METHOD FOR ADDING AUTHENTICATION ALGORITHM PROGRAM, AND RELEVANT DEVICE AND SYSTEM

TECHNICAL FIELD

Aspects of the present invention relate to the field of terminal technologies, and in particular, to a method for adding an authentication algorithm program, and a relevant device and system.

BACKGROUND

An embedded universal integrated circuit card (embedded Universal Integrated Circuit Card, eUICC), also referred to as an embedded subscriber identity module (embedded Subscriber Identity Module, eSIM), may be inserted, or soldered, or disposed in another manner into a user terminal (such as a mobile phone or a tablet computer).

In actual application, after downloading and installing a profile (profile) provided by a mobile network operator, the eUICC can activate the profile, thereby accessing the operator's network (such as a 2G, 3G, or 4G network).

The profile is a set of data and applications of the operator, and generally includes network access application parameters, such as a key parameter Ki, an international mobile subscriber identity (International Mobile Subscriber Identity, IMSI), a mobile network operator-security domain (Mobile Network Operator-Security Domain, MNO-SD), a supplementary security domain (Supplementary Security Domains, SSD), a controlling authority security domain (Controlling Authority Security Domain, CASD), applications (such as an NFC application), a JAVA card app, other elements in a file system, and profile metadata, where the profile metadata includes profile policy rules (Profile Policy Rules). A correspondence between the IMSI and the Ki is used to identify a user who requests network authentication.

Before the eUICC successfully accesses the operator's network using the profile, network authentication is further required. Network authentication is a process of verifying an identity of a network entity or an eUICC. An authentication algorithm program needs to be used in the network authentication process. For example, the authentication algorithm program may be a piece of code for implementing an authentication algorithm or data for describing the authentication algorithm. The authentication algorithm program may be used to generate an authentication response (SRES) and infer a cipher key (Cipher Key, CK) and an integrity key (Integrity Key, IK).

However, in practice, because the eUICC may lack a required authentication algorithm program corresponding to an authentication algorithm, the eUICC cannot successfully register the profile into the network. Therefore, it is currently urgent to resolve a problem about how to add the authentication algorithm program lacking in the eUICC and corresponding to the authentication algorithm into the eUICC.

SUMMARY

Embodiments of the present invention disclose a method for adding an authentication algorithm program, a relevant device and system, to add an authentication algorithm program lacking in an eUICC and corresponding to an authentication algorithm into the eUICC.

According to a first aspect, a method for adding an authentication algorithm program, includes: receiving, by a subscription management-data preparation SM-DP+ server, an authentication algorithm program sent by a mobile network operator MNO, where the authentication algorithm program corresponds to target information, and the target information is at least one of: firmware version information of an embedded universal integrated circuit card eUICC, an embedded universal integrated circuit card identifier EID issuer identifier of the eUICC, platform/operating system version information of the eUICC, or capability information of the eUICC; and generating, by the SM-DP+ server, a bound profile package that includes the authentication algorithm program, and sending the bound profile package to the eUICC by using a local profile assistant LPA.

Optionally, the authentication algorithm program is used to be added into an authentication algorithm program set of the eUICC. Optionally, the authentication algorithm program set may be located in a telecom framework of the eUICC.

By implementing the method for adding an authentication algorithm program described in the first aspect, the MNO can send an authentication algorithm program lacking in the eUICC to the SM-DP+ server, and the SM-DP+ server can generate a bound profile package including the authentication algorithm program, where the bound profile package further includes a profile. That is, the SM-DP+ server may encapsulate the profile downloaded by the eUICC and the authentication algorithm program lacking in the eUICC into a bound profile package and send the package to the eUICC. Therefore, when running the profile, the eUICC can use the authentication algorithm program downloaded together with the profile to perform identity validity verification on the eUICC. Therefore, by implementing the authentication algorithm program described in the first aspect, the eUICC can add the authentication algorithm program into the eUICC in time.

In an optional implementation, the target information may be one or more of the four types of information (that is, the firmware version information of the eUICC, the EID issuer identifier of the eUICC, the platform/operating system version information of the eUICC, and the capability information of the eUICC), and the MNO may find a corresponding authentication algorithm program based on the target information. For example, the target information includes the firmware version information of the eUICC. In a subscription process between a user terminal and an MNO server, the MNO server may receive the firmware version information of the eUICC. After receiving the firmware version information of the eUICC, the MNO server finds the corresponding authentication algorithm program based on the received firmware version information of the eUICC.

In another example, the target information includes the EID issuer identifier of the eUICC. In the subscription process between the user terminal and the MNO server, the MNO server may receive the EID sent by the LPA. After receiving the EID, the MNO server obtains the EID issuer identifier from the EID. The MNO finds the corresponding authentication algorithm program based on the EID issuer identifier.

In another example, the target information includes the platform/operating system version information. In the subscription process between the user terminal and the MNO server, the MNO server may receive the EID sent by the LPA. After receiving the EID, the MNO server obtains the platform/operating system version information from the EID. The MNO finds the corresponding authentication algorithm program based on the platform/operating system version information.

In another example, the target information includes the EID issuer identifier and the platform/operating system version information. In the subscription process between the user terminal and the MNO server, the MNO server may receive the EID sent by the LPA. After receiving the EID, the MNO server obtains the EID issuer identifier and the platform/operating system version information of the eUICC from the EID. The MNO finds the corresponding authentication algorithm program based on the EID issuer identifier and the platform/operating system version information.

In another example, the target information includes the capability information of the eUICC. In the subscription process between the user terminal and the MNO server, the MNO server may receive the capability information of the eUICC. After receiving the capability information of the eUICC, the MNO server finds the corresponding authentication algorithm program based on the received capability information of the eUICC.

In another example, the target information includes the firmware version information of the eUICC, the EID issuer identifier of the eUICC, and the platform/operating system version information of the eUICC. In the subscription process between the user terminal and the MNO, the MNO may receive the firmware version information and the EID sent by the LPA. After receiving the EID, the MNO obtains the EID issuer identifier and the platform/operating system version information from the EID, finds the corresponding authentication algorithm program based on the received firmware version information, EID issuer identifier, and platform/operating system version information, and sends the authentication algorithm program to the SM-DP+ server.

In another example, the target information includes the firmware version information of the eUICC, the EID issuer identifier of the eUICC, the platform/operating system version information of the eUICC, and the capability information of the eUICC. In the subscription process between the user terminal and the MNO, the MNO may receive the firmware version information and the EID sent by the LPA. After receiving the EID, the MNO obtains the EID issuer identifier and the platform/operating system version information from the EID, finds the corresponding authentication algorithm program based on the received firmware version information, the EID issuer identifier, the platform/operating system version information, and the capability information of the eUICC, and sends the authentication algorithm program to the SM-DP+ server.

Optionally, the MNO may send the authentication algorithm program to the SM-DP+ server by using a DownloadOrder (DownloadOrder), or may send the authentication algorithm program to the SM-DP+ server by using a ConfirmOrder (ConfirmOrder).

By applying this implementation, the MNO can proactively push the authentication algorithm program lacking in the eUICC to the SM-DP+ server, and after receiving the authentication algorithm program, the SM-DP+ server can send the authentication algorithm program to the eUICC in time by using the LPA for adding.

Optionally, in the subscription process between the user terminal and the MNO server, after the EID or other matching information (such as the firmware version information and the capability information of the eUICC) is reported, the MNO server searches for the corresponding authentication algorithm program, and the DownloadOrder (DownloadOrder) sent to the SM-DP+ server carries a ProfileType message (ProfileType). The ProfileType message is used to indicate a type of a profile specifically generated or matched by the SM-DP+ server. The profile type can be identified and determined based on data included in the profile. For example, a ProfileType message 1 is used to indicate that the profile type is a profile including an authentication algorithm program, and a ProfileType message 2 is used to indicate that the profile type is a profile including no authentication algorithm program. Alternatively, the profile type may also be identified and determined based on each different authentication algorithm program identifier included in the profile. For example, the ProfileType message 1 indicates a profile type including an authentication algorithm program identifier GD_01, and the ProfileType message 2 indicates a profile type including an authentication algorithm program identifier GTO_01. Optionally, the MNO server may also add two ProfileType messages in the DownloadOrder, one ProfileType message is used to indicate that the profile type is a profile including an authentication algorithm program, and the other ProfileType message is used to indicate that the profile type is a profile including the authentication algorithm program identifier GTO_01. Alternatively, the MNO server may also add two ProfileType messages in the DownloadOrder, one ProfileType message is used to indicate that the profile type is a profile including no authentication algorithm program, and the other ProfileType message is used to indicate that the profile type is a profile including no authentication algorithm program identifier GTO_01.

Optionally, in the subscription process between the user terminal and the MNO server, the user terminal may report no EID information, but purchase an activation code (Activation code) corresponding to a profile. The MNO server may configure authentication algorithm programs of different versions into profiles of different sets when generating profiles of corresponding activation codes in batches. When the user terminal purchases the activation code, an operator may request the user terminal to provide matching information. The matching information may be at least one of the firmware version information of the eUICC, the EID issuer identifier of the eUICC, the platform/operating system version information of the eUICC, or the capability information of the eUICC. The EID issuer identifier and the platform/operating system version information of the eUICC may be obtained from the EID information reported by the user terminal. Based on the matching information obtained from the user terminal, the MNO server instructs the SM-DP+ server to package the profile including the authentication algorithm program of the corresponding version, and to send the package to the eUICC of the user terminal. The method for the SM-DP+ server to obtain the authentication algorithm program may be: after generating the authentication algorithm programs of different versions corresponding to authentication algorithms, the MNO server sends a list of needed authentication algorithm programs of different versions together with the authentication algorithm programs of all versions corresponding to the authentication algorithms to the SM-DP+ server.

In an optional implementation, for example, when the target information includes the firmware version information of the eUICC, the MNO, the SM-DP+ server, and the LPA may further perform the following steps: the LPA sends second information to the SM-DP+ server, where the second information includes eUICC information; after receiving the second information, the SM-DP+ server obtains the firmware version information from the eUICC information; the SM-DP+ server sends third information to the MNO, where the third information includes the firmware version information; and the MNO searches for a corresponding authentication algorithm program based on the third information. In this way, the MNO sends the found authentication algorithm program to the SM-DP+ server.

In another example, when the target information includes the EID issuer identifier of the eUICC, the MNO, the SM-DP+ server, and the LPA may further perform the following steps: The MNO sends first information to the SM-DP+ server, where the first information includes the EID information; after receiving the first information, the SM-DP+ server obtains the EID issuer identifier from the EID information; the SM-DP+ server sends third information to the MNO, where the third information includes the EID issuer identifier; and the MNO searches for a corresponding authentication algorithm program based on the third information. In this way, the MNO sends the found authentication algorithm program to the SM-DP+ server.

In another example, when the target information includes the platform/operating system version information of the eUICC, the MNO, the SM-DP+ server, and the LPA may further perform the following steps: the MNO sends first information to the SM-DP+ server, where the first information includes the EID information; after receiving the first information, the SM-DP+ server obtains the platform/operating system version information of the eUICC from the EID information; the SM-DP+ server sends third information to the MNO, where the third information includes the platform/operating system version information of the eUICC; and the MNO searches for a corresponding authentication algorithm program based on the third information. In this way, the MNO sends the found authentication algorithm program to the SM-DP+ server.

In another example, when the information includes the EID issuer identifier and the platform/operating system version information of the eUICC, the MNO, the SM-DP+ server, and the LPA may further perform the following steps: the MNO sends first information to the SM-DP+ server, where the first information includes the EID information; after receiving the first information, the SM-DP+ server obtains the EID issuer identifier and the platform/operating system version information of the eUICC from the EID information; the SM-DP+ server sends third information to the MNO, where the third information includes the EID issuer identifier and the platform/operating system version information of the eUICC; and the MNO searches for a corresponding authentication algorithm program based on the third information. In this way, the MNO sends the found authentication algorithm program to the SM-DP+ server.

