CRYPTOGRAPHIC KEY MANAGEMENT IN COMMUNICATION NETWORKS

摘要

Certificate server and the various combination of system and method management cipher key user terminal, access net and core net. Gadus entity, TCE are converted, (25) generate master key, and Mk is exported for key in verification process. During switching, in different access styles, each access network of key is kept between Mk or the Mk of transformation by two authenticator's nodes (42,43,44), when the equipment of user, UE, terminal (41,51,52,53) change access. Transformation Mk has been performed via one-way function, is had the effect that if Mk is compromised in some way, it is impossible to the master key used in the past can be used automatically. The key of the UE/identity modules and transformation that carry out type and type of the transformation based on authenticator's node is utilized. The Mk is never direct, but is served only for exporting multiple keys, directly protection access link.