensured.

With reference to the first aspect, in some possible implementations, the acquiring the first parameter includes receiving the first parameter from an access network device.

It should be understood that the first parameter may be a parameter generated by the access network device itself, and the access network device sends the generated first parameter to the terminal device, for the terminal device to generate the MAC.

With reference to the first aspect, in some possible implementations, before the receiving the first parameter from the access network device, the method further includes sending a message to the access network device requesting access to the access network device, and the obtaining the first parameter includes receiving an access response message from the access network device, where the access response message includes the first parameter.

It will be appreciated that the terminal device may also send a message to the access network device requesting access to the access network device before the terminal device receives the first parameter from the access network device, which message may be used to trigger the access network device to send the first parameter to the terminal device.

Based on the technical scheme, in the process that the terminal equipment requests to access the access network equipment, the access network equipment sends a first parameter for generating the MAC to the terminal equipment, and the first parameter can be contained in the access response information sent by the access network equipment to the terminal equipment, so that the communication overhead in the authentication process of the terminal equipment is reduced, and the authentication cost of the terminal equipment is saved.

With reference to the first aspect, in some possible implementations, before the sending, to the access network device, a message for requesting access to the access network device, the method further includes receiving an excitation signal from the access network device, where the excitation signal is used to provide energy for the terminal device.

It will be appreciated that when the terminal device is a passive terminal device, or a semi-passive terminal device, the access network device may first send an excitation signal to the terminal device to power the terminal device.

With reference to the first aspect, in some possible implementations, the request message for requesting access to the access network device is a random access request message, and the obtaining the first parameter includes receiving a random access response message from the access network device, where the random access response message includes the first parameter.

Based on the above technical solution, when the terminal device requests the access network device to be a random access procedure, the access network device sends a first parameter for generating the MAC to the terminal device, where the first parameter may be included in a random access response message. The access network equipment can configure the first parameter for the terminal equipment in the random access process, so that the communication overhead in the authentication process of the terminal equipment is reduced, and the authentication cost of the terminal equipment is saved.

With reference to the first aspect, in some possible implementation manners, the method further includes sending, to the network device, a first identifier of the terminal device, where the first identifier is used to determine the first key corresponding to the group to which the terminal device belongs when the network device authenticates the terminal device.

In one possible implementation, the first identification of the terminal device may be an identity (identity document, ID) of the terminal device.

Based on the technical scheme, the terminal equipment sends the first identifier to the network equipment, and after the network equipment receives the first identifier of the terminal equipment, the network equipment determines the first key corresponding to the terminal equipment according to the key stored by the network equipment and the first identifier, and further authenticates the terminal equipment.

With reference to the first aspect, in some possible implementation manners, the method further includes sending the first parameter to the network device, or sending a second identifier of the terminal device to the access network device, where the second identifier is used by the access network device to determine the first parameter.

It should be understood that the first parameter acquired by the terminal device is from the access network device, and the terminal device may send the first parameter to the network device for authentication of the terminal device by the network device.

In one possible implementation manner, the access network device may record a correspondence between the first parameter and the terminal device according to the second identifier of the terminal device. The terminal equipment sends a second identifier of the terminal equipment to the access network equipment, the access network equipment can determine a first parameter through the second identifier, and the first parameter is sent to the network equipment for authentication of the terminal equipment by the network equipment.

It will be appreciated that the second identity of the terminal device may be a temporary identity determined by the access network device for identifying the terminal device, e.g. a cell radio network temporary identifier (cell radio network temporary identifier, C-RNTI), a temporary cell radio network temporary identifier (temporarycell radio network temporary identifier, TC-RNTI/T-CRNTI).

With reference to the first aspect, in some possible implementation manners, the method further includes sending the second parameter to the network device, or sending a second identifier of the terminal device to the access network device, where the second identifier is used by the access network device to determine the second parameter.

With reference to the first aspect, in some possible implementations, the first parameter is a random number, or the first parameter is a first identifier of the terminal device.

It should be understood that the combination of the first parameter and the first key corresponds uniquely to the terminal device, wherein a plurality of terminal devices may configure the first key, but the first parameter is in a one-to-one correspondence with the terminal device. The first parameter may be a random number (Rand, or nonce), or the first parameter may be a first identification of the terminal device.

It should also be understood that the first parameter may also be a C-RNTI, which can be used to generate a MAC of the terminal device, through which the access network device may also record a correspondence between identities of the terminal device.

In a second aspect, a communication method is provided, which may be performed by the first network element, or may be performed by a chip or a circuit configured in the first network element, which is not limited by the present application. For convenience, the following description will be given with the first network element implementation example.

The method comprises the steps of receiving a first Message Authentication Code (MAC) from a terminal device, wherein the first MAC is generated according to a first parameter and a first key, the first key corresponds to a plurality of terminal devices in a group to which the terminal device belongs, the combination of the first parameter and the first key uniquely corresponds to the terminal device, acquiring a third key, the third key is identical to the first key, or the third key is generated according to the first key and the first parameter, generating a second MAC according to the third key, and authenticating the terminal device according to the second MAC and the first MAC.

It should be understood that the third key may be a key of a corresponding terminal device pre-stored by the network device, i.e. the first key is identical to the third key, and the third key may also be a key generated according to the first key and the first parameter, i.e. the third key is different from the first key.

According to the technical scheme provided by the application, after the network equipment receives the first MAC from the terminal equipment, the network equipment needs to determine the second MAC, and the terminal equipment is authenticated. The first MAC is determined according to the first key and the first parameter, the first key corresponds to a plurality of terminal devices, namely, the key type of the terminal device stored at the network device is in the form of a group key, namely, one key can correspond to a plurality of terminal devices, so that the cost of managing the keys of the terminal devices by the network device is reduced.

With reference to the second aspect, in some possible implementations, the obtaining the third key includes receiving the third key from a storage network element, where the storage network element is configured to store a correspondence between the group to which the terminal device belongs and the first key.

It will be appreciated that when the network element (e.g. the first network element) used to authenticate the terminal device does not have the capability of storing the network element, that is, the third key needs to be retrieved from the storing network element for further authentication of the terminal device.

With reference to the second aspect, in some possible implementations, before the receiving the third key from the storage network element, the method further includes obtaining an identifier of the terminal device, and sending the identifier of the terminal device to the storage network element, where the identifier of the terminal device is used by the storage network element to determine the first key corresponding to the group to which the terminal device belongs.

Based on the above technical solution, when the first network element does not have the capability of storing the network element, or when the first network element is not preconfigured with the first key corresponding to the terminal device, the first network element needs to acquire the third key from the storing network element, and generate the second MAC. The first network element needs to send the identifier of the terminal device to the storage network element, so that the storage network element can accurately determine the first key corresponding to the group to which the terminal device belongs, and further generates the first MAC according to the third key to authenticate the terminal device, thereby improving authentication accuracy.

With reference to the second aspect, in some possible implementations, the third key is generated according to the first key and the first parameter, and before the third key is received from the storage network element, the method further includes obtaining the first parameter, and sending the first parameter to the storage network element, where the first parameter is used by the storage network element to generate the third key according to the first key.

It should be understood that where the first parameter is generated for the access network device, the first MAC of the terminal device is generated based on the first parameter, i.e. the first parameter needs to be acquired by the network device when authenticating the terminal device, and sent from the storage network element for determining the third key.

With reference to the second aspect, in some possible implementations, the third key is generated according to the first key and the first parameter, before the third key is obtained, the method includes obtaining an identifier of the terminal device and the first parameter, sending the identifier of the terminal device to a storage network element, where the identifier of the terminal device is used by the storage network element to determine the first key corresponding to a group to which the terminal device belongs, receiving the first key from the storage network element, and obtaining the third key includes generating the third key according to the first key and the first parameter.

It should be understood that the first network element obtains the first key corresponding to the terminal device from the storage network element according to the identifier of the terminal device, the first network element determines the third key according to the first key and the first parameter, the storage network element does not need to determine the third key according to the first key and the first parameter, and the first network element determines the third key according to the first key and the first parameter.

With reference to the second aspect, in some possible implementations, the first MAC is generated according to the first parameter, the first key, and the second parameter, and the method further includes obtaining the second parameter, and the generating the second MAC according to the third key includes generating the second MAC according to the third key and the second parameter.

With reference to the second aspect, in some possible implementations, acquiring the second parameter includes receiving the second parameter from the access network device.

With reference to the second aspect, in some possible implementations, before the receiving the first message authentication code MAC from the terminal device, the method further includes sending the second parameter to the terminal device.

With reference to the second aspect, in some possible implementations, the first parameter is a random number, or the first parameter is an identification of the terminal device.

With reference to the second aspect, in some possible implementations, before receiving the first message authentication code MAC from the terminal device, the method further includes receiving a message from an application function network element for requesting to inventory the terminal device, sending the message for requesting to inventory the terminal device to an access network device, where the access network device provides services for the terminal device, and sending an identifier of the terminal device to the application function network element, where the authentication is successful, where the identifier of the terminal device is used to inventory the terminal device.

With reference to the second aspect, in some possible implementation manners, the method may further include the first network element receiving first indication information from the access network device, where the first indication information is used to indicate that the access network device successfully allocates the first number of first parameters.

It should be appreciated that the first indication information is used for counting and rechecking by the network device during the key authentication phase.

In a third aspect, a communication method is provided, which may be performed by an access network device, or may also be performed by a chip or a circuit configured in the access network device, which is not limited by the present application. For convenience, the following description will be given by taking an access network device implementation as an example.

The method comprises the following steps:

The method comprises the steps of receiving a Message Authentication Code (MAC) from a terminal device, wherein the MAC is generated by the terminal device according to the first key and the first parameter, sending the MAC to a network device, and the MAC is used for authenticating the terminal device by the network device.

According to the communication method provided by the application, the first key used by the terminal equipment for generating the MAC is in the form of a group key, namely one or more terminal equipment can be preconfigured with the same key, or the first key can correspond to a number segment to which the identifier of the terminal equipment belongs, and one or more terminal equipment is included in the number segment, so that each terminal equipment is prevented from corresponding to one key, and the key management cost of the network equipment to the terminal equipment is reduced.

With reference to the third aspect, in some possible implementations, before the first parameter is sent to the terminal device, the method further includes generating the first parameter, and the method further includes sending the first parameter to the network device.

It should be appreciated that the first parameter may be sent by the access network device to the network device before the access network device sends the MAC to the network device, or may be sent by the access network device to the network device simultaneously with the access network device sending the MAC to the network device.

With reference to the third aspect, in some possible implementations, before the first parameter is sent to the network device, the method further includes receiving an identifier from the terminal device, determining the first parameter according to a correspondence between the identifier of the terminal device and the first parameter, or receiving the first parameter from the terminal device.

It should be understood that the access network device receives the first parameter from the terminal device and forwards the first parameter to the network device, or the access network device determines the first parameter according to the received identifier of the terminal and the corresponding relationship between the identifier of the terminal device and the first parameter recorded by the access network device and sends the first parameter to the network device.

With reference to the third aspect, in some possible implementations, the method further includes sending a second parameter to the terminal device, where the second parameter is used to generate the MAC.

With reference to the third aspect, in some possible implementations, before the sending of the second parameter to the terminal device, the method further includes receiving the second parameter from the network device.

It should be understood that the second parameter used by the terminal device to generate the MAC may be generated by the network device, i.e. the access network device receives the second parameter from the network device first and forwards the second parameter to the terminal device for the terminal device to generate the MAC.

With reference to the third aspect, in some possible implementations, before the second parameter is sent to the terminal device, the method further includes generating the second parameter, and the method further includes sending the second parameter to the network device.

It should be understood that the second parameter used by the terminal device to generate the MAC may be generated by the access network device, i.e. the access network device sends the second parameter determined by itself to the terminal device for the terminal device to generate the MAC. The access network device also needs to send the second parameter to the network device for the network device to authenticate the terminal device.

With reference to the third aspect, in some possible implementations, before the first parameter is sent to the terminal device, the method further includes receiving a request message from the terminal device for requesting access to the access network device, and the sending the first parameter to the terminal device includes sending an access response message to the terminal device, where the access response message includes the first parameter.

Based on the technical scheme, in the process that the terminal equipment requests to access the access network equipment, the access network equipment sends a first parameter for generating the MAC to the terminal equipment, and the first parameter can be contained in the access response information sent by the access network equipment to the terminal equipment, so that the communication overhead in the authentication process of the terminal equipment is reduced, and the authentication cost of the terminal equipment is saved.

With reference to the third aspect, in some possible implementations, before the receiving a request message from the terminal device for requesting access to the access network device, the method further includes sending an excitation signal to the terminal device, the excitation signal being used to provide energy to the terminal device.

With reference to the third aspect, in some possible implementations, the request message for requesting access to the access network device is a random access request message, and the sending of the first parameter to the terminal device includes sending a random access response message to the terminal device, where the random access response message includes the first parameter.

Based on the above technical solution, when the terminal device requests the access network device to be a random access procedure, the access network device sends a first parameter for generating the MAC to the terminal device, where the first parameter may be included in a random access response message. The access network equipment can configure the first parameter for the terminal equipment in the random access process, so that the communication overhead in the authentication process of the terminal equipment is reduced, and the authentication cost of the terminal equipment is saved.

With reference to the third aspect, in some possible implementation manners, the method may further include sending, by the access network device, first indication information to the first network element, where the first indication information is used to indicate that the access network device successfully allocates the first number of first parameters.

It should be appreciated that the first indication information is used for counting and rechecking by the network device during the key authentication phase.

In a fourth aspect, a communication method is provided, the method comprising the steps of sending, by an access network device, a first parameter to a terminal device, the combination of the first parameter and a first key corresponding to the terminal device uniquely, the first key corresponding to a plurality of terminal devices in a group to which the terminal device belongs, receiving, by the access network device, a first message authentication code MAC from the terminal device, the first MAC being generated by the terminal device according to the first key and the first parameter, the first key corresponding to a plurality of terminal devices in the group to which the terminal device belongs, the combination of the first parameter and the first key corresponding to the terminal device uniquely, sending, by the access network device, the first MAC of the terminal device to a first network element, the first MAC being generated according to the first parameter and the first key, the second key being the same as the first key, or the second key being generated according to the first key and the first parameter, the first network element generating a second MAC according to the second key, the first network element authenticating the terminal device according to the second MAC and the first key.

It will be appreciated that the first network element may perform the steps of the method provided in the second aspect described above and that the access network device may be adapted to perform the steps of the method provided in the third aspect described above.

In a fifth aspect, a communication apparatus is provided, the apparatus including a processing module configured to obtain a first parameter and a first key, where the first key corresponds to a plurality of terminal devices in a group to which the terminal device belongs, and a combination of the first parameter and the first key uniquely corresponds to the terminal device, the processing module further configured to generate a message authentication code MAC according to the first parameter and the first key, and a transceiver module configured to send the MAC to a network device, where the MAC is used for authenticating the terminal device by the network device.