For example, when the target information includes the capability information of the eUICC, the MNO, the SM-DP+ server, and the LPA may further perform the following steps: the LPA sends second information to the SM-DP+ server, where the second information includes the eUICC information; after receiving the second information, the SM-DP+ server obtains the capability information of the eUICC from the eUICC information; the SM-DP+ server sends third information to the MNO, where the third information includes the capability information of the eUICC; and the MNO searches for a corresponding authentication algorithm program based on the third information. In this way, the MNO sends the found authentication algorithm program to the SM-DP+ server.

In another example, when the target information includes the firmware version information of the eUICC, the EID issuer identifier of the eUICC, and the platform/operating system version information of the eUICC, the MNO, the SM-DP+ server, and the LPA may further perform the following steps: the MNO sends first information to the SM-DP+ server, where the first information includes the EID information; the LPA sends second information to the SM-DP+ server, where the second information includes the eUICC information; after receiving the first information and the second information, the SM-DP+ server obtains the firmware version information from the eUICC information, and obtains the EID issuer identifier and the platform/operating system version information from the EID information; the SM-DP+ server sends third information to the MNO, where the third information includes the firmware version information, the EID issuer identifier, and the platform/operating system version information; and the MNO searches for a corresponding authentication algorithm program based on the third information. In this way, the MNO sends the found authentication algorithm program to the SM-DP+ server.

In another example, when the target information includes the firmware version information of the eUICC, the EID issuer identifier of the eUICC, the platform/operating system version information of the eUICC, and the capability information of the eUICC, before receiving the authentication algorithm program sent by the mobile network operator MNO, the SM-DP+ server may further perform the following steps: The SM-DP+ server receives the first information sent by the MNO, where the first information includes the EID information; the SM-DP+ server receives the second information sent by the LPA, where the second information includes the eUICC information; the SM-DP+ server obtains the firmware version information and the capability information of the eUICC from the eUICC information, and the SM-DP+ server obtains the EID issuer identifier, the platform/operating system version information, and the capability information of the eUICC from the EID information; the SM-DP+ server sends third information to the MNO, where the third information includes the firmware version information, the EID issuer identifier, and the platform/operating system version information. That is, the third information may include one or more of the four types of information (that is, the firmware version information of the eUICC, the EID issuer identifier of the eUICC, the platform/operating system version information of the eUICC, and the capability information of the eUICC), and the MNO searches for a corresponding authentication algorithm program based on the third information. In this way, the MNO sends the found authentication algorithm program to the SM-DP+ server.

By applying this implementation, the SM-DP+ server can proactively request the authentication algorithm program lacking in the eUICC from the MNO, and after receiving the authentication algorithm program, the SM-DP+ server can send the authentication algorithm program to the eUICC by using the LPA for adding.

In an optional implementation, the first information further includes an authentication algorithm program adding identifier. For example, if the target information includes the firmware version information, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the firmware version information. If the target information includes the EID issuer identifier, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the EID issuer identifier. If the target information includes the platform/operating system version information, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the platform/operating system version information. If the target information includes the EID issuer identifier and the platform/operating system version information, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the EID issuer identifier and the platform/operating system version information. If the target information includes the capability information of the eUICC, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the capability information of the eUICC. If the target information includes the firmware version information, the EID issuer identifier, the platform/operating system version information, and the capability information of the eUICC, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the firmware version information, the EID issuer identifier, and the platform/operating system version information. That is, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the target information. The target information may be one or more of the EID issuer identifier, the platform/operating system version information, the firmware version information of the eUICC, or the capability information of the eUICC.

In an optional implementation, the second information further includes the authentication algorithm program adding identifier. After completion of the subscription process, the activation code allocated by the MNO is obtained, and the activation code includes the authentication algorithm program adding identifier and an address of the SM-DP+ server. After a user enters the activation code, the LPA identifies the authentication algorithm program adding identifier included in the activation code, and adds the authentication algorithm program adding identifier in the second information sent to the SM-DP+ server. The authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the target information. For example, if the target information includes the firmware version information, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the firmware version information. If the target information includes the EID issuer identifier, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the EID issuer identifier. If the target information includes the platform/operating system version information, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the platform/operating system version information. If the target information includes the EID issuer identifier and the platform/operating system version information, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the EID issuer identifier and the platform/operating system version information. If the target information includes the capability information of the eUICC, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the capability information of the eUICC. If the target information includes the firmware version information, the EID issuer identifier, the platform/operating system version information, and the capability information of the eUICC, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the firmware version information, the EID issuer identifier, and the platform/operating system version information. That is, the target information may include one or more of the EID issuer identifier, the platform/operating system version information, the firmware version information of the eUICC, or the capability information of the eUICC. The authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining all compositional information in the target information.

In the solution, the MNO server may add no authentication algorithm program adding identifier in the first information. After completion of the subscription process between the user terminal and the MNO server, the user terminal receives the activation code sent by the MNO server, where the activation code includes the authentication algorithm program adding identifier. After the user terminal LPA receives an activation code operation of the user, the LPA recognizes the activation code, adds the authentication algorithm program adding identifier that is in the activation code in the second information, and sends the second information to the SM-DP+ server.

In an optional implementation, both the first information and the second information may include the authentication algorithm program adding identifier, or only one of the first information and the second information includes the authentication algorithm program adding identifier. This is not limited in this embodiment of the present invention.

In an optional implementation, the third information is HandleDownloadProgressInfo.

Specifically, an operator and a card vendor negotiate an authentication algorithm that needs to be implemented, and an environment or condition for running the authentication algorithm (for example, the firmware version information of the eUICC, the EID issuer identifier, the platform/operating system version information of the eUICC, the capability information of the eUICC, or one or more thereof), the operator lets the card vendor implement the authentication algorithm, and after completing development, the card vendor delivers a list of authentication algorithm programs of all versions and all corresponding authentication algorithm programs in the list to the operator. Optionally, the card vendor may store the list of authentication algorithm programs of all versions and all corresponding authentication algorithm programs in the list into a patch server, and create an interface between the patch server and an operator server. When the SM-DP+ server sends the third information to the operator server by using HandleDownloadProgressInfo (HandleDownloadProgressInfo), the operator server may forward the third information to the patch server through the interface connected to the patch server. Before sending the third information, the operator server may perform mutual authentication with the patch server and create a secure channel (such as an HTTPS connection). Based on the information (for example, the firmware version information of the eUICC, the EID issuer identifier, the platform/operating system version information of the eUICC, the capability information of the eUICC, or one or more thereof) received in the third information, the patch server finds a matched authentication algorithm program and sends the authentication algorithm program to the operator server. The operator server sends the received authentication algorithm program to the SM-DP+ server. Optionally, the SM-DP+ server may further receive the authentication algorithm program that is forwarded from the operator server and sent by the patch server and that matches the third information, and may receive an identifier of the authentication algorithm program. The patch server may be operated by an original equipment manufacturer (OEM).

In an optional implementation, the SM-DP+ server may obtain a list of authentication algorithm programs of all versions and all corresponding authentication algorithm programs in the list from the MNO. The SM-DP+ server receives the first information sent by the MNO, where the first information includes the EID information. The SM-DP+ server receives the second information sent by the local profile assistant LPA, where the second information includes the eUICC information. The SM-DP+ server obtains the firmware version information and the capability information of the eUICC from the eUICC information. The SM-DP+ server obtains the EID issuer identifier and the platform/operating system version information from the EID information. The SM-DP+ server finds the corresponding authentication algorithm program based on the foregoing information. The SM-DP+ server may also find the corresponding authentication algorithm program based on one or more of the obtained firmware version information, EID issuer identifier, platform/operating system version information, and capability information of the eUICC. The SM-DP+ server may also receive, in the first information, a list of authentication algorithm programs of all versions that is sent by the MNO, and all corresponding authentication algorithm programs in the list.

In an optional implementation, the SM-DP+ server may also receive the identifier of the authentication algorithm program and the length information of the authentication algorithm program that are sent by the MNO; after receiving the authentication algorithm program sent by the MNO, the SM-DP+ server may further perform the following steps: the SM-DP+ server generates a first digital signature by using the identifier of the authentication algorithm program and the length information of the authentication algorithm program; the SM-DP+ server sends fourth information to the eUICC by using the LPA, where the fourth information includes the identifier of the authentication algorithm program, the length information of the authentication algorithm program, and the first digital signature; the SM-DP+ server receives a second digital signature sent by the eUICC by using the LPA; the SM-DP+ server verifies the second digital signature; and if the SM-DP+ server succeeds in verifying the second digital signature, the SM-DP+ server performs a step of generating a bound profile package including the authentication algorithm program.

This implementation is applied, so that identity validity verification can be performed on the SM-DP+ server and the eUICC, and the length information of the authentication algorithm program can also be notified to the LPA. Therefore, the LPA can accurately send an authentication algorithm program part to the eUICC for adding or installing first, thereby ensuring that after the profile is installed and activated, a network can be accessed successfully by using the authentication algorithm program that is previously added or installed.

In an optional implementation, the SM-DP+ server may further receive the identifier of the authentication algorithm program and the length information of the authentication algorithm program that are sent by the MNO, where storage metadata of the bound profile package includes the identifier of the authentication algorithm program and the length information of the authentication algorithm program.

This implementation is applied, so that the length information of the authentication algorithm program can be notified to the LPA. Therefore, the LPA can accurately send the authentication algorithm program part to the eUICC for adding or installing first, thereby ensuring that after the profile is installed and activated, a network can be accessed successfully by using the authentication algorithm program that is previously added or installed.

In an optional implementation, initial secure channel information of the bound profile package includes a remote operation type identifier whose value is install-bound-patch and ProfileType, where the install-bound-patch and the ProfileType are used to indicate that the bound profile package includes the authentication algorithm program and a profile.

In an optional implementation, the bound profile package further includes the profile, and the authentication algorithm program and the profile are encrypted by using a session key.

Security of data transmission can be improved by encrypting the authentication algorithm program and the profile by using the session key.

In an optional implementation, the bound profile package further includes the profile and a key encrypting key, and the authentication algorithm program and the profile are encrypted by using the key encrypting key.

Security of data transmission can be improved by encrypting the authentication algorithm program and the profile by using the key encrypting key.

The first key encrypting key may be the key encrypting key of the authentication algorithm program. The authentication algorithm program may encrypt the authentication algorithm program with the key encrypting key of the authentication algorithm program after the SM-DP+ server obtains the authentication algorithm program corresponding to the eUICC. The first key encrypting key may also be the second key encrypting key. For example, upon completion of preparing the profile, the SM-DP+ server also completes preparing a corresponding authentication algorithm program, and encrypts the authentication algorithm program and the profile by using the key encrypting key. In this case, the key encrypting key may be sent to the eUICC by using the LPA only before the profile is sent, or may be sent to the eUICC by using the LPA only before the authentication algorithm program is sent. In the bound profile package generated by the SM-DP+ server, the profile, the authentication algorithm program, the first key encrypting key, and the second key encrypting key may be arranged in this order: the first key encrypting key, the authentication algorithm program, the second key encrypting key, and the profile. Optionally, the order may be: the second key encrypting key, the profile, the first key encrypting key, and the authentication algorithm program. The four types of information may be located after a storage metadata field in the bound profile package.

In an optional implementation, the bound profile package further includes the profile and a key encrypting key, and the authentication algorithm program is encrypted by using a session key and the profile is encrypted by using the key encrypting key.

The authentication algorithm program is encrypted by using the session key and the profile is encrypted by using the key encrypting key to improve security of data transmission.

