Search

CN-122002279-A - Communication method and device

CN122002279ACN 122002279 ACN122002279 ACN 122002279ACN-122002279-A

Abstract

The application provides a communication method and a communication device. The method includes receiving a broadcast message from a first satellite, the broadcast message including an identification of the first satellite, where a communication link between the terminal device and the first satellite is available, and performing NAS secure communication with the first satellite based on a first parameter indicative of the first satellite and/or a network element carried on the first satellite, a non-access stratum NAS key, and a NAS security algorithm. According to the application, different parameters are determined for different satellites, so that different key streams and/or MAC (media access control) are generated when the different satellites communicate with the terminal equipment, and NAS (network attached storage) safety communication between the terminal equipment and the different satellites is realized.

Inventors

  • HUANG LI
  • WU YIZHUANG
  • GUO YANFEI
  • LEI AO
  • GUO LONGHUA

Assignees

  • 华为技术有限公司

Dates

Publication Date
20260508
Application Date
20241102

Claims (20)

  1. 1. A communication method applied to a terminal device or a chip in a terminal device, comprising: Receiving a broadcast message from a first satellite, the broadcast message including an identification of the first satellite, if a communication link between the terminal device and the first satellite is available; NAS secure communications are conducted with the first satellite based on a first parameter indicative of the first satellite and/or a network element carried on the first satellite, a non-access stratum NAS key, and a NAS security algorithm.
  2. 2. The method according to claim 1, wherein prior to said NAS secure communication with the first satellite based on the first parameter indicative of the first satellite and/or the network element carried on the first satellite, the non-access stratum, NAS, key and NAS security algorithm, the method further comprises: Acquiring a corresponding relation between the first parameter and the information of the first satellite, wherein the information of the first satellite comprises an identifier of the first satellite and/or an identifier of a network element carried on the first satellite; and determining the first parameter based on the corresponding relation.
  3. 3. The method of claim 2, wherein the obtaining the correspondence between the first parameter and the information of the first satellite comprises: and receiving the corresponding relation from a second satellite, wherein the second satellite is the satellite which is accessed by the terminal equipment before the first satellite is accessed.
  4. 4. A method according to claim 3, wherein said receiving said correspondence from a second satellite comprises: a first correspondence is received from the second satellite, the first correspondence comprising a correspondence between at least one parameter and information of at least one satellite, the at least one satellite comprising the first satellite, the at least one parameter comprising the first parameter, the information of the at least one satellite comprising the information of the first satellite.
  5. 5. The method according to claim 1 or 2, characterized in that the method further comprises: Determining the first parameter for the first satellite; the first parameter is transmitted to the first satellite.
  6. 6. The method according to claim 1, wherein the method further comprises: the first parameter is received from the first satellite.
  7. 7. The method according to any of claims 1-6, wherein NAS secure communication with the first satellite is performed based on a first parameter indicative of the first satellite and/or a network element carried on the first satellite, a NAS key and a NAS security algorithm, comprising: using the first parameter and the NAS secret key as input of the NAS security algorithm to generate a first key stream and/or a first Message Authentication Code (MAC); NAS secure communications are conducted between the first keystream or the first MAC and the first satellite based on the first key stream, wherein the first parameter is contained in a bearer and/or counter for the NAS security algorithm input.
  8. 8. The method according to any of claims 1-6, wherein the first parameter is contained in a first field that is different from a bearer, counter, transmission direction, length, or message used for the NAS security algorithm input.
  9. 9. The method according to any one of claims 3-8, further comprising: NAS secure communications are conducted with the second satellite based on a second parameter, the NAS key, and the NAS security algorithm, the second parameter being different from the first parameter.
  10. 10. The method according to claim 9, wherein the second parameter is used to indicate the second satellite and/or a network element carried on the second satellite, or The second parameter is a default value.
  11. 11. The method according to claim 9 or 10, wherein the second parameter is comprised in a bearer and/or a counter for the NAS security algorithm input, or The second parameter is included in a first field that is different from a bearer, counter, transmission direction, length, or message used for the NAS security algorithm input.
  12. 12. A communication method applied to a first satellite or a chip in the first satellite, comprising: Acquiring a first parameter, wherein the first parameter is used for indicating the first satellite and/or a network element borne on the first satellite; And carrying out NAS secure communication with the terminal equipment based on the first parameter, the NAS key of the non-access stratum and the NAS secure algorithm.
  13. 13. The method of claim 12, wherein the obtaining the first parameter comprises: The first parameter is received from the terminal device in case a communication link between the first satellite and the terminal device is available.
  14. 14. The method of claim 12, wherein the obtaining the first parameter comprises: The first parameter is received from a ground network element in case a communication link between the first satellite and the ground network element is available.
  15. 15. The method according to any one of claims 12-14, further comprising: and sending the first parameter to the terminal equipment.
  16. 16. The method of claim 15, wherein the first parameter is determined by the first satellite; The method further comprises the steps of: and sending the first parameter to the terminal equipment.
  17. 17. The method according to any of claims 11-16, wherein NAS secure communication with the terminal device based on the first parameter, NAS key and NAS security algorithm comprises: And taking the first parameter and the NAS secret key as inputs of the NAS security algorithm, generating a first key stream and/or a first Message Authentication Code (MAC), and carrying out NAS security communication between the terminal equipment and the first key stream and/or the first MAC based on the first key stream and/or the first MAC, wherein the first parameter is contained in a bearer and/or a counter used for inputting of the NAS security algorithm.
  18. 18. The method according to any of claims 11-16, wherein the first parameter is contained in a first field that is different from a bearer, counter, transmission direction, length or message used for the NAS security algorithm input.
  19. 19. A communication method applied to a ground network element, comprising: Acquiring a first corresponding relation, wherein the first corresponding relation comprises a corresponding relation between at least one parameter and information of at least one satellite; And sending the first corresponding relation to the first satellite under the condition that a communication link between the first satellite and the ground network element is available, wherein the at least one parameter comprises a first parameter used for indicating the first satellite and/or the network element carried on the first satellite, and the first parameter is used for carrying out NAS (network attached storage) safety communication between the first satellite and a terminal device.
  20. 20. The method of claim 19, wherein the method further comprises: And sending the first corresponding relation to a second satellite, wherein the second satellite is the satellite which is accessed by the terminal equipment before accessing the first satellite.