The transceiver module may perform the processing of the receiving and transmitting in the foregoing first aspect, and the processing module may perform other processing than the receiving and transmitting in the foregoing first aspect.

In a sixth aspect, a communication apparatus is provided, including a transceiver module configured to receive a first message authentication code MAC from a terminal device, where the first MAC is generated according to a first parameter and a first key, where the first key corresponds to a plurality of terminal devices in a group to which the terminal device belongs, and a combination of the first parameter and the first key uniquely corresponds to the terminal device, a processing module configured to obtain a third key, where the third key is identical to the first key or the third key is generated according to the first key and the first parameter, and a processing module further configured to generate a second MAC according to the third key, and authenticate the terminal device according to the second MAC and the first MAC.

The transceiver module may perform the processing of the receiving and transmitting in the foregoing second aspect, and the processing module may perform other processing than the receiving and transmitting in the foregoing second aspect.

In a seventh aspect, a communication apparatus is provided, which includes a transceiver module configured to send a first parameter to a terminal device, where a combination of the first parameter and a first key uniquely corresponds to the terminal device, and the first key corresponds to a plurality of terminal devices in a group to which the terminal device belongs, the transceiver module further configured to receive a message authentication code MAC from the terminal device, where the MAC is generated by the terminal device according to the first key and the first parameter, and the transceiver module further configured to send the MAC to a network device, where the MAC is used for authenticating the terminal device by the network device.

The transceiver module may perform the processing of reception and transmission in the foregoing third aspect.

In a possible implementation manner, the communication apparatus may further include a processing module, where the processing module may perform other processing than the receiving and the transmitting in the foregoing third aspect.

In an eighth aspect, a communication system is provided that includes an access network device, a first network element. Optionally, the communication system may further comprise a storage network element. Wherein the access network device is configured to perform the method shown in the third aspect, and the first network element and the storage network element are configured to perform the method shown in the second aspect.

A ninth aspect provides a communication device, the device including a transceiver module configured to perform steps of receiving and transmitting information in the method provided in the above aspects, and a processing module configured to perform steps of processing in the method provided in the above aspects.

In a tenth aspect, there is provided a communication device comprising a memory for storing a program, and a processor for executing the program stored in the memory, the processor being adapted to perform the method provided in the above aspects when the program stored in the memory is executed.

In an eleventh aspect, the present application provides a processor configured to perform the method provided in the above aspects. In executing these methods, the process of transmitting the above information and acquiring/receiving the above information in the above methods can be understood as a process of outputting the above information by a processor and a process of receiving the above information inputted by the processor. When outputting the information, the processor outputs the information to the transceiver for transmission by the transceiver. This information, after being output by the processor, may also require additional processing before reaching the transceiver. Similarly, when the processor receives the input of the above information, the transceiver acquires/receives the above information and inputs it to the processor. Further, after the transceiver receives the information, the information may need to be further processed and then input to the processor.

Based on the above principle, for example, the reception request message mentioned in the foregoing method may be understood as information that the processor receives input.

With respect to operations such as transmitting, transmitting and acquiring/receiving, etc., that are referred to by a processor, unless specifically stated otherwise or if not contradicted by actual or inherent logic in the relevant description, the operations such as outputting and receiving, inputting, etc., by the processor are more generally understood as being operations such as transmitting, transmitting and receiving, rather than directly by radio frequency circuitry and antennas.

In implementation, the processor may be a processor dedicated to performing the methods, or may be a processor that executes computer instructions in a memory to perform the methods, e.g., a general purpose processor. The memory may be a non-transitory (non-transitory) memory, such as a Read Only Memory (ROM), which may be integrated on the same chip as the processor, or may be separately provided on different chips, and the type of the memory and the manner in which the memory and the processor are provided are not limited in the embodiments of the present application.

In a twelfth aspect, there is provided a computer readable storage medium storing program code for execution by a device, the program code comprising instructions for performing the methods provided in the above aspects.

In a thirteenth aspect, there is provided a computer program product comprising instructions which, when run on a computer, cause the computer to perform the method provided in the above aspects.

In a fourteenth aspect, there is provided a chip comprising a processor and a communication interface through which the processor reads instructions stored on a memory for performing the methods provided in the above aspects.

Optionally, as an implementation manner, the chip may further include a memory, where the memory stores instructions, and the processor is configured to execute the instructions stored on the memory, and when the instructions are executed, the processor is configured to perform the method provided in the above aspects.

Drawings

Fig. 1 is a schematic diagram of a network architecture 100 provided by the present application.

Fig. 2 is a schematic flow chart of a method of authentication and key agreement.

Fig. 3 is a schematic flow chart of a communication method provided in an embodiment of the present application.

Fig. 4 is a schematic flow chart of another communication method provided by an embodiment of the present application.

Fig. 5 is a schematic flow chart of another communication method provided by an embodiment of the present application.

Fig. 6 is a schematic block diagram of a communication device 10 provided in an embodiment of the present application.

Fig. 7 is a schematic diagram of another communication device 20 according to an embodiment of the present application.

Fig. 8 is a schematic diagram of a chip system 30 according to an embodiment of the present application.

Detailed Description

The technical solutions in the embodiments of the present application will be described below with reference to the accompanying drawings.

The technical scheme of the embodiment of the application can be applied to various communication systems. Such as a fifth generation (5th generation,5G) system or New Radio (NR), a long term evolution (long term evolution, LTE) system, an LTE frequency division duplex (frequency divisionduplex, FDD) system, an LTE time division duplex (time division duplex, TDD), etc. The technical scheme provided by the application can also be applied to future communication systems, such as a sixth generation mobile communication system.

In order to facilitate understanding of the communication method provided below, a communication scenario to which the communication method provided in the embodiment of the present application is applicable is first described with reference to fig. 1.

Fig. 1 is a schematic diagram of a system architecture 100 provided in the present application. The following describes each part involved in the network architecture shown in fig. 1:

1. The User Equipment (UE) 210 may include various handheld devices, in-vehicle devices, wearable devices, computing devices, or other processing devices connected to a wireless modem, as well as various forms of terminals, mobile Stations (MSs), terminals, or soft terminals, etc. Such as water meters, electricity meters, sensors, etc.

Illustratively, the user equipment in the embodiments of the present application may refer to an access terminal, a subscriber unit, a subscriber station, a mobile station, a relay station, a remote terminal, a mobile device, a user terminal (user terminal), a terminal (terminal equipment), a wireless communication device, a user agent, or a user equipment. The user equipment may also be a cellular telephone, a cordless telephone, a session initiation protocol (sessioninitiation protocol, SIP) phone, a wireless local loop (wireless local loop, WLL) station, a personal digital assistant (personaldigital assistant, PDA), a handheld device with wireless communication capabilities, a computing device or other processing device connected to a wireless modem, a car-mounted device, a wearable device, a user equipment in a 5G network or a user equipment in a future evolved public land mobile network (publicland mobile network, PLMN), or a user equipment in a future car-networking, etc., as the embodiments of the present application are not limited in this regard.

As an example and not by way of limitation, in the embodiments of the present application, the wearable device may also be referred to as a wearable intelligent device, which is a generic term for applying wearable technology to intelligently design daily wear and develop wearable devices, such as glasses, gloves, watches, apparel, shoes, and the like. The wearable device is a portable device that is worn directly on the body or integrated into the clothing or accessories of the user. The wearable device is not only a hardware device, but also can realize a powerful function through software support, data interaction and cloud interaction. The generalized wearable intelligent device comprises full functions, large size and complete or partial functions which can be realized independently of a smart phone, such as a smart watch, a smart glasses and the like, and is only focused on certain application functions, and needs to be matched with other devices such as the smart phone for use, such as various smart bracelets, smart jewelry and the like for physical sign monitoring.

In addition, in the embodiment of the application, the user equipment can also be user equipment in an internet of things (internet of Things, ioT) system, and the IoT is an important component of the development of future information technology, and the main technical characteristics of the application are that the article is connected with the network through a communication technology, so that the man-machine interconnection and the intelligent network of the internet of things are realized. In the embodiment of the application, the IoT technology can achieve mass connection, deep coverage and terminal power saving through, for example, a Narrowband (NB) technology. In addition, in the embodiment of the application, the user equipment can also comprise an intelligent printer, a train detector, a gas station sensor and the like, and the main functions comprise collecting data (part of the user equipment), receiving control information and downlink data of the access network equipment, sending electromagnetic waves and transmitting the uplink data to the access network equipment. In the embodiment of the application, the user equipment can also comprise environment Internet of things equipment, such as passive tag equipment, semi-passive Internet of things equipment and active Internet of things equipment. Its main functions include inventory of goods, commodities, measuring temperature, etc.

2.A (radio) access network device (radio access network, (R) AN) 220 for providing AN access function for authorized user equipment of a specific area and capable of using transmission tunnels of different qualities according to the level of the user equipment, the demand of service, etc.

The (R) AN can manage radio resources, provide access services for the ue, and further complete forwarding of control signals and ue data between the ue and the core network.

The access network device in the embodiment of the present application may be any communication device with a wireless transceiver function for communicating with the user equipment. The access network device includes, but is not limited to, an evolved Node B (eNB), a radio network controller (radio network controller, RNC), a Node B (Node B, NB), a base station controller (base station controller, BSC), a base transceiver station (base transceiver station, BTS), a home base station (home evolved Node B, heNB, or homeNode B, HNB), a base band unit (baseBand unit, BBU), an Access Point (AP) in a wireless fidelity (WIRELESS FIDELITY, WIFI) system, a wireless relay Node, a wireless backhaul Node, a transmission point (transmission point, TP), or a transmission receiving point (transmission and reception point, TRP), etc., and may also be 5G, such as NR, a next generation B Node (nextgeneration Node B, gNB) or transmission point (TRP or TP) in the system, one or a group of antenna panels (including multiple antenna panels) of a base station in the 5G system, or may also be a network Node constituting the gNB or transmission point, such as a BBU, or a distributed unit (baseband unit), etc.

In some deployments, the gNB may include a centralized unit (centralized unit, CU) and DUs. The gNB may also include an active antenna unit (ACTIVE ANTENNA units, AAU). The CU implements part of the functionality of the gNB and the DU implements part of the functionality of the gNB. For example, the CU is responsible for handling non-real time protocols and services, implementing the functions of the radio resource control (radio resource control, RRC) and packet data convergence layer protocol (PACKET DATA convergence protocol, PDCP) layers. The DU is responsible for handling physical layer protocols and real-time services, and implements functions of a radio link control (radio link control, RLC) layer, a Medium Access Control (MAC) layer, and a Physical (PHY) layer. The AAU realizes part of physical layer processing function, radio frequency processing and related functions of the active antenna. Since the information of the RRC layer may be eventually changed into or converted from the information of the PHY layer, under this architecture, higher layer signaling, such as RRC layer signaling, may also be considered to be transmitted by the DU or by the du+aau. It is understood that the access network device may be a device comprising one or more of a CU node, a DU node, an AAU node. In addition, the CU may be divided into access network devices in an access network (radio access network, RAN), or may be divided into access network devices in a Core Network (CN), which the present application is not limited to.

3. The mobility management network element 260 is mainly used for mobility management, access management, and the like. In a 5G communication system, the access management network element may be an access and mobility management function (ACCESS AND mobility management function, AMF), which mainly performs mobility management, access authentication/authorization, etc. In addition, it is responsible for transferring user policies between the terminal and the policy control function (policy control function, PCF) network elements.

4. Application network element 280, which may be an application function (application function, AF) network element in a 5G communication system, represents an application function of a third party or an operator, is an interface for the 5G network to obtain external application data, and is mainly used for transferring a requirement of an application side on a network side.

The system further includes an authentication server function (authentication server function, AUSF) network element 250, a unified data management (unified DATA MANAGEMENT, UDM) network element 290, a PCF network element 291, a network function repository function (network functionrepository function, NRF) network element 292, a network open function (network exposure function, NEF) network element 293, a network slice selection function (network slice selection function, NSSF) network element 294, a network slice selected authentication and authorization (networkslice-specific authentication and authorization function, NSSAAF) network element 295, a user plane function (user plane function, UPF) network element 230, a Data Network (DN) network element 240, a session management network element (sessionmanagement function, SMF) 270, and so on, for detailed description of the above network elements in the 5G communication system.

The functions of the network element or the device can be completed by one independent network element or can be completed by a plurality of network elements together. In an actual deployment, the network elements in the core network may be deployed on the same or different physical devices. For example, as one possible deployment, the AMF and SMF may be deployed on the same physical device. For another example, the network element of the 5G core network may be deployed on the same physical device as the network element of the 4G core network. The embodiment of the present application is not limited thereto.

It should be understood that the above designations are merely defined to facilitate distinguishing between different functions and should not be construed as limiting the application in any way. The application does not exclude the possibility of using other designations in 5G networks as well as in other networks in the future. For example, in a 6G network, some or all of the individual network elements may follow the terminology in 5G, possibly by other names, etc.

Currently, the internet of things (internetofthings, ioT) is receiving a great deal of attention in the field of wireless communications. It is expected that more IoT will be interrelated, deploying hundreds of millions or even billions of internet of things devices for various applications to increase production efficiency and living comfort. Along with the rapid increase of the number of the devices of the internet of things, it is very important to reduce the size, complexity and power consumption of the devices of the internet of things.

RFID is an automatic identification technology, through which non-contact bidirectional data communication between a tag and a reader-writer can be realized, and the purposes of identification and data exchange are achieved. Tags in RFID systems have low complexity, small form factor, and low power consumption, so RFID systems have a wide range of applications. However, the read range of RFID is limited, which results in a long time consuming operation. Thus, it is difficult for RFID to achieve a seamlessly covered large-scale network with densely deployed tags.

Therefore, the RFID system cannot meet the requirement of trillion-level wide area coverage of the future Internet of things at present, so that a new Internet of things technology is urgently needed to support an order of magnitude higher equipment connection number and/or equipment density than the existing Internet of things, and new use cases and new scenes in the future Internet of things are realized. As the number of devices is developed towards the billions level, new internet of things technology is faced with the problem that the management cost of device information is increased dramatically.

At present, a 5G-authentication AND KEYAGREEMENT (5G-AKA) procedure is generally adopted between the terminal device and the network to identify and authenticate the terminal device, so as to realize the security protection of the terminal device. However, the signaling interaction of the 5G-AKA procedure is complex, and it is difficult for the terminal device with low complexity and low power consumption to complete authentication according to the procedure.

Fig. 2 is a schematic flow chart of a method of authentication and key agreement.

In the method shown in fig. 2, the terminal device is preconfigured with a key K corresponding to the terminal device, and the network function (networkfunction, NF) is preconfigured with an identifier of the terminal device and the key K corresponding to the identifier.

It should be understood that the core network elements shown in fig. 1 above may be collectively referred to as NF. For example, the NF may be the NEF network element shown in fig. 1 described above.

As shown in fig. 2, the method includes:

and 201, the NF sends authentication request information to the terminal equipment.