In an optional implementation, the bound profile package further includes the profile and the key encrypting key, and the authentication algorithm program is encrypted by using the key encrypting key and the profile is encrypted by using the session key.

In an optional implementation, the authentication algorithm program is encrypted by the MNO by using a public key of the eUICC.

In an optional implementation, before encrypting the authentication algorithm program by using the public key of the eUICC, the MNO may further perform the following steps: when agreeing with the card vendor on constraints for generating the authentication algorithm program (for example, the EID issuer identifier, the platform/operating system version information, the firmware version information of the eUICC, and the capability information of the eUICC), the MNO obtains an eUICC certificate (CERT.EUICC.ECDSA) provided by all card vendors. The eUICC certificate includes the public key of the eUICC. After generating the authentication algorithm program, the MNO may match the authentication algorithm program of the corresponding version based on the EID information in the eUICC certificate. The matching may be implemented by finding the authentication algorithm program of the corresponding version based on the EID issuer identifier in the EID information. Alternatively, the matching may be implemented by finding the authentication algorithm program of the corresponding version based on the platform/operating system version information in the EID. Alternatively, the matching may be implemented by finding the authentication algorithm program of the corresponding version based on the EID issuer identifier and the platform/operating system version information in the EID. Alternatively, the matching may be implemented by finding the authentication algorithm program of the corresponding version based on the EID issuer identifier, the platform/operating system version information, the firmware version information of the eUICC, or the capability information of the eUICC in the EID. The firmware version information of the eUICC and the capability information of the eUICC may be provided by the card vendor when the MNO and the card vendor agree on constraints of generating the authentication algorithm program. That is, after generating the authentication algorithm program, the MNO can find the corresponding authentication algorithm program based on one or more of the EID issuer identifier, the platform/operating system version information, the firmware version information of the eUICC, or the capability information of the eUICC.

Security of data transmission can be improved by encrypting the authentication algorithm program by using the public key of the eUICC.

Alternatively, the session key and the key encrypting key each include a cipher key and an integrity key. The cipher key is used to encrypt and decrypt messages, and the integrity key is used to generate an integrity verification field and verify the integrity verification field.

According to a second aspect, a method for adding an authentication algorithm program is further provided, including: receiving, by an embedded universal integrated circuit card eUICC, a bound profile package sent by a local profile assistant LPA, where the bound profile package includes initial secure channel information, storage metadata, an authentication algorithm program, and a profile, the authentication algorithm program corresponds to target information, and the target information is at least one of: firmware version information of the eUICC, an embedded universal integrated circuit card identifier EID issuer identifier of the eUICC, platform/operating system version information of the eUICC, or capability information of the eUICC; and adding, by the eUICC, the authentication algorithm program into the eUICC. Optionally, the authentication algorithm program may exist outside the profile or within the profile.

By implementing the authentication algorithm program described in the second aspect, the eUICC receives the bound profile package that includes the profile and the authentication algorithm program lacking in the eUICC. Therefore, when running the profile, the eUICC can use the authentication algorithm program received together with the profile to perform identity validity verification on the eUICC. Therefore, by using the authentication algorithm program described in the second aspect, the eUICC can add the authentication algorithm program into the eUICC in time.

In an optional implementation, before receiving the initial secure channel information sent by the LPA, the eUICC may further perform the following steps: the eUICC receives fourth information sent by the SM-DP+ server by using the LPA, where the fourth information includes the identifier of the authentication algorithm program, the length information of the authentication algorithm program, and a first digital signature; the eUICC verifies the first digital signature by using the identifier of the authentication algorithm program and the length information of the authentication algorithm program; if the eUICC succeeds in verifying the first digital signature, the eUICC generates a second digital signature by using the first digital signature; and the eUICC sends the second digital signature to the SM-DP+ server by using the LPA.

This implementation is applied, so that identity validity verification can be performed on the SM-DP+ server and the eUICC, and the eUICC can also obtain the identifier of the authentication algorithm program.

In an optional implementation, after receiving the authentication algorithm program sent by the LPA, the eUICC may further add the identifier of the authentication algorithm program into the eUICC.

In an optional implementation, the storage metadata includes the identifier of the authentication algorithm program, and the eUICC may further add the identifier of the authentication algorithm program into the eUICC.

In an optional implementation, the initial secure channel information of the bound profile package includes a remote operation type identifier whose value is install-bound-patch and ProfileType, where the install-bound-patch and the ProfileType are used to indicate that the bound profile package includes the authentication algorithm program and a profile. Optionally, the install-bound-patch and the ProfileType may also be used to indicate a security level of the authentication algorithm program and the profile. After receiving the initial secure channel information sent by the LPA, the eUICC verifies the remote operation type identifier whose value is install-bound-patch and ProfileType and that is included in the initial secure channel information. If it is verified that the remote operation type identifier is one of defined types, the eUICC processes the authentication algorithm program and the profile in the bound profile package separately by using a security level corresponding to the remote operation type. For example, the remote operation type identifier whose value is install-bound-patch and ProfileType indicates that the security level of the profile and the authentication algorithm program is integrity protection and encryption protection (Message Authentication Code and ENCRYPTION).

In an optional implementation, the authentication algorithm program and the profile are encrypted by using a session key. After receiving the authentication algorithm program sent by the LPA, the eUICC may further decrypt the authentication algorithm program by using the session key. Optionally, after completing the operation of adding the authentication algorithm program to the eUICC, the eUICC sends a message of successful adding of the authentication algorithm program to the LPA. The message of successful adding of the authentication algorithm program may be carried in a response application protocol data unit (response APDU) command, and the message of successful adding of the authentication algorithm program is used to instruct the LPA to send a profile part in the bound profile package to the eUICC. After receiving the profile sent by the LPA, the eUICC may further decrypt the profile by using the session key.

The eUICC may first receive the profile sent by the LPA, and then the eUICC decrypts the profile by using the session key, and installs the profile. Optionally, after completing the operation of installing the profile, the eUICC sends a profile installation success message to the LPA. The profile installation success message may be carried in a response application protocol data unit (response APDU) command, and the profile installation success message is used to instruct the LPA to send the authentication algorithm program in the bound profile package to the eUICC. The eUICC receives the authentication algorithm program sent by the LPA, and the eUICC decrypts the authentication algorithm program by using the session key. Upon completion of the decryption, the eUICC adds the authentication algorithm program into the eUICC. That is, the eUICC may first receive the authentication algorithm program sent by the LPA, and then receive the profile sent by the LPA; or the eUICC may first receive the profile sent by the LPA, and then receive the authentication algorithm program sent by the LPA. This is not limited in this embodiment of the present invention.

Security of data transmission can be improved by encrypting the authentication algorithm program and the profile by using the session key. Correspondingly, the eUICC needs to decrypt the authentication algorithm program and the profile by using the session key.

In an optional implementation, the authentication algorithm program and the profile are encrypted by using a key encrypting key, the bound profile package further includes the key encrypting key, and the key encrypting key is encrypted by using a session key. Before receiving the authentication algorithm program sent by the LPA, the eUICC may further receive the key encrypting key sent by the LPA, and decrypt the key encrypting key by using the session key. After receiving the authentication algorithm program sent by the LPA, the eUICC may further decrypt the authentication algorithm program by using the key encrypting key. Optionally, after completing the operation of adding or installing the authentication algorithm program, the eUICC sends a message of successful adding of the authentication algorithm program to the LPA. The message of successful adding of the authentication algorithm program may be carried in a response application protocol data unit (response APDU) command, and the message of successful adding of the authentication algorithm program is used to instruct the LPA to send a profile part in the bound profile package to the eUICC. After receiving the profile sent by the LPA, the eUICC may further decrypt the profile by using the key encrypting key.

In an optional implementation, the authentication algorithm program is encrypted by using a first key encrypting key, and the profile is encrypted by using a second key encrypting key. The bound profile package further includes the first key encrypting key and the second key encrypting key, and the first key encrypting key and the second key encrypting key are encrypted by using the session key. Before receiving the authentication algorithm program sent by the LPA, the eUICC may further receive a first key encrypting key sent by the LPA, and decrypt the first key encrypting key by using the session key. After receiving the authentication algorithm program sent by the LPA, the eUICC may further decrypt the authentication algorithm program by using the first key encrypting key. After completing the operation of adding the authentication algorithm program to the eUICC, the eUICC sends a message of successful adding of the authentication algorithm program to the LPA. The message of successful adding of the authentication algorithm program may be carried in a response application protocol data unit (response APDU) command, and the message of successful adding of the authentication algorithm program is used to instruct the LPA to send a profile part in the bound profile package to the eUICC. Before receiving the profile sent by the LPA, the eUICC may further receive a second key encrypting key sent by the LPA, and decrypt the second key encrypting key by using the session key. After receiving the profile sent by the LPA, the eUICC may further decrypt the profile by using the second key encrypting key. The eUICC may also receive the profile first, and decrypt the profile by using the second key encrypting key that is received before the profile is received. After receiving the profile, the eUICC sequentially receives the first key encrypting key and the authentication algorithm program, and decrypts the authentication algorithm program by using the first key encrypting key.

Security of data transmission can be improved by encrypting the authentication algorithm program and the profile by using the key encrypting key. Correspondingly, the eUICC needs to decrypt the authentication algorithm program and the profile by using the key encrypting key.

In an optional implementation, the authentication algorithm program is encrypted by using the session key, the profile is encrypted by using the key encrypting key, the bound profile package further includes the key encrypting key, and the key encrypting key is encrypted by using the session key. Before receiving the profile sent by the LPA, the eUICC may further receive the key encrypting key sent by the LPA, and decrypt the key encrypting key by using the session key. After receiving the authentication algorithm program sent by the LPA, the eUICC may further decrypt the authentication algorithm program by using the session key. Optionally, after completing the operation of adding or installing the authentication algorithm program, the eUICC sends a message of successful adding of the authentication algorithm program to the LPA. The message of successful adding of the authentication algorithm program may be carried in a response application protocol data unit (response APDU) command, and the message of successful adding of the authentication algorithm program is used to instruct the LPA to send a profile part in the bound profile package to the eUICC. After receiving the profile sent by the LPA, the eUICC may further decrypt the profile by using the key encrypting key.

The eUICC may first receive the profile sent by the LPA, and then the eUICC decrypts the profile by using the key encrypting key, and installs the profile. Optionally, after completing the operation of installing the profile, the eUICC sends a profile installation success message to the LPA. The profile installation success message may be carried in a response application protocol data unit (response APDU) command, and the profile installation success message is used to instruct the LPA to send the authentication algorithm program in the bound profile package to the eUICC. The eUICC receives the authentication algorithm program sent by the LPA, and the eUICC decrypts the authentication algorithm program by using the session key. Upon completion of the decryption, the eUICC adds the authentication algorithm program into the eUICC. That is, the eUICC may first receive the authentication algorithm program sent by the LPA, and then receive the profile sent by the LPA; or the eUICC may first receive the profile sent by the LPA, and then receive the authentication algorithm program sent by the LPA. After receiving the authentication algorithm program sent by the LPA, the eUICC may receive the key encrypting key sent by the LPA, and after receiving the key encrypting key, the eUICC receives the profile sent by the LPA; or, after receiving the key encrypting key sent by the LPA, the eUICC receives the profile sent by the LPA, and after receiving the profile, the eUICC receives the authentication algorithm program sent by the LPA; or, after receiving the key encrypting key sent by the LPA, the eUICC may receive the authentication algorithm program sent by the LPA, and after receiving the authentication algorithm program, the eUICC receives the profile sent by the LPA This is not limited in this embodiment of the present invention.

The authentication algorithm program is encrypted by using the session key and the profile is encrypted by using the key encrypting key to improve security of data transmission. Correspondingly, the eUICC needs to decrypt the authentication algorithm program by using the session key, and decrypt the profile by using the key encrypting key.