Description

Communication method and device Technical Field The present application relates to the field of communications technologies, and in particular, to a communications method and apparatus. Background In a non-terrestrial network (non-TERRESTRIAL NETWORKS, NTN), the terminal device may communicate with the satellite, for example, in a Store & Forward (S & F) scenario of NTN, the functions of the core network element are deployed partly on the satellite and partly on the terrestrial device. In this deployment scenario, the terminal device attaches to the satellite network via the satellite to communicate with the satellite. The terminal equipment can be connected to different satellites, and information interaction between the satellites can be completed through ground equipment. In the communication process, a non-access stratum (NAS) secure connection is established between the terminal equipment and the core network element so as to ensure the secure transmission of data. In the deployment scheme, the satellite can deploy the functions of part of core network elements, so how to ensure that NAS secure connection is established between the terminal equipment and the satellite is a problem to be solved. Disclosure of Invention The application provides a communication method and a communication device, which are used for realizing NAS (network attached storage) safety communication between terminal equipment and a satellite. In a first aspect, a communication method is provided, which may be performed by a terminal device or a component of a terminal device (e.g. a chip or a system-on-chip or a circuit or a communication module). The method includes receiving a broadcast message from a first satellite, the broadcast message including an identification of the first satellite, where a communication link between the terminal device and the first satellite is available, and performing NAS secure communication with the first satellite based on a first parameter indicative of the first satellite and/or a network element carried on the first satellite, a non-access stratum NAS key, and a NAS security algorithm. Based on the scheme, NAS security communication is performed between the terminal equipment and the first satellite based on the first parameter corresponding to the first satellite, so that when the satellite and the terminal equipment perform NAS security communication, the parameter corresponding to the satellite is used as input of an NAS security algorithm, and key stream and/or message authentication code corresponding to the satellite can be generated. Therefore, when different satellites communicate with the terminal device, different key streams and/or message authentication codes are generated, so that the problem of reusing the key streams and/or the message authentication codes among the satellites is avoided. And the NAS safety communication between the terminal equipment and different satellites is further realized, and the safety of data transmission between the terminal equipment and the satellites is ensured. With reference to the first aspect, in some implementations of the first aspect, before the NAS secure communication with the first satellite based on the first parameter indicating the first satellite and/or the network element carried on the first satellite, the NAS key, and the NAS security algorithm, the method further includes acquiring a correspondence between the first parameter and information of the first satellite, where the information of the first satellite includes an identifier of the first satellite, and/or an identifier of the network element carried on the first satellite, and determining the first parameter based on the correspondence. Based on the scheme, the terminal equipment can acquire the corresponding relation between the first satellite and the information of the first satellite, and based on the corresponding relation, the terminal equipment can determine the first parameter corresponding to the first satellite. With reference to the first aspect, in some implementations of the first aspect, the obtaining the correspondence between the first parameter and the information of the first satellite includes receiving the correspondence from a second satellite, where the second satellite is a satellite that the terminal device accesses before accessing the first satellite. Based on the scheme, the corresponding relation is received from a second satellite accessed by the terminal equipment before. With reference to the first aspect, in certain implementations of the first aspect, receiving the correspondence from the second satellite includes receiving a first correspondence from the second satellite, the first correspondence including a correspondence between at least one parameter including the first satellite and information of at least one satellite including the first parameter. Based on the scheme, the terminal equipment obtains the corresponding relation between