Accordingly, the terminal device receives authentication request information from the NF.

The authentication request information comprises an identifier of the terminal equipment and a random number Rand.

202, The terminal device generates a message authentication code (message authentication code, MAC) by means of the key K and the random number Rand.

For example, after receiving the authentication request information from NF, the terminal device generates a corresponding MAC according to Rand and the preconfigured key K in the authentication request information.

And 203, the terminal equipment sends authentication response information to the NF.

Accordingly, the NF receives the authentication response information from the terminal device.

The authentication response information includes an identifier of the terminal device, a MAC, and a random number Rand.

It should be appreciated that after the terminal device generates the MAC, the MAC is sent to the NF for the NF to authenticate the terminal device.

The nf authenticates the terminal device via the MAC 204.

It should be understood that after the NF receives the authentication response information of the terminal device, according to the identifier of the terminal device in the authentication response information, the NF queries the pre-configured key K corresponding to the terminal device stored in the NF, checks whether Rand in the authentication response information is the same as Rand in step 201, if so, the NF determines the MAC 'according to the key K and the random number Rand, and authenticates the terminal device according to the MAC and the MAC'.

Before the NF authenticates the terminal device through the MAC, the NF may determine whether to execute step 204 through Rand in the authentication response information sent by the terminal device in step 203.

In one possible implementation manner, when Rand in the authentication response information is different from Rand in the authentication request information, the NF may send a message for indicating that authentication cannot be performed to the terminal device, and the message may also be used for indicating that the NF does not send the authentication request information to the terminal device, that is, the authentication request information corresponding to the terminal device does not exist, or may be understood that the authentication operation corresponding to the terminal device does not exist. The NF need not perform step 204.

In another possible implementation, the NF performs step 204 when Rand in the authentication response information is the same as Rand in the authentication request information. Where the NF determines that MAC and MAC' are different according to step 204, the NF may send a message to the terminal device indicating authentication failure.

In another possible implementation, the NF performs step 204 when Rand in the authentication response information is the same as Rand in the authentication request information. Where the NF determines that MAC and MAC' are the same according to step 204, the NF may send a message to the terminal device indicating that authentication is successful.

According to the method shown in fig. 2, one terminal device corresponds to one key K, and keys K corresponding to different terminal devices are different. In order to authenticate the terminal device, the network device pre-stores a plurality of identifiers of the terminal device and the secret key K corresponding to each identifier, which results in very high management cost of the network side on the secret key.

According to the problems of the technology, the application provides a communication method which can reduce the key management cost of network equipment to terminal equipment, reduce the signaling overhead of the terminal equipment and the power consumption of the terminal equipment and improve the communication safety.

It should be understood that the terminal device in the embodiment of the present application may be a low power consumption terminal device, such as a tag. The terminal device in the present application may be an active tag, or a passive tag, or a semi-passive tag, which is not particularly limited to this application.

Fig. 3 is a schematic flow chart of a communication method provided in an embodiment of the present application.

The terminal device obtains 301 a first parameter and a first key.

The first key corresponds to a plurality of terminal devices in a group to which the terminal devices belong, namely, the plurality of terminal devices can share the first key, and the combination of the first parameter and the first key uniquely corresponds to the terminal devices, namely, the combination of the first parameter and the first key corresponds to the terminal devices one by one.

In one possible implementation, the first key is pre-configured by the system/network device to the terminal device or factory settings stored at the terminal device. The terminal device pre-stores the first key locally, and the terminal device can acquire the first key locally.

The terminal device may acquire the first parameter in the following manner 1 or manner 2.

In mode 1, a terminal device receives a first parameter from a network device, and the network device sends the first parameter to the terminal device.

For example, the first parameter is an identification of the terminal device (e.g., ID, subscription permanent identifier (subscription PERMANENT IDENTIFIER, SUPI), user hidden identifier (subscription concealed identifier, SUCI)), or a random number generated by the network device (e.g., rand, nonce).

Mode 2, the terminal device receives the first parameter from the access network device, and the access network device sends the first parameter to the terminal device.

For example, the first parameter is an identification of the terminal device (e.g., ID, SUPI, SUCI).

As another example, the first parameter is a random number (e.g., rand, nonce) generated by the access network device, or a temporary identity (e.g., TC-RNTI, C-RNTI) assigned by the access network device to the terminal device. The access network device may send the first parameter to the network device for subsequent authentication of the terminal device by the network device. Further, the access network device may further record a correspondence between the first parameter and the identifier of the terminal device, where the access network device determines the first parameter according to the identifier of the terminal device before sending the first parameter to the network device.

302, The terminal device generates mac#1 from the first parameter and the first key.

Wherein, the MAC#1 is used for the network equipment to authenticate the terminal equipment.

Optionally, the terminal device generates the second key according to the first parameter and the first key, and further determines the mac#1 according to the second key and the first parameter. The second key uniquely corresponds to the terminal device.

For example, the second key may be determined according to an exclusive-or operation result of the first key and the first parameter, or the second key is generated by a key generation algorithm (KEY DERIVE function, KDF) between the first key and the first parameter.

Assuming that the first parameter is nonce#1, the key pre-stored by the terminal device (i.e., the first key) is K, the ID of the terminal device is Tag ID, the algorithm used by the terminal device to determine the mac#1 is a Func algorithm, such as Func _(a) (b||c), where a is the key used when the Func algorithm operates, and "||" represents a union, i.e., b is spliced with c, for example, when b=010001, c=111111, b||c= 010001111111. Specific examples of the terminal device generating mac#1 are as follows:

Example 302-1, the terminal device inputs K, nonce #1 and Tag ID into the Func algorithm, then either mac# 1=func _([K,nonce#1] (Tag id||nonce#1) or mac# 1=func _(K) (Tag id||nonce#1). Here, [ K, nonce#1] represents an operation result of K and nonce#1, for example, an exclusive or result K n nonce#1 of K and nonce#1, or a result KDF (K, nonce#1) generated by a KDF algorithm of K and nonce#1.

In example 302-2, the terminal device obtains new K according to the operation result of K and nonce # 1. For example, new K is the exclusive or result of K and nonce#1, i.e., new k=kα, nonce#1, or new K is the result of K and nonce#1 generated by the KDF algorithm, i.e., newK =kdf (K, nonce#1). Then, the terminal device inputs new K, nonce #1, and Tag ID into the Func algorithm, and then mac#1=func _(newK) (Tag id||nonce # 1).

It should be appreciated that Func in examples 302-1 and 302-2 above represents an algorithm for generating a MAC, which may be, for example, a hash-message authentication code 256 (hash-based message authentication code, hmac 256) algorithm.

In one possible implementation, the terminal device determines mac#1 from the first parameter, the second parameter and the first key.

For example, the second parameter is generated by the access network device and sent to the terminal device, and the terminal device receives the second parameter from the access network device. For another example, the second parameter is generated by the network device and sent to the terminal device, and the terminal device receives the second parameter from the network device, and optionally, the network device sends the second parameter to the terminal device through the access network device.

Optionally, the terminal device generates a second key according to the first parameter and the first key, and further determines the mac#1 according to the second key and the second parameter. Wherein the second key uniquely corresponds to the terminal device.

Assuming that the first parameter is nonce #1, the second parameter is nonce #2, the first key is K, and specific examples of the terminal device generating MAC #1 from nonce #1, nonce #2, and K are as follows:

Example 302-3, terminal device inputs K, nonce #1, nonce#2, and Tag ID into Func algorithm, then mac#1=func _([K,nonce#1] (Tag id||nonce#2). Where [ K, nonce #1] represents the operation result of K and nonce #1, and specific reference may be made to the description in example 302-1.

In example 302-4, the terminal device obtains new K according to the operation result of K and nonce#1, and inputs new K, nonce#2, and Tag ID into the Func algorithm, and then mac#1=func _(newK) (Tag id||nonce#2).

303, The terminal device sends mac#1 to the network device.

Accordingly, the network device receives mac#1 from the terminal device.

For example, after the terminal device generates mac#1, mac#1 may be directly transmitted to the network device, or the terminal device may transmit mac#1 to the network device through the access network device.

304, The network device determines mac#2 and authenticates the terminal device through mac#1 and mac#2.

For example, after receiving mac#1, the network device further determines mac#2 and authenticates the terminal device by the relationship between mac#1 and mac#2.

Illustratively, the network device authenticates the terminal device by determining whether mac#1 is identical to mac#2. If mac#1 is identical to mac#2, it indicates that the terminal device authentication is successful. Optionally, the network device sends a message to the terminal device indicating that authentication is successful. If mac#1 is not identical to mac#2, it indicates that the terminal device authentication fails. Optionally, the network device sends a message to the terminal device indicating authentication failure.

Optionally, the network device acquires the third key before determining mac#2, and then the network device determines mac#2 from the third key and authenticates the terminal device through mac#1 and mac#2.

The network device may determine the third key locally or the network device may receive the third key from other network elements (e.g., storage network elements). The third key may be the same as the first key or the third key may be determined from the first key and the first parameter. The specific implementation of the network device to obtain the third key may refer to steps 411, 411 'to 413', and 411 "to 413" in fig. 4.

The specific implementation of step 303 and step 304 are described below in four cases, respectively.

In case one, the mac#1 of the terminal device is generated based on the first parameter and the first key, and the network device receives the mac#1 of the terminal device and the first parameter (denoted as parameter # 1-1) before the network device determines the mac#2.

Optionally, the network device receives the first parameter from the terminal device. Correspondingly, the terminal device directly sends the first parameter to the network device, or the terminal device sends the first parameter to the network device through the access network device.

Optionally, the network device receives the first parameter from the access network device. Correspondingly, the terminal device sends the first parameter to the access network device and the network device. For example, the access network device receives a first parameter from the terminal device and sends the first parameter to the network device, or the access network device receives an identifier from the terminal device, determines the first parameter according to the identifier of the terminal device and a correspondence between the locally recorded identifier of the terminal device and the first parameter, and then sends the first parameter to the network device.

In case one, an example of the network device authenticating the terminal device is as follows:

Example 304-1, when the first parameter is generated by the network device and sent to the terminal device for the terminal device to generate mac#1, the network device may record a correspondence between the first parameter (denoted as parameter # 1-0) and the identity of the terminal device locally.

Optionally, after the network device receives the parameter #1-1 from the terminal device and the identifier of the terminal device, the network device may further determine, according to the identifier of the terminal device, the parameter #1-0 corresponding to the identifier of the terminal device, which is locally recorded, and determine whether the parameter #1-0 is the same as the parameter # 1-1. If the third key is the same, the network equipment acquires the third key, generates MAC#2 according to the third key and the first parameter, and authenticates the terminal equipment through the MAC#2 and the MAC#1.

Example 304-2, when the first parameter is generated by the access network device, the access network device may send the identity of the terminal device and the first parameter (e.g., parameter # 1-0) to the network device, which records a correspondence between the parameter #1-0 and the identity of the terminal device locally.

It should be understood that, after the network device receives the parameter #1-1 and the identifier of the terminal device, the network device may determine, according to the method described in the above example 304-1, the corresponding parameter #1-0 according to the correspondence between the identifier of the terminal device and the local record, and further determine whether the parameter #1-0 is the same as the parameter #1-1, and whether the terminal device needs to be authenticated further through the MAC #2 and the MAC #1, which is specifically referred to the description in the above example 304-1.

In example 304-3, when the first parameter is generated by the access network device and the network device does not store the correspondence between the first parameter and the identity of the terminal device, after the network device receives the first parameter and the mac#1, the network device obtains a third key, determines the mac#2 according to the third key and the first parameter, and authenticates the terminal device through the mac#1 and the mac#2.

In the second case, the mac#1 of the terminal device is generated based on the first parameter and the first key, and the network device receives the mac#1 of the terminal device and determines the first parameter before the network device determines the mac#2.

The first parameter is generated by the network device, and the network device records the corresponding relation between the first parameter and the identification of the terminal device locally. The network equipment receives the MAC#1 of the terminal equipment and the identification of the terminal equipment, determines a first parameter corresponding to the identification of the terminal equipment according to the identification of the terminal equipment, which is recorded locally, then determines the MAC#2 according to the third secret key, the first parameter and the identification of the terminal equipment, and authenticates the terminal equipment through the MAC#1 and the MAC#2.

In case three, the mac#1 of the terminal device is generated based on the first parameter, the second parameter, and the first key, and the network device receives the mac#1 of the terminal device, the first parameter (denoted as parameter # 1-1), and the second parameter (denoted as parameter # 2-1) before the network device determines the mac#2.

Optionally, the network device receives the first parameter and the second parameter from the terminal device, and correspondingly, the terminal device directly sends the first parameter and the second parameter to the network device, or the terminal device sends the first parameter and the second parameter to the network device through the access network device.

Optionally, the network device receives the first parameter and the second parameter from the access network device, and correspondingly, the access network device sends the first parameter and the second parameter to the network device. The specific implementation manner of sending the first parameter to the network device by the access network device may refer to the description in the case one. The access network device sends the second parameter to the network device, which may be that the access network device receives the second parameter from the terminal device and sends the second parameter to the network device, or that the access network device receives the identifier from the terminal device, determines the second parameter according to the identifier of the terminal device and the corresponding relationship between the locally recorded identifier of the terminal device and the second parameter, and then sends the second parameter to the network device.

It should be understood that the terminal device/access network device may send the first parameter and the second parameter bearer to the network device in the same message, or may send the first parameter and the second parameter bearer to the network device in different messages.

Optionally, the first parameter and the second parameter are carried in the same message, where the first parameter and the second parameter may respectively correspond to different indication information/indication identifiers, for example, the indication information/identifier corresponding to the first parameter is used to instruct the network device to generate the key, and the indication information/identifier corresponding to the second parameter is used to instruct the network device to authenticate the terminal device.

Alternatively, the first parameter and the second parameter are carried in the same message, and the first parameter and the second parameter may be located at different positions in the message. For example, the first field of the message includes a first parameter, the second field includes a second parameter, the parameter in the first field of the message is used to instruct the network device to generate a key, and the parameter in the second field of the message is used to instruct the network device to authenticate the terminal. The format of the message may be protocol-specified or system-configured, as the application is not limited in this regard.

Alternatively, the first parameter and the second parameter are carried in different messages, for example, the first parameter may be carried in a message for instructing the network device to generate a key, and the second parameter may be carried in a message for instructing the network device to authenticate the terminal device, for example, the second parameter may be carried in a message for transmitting mac#1.

It should be understood that the first parameter and the second parameter may be sent to the network device by the terminal device and the access network device, respectively, for example, the terminal device sends the first parameter to the network device and the access network device sends the second parameter to the network device, or, for example, the access network device sends the first parameter to the network device and the terminal device sends the second parameter to the network device, which is not limited in this application.

In case three, an example of the network device authenticating the terminal device is as follows:

example 304-4, when the second parameter is generated by the network device and sent to the terminal device for sending, the network device may record the correspondence between the second parameter (noted as parameter # 2-0) and the identity of the terminal device locally.