In an optional implementation, the authentication algorithm program is encrypted by using the key encrypting key, and the profile is encrypted by using the session key; the bound profile package further includes a key encrypting key, and the key encrypting key is encrypted by using the session key; after receiving the profile sent by the LPA, the eUICC may further receive the key encrypting key sent by the LPA, and decrypt the key encrypting key by using the session key; after receiving the authentication algorithm program sent by the LPA, the eUICC may further decrypt the authentication algorithm program by using the key encrypting key; or, the eUICC may first receive the key encrypting key sent by the LPA, and decrypt the key encrypting key by using the session key. After completion of the decryption, the eUICC receives the authentication algorithm program sent by the LPA, and adds the authentication algorithm program into the eUICC. After completing the operation of adding the authentication algorithm program into the eUICC, the eUICC sends a message of successful adding of the authentication algorithm program to the LPA. The message of successful adding of the authentication algorithm program may be carried in a response application protocol data unit (response APDU) command, and the message of successful adding of the authentication algorithm program is used to instruct the LPA to send the profile in the bound profile package to the eUICC. The eUICC receives the profile sent by the LPA, and the eUICC decrypts the profile by using the session key. After completion of the decryption, the eUICC installs the profile. That is, the eUICC may first receive the key encrypting key sent by the LPA, and then receive the authentication algorithm program sent by the LPA, and finally receive the profile sent by the LPA; or, the eUICC may first receive the profile sent by the LPA, and then receive the key encrypting key sent by the LPA, and finally receive the authentication algorithm program sent by the LPA.

In an optional implementation, the authentication algorithm program is encrypted by an MNO by using a public key of the eUICC, and the eUICC may decrypt the authentication algorithm program by using a private key of the eUICC.

Security of data transmission can be improved by encrypting the authentication algorithm program by using the public key of the eUICC. Correspondingly, the eUICC needs to decrypt the authentication algorithm program by using the private key of the eUICC.

In an optional implementation, the eUICC deletes the authentication algorithm program if the eUICC deletes the profile.

If the authentication algorithm program is implemented by a private authentication algorithm of an operator, and if the profile corresponding to the authentication algorithm program is deleted, then the authentication algorithm program corresponding to the profile has no opportunity of being invoked temporarily. Therefore, if the eUICC deletes the profile, the eUICC deletes the authentication algorithm program corresponding to the profile. This is beneficial to saving storage space. Specifically, the eUICC may create a mapping relationship between the authentication algorithm program and the profile after determining that the added or installed authentication algorithm program and the profile are in one bound profile package. After determining that the profile is deleted, the eUICC may delete the corresponding authentication algorithm program based on the previously created mapping relationship.

In an optional implementation, after adding the authentication algorithm program into the eUICC, the eUICC may perform the following steps: the eUICC receives a profile activation command sent by the LPA, where the profile activation command instructs the eUICC to activate the profile; the eUICC determines a corresponding authentication algorithm program based on the identifier of the authentication algorithm program in the profile; and the eUICC configures the authentication algorithm program by using a network access application parameter of the profile. The eUICC performs mutual authentication with a network by using the authentication algorithm program.

Optionally, the profile activation command includes an identifier of the profile in the previously downloaded bound profile package. The eUICC determines the corresponding authentication algorithm program by reading the identifier of the authentication algorithm program in the profile. The identifier of the authentication algorithm program may be stored in a file system part in the profile. The authentication algorithm program is an authentication algorithm program included in the previously downloaded bound profile package. The eUICC obtains the authentication algorithm program in the bound profile package, and installs or adds the authentication algorithm program into an authentication algorithm program set in a telecom framework. There may be a plurality of authentication algorithm programs in the eUICC, and each authentication algorithm program corresponds to a unique identifier of authentication algorithm program. Therefore, the eUICC determines the previously added authentication algorithm program based on the identifier of the authentication algorithm program in the profile. After determining the authentication algorithm program, the eUICC configures the authentication algorithm program by using a network access application parameter of the profile. After configuring the network application parameter, the eUICC performs mutual authentication with a network by using the authentication algorithm program. After the authentication succeeds, a terminal to which the eUICC belongs can access the network. The network here may be a network-side mobility management entity (Mobility Management Entity) or an authentication center.

This implementation is applied, so that when registration is performed by running the profile, an authentication algorithm program located in the bound profile package inclusive of the profile can be directly used to perform identity validity verification on a network entity.

In an optional implementation, the receiving, by the eUICC, the bound profile package sent by the LPA may include: the eUICC receives initial secure channel information in the bound profile package sent by the LPA; the eUICC receives storage metadata in the bound profile package sent by the LPA; the eUICC receives the authentication algorithm program in the bound profile package sent by the LPA; the eUICC sends a message to the LPA to indicate completion of adding the authentication algorithm program; and the eUICC receives the profile in the bound profile package sent by the LPA.

Optionally, after the eUICC receives the initial secure channel information and the storage metadata, the eUICC may first receive the profile in the bound profile package sent by the LPA; the eUICC sends the message to the LPA to indicate completion of adding the profile; and the eUICC receives the authentication algorithm program in the bound profile package sent by the LPA.

Specifically, the eUICC may receive, through an ES10d interface between LPA services in an ISD-R and an LPADd in the LPA, the authentication algorithm program sent by the LPA. Through the ES10d interface, the eUICC sends a message to the LPA to indicate completion of adding or installing the authentication algorithm program, where the message for indicating completion of adding the authentication algorithm program may be carried in a response application protocol data unit (response APDU) command. After sending the message used to indicate completion of adding the authentication algorithm program to the LPA, the eUICC receives the profile in the bound profile package sent by the LPA through an ES10b interface between an LPDd and the LPA services. Optionally, the eUICC may receive the profile sent by the LPA through the ES10b interface, and after receiving the profile, receive the authentication algorithm program sent by the LPA through the ES10d interface.

According to a third aspect, a method for adding an authentication algorithm program is further provided, including: receiving, by a local profile assistant LPA, fifth information sent by a subscription management-data preparation SM-DP+ server; sending, by the LPA, an authentication algorithm program in a bound profile package to an embedded universal integrated circuit card eUICC based on the fifth information, where the authentication algorithm program corresponds to target information, and the target information is at least one of: firmware version information of the eUICC, an embedded universal integrated circuit card identifier EID issuer identifier of the eUICC, platform/operating system version information of the eUICC, or capability information of the eUICC; receiving, by the LPA, a message sent by the eUICC to indicate completion of adding the authentication algorithm program; and sending, by the LPA, a profile in the bound profile package to the eUICC. Optionally, the LPA may send the profile in the bound profile package to the eUICC first. After receiving a message sent by the eUICC to indicate completion of installing the profile, the LPA sends the authentication algorithm program in the bound profile package to the eUICC based on the fifth information.

Specifically, the LPA may send the authentication algorithm program to the eUICC through an ES10d interface between an LPADd and LPA services in an ISD-R of the eUICC. Through the ES10d interface, the LPA receives the message sent by the eUICC to indicate completion of adding or installing the authentication algorithm program. The message for indicating completion of adding the authentication algorithm program may be carried in a response application protocol data unit (response APDU) command. After receiving the message sent by the eUICC to indicate completion of adding the authentication algorithm program, the LPA sends the profile in the bound profile package to the eUICC through an ES10b interface between an LPDd and the LPA services. The ES10b interface and the ES10d interface may be used to send the profile first and then send the authentication algorithm program.

By implementing the authentication algorithm program described in the third aspect, the LPA can accurately determine the authentication algorithm program in the bound profile package and send the authentication algorithm program to the eUICC. Therefore, the eUICC can add the authentication algorithm program into the eUICC in time.

In an optional implementation, the fifth information is length information of the authentication algorithm program, or the fifth information is tag information of encrypted segmented data of the bound profile package.

By applying this implementation, the LPA can accurately determine the authentication algorithm program in the bound profile package and send the authentication algorithm program to the eUICC.

In an optional implementation, the length information of the authentication algorithm program is included in storage metadata of the bound profile package.

According to a fourth aspect, a method for adding an authentication algorithm program is further provided, including: receiving, by a user terminal by using a local profile assistant LPA, a bound profile package sent by a subscription management-data preparation SM-DP+ server, where the bound profile package includes an authentication algorithm program, the authentication algorithm program corresponds to target information, and the target information is at least one of: firmware version information of an embedded universal integrated circuit card eUICC, an embedded universal integrated circuit card identifier EID issuer identifier of the eUICC, platform/operating system version information of the eUICC, or capability information of the eUICC; and adding, by the user terminal, the authentication algorithm program into the eUICC by using the LPA.

By implementing the authentication algorithm program described in the fourth aspect, the user terminal can receive the bound profile package that includes the profile and the authentication algorithm program lacking in the eUICC. Therefore, when running the profile, the eUICC can use the authentication algorithm program received together with the profile to perform identity validity verification on the eUICC. Therefore, by implementing the authentication algorithm program described in the fourth aspect, the user terminal can add the authentication algorithm program into the eUICC in time.

According to a fifth aspect, an SM-DP+ server is further provided, where the SM-DP+ server has functions of implementing behavior of the SM-DP+ server described in the first aspect or in a possible implementation of the first aspect. The functions can be implemented by hardware or by corresponding software executed by hardware. The hardware or software includes one or more units corresponding to the functions. The units may be software and/or hardware. Based on the same inventive concept, a principle and a beneficial effect of the SM-DP+ server for resolving problems can be learned by referring to that of the first aspect and each possible method implementation of the first aspect and the beneficial effect thereof, and therefore, the implementation of the SM-DP+ server can be learned by referring to the first aspect and each possible method implementation of the first aspect, and is not repeated herein again.

According to a sixth aspect, an eUICC is further provided, where the eUICC has functions of the eUICC described in the second aspect or in a possible implementation of the second aspect. The functions can be implemented by hardware or by corresponding software executed by hardware. The hardware or software includes one or more units corresponding to the functions. The units may be software and/or hardware. Based on the same inventive concept, a principle and a beneficial effect of the eUICC for resolving problems can be learned by referring to that of the second aspect and each possible implementation of the second aspect and the beneficial effect thereof, and therefore, the implementation of the eUICC can be learned by referring to the second aspect and each possible implementation of the second aspect, and is not repeated herein again.

According to a seventh aspect, an LPA is further provided, where the LPA has functions of the LPA described in the third aspect or in a possible implementation of the third aspect. The functions can be implemented by hardware or by corresponding software executed by hardware. The hardware or software includes one or more units corresponding to the functions. The units may be software and/or hardware. Based on the same inventive concept, a principle and a beneficial effect of the LPA for resolving problems can be learned by referring to that of the third aspect and each possible method implementation of the third aspect and the beneficial effect thereof, and therefore, the implementation of the LPA can be learned by referring to the third aspect and each possible method implementation of the third aspect, and is not repeated herein again.

According to an eighth aspect, a user terminal is further provided, where the user terminal has functions of the user terminal described in the fourth aspect or in a possible implementation of the fourth aspect. The functions can be implemented by hardware or by corresponding software executed by hardware. The hardware or software includes one or more units corresponding to the functions. The units may be software and/or hardware. Based on the same inventive concept, a principle and a beneficial effect of the user terminal for resolving problems can be learned by referring to that of the fourth aspect and each possible method implementation of the fourth aspect and the beneficial effect thereof, and therefore, the implementation of the user terminal can be learned by referring to the fourth aspect and each possible method implementation of the fourth aspect, and is not repeated herein again.

According to a ninth aspect, an SM-DP+ server is provided, where the SM-DP+ server includes a processor, a memory, a communications interface, and one or more programs; the processor, the communications interface, and the memory are connected; the one or more programs are stored in the memory, and the processor invokes the program in the memory to implement the technical solution in the first aspect or in a possible implementation of the first aspect; the implementation and beneficial effects of the SM-DP+ server to resolve problems can be learned by referring to the first aspect and each possible implementation of the first aspect and the beneficial effects thereof, and no repeated description is given herein again.