Optionally, after the network device receives the parameter #2-1 and the identifier of the terminal device, the network device may further determine, according to the identifier of the terminal device, a parameter #2-0 corresponding to the identifier of the terminal device, which is locally recorded, and determine whether the parameter #2-0 is the same as the parameter # 2-1.

It should be appreciated that example 304-4 may be combined with example 304-1 or example 304-2 described above, and that when parameter #1-0 is different from parameter #1-1, or parameter #2-0 is different from parameter #2-1, the network device may send a message to the terminal device indicating that authentication cannot be performed. When the parameter #1-0 is the same as the parameter #1-1 and the parameter #2-0 is the same as the parameter #2-1, the network device acquires the third key, determines the MAC #2 according to the third key, and authenticates the terminal device through the MAC #2 and the MAC # 1.

It should be appreciated that example 304-4 may be combined with example 304-3 or case two described above, and that when parameter #2-0 is different from parameter #2-1, the network device may send a message to the terminal device indicating that authentication cannot be performed. When the parameter #2-0 is the same as the parameter #2-1, the network device acquires the third key, generates the MAC #2 according to the third key, the first parameter and the identifier of the terminal device, and authenticates the terminal device through the MAC #2 and the MAC # 1.

Example 304-5, when the second parameter is generated by the access network device, the access network device may send the second parameter (e.g., parameter # 2-0) and the identity of the terminal device to the network device, which records the correspondence between the parameter #2-0 and the identity of the terminal device locally.

It should be understood that, in the case of example 304-5, after the network device receives the parameter #2-1 and the identifier of the terminal device, the corresponding parameter #2-0 may be determined according to the method described in the foregoing example 304-4 through the correspondence between the identifier of the terminal device and the local record, to further determine whether the parameter #2-0 is the same as the parameter #2-1, and whether the terminal device needs to be further authenticated through the MAC #2 and the MAC #1, specifically please refer to the description of the foregoing example 304-4.

Example 304-6, the network device receives the second parameter when the second parameter is generated by the access network device and the network device does not store a correspondence between the second parameter and an identity of the terminal device.

It should be appreciated that example 304-6 may be combined with example 304-1 or example 304-2 described above, and that when parameter #1-0 is different from parameter #1-1, the network device may send a message to the terminal device indicating that authentication is not possible. When the parameter #1-0 is the same as the parameter #1-1, the network device acquires the third key, determines the MAC #2 according to the third key, and authenticates the terminal device through the MAC #2 and the MAC # 1.

It should be appreciated that example 304-6 may be combined with example 304-3 or case two described above, where after the network device receives the first parameter, the second parameter, and mac#1, the network device obtains the third key, generates mac#2 according to the third key, and authenticates the terminal device through mac#2 and mac#1.

In case four, the network device determines the second parameter before the network device determines mac#2, when mac#1 of the terminal device is generated based on the first parameter, the second parameter, and the first key.

The second parameter is generated by the network device, and the network device records the correspondence between the second parameter and the identity of the terminal device locally. After the network equipment receives the identification of the terminal equipment, the second parameter corresponding to the identification of the terminal equipment, which is recorded locally, is determined according to the identification of the terminal equipment.

It should be appreciated that case four may be combined with any of examples 304-1, 304-2, 304-3 described above, or with case two, and specific implementations may be described with reference to example 304-6.

Wherein the first parameter and the second parameter may be the same or different. For example, when the first parameter and the second parameter are both generated by the network device, then the first parameter and the second parameter may be the same random number, and when the first parameter and the second parameter are both generated by the access network device, then the first parameter and the second parameter may be the same random number, or the same temporary identity (e.g., C-RNTI, TC-RNTI). When the first parameter is generated by the access network device, the network device generates the second parameter according to the first parameter, the first parameter and the second parameter may be the same random number, or the first parameter and the second parameter are identifiers (e.g. IDs) of the terminal device, and when the first parameter is generated by the access network device, the access network device sends the first parameter to the network device, the network device generates the second parameter according to the first parameter, the first parameter and the second parameter may be the same, and the first parameter and the second parameter may be random numbers, or temporary identifiers.

According to the method shown in fig. 3, the terminal device determines mac#1 by the acquired first parameter and first key, and transmits mac#1 to the network device for the network device to authenticate the terminal device. The first key pre-stored by the terminal equipment corresponds to a plurality of terminal equipment in a group to which the terminal equipment belongs, namely the plurality of terminal equipment in the group to which the terminal equipment belongs share the first key. Since the terminal device determines mac#1 and the network device determines mac#2, the identity of the terminal device is input, and thus mac#1 and the identity of the terminal device and mac#2 are in one-to-one correspondence. Even if a plurality of terminal devices share the same first key, the network device can still realize the authentication for a single terminal device, so that the cost of the network device for managing the key of the terminal device is reduced, and the effectiveness of the authentication of the terminal device is ensured.

The method provided by the embodiment of the present application is described in detail in an exemplary manner below by taking a terminal device as a Tag, an access network device as a RAN, a first key as K, and a network device including a first network element, a storage network element, and a second network element as an example.

Fig. 4 is a schematic flow chart of another communication method provided by the present application.

401 Pre-storing a key K.

In one possible implementation, the storage network element and the Tag may both be pre-configured with the key K, and the storage network element and the Tag store the pre-configured key K in their own device, i.e. are pre-stored keys. The storage network element and Tag may be pre-configured with the key K by the network device or system, or factory pre-configured with the key K, which is not particularly limited in this application.

Optionally, the pre-stored key K is a group key, that is, the key K corresponds to a Tag group, and the Tag group includes a plurality of tags, where the pre-stored keys of the plurality of tags are all the key K. Before storing network elements and tags are pre-configured with keys, the network device/system may divide the plurality of tags into the same group, the tags divided into the same group may be located within a service area of the same access network device, or within a coverage area of the same signal/beam, or belong to a certain specific area, or a first identification (e.g. ID, IP address) of the tags of the same group is within a range preset by the network device/system.

As an example, the range to which the first identifier of a Tag of the same group belongs corresponds to one Tag number segment. As shown in Table 1, the Tag number field may be a range of TagID (e.g., 100000-200000), or a binary or hexadecimal encoded range of TagID (e.g., ab38274c2a 1-ab 38 ffffff), or a range of IP address of Tag (e.g., 119.112.19.1-119.255.255.255), etc.

TABLE 1

Taking table 1 as an example, when the number segment to which the Tag ID belongs is within the 100000-200000 number segment, the key K prestored by the Tag identified by the Tag ID is 8267509ab247fff6bc238e. When the number segment of the IP address of the Tag is within the number segment 119.112.19.1-119.255.255.255, the pre-stored key K of the Tag identified by the IP address is 1726499ab247fff6bc238e.

As another example, one Tag number segment may correspond to multiple groups, i.e., tags belonging to the same Tag number segment may be divided into multiple groups, with the same key pre-stored by tags belonging to the same group. For example, the number segments to which the Tag id#1, the Tag id#2, and the Tag id#3 belong are within the 100000 to 200000 number segments, the tag#1 identified by the Tag id#1 is within the service range of the access network device#1, the tag#1 belongs to the group#1, the pre-stored key is k#1, the tag#2 identified by the Tag id#2, and the tag#3 identified by the Tag id#3 are within the service range of the access network device#2, the tag#2 and the tag#3 belong to the group#2, and the pre-stored key is k#2.

When the network device manages the keys of the plurality of Tag IDs, the plurality of Tag IDs configure the same group key, which can reduce the management cost of the network device on the keys.

Optionally, each Tag corresponds to a key K. Each key K corresponds to a Tag ID, i.e. each Tag is configured with a different key, e.g. one Tag is included in each Tag number segment. As shown in table 2:

TABLE 2

NO	Tag ID	Key K
			1	A0001	247fff6bc23
2	A0002	247fff6bc2f
			3	A0005	247fff6bc2d
4	A0007	247fff6bc21

As shown in table 2 above, the key K pre-stored for the Tag with Tag ID a0002 is 247fff6bc2f;Tag ID and the key K pre-stored for the Tag with key K for a0005 is 247fff6bc2d;Tag ID and the key K pre-stored for the Tag with a0007 is 247fff6bc21.

In another possible implementation, the storage network element is preconfigured with a key K, and the Tag is preconfigured with a key K, where K is determined by a one-way generation algorithm, the storage network element stores the preconfigured key K in the self device, and the Tag stores the preconfigured key K in the self device. The memory network element can be pre-configured with the key K by the network device or the system or the key K by factory, the Tag can be pre-configured with the key K by the network device or the system or the key K by factory, and the application is not limited in detail.

It should be appreciated that the one-way generation algorithm can only get K through K, and cannot get K through K. Where K may be referred to as a subkey and K may be referred to as a master key. I.e. the sub-key is pre-stored in the Tag and the main key is pre-stored in the storage network element.

As one example, the one-way generation algorithm includes a KDF algorithm, where k=kdf (K, tag ID).

As another example, the master key K is a key pool, and the master key K determines the sub-key K through a one-way generation algorithm. If Tag is { b1, b 2.., bi }, i.ltoreq.pool-len, bi ε {0 or 1}. Let the master key be a vector k= { a_1, a_2, a_j } ] T, where each a_j is an nbit number (i.e., an n-bit number key), e.g., a_j is a 128-bit key. Definition function USEKEY () is as follows:

USEKEY(a_j,0)=0;

USEKEY(a_j,1)=a_j

Then k= USEKEY (a 1, b 1) to USEKEY (a 2, b 2), and..the term "USEKEY (a_n, b_n), as shown in table 3.

TABLE 3 Table 3

Master key K	Tag ID	Sub-key k
			a_1	1	a_1
a_2	1	a_2
			a_3	0	0
a_4	1	a_4
			......	......	......

It should be understood that the steps of storing the network element and the Tag pre-store the key in itself according to the pre-configured key are not consecutive. The key can be pre-stored simultaneously by the storage network element and the Tag, or the key can be pre-stored before the key is pre-stored by the storage network element, or the key can be pre-stored after the key is pre-stored by the storage network element, so that the application is not particularly limited.

It should also be understood that when the key pre-stored by the storage network element is the master key (e.g., key K), the key pre-stored by the Tag is the sub-key (e.g., key K), where key K is determined by a one-way generation algorithm, and this key K is different from key K. Even if an attacker captures a small amount of tags, the attacker cannot acquire a key K pre-stored in the network equipment, namely the attacker cannot acquire the key K through the key K, so that the security of the Tag key is improved.

402, The first network element pre-stores a charging Tag number segment.

The first network element may be an access management network element AMF, or a label management network element (TAG MANAGEMENT function, TMF), where the TMF is used to manage labels.

For example, the TMF may be deployed in an architecture as shown in fig. 1, and communication may be performed directly or indirectly between the TMF and the RAN, and between the TMF and the UE. For example, an interface exists between the TMF and the RAN, and interaction can be performed directly, and further, the TMF can interact with the Tag through the RAN. Alternatively, the TMF and Tag may also communicate directly via an interface. The TMF may be deployed alone or integrated with the AMF, which is not limited in this regard by the present application. As another example, TMF may also be integrated with the RAN.

Alternatively, the TMF and the AF network element may communicate directly or indirectly, e.g. an interface exists between the TMF and the NEF, through which the TMF may interact with the AF.

It should be appreciated that different companies have different Tag number segments of administrative rights. The first network element can determine and store Tag number segments corresponding to each company according to specific requirements of each company. The Tag number segment is used for the first network element to judge whether a certain Tag belongs to the management range of the company, and if not, the first network element does not respond to the service.

As an example, table 4 shows the stored relationship of a company to Tag number segments:

TABLE 4 Table 4

As shown in table 4, the Tag number segment corresponding to ABX company is 100000-200000, that is, ABX company is mainly responsible for managing tags within 100000-200000. The service function of the Tag corresponding to the Tag number segment of 100000-200000 is inventory, and the service code is (0). The Tag number segment corresponding to company code= 92756 is ab38274 c2a1-ab 38fffff, namely, company code 92756 is mainly responsible for managing tags within the range of ab38274c2a 1-ab 38 fffff. The service function of the Tag corresponding to the Tag number segment ab38274c2a 1-ab 38fffffff is temperature measurement, and the service code is (1). The Tag number segment corresponding to a certain digital service limited company is 119.112.19.1-119.255.255.255, namely the certain digital service limited company is mainly responsible for managing tags within the range of 119.112.19.1-119.255.255.255. The service function of the Tag corresponding to the Tag number segment 119.112.19.1-119.255.255.255 is positioning, and the service code is (2).

It should be understood that the steps 401 and 402 described above do not distinguish between the steps, and that 401 may be performed before 402, 401 may be performed after 402, or 401 may be performed simultaneously with 402, which is not a specific limitation of the present application.

It should also be appreciated that this step 402 is an optional step. The first network element may be pre-configured with the charging Tag number field and store the pre-configured charging Tag number field locally, i.e. without performing step 402 to pre-store the charging Tag number field.

403, The second network element sends a service requirement request message #1 to the first network element.

Wherein the second network element may be an AF.

In one possible implementation, the second network element may send the service requirement request message #1 directly to the first network element, or the second network element may send the service requirement request message #1 to the first network element through the NEF network element.

It should be appreciated that the business requirement request information #1 may include a disk requirement request, a temperature measurement requirement request, a location requirement request, or the like.

As an example, the second network element sends a service requirement request message #1 including a inventory requirement to the first network element for requesting the first network element to inventory a specific Tag service.

It should also be understood that the service requirement request message #1 includes at least one of service indication information, tag ID, AF ID.

In one possible implementation, when the service requirement request message #1 includes service indication information, the service indication information may include one or more of a service description, a service function (e.g., inventory, temperature measurement, positioning, etc.), and a service code (e.g., code 0 or code 1), which is not specifically limited in this application.

It should be understood that the traffic indication information sent by the second network element may be used to determine the corresponding Tag ID. It is assumed that the specific service description included in the service indication information includes a service #1, where the specific service managed by Tag #1 is a service #2, and the specific service managed by Tag #2 is a service #1, that is, it can be determined that the Tag ID corresponding to the service indication information in the service requirement request message #1 is the ID of Tag # 2.

As another possible implementation manner, when the service requirement request message #1 includes a Tag ID, the Tag ID may be an ID set, for example, tag id= {100001,100002,110000}, or the Tag ID is a number segment of a certain Tag ID, for example, tag id=100000-200000.

As yet another possible implementation, the AF ID is included in the service requirement request message # 1. The AF ID may be identification information of the AF or an IP address of the service requirement request message #1 is transmitted. For example, when the IP address of the transmission service requirement request message #1 indicates an IP address of AF, it may indicate that an AF ID is carried.

It should be understood that, when the service indication information #1 sent by the second network element includes the AF ID, the first network element may determine the corresponding Tag ID according to the AF ID.

404, The first network element sends a service requirement request message #2 to the RAN.

Accordingly, the RAN receives a service requirement request message #2 sent from the first network element.

In one possible implementation, the first network element may determine the RAN ID from the service requirement request message #1 before the first network element sends the service requirement request message #2 to the RAN. The first network element sends the service requirement request message #2 to the corresponding RAN according to the determined RAN ID.

Wherein, the content in the service requirement request message #2 and the content in the service requirement request message #1 may be the same or different.

For example, the inventory requirement request and the first parameter are included in the service requirement request message #1, and the information included in the service requirement request message #1 may be directly forwarded in the service requirement request message #2, that is, the service requirement request message #2 includes the inventory requirement request and the first parameter.

For another example, the service requirement request message #1 includes a disc requirement request, and the service requirement request message #2 may include the disc requirement request in the service requirement request message #1 and the first parameter generated by the first network element.

In another possible implementation manner, after the first network element receives the service requirement request message #1 sent by the second network element, the first network element determines the Tag ID according to the service requirement request message # 1. The first network element determines the RAN ID corresponding to the Tag according to the Tag ID.

It should be appreciated that there is a correspondence between Tag ID and RAN ID. The correspondence may be preconfigured in the first network element. The present application is not particularly limited, in which the same Tag number segment corresponds to one or more RANs, or the same Tag number segment corresponds to one RAN.

As an example, the first network element determines the corresponding Tag ID according to at least one of the service indication information, the Tag ID, and the AF ID included in the service requirement request message # 1. The first network element further determines the RAN corresponding to the Tag ID according to the corresponding relation between the Tag ID and the RAN according to the determined Tag ID.

It should be understood that, when the service requirement request message #1 includes a Tag ID, the first network element may directly determine, according to the Tag ID in the service requirement request message #1, which tags need to be requested to perform the service, and further send the service requirement request message #2 to the RAN corresponding to the Tag that performs the service.

It should also be understood that when the service requirement request message #1 includes service indication information, the first network element is preconfigured with a correspondence between a specific service indication and a Tag ID, so that the first network element may determine a Tag that needs to be requested according to the service indication information, and further determine a corresponding RAN.

It should also be understood that, when the service requirement request message #1 includes an AF ID, the first network element may implicitly determine a service type according to the AF ID and a service corresponding to the AF, determine, according to the service type, which tags need to be requested to execute the service, and further send the service requirement request message #2 to the RAN corresponding to the executing Tag.

As an example, table 5 shows a pre-configured correspondence between Tag IDs and identification information of RANs:

TABLE 5

The identification information of the RAN may include, among other things, a RAN ID (e.g., 11), or an IP address of the RAN (e.g., 119.112.19.1).

As shown in table 5, when the Tag ID belongs to the number segment within the range of 100000 to 200000, the corresponding RAN ID is 11, when the Tag ID belongs to the number segment within the range of ab38274c2a1 to ab38ffffff, the corresponding RAN ID is 119.112.19.1;TAG ID, and when the Tag ID belongs to the number segment within the range of 10.10.255.1 to 10.10.255.255, the corresponding RAN ID is 119.112.19.2,119.112.19.3,119.112.19.4.

It should be understood that the identification information of the RAN corresponding to the number segment to which the Tag ID belongs may be an ID, or may be an IP address, or may be a set of IP addresses, which is not specifically limited to this embodiment of the present application.

The RAN triggers Tag access to the RAN 405.

For example, after receiving a service requirement request message sent from a first network element, the RAN triggers a Tag in a corresponding jurisdiction (or referred to as a service area), where the Tag in the jurisdiction is ready to access the RAN.

It should be appreciated that there are a number of ways in which the RAN triggers a Tag within a jurisdiction to prepare for access to the RAN, for example, by transmitting an electromagnetic beam to the Tag within the jurisdiction, the RAN triggers the Tag to prepare for access to the RAN. For another example, the RAN triggers the Tag to prepare for access to the RAN by transmitting an excitation signal to all tags within the jurisdiction. For another example, the RAN triggers the tags to prepare for access to the RAN by sending service demand request information to all tags within the jurisdiction.

In one possible implementation, the RAN triggers the Tag to prepare for access to the RAN, which may be the RAN triggering the Tag to prepare for random access.

It should be understood that the Tag device in the embodiments of the present application may be a passive device, or a semi-passive device. Most of the current wireless communication devices are powered by batteries, and the batteries need to be manually replaced or charged, so that the maintenance equipment is high in cost, and meanwhile, the environment is endangered, and even potential safety hazards exist. The passive device or the semi-passive device does not depend on battery power supply, and can meet the scene of densely deploying the devices of the Internet of things. In step 405 of the present application, when the Tag is a passive device, or a semi-passive device, the RAN may send an excitation signal to the Tag to power the Tag, thereby supporting the application of the passive/semi-passive device.

It should also be appreciated that when the Tag device in the embodiment of the present application is an active device, step 405 is an optional step. The Tag device is assumed to be an active device, and may request access to the RAN at regular time according to a message preconfigured by the system, or the Tag device may request access to the RAN according to a service requirement request message sent by the RAN in step 405.

406, The tag sends message #1 to the RAN.

It will be appreciated that this message #1 is used to request access to the access network device.

In one possible implementation, the message #1 may be an msg1 message of a terminal device random access procedure (or referred to as an initial access procedure), the msg1 message is a random access request (random accsss preamble), or the message #1 may be a mag3 message of the terminal device initial access procedure, the msg3 message is a radio resource control connection request message (radio resource controlconnection request), or a handover command complete message (handover command completion).

As an example, assuming that the Tag is a passive device, the Tag may send the message #1 to the RAN by way of a reflected signal after receiving an excitation signal or electromagnetic beam sent by the RAN.

407, The ran sends the first parameter to the Tag.

Accordingly, the Tag receives the first parameter from the RAN transmission.

For example, after or during connection establishment by a Tag within the jurisdiction of the RAN, the RAN sends a first parameter to the Tag.

In one possible implementation, when step 406 is a random access request message in a random access procedure, then step 407 may be random access response information, or a random access setup connection message. For example, the first parameter may be carried in a random access response message corresponding to msg2 in the random access procedure, or carried in an RRC connection establishment success message corresponding to msg4 in the random access procedure, see the prior art.

It should be understood that the first parameter may be carried in msg2 or msg4 in the random access procedure, and need not to be sent through signaling alone, so that the procedure of communication interaction is saved, signaling overhead is reduced, and power consumption of the terminal device is reduced.

In one possible implementation, the first parameter may be a Tag ID, or a temporary identity (Temp ID) determined by the RAN. Both Tag ID and Temp ID can be used as the first parameter, and the first key constitutes a combination uniquely corresponding to the Tag, and is used to generate MAC#1.

Illustratively, when the first parameter sent by the RAN to the Tag is carried in the msg4 message, the first parameter may be a cell radio network temporary identifier (cell radio network temporary identifier, C-RNTI).

Illustratively, when the first parameter sent by the RAN to the Tag is carried in the msg2 message, the first parameter may be a temporary cell radio network temporary identifier (TC-RNTI).

It should be appreciated that the first parameter, when the RAN sends to the Tag, is carried in the msg4 message/msg 2 message, which may also be a random number.

Wherein the RAN can also record the relation between the terminal device and the first parameter by means of the Temp ID.

It should be understood that the RAN may send the first parameter and the Temp ID together to the Tag, or separately, as the application is not limited in this regard.

As an example, assuming that the RAN takes a Temp ID as the first parameter, i.e. Temp id=first parameter, the RAN directly transmits the Temp ID, and the first parameter is also the Temp ID, i.e. the first parameter has the same value as the value corresponding to the Temp ID.

It should be appreciated that when the RAN takes the Temp ID as the first parameter, the RAN does not need to introduce new parameters, and implementation is based on existing RAN parameters, thereby improving the efficiency of air interface transmission.

As another example, assuming that the first parameter determined by the RAN is not the same as the Temp ID, the RAN sends the first parameter and the Temp ID to the Tag.

408, The tag determines the mac#1 from the first parameter, the pre-stored key K.

For example, after the Tag receives the first parameter from the RAN, the Tag determines new K from the first parameter and the pre-stored key K. After Tag determines new K, and based on new K and the first parameter, MAC#1 is determined.

As an example, assuming that the first parameter is nonce #1, tag determines new K from the first parameter and the pre-stored key K. The Tag may use an exclusive or algorithm to determine new K. That is, new k=k=nonce#1.

As another example, assuming that the first parameter is nonce #1, tag determines new K from the first parameter and the pre-stored key K. Tag may use a KDF (KEY DERIVE function) algorithm to determine new K. That is, new k=kdf (K, nonce # 1).

Further, the Tag generates the mac#1 from the new K, the Tag ID, and the nonce#1 after determining the new K from the first parameter and the pre-stored key K.

As an example, mac#1=func _(newK) (Tag id||nonce#1) where Func may be an HMAC256 algorithm.

Wherein the MAC #1 is generated based on a pre-stored key K and a first parameter. In addition, func _(newK) is different from Func, func _(newK) is a key used when new K is calculated for the Func algorithm. Where new K is the key used in the HMAC calculation when Func is the HMAC algorithm.

It should be understood that mac#1 may be generated based on the Tag ID and nonce#1, for example, the parameter of the input algorithm is (Tag id||nonce#1), or mac#1 may be generated for the entire message, that is, the parameter of the input algorithm is the entire request message of step 409, which is not limited to this application.

It should also be appreciated that other algorithms may be used to calculate the MAC, and the application is not particularly limited in this regard.

Alternatively, in step 408, the Tag may directly generate the mac#1 according to the first parameter and the pre-stored key K, that is, the new K is not required to be generated first, and then the mac#1 is generated through the new K and the first parameter. Step 302 of the method shown in fig. 3 is described in detail and is not described here.

409, Tag sends mac#1 to RAN.

Accordingly, the RAN receives mac#1 from the Tag transmission.

In one possible implementation, the MAC #1 may be carried in a request message that the Tag requests the network device to authenticate the Tag. The request message includes MAC #1.

In another possible implementation manner, when the terminal device requests that the access to the access network device is successful, the terminal device may further send access success indication information to the access network device, where the access success indication information may include mac#1. As an example, when the procedure in which the terminal device requests access to the access network device is a random access procedure (or referred to as an initial access procedure), then the mac#1 transmitted by the terminal device to the access network device may be carried in an msg5 message in the random access procedure, where the msg5 message is an RRC connection setup complete message (RRC connectionsetup completion).

It should be appreciated that the Tag may also send temp ID and Tag ID to the RAN. The mac#1, temp ID, and Tag ID may be carried in the same message and sent to the RAN at the same time, and the mac#1, temp ID, and Tag ID may also be carried in different messages and sent to the RAN.

The ran sends mac#1 to the first network element 410.

Accordingly, the first network element receives mac#1 from the RAN transmission.

For example, after the RAN receives the mac#1 from the Tag transmission, the RAN forwards the mac#1 to the first network element for the first network element to authenticate the terminal device.

The RAN may determine the first parameter according to a correspondence between the Tag identifier and the first parameter before sending the mac#1 to the first network element, for example, the RAN determines the first parameter according to a local record and the Tag identifier.

It should be appreciated that the RAN may record the correspondence between the first parameter and the Tag locally when the RAN sends the first parameter to the Tag, or the RAN may record the correspondence between the first parameter and the Tag locally after the RAN sends the first parameter to the Tag. The RAN records the correspondence between the first parameter and the Tag in the following two ways:

mode 1, the ran records the relationship between the Tag and the first parameter by the Tag ID.

Wherein each Tag ID corresponds to a first parameter.

For example, if Tag#1 has ID#1, tag#2 has ID#2, tag#3 has ID#3, and the RAN determines that the first parameter transmitted to Tag#1 by the RAN in step 407 is nonce#1, the first parameter transmitted to Tag#2 is nonce#2, the first parameter transmitted to Tag#3 is nonce#3, the RAN may record the relationship between Tag#1 and nonce#1 by ID#1, i.e., the first parameter corresponding to Tag#1 is nonce#1, the relationship between Tag#2 and nonce#2, i.e., the first parameter corresponding to Tag#2 is nonce#2, and the first parameter corresponding to Tag#3 is nonce#3.

Mode 2, the ran records the relationship between the Tag and the first parameter by means of a Temp ID.

For example, assuming that the RAN determines that the first parameter sent to tag#1 by the RAN in step 407 is nonce#1, the first parameter sent to tag#2 is nonce#2, the first parameter sent to tag#3 is nonce#3, the RAN may record the relation between tag#1 and nonce#1 by means of temp#1, i.e. the first parameter corresponding to tag#1 is nonce#1, the RAN may record the relation between tag#2 and nonce#2 by means of temp#2, i.e. the first parameter corresponding to tag#2 is nonce#2, the RAN may record the relation between tag#3 and nonce#3 by means of temp#3, i.e. the first parameter corresponding to tag#3 is nonce#3.

For another example, the relationship between Tag and first parameter is shown in table 6:

TABLE 6

Temp ID	First parameter
		1001	5423abff
1002	34ffff
		1003	1003 (Same as Temp ID)

When the Temp ID of tag#1 determined by the access network device is 1001, that is, when the access network device determines that the first parameter of tag#1 is 5423abff and records that the first parameter of tag#1 is 5423abff through 10001, when the Temp ID of tag#2 determined by the access network device is 1002, that is, when the access network device determines that the first parameter of tag#2 is 34ffff and records that the first parameter of tag#2 is 34ffff through 10002, when the Temp ID of tag#3 determined by the access network device is 1003, that is, when the first parameter of tag#3 is 1003 (that is, the Temp ID) is recorded by the access network device, and records that the first parameter of tag#3 is 1003 through 1003. In one possible implementation manner, after the RAN receives the mac#1 of the Tag, the RAN determines a first parameter corresponding to the Tag according to the identifier of the terminal device and a correspondence between the terminal device and the first parameter recorded by the RAN, and sends the first parameter to the first network element, so that the first network element determines the mac#2, and authentication of the Tag is completed. In another possible implementation manner, after the RAN receives the Temp ID and the mac#1 sent by the Tag, the RAN queries, according to the Temp ID, a correspondence between a terminal device and a first parameter recorded by the RAN, determines the first parameter (e.g., nonce#1) corresponding to the Tag, and sends the nonce#1 to the first network element, so that the first network element determines the mac#2, and completes authentication of the Tag.

It should be understood that the RAN may also send information such as the Tag ID, the first parameter, etc. to the first network element. The Tag ID, the first parameter and the mac#1 may be carried in the same message and sent to the first network element at the same time, and the mac#1, the first parameter and the Tag ID may also be carried in different messages and sent to the first network element.

When the first network element has a function of a storage network element, or the first network element is integrated with the storage network element, the method as shown in fig. 4, the method further includes:

411, the first network element obtains the third key.