According to a tenth aspect, an eUICC is provided, where the eUICC includes a processor, a memory, a communications interface, and one or more programs; the processor, the communications interface, and the memory are connected; the one or more programs are stored in the memory, and the processor invokes the program in the memory to implement the technical solution in the second aspect or in a possible implementation of the second aspect; the implementation and beneficial effects of the eUICC to resolve problems can be learned by referring to the second aspect and each possible implementation of the second aspect and the beneficial effects thereof, and no repeated description is given herein again.

According to an eleventh aspect, an LPA is provided, where the LPA includes a processor, a memory, a communications interface, and one or more programs; the processor, the communications interface, and the memory are connected; the one or more programs are stored in the memory, and the processor invokes the program in the memory to implement the technical solution in the third aspect or in a possible implementation of the third aspect; the implementation and beneficial effects of the LPA to resolve problems can be learned by referring to the third aspect and each possible implementation of the third aspect and the beneficial effects thereof, and no repeated description is given herein again.

According to a twelfth aspect, a user terminal is provided, where the user terminal includes a local profile assistant LPA, a communications module, and an embedded universal integrated circuit card eUICC. The LPA is configured to receive a bound profile package sent by a subscription management-data preparation SM-DP+ server, where the bound profile package includes an authentication algorithm program, the authentication algorithm program corresponds to target information, and the target information is at least one of: firmware version information of the eUICC, an embedded universal integrated circuit card identifier EID issuer identifier of the eUICC, platform/operating system version information of the eUICC, or capability information of the eUICC; and the LPA is further configured to add the authentication algorithm program into the eUICC by using the communications module.

According to a thirteenth aspect, a system for adding an authentication algorithm program is provided, where the system includes: the SM-DP+ server described in the fifth aspect, the eUICC described in the sixth aspect, and the LPA described in the seventh aspect. The implementation and beneficial effects of the system to resolve problems can be learned by referring to the implementations of the fifth to seventh aspects and the beneficial effects thereof, and no repeated description is given herein again.

According to a fourteenth aspect, a system for adding an authentication algorithm program is provided, where the system includes: the SM-DP+ server described in the fifth aspect, and the user terminal described in the eighth aspect. The implementation and beneficial effects of the system to resolve problems can be learned by referring to the implementations of the fifth aspect and the eighth aspect and the beneficial effects thereof, and no repeated description is given herein again.

DESCRIPTION OF DRAWINGS

To describe the technical solutions in the embodiments of the present invention more clearly, the following briefly describes the accompanying drawings required for describing the embodiments. Apparently, the accompanying drawings in the following description show merely some embodiments of the present invention, and persons of ordinary skill in the art may derive other drawings from these accompanying drawings without creative efforts.

FIG. 1 is a schematic diagram of a system architecture according to an embodiment of the present invention;

FIG. 2 is a software architectural diagram of an eUICC according to an embodiment of the present invention;

FIG. 3 to FIG. 5 are schematic flowcharts of a method for adding an authentication algorithm program according to an embodiment of the present invention;

FIG. 6 to FIG. 10 are schematic flowcharts of sending a bound profile package from an LPA to an eUICC according to an embodiment of the present invention;

FIG. 11 to FIG. 13 are schematic flowcharts of a method for adding an authentication algorithm program according to an embodiment of the present invention;

FIG. 14 is a schematic structural diagram of a bound profile package according to an embodiment of the present invention;

FIG. 15 is a schematic flowchart of another method for adding an authentication algorithm program according to an embodiment of the present invention;

FIG. 16 is a schematic structural diagram of another bound profile package according to an embodiment of the present invention;

FIG. 17 is a schematic flowchart of still another method for adding an authentication algorithm program according to an embodiment of the present invention;

FIG. 18 is a schematic structural diagram of still another bound profile package according to an embodiment of the present invention;

FIG. 19 is a schematic structural diagram of an SM-DP+ server according to an embodiment of the present invention;

FIG. 20 is a schematic structural diagram of an eUICC according to an embodiment of the present invention;

FIG. 21 is a schematic structural diagram of a user terminal according to an embodiment of the present invention;

FIG. 22 is a schematic structural diagram of another SM-DP+ server according to an embodiment of the present invention;

FIG. 23 is a schematic structural diagram of still another eUICC according to an embodiment of the present invention;

FIG. 24 is a schematic structural diagram of an LPA according to an embodiment of the present invention; and

FIG. 25 is a schematic structural diagram of another user terminal according to an embodiment of the present invention.

DESCRIPTION OF EMBODIMENTS

To make the objectives, technical solutions, and advantages of the present invention clearer, the following describes the technical solutions of the embodiments of the present invention with reference to the accompanying drawings.

For ease of understanding the embodiments of the present invention, the following first describes a system architecture and an eUICC software architecture provided in the embodiments of the present invention.

FIG. 1 is a system architectural diagram 100 according to an embodiment of the present invention. As shown in FIG. 1, the system architecture 100 includes a user terminal 12, an SM-DP+ server 14, and a mobile network operator (Mobile Network Operator (MNO) 16.

The user terminal may include various electronic devices such as a mobile phone, a tablet, a personal digital assistant (Personal Digital Assistant, PDA), a television set, an in-vehicle device, a machine to machine device (Machine to Machine, M2M), a mobile Internet device (Mobile Internet Device, MID), and a smart wearable device (such as a smart watch or a smart band). An eUICC 18 and a local profile assistant (Local Profile Assistant, LPA) 20 are provided in the user terminal. The LPA may be deployed in the terminal independently of the eUICC, or deployed in the eUICC. FIG. 1 shows an example in which the LPA and the eUICC are deployed independently.

Optionally, the LPA may include a local profile download (Local Profile Download, LPD) module, a local user interface (Local User Interface, LUI) module, and a local discovery service (Local Discovery Service, LDS) module. Generally, the LPA plays a role of interaction between the user terminal and the eUICC in the user terminal. The LPD module is mainly responsible for downloading a subscription file, the LDS module is mainly responsible for service discovery, and the LUI module provides a UI interface for a user. The user may manage a profile downloaded onto the eUICC by using the LPA, for example, performing operations such as activation, deactivation, and deletion on the profile.

The SM-DP+ server may generate a profile, associate the profile with a specified eUICC, and download the profile to the eUICC.

FIG. 2 is a software architectural diagram of an eUICC according to an embodiment of the present invention. As shown in FIG. 2, the eUICC includes a profile 22, an LPAe (LPA in eUICC, LPA in the eUICC) 30, issuer security domain root (Issuer Security Domain Root, ISD-R) 32, and an eUICC controlling authority security domain (eUICC Controlling Authority Security Domain, ECASD) 34. Optionally, the eUICC may further include an issuer security domain OS update (Issuer Security Domain OS update, ISD-OD) 36, and an operating system (Operating System, OS) part. The LPAe, the ISD-R, the ECASD, and the ISD-OD may also be included in the operating system part. The ISD-R includes LPA services (LPA Services). The profile includes an issuer security domain profile (Issuer Security Domain Profile, ISD-P) part 22, NAAs (Network Access Applications, network access application) 24, a file system 26, and the like. Optionally, the profile may further include an authentication algorithm program 28. Optionally, when the profile includes an authentication algorithm program, the eUICC may include no ISD-OD. An OS part 38 includes an operating system patch interpreter (OS patch interpreter) 40, a profile policy enabler (profile policy enabler) 42, a profile package interpreter (Profile Package Interpreter) 42, and a telecom framework (Telecom Framework) 48, where the telecom framework includes the authentication algorithm program.

As shown in FIG. 2, an LPA service in the ISD-R is interfaced with an LPAd (LPA in the device, LPA in the device) through four interfaces, namely, ES10a, ES10b, ES10c, and ES10d. ES10a is used to handle profile discovery between an LDSd (Local Discovery Service in the device, local discovery service in the device) and the LPA service. The ES10b is used to transmit a bound profile package between the LPDd (Local Profile Download in the device, local profile download in the device) and the LPA services to the eUICC. ES10c is used to manage local profiles of users between an LUId (Local User Interface in the device, local user interface in the device) and the LPA service. The ES10d is used to transmit an operating system update package between an LPADd (Local Patch Download in the device, local patch download in the device) and the LPA service in the LPA to the eUICC, and buffer the update package into the ISD-OD. The operating system patch interpreter in an operating system is used to interpret an operating system patch package into an installed operating system patch file based on an operating system patch package specification. The operating system patch interpreter may also be used to buffer an operating system update package received from the LPADd. The ES10d interface may have other names, and this is not limited in this embodiment.

The NAA includes an authentication parameter, a unique IMSI (subscription identifier), location data, and the like. The telecom framework includes the authentication algorithm program. Network authentication is required while the eUICC registers the profile into a network. In a process of network authentication, the authentication algorithm program needs to be used to generate an authentication response (SRES), and deduce a cipher key and an integrity key, to verify validity of a network entity or the eUICC. However, in practice, the eUICC may lack an authentication algorithm program corresponding to an authentication algorithm that needs to be used, and therefore, cannot successfully access an operator network by using the profile.

To add an authentication algorithm program lacking in the eUICC and corresponding to an authentication algorithm into the eUICC, embodiments of the present invention provide a method for adding an authentication algorithm program, and a relevant device and system.

FIG. 3 is a schematic flowchart of a method for adding an authentication algorithm program according to an embodiment of the present invention. As shown in FIG. 3, the method for adding an authentication algorithm program may include steps 301 to 305:

301. An MNO sends an authentication algorithm program to an SM-DP+ server.

The authentication algorithm program corresponds to target information, and the target information is at least one of: firmware version information of the eUICC, an EID (eUICC-ID, embedded universal integrated circuit card identifier) issuer identifier of the eUICC, platform/operating system version information of the eUICC, or capability information of the eUICC.

Optionally, the MNO may generate authentication algorithm programs of different versions based on at least one of different firmware version information, EID issuer identifier, platform/operating system version information, and capability information of the eUICC, and create a list (where an example structure is shown in Table 1). The list includes identifiers of the authentication algorithm programs of different versions (or the versions of the authentication algorithm programs), the corresponding firmware version information, the EID issuer identifier, the platform/operating system version information, and the capability information of the eUICC. Optionally, the list may be created by a card vendor. For example, an operator and the card vendor negotiate an authentication algorithm that needs to be implemented, and an environment or condition for running the authentication algorithm (for example, the firmware version information of the eUICC, the EID issuer identifier, the platform/operating system version information of the eUICC, the capability information of the eUICC, or one or more thereof), the operator lets the card vendor implement the authentication algorithm, and after completing development, the card vendor delivers a list of authentication algorithm programs of all versions and all corresponding authentication algorithm programs in the list to the operator. Alternatively, the card vendor may store the list of authentication algorithm programs of all versions and all corresponding authentication algorithm programs in the list into a patch server, and create an interface between the patch server and an operator server, and the MNO may request an authentication algorithm program corresponding to the target information from the patch server.