In one possible implementation, the first network element has a correspondence between the Tag ID and the pre-stored key K locally, i.e. the first network element is pre-configured with the key K, for example in case the first network element and the storage network element are deployed integrally. After the first network element receives the mac#1, the first parameter, and the Tag ID sent by the access network device, the first network element may determine a corresponding pre-stored key K according to the Tag ID, and further obtain a third key according to the pre-stored key K.

As an example, the first network element determines the corresponding pre-stored key K according to the Tag ID, where the manner in which the first network element determines the pre-stored key K corresponding to the Tag through the Tag ID may be referred to table 1 or table 2 in step 401 above. After the first network element determines the pre-stored key K corresponding to the Tag ID, a third key is determined according to the first parameter and the pre-stored key K, namely the third key is generated according to the first parameter and the pre-stored key K.

The algorithm used by the first network element to determine the third key through the pre-stored key K and the first parameter is the same as the algorithm used by the Tag determination newK in step 408. For example, if the Tag determines new K to use an xor algorithm in step 408, the first network element determines that the third key would also use the xor algorithm.

As an example, the first network element determines the corresponding pre-stored key K according to the Tag ID, where the manner in which the first network element determines the pre-stored key K corresponding to the Tag through the Tag ID may be referred to table 1 or table 2 in step 401 above. After the first network element determines the pre-stored key K corresponding to the Tag ID, the pre-stored key K is the third key, that is, the third key is the same as the pre-stored key K.

In another possible implementation manner, the key pre-stored in the Tag, that is, the first key is a subkey K, and the key corresponding to the Tag pre-stored in the first network element is a master key K. That is, mac#1 is Tag generated from subkey k and the first parameter. The first network element determines a pre-stored key K corresponding to the Tag stored by the first network element according to the Tag ID, for example, determines a pre-configured key K of the Tag according to a pre-configured unidirectional generation algorithm and the pre-stored key K. After the first network element determines the key k corresponding to the Tag ID through the unidirectional generation algorithm, a third key is obtained according to the first parameter and the key k.

As an example, the first network element may also obtain the third key through the following steps 411 '-413'. For example, when the first network element does not have the function of a storage network element, i.e. the first network element and the storage network element are deployed separately.

411', The first network element sends the key request information to the storage network element.

Accordingly, the storage network element receives the key request information sent from the first network element.

The key request information includes a first parameter and a Tag ID. The key request information is used for a message requesting a key used for authenticating the Tag.

412', The storage network element determines the third key from the key request information.

For example, after the storage network element receives the key request information sent from the first network element, the storage network element determines the third key according to the key request information.

In one possible implementation manner, in the case where the first key to which the Tag is preconfigured and the key corresponding to the Tag configured by the storage network element are both the key K, the storage network element determines the corresponding pre-stored key K according to the Tag ID in the key request information, where the manner of determining the third key may refer to the correspondence shown in table 1 or table 2 in step 401, and determines the pre-stored key K corresponding to the Tag ID. After the storage network element determines the pre-stored key K corresponding to the Tag ID, a third key is determined according to the first parameter in the key request information and the pre-stored key K.

It should be appreciated that the specific algorithm used by the storage network element to determine the third key based on the first parameter in the key request information and the pre-stored key K is the same as the algorithm used in Tag determination newK in step 408.

In one possible implementation manner, in the case that the first key in which the Tag is preconfigured and the key corresponding to the Tag configured by the storage network element are both the key K, the storage network element determines the corresponding pre-stored key K according to the Tag ID in the key request information. The storage network element determines a third key according to the pre-stored key K, i.e. the third key is identical to the pre-stored key K.

In one possible implementation manner, in the case that a key pre-stored in a Tag, i.e. a first key, is a sub-key K and a key corresponding to the Tag pre-stored in the storage network element is a master key K, the storage network element determines the corresponding pre-stored key K according to the Tag ID, and further determines the pre-configured key K of the Tag according to the pre-stored key K and the one-way generation algorithm according to the pre-configured one-way generation algorithm. After the storage network element determines the key k corresponding to the Tag ID through the unidirectional generation algorithm, a third key is determined according to the first parameter and the key k.

413', The storage network element sends the third key to the first network element.

Accordingly, the first network element receives the third key sent from the storage network element.

For example, after the storage network element determines the third key according to the key request information, the third key is sent to the first network element.

As another example, the first network element may also obtain the third key through the following steps 411 "-413".

411", The first network element sends the key request information to the storage network element.

Accordingly, the storage network element receives the key request information sent from the first network element.

The key request information includes a first parameter and a Tag ID. The key request information is used for requesting a pre-configured key corresponding to the Tag, namely a pre-stored key K, from the storage network element.

412", The storage network element determines the first key corresponding to the Tag according to the key request information, and sends the first key to the first network element.

For example, after the storage network element receives the key request information sent by the first network element, the storage network element determines a pre-stored key K (for example, a first key) corresponding to the Tag stored in the storage network element according to the Tag ID, and the storage network element sends the first key to the first network element.

The storage network element determines the corresponding first key according to the Tag ID in the key request information, and the determining manner of the first key may refer to the corresponding relationship shown in table 1 or table 2 in step 401, so as to determine the pre-stored key K corresponding to the Tag ID.

413", The first network element determines the third key from the pre-stored key K.

For example, after the first network element receives the pre-stored key K sent by the storage network element, the first network element determines the third key according to the first parameter received from the access network device.

It should be understood that, in a manner that the first network element determines the third key according to the pre-stored key K, the method is similar to the method that the first network element determines the third key in step 411 and the method that the storage network element determines the third key in step 412', which are described in detail above.

The steps 411'-413' describe a method for the first network element to obtain the third key from the storage network element, the steps 411"-413" describe a method for the first network element to obtain the first key from the storage network element, the first network element determines the third key according to the first key, and the step 411 describes a method for the first network element to determine the third key directly according to the first key and the first parameter. The first network element can acquire the third secret key through various methods, so that the scheme flexibility is improved.

Optionally, before the first network element obtains the third key, the first parameter and/or the second parameter may also be determined, and the specific implementation manner may refer to the description of step 304, which is not described herein.

The first network element authenticates 414 the validity of MAC #1 based on the third key.

For example, after the first network element obtains the third key, and determines mac#2 according to the third key. It should be appreciated that the algorithm used by the first network element to generate mac#2 from the third key is the same as the algorithm used by the Tag to generate mac#1 from the first key in step 408. When the mac#2 generated by the first network element is the same as the mac#1 generated by the Tag, it indicates that the mac#1 is valid, that is, it can be understood that the Tag authentication is successful.

It should be appreciated that when the first network element determines that the mac#1 of the Tag is valid, the following steps may also be performed:

the first network element determines 415 if the Tag is an operator authorized number segment.

It should be understood that, after the first network element determines that the Tag authentication is successful, the first network element determines whether the Tag ID corresponding to the Tag belongs to the charging Tag number segment pre-stored in the first network element in step 402.

In one possible implementation, the Tag ID is in a charging Tag number segment pre-stored by the first network element, i.e. the authentication is passed, and the Tag ID satisfies the authorization, the first network element triggers a subsequent charging procedure, and performs step 416.

In another possible implementation, the Tag ID is not within a charging Tag number segment pre-stored by the first network element, and the first network element filters the Tag without performing any operation on the Tag. The first network element continues to authenticate other tags.

It should be appreciated that step 415 is an optional step. The first network element may not determine whether the Tag is an operator grant number, i.e. the first network element may directly perform step 416 after authenticating that the mac#1 is valid according to the third key.

The first network element sends 416 the Tag ID to the second network element.

Accordingly, the second network element receives the Tag ID sent from the first network element.

For example, assuming that the service requirement request message in step 403 includes inventory requirements, after the first network element authenticates mac#1 as being valid, the first network element records the Tag into inventory results and sends the Tag ID to the second network element as a response to step 403, i.e., the first network element does not need to perform step 415 described above, or when the first network element authenticates mac#1 as being valid and the first network element determines that the Tag ID is within a pre-stored accounting number segment, the first network element records the Tag into inventory results and sends the Tag ID to the second network element as a response to step 403.

In one possible implementation, the first network element sends an inventory result to the second network element, the inventory result including the Tag ID.

It should be understood that the unidirectional generation algorithm of the number segment or the type corresponding to the sub-key to which the Tag identifier belongs and the algorithm for determining the new K may be preconfigured to the Tag, the first network element and the storage network element in a preconfigured manner, or indicated to the Tag, the first network element and the storage network element by a certain indication information, which is not particularly limited in this application.

According to the method shown in fig. 4, the first key used by the Tag to generate the MAC is in the form of a group key, that is, a plurality of tags may be preconfigured with the same key, or the first key may correspond to a number segment to which the Tag identifier belongs, where one or more tags are included, so that each Tag is prevented from corresponding to a key, and thus the cost of managing the key of the Tag by the network device is reduced.

Meanwhile, according to the method shown in fig. 4, the first parameter for generating mac#1 is configured for the Tag by during the random access of the Tag. The Tag generates a MAC#1 through the first parameter and the first key, and sends the MAC#1 to the access network device for the subsequent network device to authenticate the Tag. First, in the process of random access of the Tag, the access network device configures a first parameter to the Tag. In the prior art, it is required to restart the related authentication procedure after the terminal device has succeeded in random access (for example, after the terminal device has succeeded in accessing the network device, the network device sends parameters for generating the key to the terminal device again through separate signaling). Compared with the prior art, the method reduces signaling interaction, saves the communication resource of the Tag, and reduces the authentication cost of the Tag. Secondly, the Tag firstly calculates a pre-stored key and a first parameter, then generates the MAC#1 with the first parameter, and generates the MAC#1 not directly through the pre-stored key, so that the communication security of the Tag can be improved.

In the method shown in fig. 4, the key (first key) that the terminal device may be pre-configured is in the form of a sub-key. The key preconfigured by the network device is a master key, and the key preconfigured by the terminal device is a sub-key obtained by the master key through a unidirectional generation algorithm. By pre-configuring the form of the subkey for the terminal device, the communication security can be ensured. If the attacker captures the key preconfigured by the terminal equipment, the attacker cannot acquire the complete key (master key) corresponding to the terminal equipment, so that the key security performance of the terminal equipment is improved, and the communication security is ensured.

Optionally, according to the method shown in fig. 4, before step 411, step 411' or step 411″ above, the method shown in fig. 4 may further include:

The first network element determines that the Tag ID is an operator authorized number segment.

It should be understood that the first network element determines, before acquiring the third key, whether the Tag ID belongs to a charging Tag number segment pre-stored by the first network element. If the Tag ID is within the charging Tag number segment pre-stored by the first network element, i.e. the first network element determines that the Tag is an authorized number of the operator, then the following steps 411, 411', or 411' are continued. If the Tag ID does not belong to the charging Tag number segment pre-stored by the first network element, i.e. the first network element determines that the Tag is not an operator authorized number, the first network element does not perform step 411, step 411' or step 411", and subsequent steps.

Before the first network element acquires the third secret key, judging whether the Tag ID belongs to a charging Tag number segment pre-stored by the first network element. Therefore, when the Tag ID does not belong to the charging Tag number segment pre-stored by the first network element, the first network element also needs to carry out related operation of authentication on the terminal equipment, and the resource expense of the network equipment is saved.

Fig. 5 is a schematic flow chart diagram of another communication method provided by an embodiment of the present application.

501, Pre-storing a key K.

502, The first network element pre-stores a charging Tag number segment.

It should be further understood that, the steps 501 and 502 are similar to the steps 401 and 402 in fig. 4, and specific reference may be made to the detailed descriptions of the steps 401 and 402, which are not repeated herein.

503, The second network element sends a key generation request message #1 to the first network element.

Wherein the second network element may be an AF.

In one possible implementation, the second network element may send the key generation request message #1 directly to the first network element, or the second network element may send the key generation request message #1 to the first network element through the NEF network element.

It will be appreciated that the second network element sends a key generation request message #1 to the first network element, the key generation request message #1 comprising at least one of a Tag ID, an AF ID.

The key generation request message may further comprise a first parameter generated by the second network element, the first parameter being used for key generation of the Tag.

Wherein the AF ID in the key generation request message #1 is used to determine the corresponding Tag ID, for a detailed description of step 403 in fig. 4.

The first network element sends 504 a key generation request message #2 to the RAN.

Accordingly, the RAN receives a key generation request message #2 from the first network element.

For example, after the first network element determines the RAN corresponding to the Tag according to the key generation request message #1, the first network element sends the key generation request message #2 to the corresponding RAN.

In one possible implementation, after the first network element receives the key generation request message #1 sent by the second network element, the first network element determines the Tag ID according to the key generation request message # 1. The first network element determines the RAN ID corresponding to the Tag according to the determined Tag ID, and sends a key request message #2 to the RAN.

It should be appreciated that there is a correspondence between Tag ID and RAN ID. The correspondence may be preconfigured in the first network element. The present application is not particularly limited, in which the same Tag number segment corresponds to one or more RANs, or the same Tag number segment corresponds to one RAN.

It should also be understood that, similar to the determination of the RAN ID by the first network element according to the service requirement request message in step 404 in fig. 4, the first network element determines the RAN ID according to the key generation request message #1, and specific reference may be made to the detailed example in fig. 4, which is not repeated herein.

It should also be understood that when the first parameter is included in the key generation request message #1, the first network element may carry the first parameter in the key generation request message #2 and send the first parameter to the RAN, and when the first parameter is not included in the key generation request message #1, the first network element may generate the first parameter and send the first parameter to the RAN through the key generation request message # 2.

505, The RAN triggers the Tag to prepare for access to the RAN.

For example, after the RAN receives the key generation request message #2 sent from the first network element, the RAN triggers corresponding to the Tag in the jurisdiction (or referred to as the area), where the Tag in the jurisdiction is ready to access the RAN.

506, The tag sends message #1 to the RAN.

It will be appreciated that this message #1 is used to request access to the access network device.

It should be further understood that steps 504 to 506 are similar to steps 404 to 406 in fig. 4, and are not repeated here.

507, The ran sends the first parameter to the Tag.

Accordingly, the Tag receives the first parameter from the RAN transmission.

For example, after a connection is established for a Tag within the jurisdiction of the RAN, the RAN sends a first parameter to the Tag, which is used for the Tag to generate mac#1.

In one possible implementation, when step 506 is a random access request message in a random access procedure, then step 507 may be random access response information, or a random access setup connection message (e.g., random access procedure msg 2 or msg 4).

It should be understood that the first parameter may be carried in msg2 or msg4 in the random access procedure, and need not to be sent through signaling alone, so that the procedure of communication interaction is saved, signaling overhead is reduced, and power consumption of the terminal device is reduced.

In one possible implementation, the first parameter may be a Tag ID, or a temporary identity (Temp ID) determined by the RAN. Both Tag ID and Temp ID can be used as the first parameter, and the first key constitutes a combination uniquely corresponding to the Tag, and generates MAC#1.

Illustratively, when the first parameter sent by the RAN to the Tag is carried in the msg4 message, the first parameter may be a cell radio network temporary identifier (cell radio network temporary identifier, C-RNTI).

Wherein the Temp ID may also be used for the RAN to record the relation between the terminal device and the first parameter.

It will be appreciated that the RAN sends the temporary identity to the Tag, either together with the first parameter or separately.

As an example, assuming that the RAN takes a Temp ID as the first parameter, i.e. Temp id=first parameter, the RAN directly transmits the Temp ID, and the first parameter is also the Temp ID, i.e. the first parameter has the same value as the value corresponding to the Temp ID.

It should be appreciated that when the RAN takes the Temp ID as the first parameter, the RAN does not need to introduce new parameters, and implementation is based on existing RAN parameters, thereby improving the efficiency of air interface transmission.

As another example, assuming that the first parameter determined by the RAN is not the same as the Temp ID, the RAN sends the first parameter and the Temp ID to the Tag.

It should be understood that, when step 507 is similar to step 407 in fig. 4, please refer to the example in step 407, and the description is omitted here.

It should also be understood that when the first parameter is included in the key generation request message #2 received by the RAN, the RAN forwards the first parameter in the key generation request message #2 to the Tag, and when the first parameter is not included in the key generation request message #2 received by the RAN, the RAN generates the first parameter and transmits the first parameter to the Tag.

508, Tag determines new K based on the first parameter.

For example, after the Tag receives the first parameter from the RAN transmission, the Tag determines new K from the first parameter (e.g., nonce # 1) and the Tag's pre-stored key (first key).

As an example, the Tag determines new K from the first parameter (e.g., nonce # 1) and the pre-stored key K. The Tag may use an exclusive or algorithm to determine new K. That is, new k=k=nonce#1.

As another example, tag determines new K from a first parameter (e.g., nonce # 1) and a pre-stored key K. Tag may use a KDF (KEY DERIVE function) algorithm to determine new K. That is, new k=kdf (K, nonce # 1).

It should be appreciated that step 508 is similar to step 408 of fig. 4 described above in that the Tag determines new K based on the pre-stored key and the first parameter of the Tag, and specific reference is made to the detailed description of step 408 described above.

509, The ran sends a first indication information to the first network element.

The first indication information is used for indicating how many first parameters are successfully allocated to the first network element by the RAN, so that the network equipment can count and recheck conveniently.

In one possible implementation, the first indication information is used to indicate that the RAN successfully allocated the first number of first parameters.

It will be appreciated that due to the uncertainty of the air interface transmission, the network device may send a plurality of first parameters when there are a large number of generated key requests. When the network device sends multiple first parameters, in this step 510, after the RAN sends the first parameters to the tags, the RAN sends the first indication information to a first network element in the network device, where the first network element maintains a counter, so that the first network element can count how many tags successfully generate the key. It will be appreciated that after a period of time, if the total number of counters of the first network element is too small, the first network element may determine that the current Tag response is insufficient, and may further use the event via AF to determine whether the first parameter needs to be reconfigured.

As an example, the RAN sends 10000 first parameters to different terminal devices, respectively. The RAN finally determines that 2000 terminal devices successfully generated the first key and the RAN sends the first number (e.g., 2000) to the network device. Assuming that the network device determines that the number of first key generation for the tag does not reach fifty percent of the configured first parameter, the event may be further passed through AF, and whether the first parameter needs to be reassigned to the tag later.

It should also be appreciated that this step 509 is an optional step.

510, The af sends a service requirement request message #1 to the first network element.

The service requirement request message #1 may be used to indicate inventory requirements, temperature measurement requirements, or positioning requirements. The AF may send the service requirement request message #1 to the first network element through the NEF.

In one possible implementation, the service requirement request message #1 may include a second parameter (e.g., nonce # 2) that may be used for the terminal device to generate MAC #1 and for the network device to authenticate the validity of MAC # 1.

It should be appreciated that the two parameters may be the same as the first parameter or may be different. The first parameter and the second parameter may be the same as each other when both the first parameter and the second parameter are generated by the first network element, the first parameter and the second parameter may be the random number when both the first parameter and the second parameter are generated by the access network device, the first parameter and the second parameter may be the random number/temporary identifier when both the first parameter and the second parameter are generated by the access network device, the access network device sends the first parameter to the first network element, the first network element generates the second parameter according to the first parameter, that is, the first parameter and the second parameter may be the random number/temporary identifier, and the first parameter and the second parameter may be the random number when both the first parameter and the second parameter are generated by the AF.

511, The first network element sends a service requirement request message #2 to the RAN according to the service requirement request message # 1.

For example, after the first network element receives the service requirement request message #1 sent by the AF, the first network element determines the second parameter according to the service requirement request message # 1. The first network element sends a service requirement request message #2 to the RAN, the service requirement request message #2 comprising the second parameter.

In one possible implementation manner, when the first network element determines that the received service requirement request message #1 includes the second parameter, the first network element may directly forward the service requirement request message #1 to the RAN.

In another possible implementation manner, when the service requirement request message #1 received by the first network element does not include the second parameter, the first network element generates the second parameter by itself, and sends the generated second parameter and the received service requirement request message #1 to the RAN in a service requirement request message # 2.

It will be appreciated that this second parameter is used for the authentication process of the Tag.

It should also be understood that the first network element sends the service requirement request #2 message to the RAN, which may be sent to one or more RANs in a broadcast/multicast manner, or may also be sent to one or more RANs in a unicast manner, which is not particularly limited to this application.

It should be further understood that step 511 should be performed after step 508, and the first network element may determine that all the key generation requests of the tags are performed according to the number of the key random numbers counted in step 510, so as to avoid missing the inventory service, which results in that the tags cannot work normally.

It should also be appreciated that step 508 described above is an optional step. When the step 508 is not executed, the triggering event of the step 511 is not limited by the condition, and is independent of whether the step is executed, that is, the step 511 can be triggered at any time as long as the Tag stores new K as a key.

512, The ran sends a service requirement request message #3 to the Tag.

Accordingly, the Tag receives the service requirement request message #3 sent from the RAN.

For example, the RAN forwards the service requirement request message #3 to the corresponding Tag according to receiving the service requirement request message #3 sent by the first network element, where the service requirement request message #3 includes the second parameter. It should be understood that the RAN sends the service requirement request message #3 to the Tag, may be sent to one or more tags in a broadcast/multicast format, or may also be sent to one or more tags in a unicast format, which is not particularly limited to this application.

Wherein the plurality of tags may use the same second parameter without affecting authentication of the Tag.

Wherein the second parameter may be generated by the second network element, or the second parameter may be generated by the first network element, or the second parameter may be generated by the RAN.

It should be understood that the second parameter sent by the RAN to the Tag may be included in the service requirement request message #3, or the second parameter sent by the RAN to the Tag may be sent by the RAN through a separate signaling, or the second parameter is carried in other information and sent to the Tag, which is not specifically limited in the present application.

In one possible implementation, if the Tag remains connected to the RAN, the second parameter sent by the RAN to the Tag may be carried in a downlink RRC message, which is not limited to this application.

In another possible implementation, if the Tag is in a deregistered state, or the Tag enters a shutdown mode, or the Tag loses/disconnects from the RAN, the RAN and the Tag need to re-execute steps 505 and 506, and execute step 512 after the connection is established.

513, Tag sends mac#1 to RAN.

Accordingly, the RAN receives mac#1 from the Tag transmission.

For example, after receiving the service requirement request message #3, the Tag further determines mac#1 according to the second parameter and the new K generated in step 508. The Tag sends a mac#1 to the RAN, the mac#1 being used for authentication of the Tag by the network device.

The Tag may also send the Temp ID, the second parameter, the Tag ID to the RAN.

As one example, tag generates mac#1 from the second parameter (e.g., nonce#2) and new K. Wherein, the generation of the mac#1 by the Tag according to the second parameter and the Tag ID is similar to the generation of the mac#1 by the Tag according to the first parameter (e.g., nonce#1) and the pre-stored key K in step 408 in fig. 4, specifically please refer to the detailed description in step 408 in fig. 4.

The ran sends 514 mac#1, the first parameter to the first network element.

Accordingly, the first network element receives the mac#1 and the first parameter from the RAN transmission. For example, after the RAN receives the mac#1 and Temp ID sent by the Tag, the RAN determines a first parameter corresponding to the Tag according to the Temp ID. The RAN sends mac#1 and the first parameter to the first network element.

Before the RAN sends the mac#1 and the first parameter to the first network element, the RAN may determine the first parameter according to a correspondence between the Tag identifier and the first parameter, for example, the RAN determines the first parameter according to a local record and the Tag identifier.

It should be appreciated that in step 507, the RAN may record the correspondence between the first parameter and the Tag locally when the RAN sends the first parameter to the Tag, or the RAN may record the correspondence between the first parameter and the Tag locally after step 507. The corresponding relationship between the first parameter and the Tag recorded by the RAN is similar to the two ways described in step 410 in fig. 4, and will not be described herein.

When the second parameter is generated by the RAN, the RAN may record the corresponding relationship between the second parameter and the Tag locally, obtain the second parameter corresponding to the Tag from the local and send the second parameter to the first network element, or the terminal device sends the second parameter to the RAN, where the RAN forwards the second parameter to the first network element, or the terminal device does not send the second parameter to the RAN, where the second parameter is generated by the first network element or the second network element, and the RAN may not send the second parameter to the first network element. When the first network element has the function of storing the network element, as shown in fig. 5, the method further includes:

the first network element obtains 515 the third key based on the first parameter.

It should be appreciated that step 515 is similar to step 411 in fig. 4 and will not be described in detail herein.

Optionally, the first network element may also obtain the third key through the following steps 515 '-517'. For example, when the first network element does not have the function of a storage network element, i.e. the first network element and the storage network element are deployed separately.

515', The first network element sends the key request information to the storage network element.

516', The storage network element determines a third key from the key request information.

517', The storage network element sends the third key to the first network element.

It should be understood that the steps 515 'to 517' are similar to the steps 411 'to 413' in fig. 4, and specific reference may be made to the detailed description in fig. 4, and are not repeated herein.

As another example, the first network element may also obtain the third key through the following steps 515 "-517".

515", The first network element sends the key request information to the storage network element.

516", The storage network element determines the first key corresponding to the Tag according to the key request information, and sends the first key to the first network element.

517", The first network element determines a third key according to the key request information.

It should be understood that, the steps 515 "to 517" are similar to the steps 411 "to 413" in fig. 4, and specific reference may be made to the detailed description in fig. 4, which is not repeated herein.

518, The first network element authenticates the validity of mac#1 according to the third key.

The specific implementation of step 518 may refer to step 414 in fig. 4, and will not be described herein.

It should be appreciated that when the first network element determines that the MAC of the Tag is valid, the following steps are performed:

519, the first network element determines whether the Tag is a number segment authorized by the operator.

The first network element sends 520 the Tag ID to the second network element.

The specific implementation of steps 519-520 may refer to steps 415-416 in fig. 4, which are not described herein.

According to the method shown in fig. 5, the key generation process and the authentication process of the Tag are decoupled, i.e., as shown in fig. 5, steps 501 to 509 are key generation processes, and steps 510 to 520 are authentication processes. In a specific operation, after the key generation process of the Tag is executed once, the authentication process of the Tag can be executed for a plurality of times according to the indication message of the network device, so that the fact that the Tag is required to regenerate the key every time the network device sends a service demand request message (for example, the network device performs inventory operation) is avoided, communication resources are saved, the authentication cost of the Tag is reduced, and generation and authentication of the key can be guaranteed to be completed by the Tag with low power consumption and low cost.

In the methods shown in fig. 4 and fig. 5, the first network element may have a function of storing the network element, and the second network element may also have a function of storing the network element. The first network element may perform the related steps performed by the storage network element in fig. 4 and 5 when the first network element has the function of the storage network element, and the second network element may perform the related steps performed by the storage network element in fig. 4 and 5 when the second network element has the function of the storage network element.

The communication method provided by the embodiment of the application is described in detail above with reference to fig. 3 and 5. The above communication method is mainly described in terms of interaction between the terminal device and the network device. It will be appreciated that, in order to implement the above-mentioned functions, the terminal device includes corresponding hardware structures and/or software modules for performing the respective functions.

Those of skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as hardware or combinations of hardware and computer software. Whether a function is implemented as hardware or computer software driven hardware depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.

The following describes the communication device provided by the present application in detail with reference to fig. 6 to 8. It should be understood that the descriptions of apparatus embodiments and the descriptions of method embodiments correspond to each other. Therefore, reference may be made to the above method embodiments for details, and some of these are not described again for brevity.

The embodiment of the application can divide the function modules of the transmitting end equipment or the receiving end equipment according to the method example, for example, each function module can be divided corresponding to each function, and two or more functions can be integrated in one processing module. The integrated modules may be implemented in hardware or in software functional modules. It should be noted that, in the embodiment of the present application, the division of the modules is schematic, which is merely a logic function division, and other division manners may be implemented in actual implementation. The following description will take an example of dividing each functional module into corresponding functions.

Fig. 6 is a schematic block diagram of a communication device 10 provided in an embodiment of the present application. The device 10 comprises a transceiver module 11 and a processing module 12. The transceiver module 11 may implement a corresponding communication function, the processing module 12 is configured to perform data processing, or the transceiver module 11 is configured to perform operations related to reception and transmission, and the processing module 12 is configured to perform operations other than reception and transmission. The transceiver module 11 may also be referred to as a communication interface or a communication unit.

Optionally, the apparatus 10 may further include a storage module 13, where the storage module 13 may be configured to store instructions and/or data, and the processing module 12 may read the instructions and/or data in the storage module, so that the apparatus implements the actions of the devices in the foregoing method embodiments.

In one design, the apparatus 10 may correspond to a terminal device (e.g., tag) or component parts (e.g., chip) of the terminal device in the above method embodiments.

The apparatus 10 may implement steps or processes performed by a terminal device in the above method embodiment, where the transceiver module 11 may be configured to perform operations related to the transceiver of the terminal device in the above method embodiment, and the processing module 12 may be configured to perform operations related to the processing of the terminal device in the above method embodiment.

It should be understood that the specific process of each unit performing the corresponding steps has been described in detail in the above method embodiments, and is not described herein for brevity.

In another design, the apparatus 10 may correspond to the access network device in the above method embodiment, or may be a component (e.g., a chip) of the access network device.

It should be understood that the specific process of each unit performing the corresponding steps has been described in detail in the above method embodiments, and is not described herein for brevity.

In yet another design, the apparatus 10 may correspond to the first network element in the above method embodiment, or be a component (e.g., a chip) of the first network element.

It should be understood that the specific process of each unit performing the corresponding steps has been described in detail in the above method embodiments, and is not described herein for brevity.

In yet another design, the apparatus 10 may correspond to the storage network element in the above method embodiment, or may be a component (e.g., a chip) of the storage network element.