TABLE 1

Identifier of the

authentication

Firmware
Plafform/operating
Capability

algorithm
EID issuer
version
system version
information of

program
identifier
information
information
the eUICC

GD_01
G&D
852321
V4.0.1
Capability

information 1

GTO_01
Gemalto
853514
V5.5.1
Capability

information 2

For example, if an eUICC1 exists and the eUICC1 lacks the authentication algorithm program supported by the MNO, the EID issuer identifier of the eUICC1 is G&D, the firmware version information is 852321, the platform/operating system version information is V4.0.1, and the capability information of the eUICC is capability information 1, then the MNO searches the list based on the EID issuer identifier of the eUICC1, the firmware version information, the platform/operating system version information, and the capability information of the eUICC, and finds that an identifier of the corresponding authentication algorithm program is GD_01; and the MNO sends the authentication algorithm program of the GD_01 version to the SM-DP+ server. The SM-DP+ server generates a bound profile package that includes the authentication algorithm program of the GD_01 version, and sends the bound profile package to the eUICC1 by using the LPA. Then the eUICC1 adds the authentication algorithm program of the GD_01 version into the eUICC1. The correspondence in the above table is only an example. Optionally, the identifier of the authentication algorithm program may also correspond to one or any combination of information entries in the table. For example, the identifier of the authentication algorithm program may correspond to only the EID issuer identifier, or the identifier of the authentication algorithm program may correspond to both the EID issuer identifier and the firmware version information. This is not limited in this embodiment of this application.

302. The SM-DP+ server generates a bound profile package that includes the authentication algorithm program.

In this embodiment of the present invention, after receiving the authentication algorithm program sent by the MNO, the SM-DP+ server generates the bound profile package that includes the authentication algorithm program. Optionally, the bound profile package further includes a profile. That is, the authentication algorithm program lacking in the eUICC may be downloaded in a process of downloading the profile. Therefore, when the bound profile package further includes the profile, the authentication algorithm program can be downloaded to the eUICC in a more timely manner. Optionally, the authentication algorithm program may be located in the profile, or the authentication algorithm program may be located outside the profile. This is not limited in this embodiment of the present invention.

303. The SM-DP+ server sends the bound profile package to an LPA.

In this embodiment of the present invention, after the SM-DP+ server generates the bound profile package that includes the authentication algorithm program, the SM-DP+ server sends the bound profile package to the LPA, so that the bound profile package can be sent to the eUICC by using the LPA.

304. The LPA sends the bound profile package to an eUICC.

305. The eUICC adds the authentication algorithm program into the eUICC.

In this embodiment of the present invention, the authentication algorithm program is used to be added into the eUICC. That is, after receiving the authentication algorithm program, the eUICC adds the authentication algorithm program into the eUICC. Specifically, the authentication algorithm program may be added into an authentication algorithm program set of the eUICC, where the authentication algorithm program set may be implemented in a telecom framework (Telecom Framework).

By implementing the authentication algorithm program described in FIG. 3, the MNO can send the authentication algorithm program lacking in the eUICC and corresponding to the authentication algorithm to the SM-DP+ server. After receiving the authentication algorithm program sent by the MNO, the SM-DP+ server can generate a bound profile package that includes the authentication algorithm program, and send the bound profile package to the eUICC by using the LPA. Therefore, the eUICC can add the authentication algorithm program in the bound profile package into the eUICC. As can be learned, by implementing the authentication algorithm program illustrated in FIG. 3, the eUICC can add the authentication algorithm program corresponding to the authentication algorithm into the eUICC in time.

In an optional implementation, for example, the target information includes the firmware version information of the eUICC, and in a subscription process between a user terminal and an MNO server, the MNO server may receive the firmware version information of the eUICC. After receiving the firmware version information of the eUICC, the MNO server finds the corresponding authentication algorithm program based on the received firmware version information of the eUICC.

In another example, as shown in FIG. 4, the target information includes the firmware version information of the eUICC, the EID issuer identifier of the eUICC, the platform/operating system version information of the eUICC, and the capability information of the eUICC. In a subscription process between the user terminal and the MNO server, the MNO server may receive the firmware version information, the EID, and the capability information of the eUICC that are sent by the LPA. After receiving the EID, the MNO server obtains the EID issuer identifier and the platform/operating system version information from the EID, finds the corresponding authentication algorithm program based on the received firmware version information, EID issuer identifier, platform/operating system version information, and the capability information of the eUICC, and sends the authentication algorithm program to the SM-DP+ server. That is, the target information may include one or more of the EID issuer identifier, the platform/operating system version information, the firmware version information of the eUICC, or the capability information of the eUICC. After receiving the target information, the MNO server finds the corresponding authentication algorithm program based on the target information. Optionally, the MNO server may send the authentication algorithm program to the SM-DP+ server by using a DownloadOrder (DownloadOrder), or may send the authentication algorithm program to the SM-DP+ server by using a ConfirmOrder (ConfirmOrder).

Optionally, in the subscription process between the user terminal and the MNO server, after the EID or other matching information (such as the firmware version information and the capability information of the eUICC) is reported, the MNO server searches for the corresponding authentication algorithm program, and a DownloadOrder (DownloadOrder) sent to the SM-DP+ server carries a ProfileType message (ProfileType). The ProfileType message is used to indicate a type of a profile specifically generated or matched by the SM-DP+ server. The profile type can be identified and determined based on data included in the profile. For example, a ProfileType message 1 is used to indicate that the profile type is a profile including an authentication algorithm program, and a ProfileType message 2 is used to indicate that the profile type is a profile including no authentication algorithm program. Alternatively, the profile type may also be identified and determined based on each different authentication algorithm program identifier included in the profile. For example, the ProfileType message 1 indicates a profile type including an authentication algorithm program identifier GD_01, and the ProfileType message 2 indicates a profile type including an authentication algorithm program identifier GTO_01. Optionally, the MNO server may also add two ProfileType messages in the DownloadOrder, one ProfileType message is used to indicate that the profile type is a profile including an authentication algorithm program, and the other ProfileType message is used to indicate that the profile type is a profile including the authentication algorithm program identifier GTO_01. Alternatively, the MNO server may also add two ProfileType messages in the DownloadOrder, one ProfileType message is used to indicate that the profile type is a profile including no authentication algorithm program, and the other ProfileType message is used to indicate that the profile type is a profile including no authentication algorithm program identifier GTO_01.

Optionally, in the subscription process between the user terminal and the MNO server, the user terminal may report no EID information, but purchase an activation code (Activation code) corresponding to a profile. The MNO server may configure authentication algorithm programs of different versions into profiles of different sets when generating profiles of corresponding activation codes in batches. When the user terminal purchases the activation code, an operator may request the user terminal to provide matching information. The matching information may be at least one of the firmware version information of the eUICC, the EID issuer identifier of the eUICC, the platform/operating system version information of the eUICC, or the capability information of the eUICC. Based on the matching information obtained from the user terminal, the MNO server instructs the SM-DP+ server to package the profile including the authentication algorithm program of the corresponding version, and to send the package to the eUICC of the user terminal. The method for the SM-DP+ server to obtain the authentication algorithm program may be: after generating the authentication algorithm programs of different versions corresponding to authentication algorithms, the MNO server sends a list of needed authentication algorithm programs of different versions together with the authentication algorithm programs of all versions corresponding to the authentication algorithms to the SM-DP+ server.

In another example, when the target information includes the EID issuer identifier of the eUICC, the MNO, the SM-DP+ server, and the LPA may further perform the following steps: the MNO sends first information to the SM-DP+ server, where the first information includes the EID information; after receiving the first information, the SM-DP+ server obtains the EID issuer identifier from the EID information; the SM-DP+ server sends third information to the MNO, where the third information includes the EID issuer identifier; and the MNO searches for a corresponding authentication algorithm program based on the third information. In this way, the MNO sends the found authentication algorithm program to the SM-DP+ server.

In another example, when the target information includes the firmware version information of the eUICC, the EID issuer identifier of the eUICC, the platform/operating system version information of the eUICC, and the capability information of the eUICC, as shown in FIG. 5, the MNO, the SM-DP+ server, and the LPA may further perform the following steps: the MNO sends first information to the SM-DP+ server, where the first information includes the EID information; the LPA sends second information to the SM-DP+ server, where the second information includes the eUICC information; after receiving the first information and the second information, the SM-DP+ server obtains the firmware version information and the capability information of the eUICC from the eUICC information, and obtains the EID issuer identifier and the platform/operating system version information from the EID information; the SM-DP+ server sends third information to the MNO, where the third information includes the firmware version information, the EID issuer identifier, the platform/operating system version information, and the capability information of the eUICC; and the MNO searches for a corresponding authentication algorithm program based on the third information. In this way, the MNO sends the found authentication algorithm program to the SM-DP+ server. That is, the third information sent by the SM-DP+ server to the MNO may include one or more of: the EID issuer identifier, the platform/operating system version information, the firmware version information of the eUICC, and the capability information of the eUICC, and the MNO searches for a corresponding authentication algorithm program based on the third information. In this way, the MNO sends the found authentication algorithm program to the SM-DP+ server.

Optionally, the first information may be a DownloadOrder (DownloadOrder) or a ConfirmOrder (ConfirmOrder). Optionally, the third information may be HandleDownloadProgressInfo.

Optionally, an operator and a card vendor negotiate an authentication algorithm that needs to be implemented, and an environment or condition for running the authentication algorithm (for example, the firmware version information of the eUICC, the EID issuer identifier, the platform/operating system version information of the eUICC, the capability information of the eUICC, or one or more thereof), the operator lets the card vendor implement the authentication algorithm, and after completing development, the card vendor delivers a list of authentication algorithm programs of all versions and all corresponding authentication algorithm programs in the list to the operator. Optionally, the card vendor may store the list of authentication algorithm programs of all versions and all corresponding authentication algorithm programs in the list into a patch server, and create an interface between the patch server and an operator server. When the SM-DP+ server sends the third information to the operator server by using HandleDownloadProgressInfo (HandleDownloadProgressInfo), the operator server may forward the third information to the patch server through the interface connected to the patch server. Based on the information (for example, the firmware version information of the eUICC, the EID issuer identifier, the platform/operating system version information of the eUICC, the capability information of the eUICC, or one or more thereof) received in the third information, the patch server finds a matched authentication algorithm program and sends the authentication algorithm program to the operator server. The operator server sends the received authentication algorithm program to the SM-DP+ server. Optionally, the SM-DP+ server may further receive the authentication algorithm program that is forwarded from the operator server and sent by the patch server and that matches the third information, and may receive an identifier of the authentication algorithm program.

In an optional implementation, the first information further includes an authentication algorithm program adding identifier, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the target information. For example, if the target information includes the firmware version information, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the firmware version information. If the target information includes the EID issuer identifier, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the EID issuer identifier. If the target information includes the platform/operating system version information, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the platform/operating system version information. If the target information includes the EID issuer identifier and the platform/operating system version information, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the EID issuer identifier and the platform/operating system version information. If the target information includes the capability information of the eUICC, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the capability information of the eUICC. As shown in FIG. 5, if the target information includes the firmware version information, the EID issuer identifier, the platform/operating system version information, and the capability information of the eUICC, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the firmware version information, the EID issuer identifier, the platform/operating system version information, and the capability information of the eUICC. That is, the target information may include one or more of the EID issuer identifier, the platform/operating system version information, the firmware version information of the eUICC, or the capability information of the eUICC. The authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining all compositional information in the target information.

In an optional implementation, the second information further includes the authentication algorithm program adding identifier. After completion of the subscription process, the activation code allocated by the MNO is obtained, and the activation code includes the authentication algorithm program adding identifier and an address of the SM-DP+ server. After a user enters the activation code, the LPA identifies the authentication algorithm program adding identifier included in the activation code, and add the authentication algorithm program adding identifier in the second information sent to the SM-DP+ server. The authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the target information. For example, if the target information includes the firmware version information, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the firmware version information. If the target information includes the EID issuer identifier, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the EID issuer identifier. If the target information includes the platform/operating system version information, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the platform/operating system version information. If the target information includes the EID issuer identifier and the platform/operating system version information, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the EID issuer identifier and the platform/operating system version information. If the target information includes the capability information of the eUICC, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the capability information of the eUICC. As shown in FIG. 5, if the target information includes the firmware version information, the EID issuer identifier, the platform/operating system version information, and the capability information of the eUICC, the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the firmware version information, the EID issuer identifier, and the platform/operating system version information. In the solution, the MNO server may not add the authentication algorithm program adding identifier in the first information. After completion of the subscription process between the user terminal and the MNO server, the user terminal receives the activation code sent by the MNO server, where the activation code includes the authentication algorithm program adding identifier. After the user terminal LPA receives an activation code operation of the user, the LPA recognizes the activation code, adds the authentication algorithm program adding identifier that is in the activation code in the second information, and sends the second information to the SM-DP+ server. That is, the target information may include one or more of the EID issuer identifier, the platform/operating system version information, the firmware version information of the eUICC, or the capability information of the eUICC. The authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining all compositional information in the target information.

In an optional implementation, the bound profile package includes initial secure channel information, storage metadata, an authentication algorithm program, and a profile, and the authentication algorithm program exists in the profile. FIG. 6 is a flowchart of sending the bound profile package by the LPA to the eUICC. As shown in FIG. 6, a specific implementation of sending the bound profile package by the LPA to the eUICC may include the following steps: the LPA sends the initial secure channel information to the eUICC; the LPA sends the storage metadata to the eUICC; and the LPA sends the profile to the eUICC. Correspondingly, a specific implementation of receiving the bound profile package by the eUICC may include the following steps: the eUICC receives the initial secure channel information sent by the LPA; the eUICC receives the storage metadata sent by the LPA; and the eUICC receives the profile sent by the LPA.

Specifically, after receiving the profile that includes the authentication algorithm program, the eUICC parses the authentication algorithm program included in the profile based on a profile element (profile element) format defined by a subscriber identity module alliance (simalliance), and adds or installs the parsed authentication algorithm program into the eUICC. Specifically, the authentication algorithm program is added or installed into an authentication algorithm program set in the telecom framework. The addition or installation of the authentication algorithm program may occur before installation of other profile elements of the profile, or after the installation of other profile elements, or during installation of all profile elements. This is not limited in this embodiment of the present invention.

The authentication algorithm program in the profile is stored and the profile is downloaded to the eUICC, so that the authentication algorithm program lacking in the eUICC can be downloaded to the eUICC during the process of downloading the profile. After the profile is activated, the authentication algorithm program can be directly used to perform identity validity verification on the eUICC. Therefore, the authentication algorithm program in the profile is stored and the profile is downloaded to the eUICC, so that the authentication algorithm program can be downloaded to the eUICC in a more timely manner.

In an optional implementation, the bound profile package includes the initial secure channel information, storage metadata, an authentication algorithm program, and a profile, and the authentication algorithm program exists outside the profile, that is, the authentication algorithm program is not in the profile. FIG. 7 is a flowchart of sending the bound profile package by the LPA to the eUICC. As shown in FIG. 7, a specific implementation of sending the bound profile package by the LPA to the eUICC may include the following steps: The LPA sends the initial secure channel information to the eUICC; the LPA sends the storage metadata to the eUICC; the LPA sends the authentication algorithm program to the eUICC; and the LPA sends the profile to the eUICC.

Correspondingly, a specific implementation of receiving the bound profile package by the eUICC may include the following steps: the eUICC receives the initial secure channel information sent by the LPA; the eUICC receives the storage metadata sent by the LPA; the eUICC receives the authentication algorithm program sent by the LPA; and the eUICC receives the profile sent by the LPA.

Optionally, after receiving the storage metadata sent by the LPA, the eUICC may first receive the profile sent by the LPA. After completing the operation of installing the profile, the eUICC sends a message to the LPA to indicate completion of installing the profile. After sending the message used to indicate completion of installing the profile to the LPA, the eUICC may receive the authentication algorithm program sent by the LPA. Correspondingly, after sending the storage metadata to the eUICC, the LPA may first send the profile to the eUICC. After receiving the message sent by the eUICC to indicate completion of installing the profile, the LPA sends the authentication algorithm program to the eUICC. Optionally, if the LPA sends the authentication algorithm program to the eUICC after sending the profile, the LPA prompts a user, after receiving the message sent by the eUICC to indicate completion of adding the authentication algorithm program, whether to activate the downloaded profile. After a confirmation operation of the user is received, a profile activation command is sent to the eUICC, where the profile activation command instructs the eUICC to activate the profile.

Optionally, after receiving the storage metadata sent by the LPA, the eUICC may first receive the authentication algorithm program sent by the LPA. After completing the operation of adding the authentication algorithm program, the eUICC sends a message that is used to indicate completion of adding the authentication algorithm program. After sending the message used to indicate completion of adding the authentication algorithm program to the LPA, the eUICC may receive the profile sent by the LPA. Correspondingly, after sending the storage metadata to the eUICC, the LPA may first send the authentication algorithm program to the eUICC. After receiving the message sent by the eUICC to indicate completion of adding the authentication algorithm program, the LPA sends the profile to the eUICC.

The authentication algorithm program and the profile are stored in one bound profile package and the package is downloaded to the eUICC, so that the authentication algorithm program lacking in the eUICC can be downloaded to the eUICC during the process of downloading the profile. After the profile is activated, the authentication algorithm program can be directly used to perform identity validity verification on the eUICC. Therefore, by storing the authentication algorithm program and the profile in one bound profile package and downloading the package to the eUICC, the authentication algorithm program can be downloaded to the eUICC in a more timely manner.

In an optional implementation, as shown in FIG. 8 and FIG. 9, after receiving the authentication algorithm program and the profile that are sent by the LPA, the eUICC may further install the profile in the eUICC. After adding the authentication algorithm program in the profile into the eUICC and installing the profile into the eUICC, the eUICC may further receive a profile activation command sent by the LPA, where the profile activation command instructs the eUICC to activate the profile; the eUICC determines a corresponding authentication algorithm program based on the identifier of the authentication algorithm program in the profile; and the eUICC configures the authentication algorithm program by using a network access application parameter of the profile. The eUICC performs mutual authentication with a network by using the authentication algorithm program.

This implementation is applied, so that after the profile is activated, the authentication algorithm program in the profile can be directly used to perform identity validity verification on the eUICC, or the authentication algorithm program that is located in the bound profile package inclusive of the profile and that is downloaded to the eUICC can be used to perform identity validity verification on a network entity.

In an optional implementation, as shown in FIG. 8 and FIG. 9, if the eUICC deletes the profile, the eUICC deletes the authentication algorithm program corresponding to the profile. The authentication algorithm program corresponding to the profile is the authentication algorithm program located in the bound profile package inclusive of the profile. The authentication algorithm program corresponding to the profile is used to perform identity validity verification on the eUICC after the profile is installed and activated. If the authentication algorithm program is implemented by using a private authentication algorithm of an operator, and if the profile corresponding to the authentication algorithm program is deleted, then the authentication algorithm program corresponding to the profile has no opportunity of being invoked temporarily. Therefore, if the eUICC deletes the profile, the eUICC deletes the authentication algorithm program corresponding to the profile. This is beneficial to saving storage space. Specifically, the eUICC may create a mapping relationship between the authentication algorithm program and the profile after determining that the added or installed authentication algorithm program and the profile are in one bound profile package. After determining that the profile is deleted, the eUICC may delete the corresponding authentication algorithm program based on the previously created mapping relationship.

In an optional implementation, the authentication algorithm program is located outside the profile, and the LPA may receive fifth information sent by the SM-DP+ server; Correspondingly, in FIG. 7, the specific implementation of sending the authentication algorithm program by the LPA to the eUICC is: the LPA sends the authentication algorithm program in the bound profile package to the eUICC based on the fifth information; after sending the authentication algorithm program in the bound profile package to the eUICC based on the fifth information, the LPA may further receive a message sent by the eUICC to indicate completion of adding the authentication algorithm program; and after receiving the message sent by the eUICC to indicate completion of adding the authentication algorithm program, the LPA sends the profile in the bound profile package to the eUICC. Optionally, the LPA may send the profile in the bound profile package to the eUICC first; and after receiving a message sent by the eUICC to indicate completion of installing the profile, the LPA sends the authentication algorithm program in the bound profile package to the eUICC based on the fifth information.

By applying this implementation, the LPA can accurately determine the authentication algorithm program in the bound profile package based on the fifth information.

Optionally, the LPA may send the authentication algorithm program to the eUICC through an ES10d interface between an LPADd and LPA services in an ISD-R of the eUICC. Through the ES10d interface, the LPA receives the message sent by the eUICC to indicate completion of adding or installing the authentication algorithm program. The message for indicating completion of adding the authentication algorithm program may be carried in a response application protocol data unit (response APDU) command. After receiving the message sent by the eUICC to indicate completion of adding the authentication algorithm program, the LPA sends the profile in the bound profile package to the eUICC through an ES10b interface between an LPDd and the LPA services.

Optionally, the eUICC may receive, through an ES10d interface between LPA services in an ISD-R and an LPADd in the LPA, the authentication algorithm program sent by the LPA. After completing adding or installation of the authentication algorithm program, the eUICC sends, through the ES10b interface, a message to the LPA to indicate completion of adding or installing the authentication algorithm program, where the message for indicating completion of adding the authentication algorithm program may be carried in a response application protocol data unit (response APDU) command. After sending the message used to indicate completion of adding the authentication algorithm program to the LPA, the eUICC receives the profile in the bound profile package sent by the LPA through an ES10b interface between an LPDd and the LPA services.

In an optional implementation, the fifth information may be tag information of encrypted segmented data of the bound profile package. The encrypted segmented data of the bound profile package is the authentication algorithm program and the profile in the bound profile package. For example, when the fifth information is the tag information of the encrypted segmented data of the bound profile package, the process of sending the bound profile package by the LPA to the eUICC may be shown in FIG. 10.

Specifically, a data structure of the authentication algorithm program in the bound profile package is in a TLV format (where an example format is shown in Table 2). The bound profile package may reserve one tag (such as ‘A4’ in the table) or more tags to represent a newly added authentication algorithm program. For example, in Table 2, ‘A4’ represents an authentication algorithm program. The LPA can identify the authentication algorithm program part based on a tag in segmented data of the bound profile package.

TABLE 2

Tag (tag)
Length (Length)
Value description (Value Description)

‘A3’
Var.
sequenceOf86

‘86’
Var.
Encrypted profile package

‘A4’
Var.
sequenceOf85

‘85’
Var.
Encrypted authentication

algorithm program

By applying this implementation, the LPA can accurately determine the authentication algorithm program in the bound profile package based on tag information of the encrypted segmented data.

In an optional implementation, the fifth information may be length information of the authentication algorithm program. By applying this implementation, the LPA can accurately determine the authentication algorithm program in the bound profile package based on the length information of the authentication algorithm program.

In an optional implementation, the length information of the authentication algorithm program may be included in storage metadata of the bound profile package. As shown in FIG. 11, the MNO can send an identifier of the authentication algorithm program and the length information of the authentication algorithm program to the SM-DP+ server in addition to sending the authentication algorithm program to the SM-DP+ server. After receiving the identifier of the authentication algorithm program and the length information of the authentication algorithm program that are sent by the MNO, the SM-DP+ server may further let storage metadata of the bound profile package include the identifier of the authentication algorithm program and the length information of the authentication algorithm program, so that the identifier of the authentication algorithm program and the length information of the authentication algorithm program are sent to the LPA and the eUICC.

Correspondingly, after receiving the storage metadata of the bound profile package, the LPA obtains the length information of the authentication algorithm program from the storage metadata, determines the authentication algorithm program in the bound profile package based on the length information of the authentication algorithm program, and sends the determined authentication algorithm program to the eUICC. Optionally, after receiving the storage metadata sent by the LPA, the eUICC obtains the identifier of the authentication algorithm program from the storage metadata, and adds the identifier of the authentication algorithm program into the eUICC.