It should be understood that the specific process of each unit performing the corresponding steps is described in detail in the above method embodiments, and for brevity, will not be described in detail herein

It should also be appreciated that the apparatus 10 herein is embodied in the form of functional modules. The term module herein may refer to an Application Specific Integrated Circuit (ASIC), an electronic circuit, a processor (e.g., a shared, dedicated, or group processor, etc.) and memory that execute one or more software or firmware programs, a combinational logic circuit, and/or other suitable components that support the described functionality. In an alternative example, it will be understood by those skilled in the art that the apparatus 10 may be specifically configured to be a mobility management element in the foregoing embodiments of the method and may be configured to perform each flow and/or step corresponding to the mobility management element in the foregoing embodiments of the method, or the apparatus 10 may be specifically configured to be a terminal device in the foregoing embodiments and may be configured to perform each flow and/or step corresponding to the terminal device in the foregoing embodiments of the method, which are not repeated herein for avoiding repetition.

The apparatus 10 of each of the above embodiments has a function of implementing the corresponding steps performed by the devices (e.g., the first network element, the terminal device, the access network device, etc.) in the above method. The functions can be realized by hardware, and can also be realized by executing corresponding software by hardware. The hardware or software includes one or more modules corresponding to the functions described above, for example, the transceiver module may be replaced by a transceiver (for example, a transmitting unit in the transceiver module may be replaced by a transmitter, a receiving unit in the transceiver module may be replaced by a receiver), and other units, such as a processing module, may be replaced by a processor, to perform the transceiver operations and related processing operations in the respective method embodiments, respectively.

The transceiver module 11 may be a transceiver circuit (for example, may include a receiving circuit and a transmitting circuit), and the processing module may be a processing circuit.

Fig. 7 is a schematic diagram of another communication device 20 according to an embodiment of the present application. The apparatus 20 comprises a processor 21, the processor 21 being arranged to execute computer programs or instructions stored in a memory 22 or to read data/signalling stored in the memory 22 for performing the methods of the method embodiments above. Optionally, the processor 21 is one or more.

Optionally, as shown in fig. 7, the apparatus 20 further comprises a memory 22, the memory 22 being for storing computer programs or instructions and/or data. The memory 22 may be integrated with the processor 21 or may be provided separately. Optionally, the memory 22 is one or more.

Optionally, as shown in fig. 7, the apparatus 20 further comprises a transceiver 23, the transceiver 23 being used for receiving and/or transmitting signals. For example, the processor 21 is configured to control the transceiver 23 to receive and/or transmit signals.

As an alternative, the apparatus 20 is configured to implement the operations performed by the terminal device in the above method embodiments.

Alternatively, the apparatus 20 is configured to implement the operations performed by the first network element in the above method embodiments.

As a further alternative, the apparatus 20 is configured to implement the operations performed by the access network device in the method embodiments above.

As a further alternative, the apparatus 20 is configured to implement the operations performed by the storage network element in the method embodiments above.

It should be appreciated that the processor referred to in embodiments of the present application may be a central processing unit (central processing unit, CPU), but may also be other general purpose processors, digital signal processors (DIGITAL SIGNAL processor, DSP), application specific integrated circuits (applicationspecific integrated circuit, ASIC), off-the-shelf programmable gate arrays (field programmable GATE ARRAY, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, or the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.

It should also be understood that the memory referred to in embodiments of the present application may be volatile memory and/or nonvolatile memory. The nonvolatile memory may be a read-only memory (ROM), a Programmable ROM (PROM), an erasable programmable ROM (erasable PROM, EPROM), an electrically erasable programmable ROM (electricallyEPROM, EEPROM), or a flash memory, among others. The volatile memory may be random access memory (random access memory, RAM). For example, RAM may be used as an external cache. By way of example, and not limitation, RAM includes various forms of static random access memory (STATIC RAM, SRAM), dynamic random access memory (DYNAMIC RAM, DRAM), synchronous Dynamic Random Access Memory (SDRAM), double data rate synchronous dynamic random access memory (double DATA RATE SDRAM, DDR SDRAM), enhanced synchronous dynamic random access memory (ENHANCED SDRAM, ESDRAM), synchronous link dynamic random access memory (SYNCHLINK DRAM, SLDRAM), and direct memory bus random access memory (direct rambus RAM, DR RAM).

It should be noted that when the processor is a general purpose processor, DSP, ASIC, FPGA or other programmable logic device, discrete gate or transistor logic device, discrete hardware components, the memory (storage module) may be integrated into the processor.

It should also be noted that the memory described herein is intended to comprise, without being limited to, these and any other suitable types of memory.

Fig. 8 is a schematic diagram of a chip system 30 according to an embodiment of the present application. The system-on-chip 30 (or may also be referred to as a processing system) includes logic circuitry 31 and an input/output interface 32.

The logic circuit 31 may be a processing circuit in the chip system 30. The logic circuit 31 may be coupled to the storage network element to invoke the instructions in the storage network element so that the system-on-chip 30 may implement the methods and functions of the various embodiments of the present application. The input/output interface 32 may be an input/output circuit in the chip system 30, and outputs information processed by the chip system 30, or inputs data or signaling information to be processed into the chip system 30 for processing.

As an aspect, the chip system 30 is configured to implement the operations performed by the first network element, the terminal device, and the access network device in the above method embodiments.

For example, the logic circuit 31 is configured to implement operations related to processing performed by the first network element, the terminal device, and the access network device in the above method embodiment, and the input/output interface 32 is configured to implement operations related to transmission and/or reception performed by the first network element, the terminal device, and the access network device in the above method embodiment.

The embodiment of the application also provides a computer readable storage medium, on which computer instructions for implementing the methods executed by the first network element, the terminal device and the access network device in the above method embodiments are stored.

For example, when the computer program is executed by a computer, the computer may implement a method executed by the first network element, the terminal device, and the access network device in the embodiments of the method described above.

The embodiment of the application also provides a computer program product, which contains instructions, and the instructions are executed by a computer to realize the method executed by the first network element, the terminal equipment and the access network equipment in the above method embodiments.

The embodiment of the application also provides a communication system which comprises the first network element and the access network equipment.

The explanation and beneficial effects of the related content in any of the above-mentioned devices can refer to the corresponding method embodiments provided above, and are not repeated here.

In the several embodiments provided by the present application, it should be understood that the disclosed apparatus and method may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Furthermore, the coupling or direct coupling or communication connection shown or discussed with each other may be through some interface, device or unit indirect coupling or communication connection, which may be in electrical, mechanical or other form.

In the above embodiments, it may be implemented in whole or in part by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, produces a flow or function in accordance with embodiments of the present application, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. For example, the computer may be a personal computer, a server, or a network device, etc. The computer instructions may be stored in or transmitted from one computer-readable storage medium to another, for example, by wired (e.g., coaxial cable, optical fiber, digital Subscriber Line (DSL)), or wireless (e.g., infrared, wireless, microwave, etc.). The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains an integration of one or more available media. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., solid State Disk (SSD) STATE DISK, etc.. For example, the aforementioned usable medium includes but is not limited to: a U-disk, a removable hard disk, a read-only memory (ROM), a random access memory (randomaccess memory, RAM), a magnetic disk, or an optical disk, or the like, which can store program codes.

The foregoing is merely illustrative of the present application, and the present application is not limited thereto, and any person skilled in the art will readily recognize that variations or substitutions are within the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (30)

1. A communication method, wherein the method is applied to a terminal device, and comprises:

acquiring a first parameter and a first key, wherein the first key corresponds to a plurality of terminal devices in a group to which the terminal devices belong, and the combination of the first parameter and the first key uniquely corresponds to the terminal devices;

generating a Message Authentication Code (MAC) according to the first parameter and the first key;

and sending the MAC to network equipment, wherein the MAC is used for authenticating the terminal equipment by the network equipment.

2. The method of claim 1, wherein the combination of the first parameter and the first key uniquely corresponds to the terminal device, comprising:

A second key generated according to the first parameter and the first key uniquely corresponds to the terminal device;

The generating a message authentication code MAC according to the first parameter and the first key includes:

And generating the MAC according to the second key and the first parameter.

3. The method of claim 1, wherein the generating a message authentication code MAC based on the first parameter and the first key comprises:

the MAC is generated according to the first parameter, the first key and a second parameter, wherein the second parameter is from access network equipment or the second parameter is from the network equipment.

4. A method according to claim 3, wherein the combination of the first parameter and the first key corresponds uniquely to the terminal device, comprising:

A second key generated according to the first parameter and the first key uniquely corresponds to the terminal device;

The generating the MAC according to the first parameter, the first key, and the second parameter includes:

And generating the MAC according to the second key and the second parameter.

5. The method of any one of claims 1-4, wherein the obtaining the first parameter comprises:

the first parameter is received from an access network device.

6. The method of claim 5, wherein prior to said receiving the first parameter from the access network device, the method further comprises:

sending a message for requesting access to the access network device;

the acquiring the first parameter includes:

an access response message is received from the access network device, the access response message including the first parameter.

7. The method of claim 6, wherein prior to sending the message to the access network device requesting access to the access network device, the method further comprises:

And receiving an excitation signal from the access network equipment, wherein the excitation signal is used for providing energy for the terminal equipment.

8. The method according to any one of claims 1-7, further comprising:

and sending a first identifier of the terminal equipment to the network equipment, wherein the first identifier is used for determining the first key corresponding to the group to which the terminal equipment belongs when the network equipment authenticates the terminal equipment.

9. The method according to any one of claims 1-8, further comprising:

transmitting the first parameter to the network device, or

And sending a second identifier of the terminal equipment to the access network equipment, wherein the second identifier is used for determining the first parameter by the access network equipment.

10. The method according to any one of claims 3-9, further comprising:

transmitting the second parameter to the network device, or

And sending a second identifier of the terminal equipment to the access network equipment, wherein the second identifier is used for determining the second parameter by the access network equipment.

11. A method of communication, comprising:

Receiving a first Message Authentication Code (MAC) from a terminal device, wherein the first MAC is generated according to a first parameter and a first key, the first key corresponds to a plurality of terminal devices in a group to which the terminal device belongs, and the combination of the first parameter and the first key uniquely corresponds to the terminal device;

Obtaining a third key, wherein the third key is the same as the first key, or the third key is generated according to the first key and the first parameter;

Generating a second MAC according to the third key;

and authenticating the terminal equipment according to the second MAC and the first MAC.

12. The method of claim 11, wherein the obtaining the third key comprises:

and receiving the third key from a storage network element, wherein the storage network element is used for storing the corresponding relation between the group to which the terminal equipment belongs and the first key.

13. The method of claim 12, wherein prior to the receiving the third key from the storage network element, the method further comprises:

Acquiring the identification of the terminal equipment;

and sending the identification of the terminal equipment to the storage network element, wherein the identification of the terminal equipment is used for the storage network element to determine the first key corresponding to the group to which the terminal equipment belongs.

14. The method of claim 13, wherein the third key is generated from the first key and the first parameter, and wherein prior to receiving the third key from the storage network element, the method further comprises:

Acquiring the first parameter;

and sending the first parameter to the storage network element, wherein the first parameter is used for the storage network element to generate the third key according to the first key.

15. The method of claim 11, wherein the third key is generated from the first key and the first parameter, and wherein prior to the obtaining the third key, the method comprises:

acquiring the identification of the terminal equipment and the first parameter;

The identification of the terminal equipment is sent to a storage network element, and the identification of the terminal equipment is used for the storage network element to determine the first key corresponding to the group to which the terminal equipment belongs;

receiving the first key from the storage network element;

The obtaining the third key includes:

and generating the third key according to the first key and the first parameter.

16. The method of any of claims 11-15, wherein the first MAC is generated from the first parameter, the first key, and a second parameter, the method further comprising:

Acquiring the second parameter;

the generating a second MAC from the third key includes:

and generating the second MAC according to the third key and the second parameter.

17. The method of claim 16, wherein the obtaining the second parameter comprises:

the second parameter is received from the access network device.

18. The method according to claim 16 or 17, characterized in that before said receiving the first message authentication code MAC from the terminal device, the method further comprises:

And sending the second parameter to the terminal equipment.

19. A method of communication, the method being applied to an access network device, comprising:

Transmitting a first parameter to a terminal device, wherein the combination of the first parameter and a first key corresponds to the terminal device only, and the first key corresponds to a plurality of terminal devices in a group to which the terminal device belongs;

Receiving a Message Authentication Code (MAC) from the terminal equipment, wherein the MAC is generated by the terminal equipment according to the first key and the first parameter;

and sending the MAC to network equipment, wherein the MAC is used for authenticating the terminal equipment by the network equipment.

20. The method of claim 19, wherein prior to the sending the first parameter to the terminal device, the method further comprises:

generating the first parameter;

the method further comprises the steps of:

and sending the first parameter to the network equipment.

21. The method of claim 20, wherein prior to said transmitting the first parameter to the network device, the method further comprises:

receiving an identification from the terminal equipment;

determining the first parameter according to the corresponding relation between the identification of the terminal equipment and the first parameter, or

And receiving the first parameter from the terminal equipment.

22. The method according to any one of claims 19-21, further comprising:

and sending a second parameter to the terminal equipment, wherein the second parameter is used for generating the MAC.

23. The method of claim 22, wherein prior to the sending the second parameter to the terminal device, the method further comprises:

The second parameter is received from the network device.

24. The method according to any of claims 19-23, wherein before the sending of the first parameter to the terminal device, the method further comprises:

Receiving a request message from the terminal equipment for requesting access to the access network equipment;

the sending the first parameter to the terminal equipment comprises:

And sending an access response message to the terminal equipment, wherein the access response message comprises the first parameter.

25. The method of claim 24, wherein prior to receiving a request message from the terminal device requesting access to the access network device, the method further comprises:

and sending an excitation signal to the terminal equipment, wherein the excitation signal is used for providing energy for the terminal equipment.

26. A communication device, characterized in that the device comprises means for performing the method of any one of claims 1 to 10, or the device comprises means for performing the method of any one of claims 11 to 18, or the device comprises means for performing the method of any one of claims 19 to 25.

27. A communication device, comprising

A memory for storing a computer program;

A processor for executing the computer program stored in the memory to cause the communication device to perform the method of any one of claims 1 to 10, or to cause the communication device to perform the method of any one of claims 11 to 18, or to cause the communication device to perform the method of any one of claims 19 to 25.

28. A communication system comprising an access network device and a first network element, the first network element being arranged to perform the method of any of claims 11 to 18, the access network device being arranged to perform the method of any of claims 19 to 25.

29. A computer readable storage medium having stored therein computer instructions which, when run on a computer, cause the computer to perform the method of any one of claims 1 to 10, or cause the computer to perform the method of any one of claims 11 to 18, or cause the computer to perform the method of any one of claims 19 to 25.

30. A computer program product, characterized in that the computer program product comprises a computer program or instructions for performing the method according to any one of claims 1 to 10, or the computer program product comprises a computer program or instructions for performing the method according to any one of claims 11 to 18, or the computer program product comprises a computer program or instructions for performing the method according to any one of claims 19 to 25.