In an optional implementation, as shown in FIG. 12A and FIG. 12B, the SM-DP+ server, the MNO, the LPA, and the eUICC may further perform the following steps: the MNO sends the identifier of the authentication algorithm program and the length information of the authentication algorithm program to the SM-DP+ server; after receiving the identifier of the authentication algorithm program, the length information of the authentication algorithm program, and the authentication algorithm program that are sent by the MNO, the SM-DP+ server generates a first digital signature by using an identifier of a first authentication algorithm program and length information of the first authentication algorithm program; the SM-DP+ server sends fourth information to the LPA, where the fourth information includes the identifier of the authentication algorithm program, the length information of the authentication algorithm program, and the first digital signature; the LPA sends the fourth information to the eUICC; after receiving the fourth information sent by the LPA, the eUICC verifies the first digital signature by using the identifier of the authentication algorithm program and the length information of the authentication algorithm program; the eUICC generates a second digital signature by using the first digital signature if the eUICC succeeds in verifying the first digital signature; the eUICC sends the second digital signature to the SM-DP+ server by using the LPA; after receiving the second digital signature sent by the eUICC by using the LPA, the SM-DP+ server verifies the second digital signature; if succeeding in verifying the second digital signature, the SM-DP+ server performs a step of generating the bound profile package that includes the authentication algorithm program. That is, this implementation is applied, so that the length information of the authentication algorithm program can be sent to the LPA without being included in the storage metadata of the bound profile package.

This implementation is applied, so that identity validity verification on the SM-DP+ server and the eUICC can be performed, and the length information of the authentication algorithm program can also be notified to the LPA. Therefore, the LPA can accurately send the authentication algorithm program part to the eUICC for adding or installing first, thereby ensuring that after the profile is installed and activated, a network can be accessed successfully by using the authentication algorithm program that is previously added or installed.

Correspondingly, after receiving the bound profile package, the LPA determines the authentication algorithm program in the bound profile package based on the received length information of the authentication algorithm program, and sends the determined authentication algorithm program to the eUICC. Optionally, after receiving the authentication algorithm program sent by the LPA, the eUICC adds the authentication algorithm program and the identifier of the authentication algorithm program into the eUICC.

In an optional implementation, the initial secure channel information of the bound profile package includes a remote operation type identifier whose value is install-bound-patch and ProfileType, where the install-bound-patch and the ProfileType are used to indicate that the bound profile package includes the authentication algorithm program and a profile. Specifically, by parsing a remote operation type identifier whose value is install-bound-patch and ProfileType, the eUICC can learn that the bound profile package includes the authentication algorithm program and the profile. After obtaining all the authentication algorithm programs, the eUICC may first add or install an authentication algorithm program, and send a successful adding result message or a successful installation result message to the LPA to obtain the profile from the LPA. The eUICC installs the profile. Optionally, the install-bound-patch and the ProfileType may also be used to indicate a security level of the authentication algorithm program and the profile. After receiving the initial secure channel information sent by the LPA, the eUICC verifies the remote operation type identifier whose value is install-bound-patch and ProfileType and that is included in the initial secure channel information. If it is verified that the remote operation type identifier is one of defined types, the eUICC processes the authentication algorithm program and the profile in the bound profile package separately by using a security level corresponding to the remote operation type. For example, the remote operation type identifier whose value is install-bound-patch and ProfileType indicates that the security level of the profile and the authentication algorithm program is integrity protection and encryption protection.

In an optional implementation, as shown in FIG. 13, the authentication algorithm program is located outside the profile. While the SM-DP+ server generates the bound profile package, the SM-DP+ server encrypts the authentication algorithm program and the profile by using a session key. Correspondingly, after receiving the authentication algorithm program sent by the LPA, the eUICC decrypts the authentication algorithm program by using the session key. Optionally, after completing the operation of adding the authentication algorithm program to the eUICC, the eUICC sends a message of successful adding of the authentication algorithm program to the LPA. The message of successful adding of the authentication algorithm program may be carried in a response application protocol data unit (response APDU) command, and the message of successful adding of the authentication algorithm program is used to instruct the LPA to send a profile part in the bound profile package to the eUICC. After receiving the profile sent by the LPA, the eUICC decrypts the profile by using the session key.

Security of data transmission can be improved by encrypting the authentication algorithm program by using the session key.

Optionally, a schematic structural diagram of a bound profile package generated by the SM-DP+ server may be shown in FIG. 14. As shown in FIG. 14, the bound profile package may include initial secure channel information, an issuer security domain-profile (Configure ISDP), storage metadata, an authentication algorithm program, and a profile part. Optionally, the profile may also precede the authentication algorithm program.

Optionally, when generating the bound profile package, the SM-DP+ server may use the session key to encrypt the issuer security domain-profile in the bound profile package, the authentication algorithm program, and the profile. After receiving the initial secure channel information, the eUICC obtains, from the initial secure channel information, a public key in a one-time key pair generated by the SM-DP+ server, generates a session key by using a digital certificate and a private key in a one-time key pair generated by the eUICC, and uses the session key to decrypt the issuer security domain-profile, the authentication algorithm program, and the profile that are received from the LPA.

In an optional implementation, as shown in FIG. 15, the authentication algorithm program is located outside the profile, the bound profile package further includes a key encrypting key. While the SM-DP+ server generates the bound profile package, the SM-DP+ server encrypts the authentication algorithm program and the profile by using the key encrypting key. The key encrypting key is encrypted by using a session key. Correspondingly, before receiving the authentication algorithm program sent by the LPA, the eUICC may receive the key encrypting key sent by the LPA, and decrypt the key encrypting key by using the session key. Optionally, after completing the operation of adding or installing the authentication algorithm program, the eUICC sends a message of successful adding of the authentication algorithm program to the LPA. The message of successful adding of the authentication algorithm program may be carried in a response application protocol data unit (response APDU) command, and the message of successful adding of the authentication algorithm program is used to instruct the LPA to send a profile part in the bound profile package to the eUICC. After receiving the authentication algorithm program sent by the LPA, the eUICC may further decrypt the authentication algorithm program by using the key encrypting key. After receiving the profile sent by the LPA, the eUICC may further decrypt the profile by using the key encrypting key.

Optionally, a schematic structural diagram of a bound profile package generated by the SM-DP+ server may be shown in FIG. 16. As shown in FIG. 16, the bound profile package may include initial secure channel information, an issuer security domain-profile, storage metadata, a key encrypting key, an authentication algorithm program, and a profile. Optionally, the profile may also precede the authentication algorithm program.

Optionally, while the SM-DP+ server generates the bound profile package, the SM-DP+ server may use the key encrypting key to encrypt the authentication algorithm program and the profile, and then use the session key to encrypt a configuration issuer security domain-profile and the key encrypting key in the bound profile package. After receiving the initial secure channel information, the eUICC obtains, from the initial secure channel information, a public key in a one-time key pair generated by the SM-DP+ server, generates a session key by using a digital certificate and a private key in a one-time key pair generated by the eUICC, and uses the session key to decrypt the configuration issuer security domain-profile and the key encrypting key that are received from the LPA. After decrypting the key encrypting key, the eUICC decrypts the received authentication algorithm program and profile by using the key encrypting key.

Security of data transmission can be improved by encrypting the authentication algorithm program by using the key encrypting key.

In an optional implementation, the authentication algorithm program is located outside the profile, and the bound profile package further includes a first key encrypting key and a second key encrypting key. While the SM-DP+ server generates the bound profile package, the SM-DP+ server encrypts the authentication algorithm program by using the first key encrypting key, and encrypts the profile by using the second key encrypting key, where the first key encrypting key and the second key encrypting key are encrypted by using the session key. Correspondingly, before receiving the authentication algorithm program sent by the LPA, the eUICC may further receive a first key encrypting key, and decrypt the first key encrypting key by using the session key. After receiving the authentication algorithm program sent by the LPA, the eUICC may further decrypt the authentication algorithm program by using the first key encrypting key. Optionally, after completing the operation of adding the authentication algorithm program to the eUICC, the eUICC sends a message of successful adding of the authentication algorithm program to the LPA. The message of successful adding of the authentication algorithm program may be carried in a response application protocol data unit (response APDU) command, and the message of successful adding of the authentication algorithm program is used to instruct the LPA to send a profile part in the bound profile package to the eUICC. Before receiving the profile sent by the LPA, the eUICC may further receive a second key encrypting key sent by the LPA, and decrypt the second key encrypting key by using the session key. After receiving the profile sent by the LPA, the eUICC may further decrypt the profile by using the second key encrypting key. The eUICC may also receive the profile first, and decrypt the profile by using the second key encrypting key that is received before the profile is received. After receiving the profile, the eUICC sequentially receives the first key encrypting key and the authentication algorithm program, and decrypts the authentication algorithm program by using the first key encrypting key.

Specifically, the second key encrypting key may be the key encrypting key of the profile. Upon completion of preparing a profile, the SM-DP+ server can generate a profile key encrypting key immediately, and encrypt the profile by using the profile key encrypting key. The first key encrypting key may be the key encrypting key of the authentication algorithm program. The authentication algorithm program may encrypt the authentication algorithm program with the key encrypting key of the authentication algorithm program after the SM-DP+ server obtains the authentication algorithm program corresponding to the eUICC. The first key encrypting key may also be a second key encrypting key. For example, upon completion of preparing the profile, the SM-DP+ server also completes preparing a corresponding authentication algorithm program, and encrypts the authentication algorithm program and the profile by using the key encrypting key. In this case, the key encrypting key may be sent to the eUICC by using the LPA only before the profile is sent, or may be sent to the eUICC by using the LPA only before the authentication algorithm program is sent. This is not limited in this embodiment of the present invention.

In an optional implementation, as shown in FIG. 17, the authentication algorithm program is located outside the profile, and the bound profile package further includes the key encrypting key. While the SM-DP+ server generates the bound profile package, the SM-DP+ server encrypts the authentication algorithm program by using the session key, and encrypts the profile by using the key encrypting key. Correspondingly, before receiving the profile sent by the LPA, the eUICC may further receive the key encrypting key sent by the LPA, and decrypt the key encrypting key by using the session key. After receiving the authentication algorithm program sent by the LPA, the eUICC may decrypt the authentication algorithm program by using the session key. Optionally, after completing the operation of adding or installing the authentication algorithm program, the eUICC sends a message of successful adding of the authentication algorithm program to the LPA. The message of successful adding of the authentication algorithm program may be carried in a response application protocol data unit (response APDU) command, and the message of successful adding of the authentication algorithm program is used to instruct the LPA to send a profile part in the bound profile package to the eUICC. After receiving the profile sent by the LPA, the eUICC may decrypt the profile by using the key encrypting key.

The eUICC may first receive the profile sent by the LPA, and then the eUICC decrypts the profile by using the key encrypting key, and installs the profile. Optionally, after completing the operation of installing the profile, the eUICC sends a profile installation success message to the LPA. The profile installation success message may be carried in a response application protocol data unit (response APDU) command, and the profile installation success message is used to instruct the LPA to send the authentication algorithm program in the bound profile package to the eUICC. The eUICC receives the authentication algorithm program sent by the LPA, and the eUICC decrypts the authentication algorithm program by using the session key. Upon completion of the decryption, the eUICC adds the authentication algorithm program into the eUICC. That is, the eUICC may first receive the authentication algorithm program sent by the LPA, and then receive the profile sent by the LPA; or the eUICC may first receive the profile sent by the LPA, and then receive the authentication algorithm program sent by the LPA. After receiving the authentication algorithm program sent by the LPA, the eUICC may receive the key encrypting key sent by the LPA, and after receiving the key encrypting key, the eUICC receives the profile sent by the LPA; or, after receiving the key encrypting key sent by the LPA, the eUICC may receive the profile sent by the LPA, and after receiving the profile, the eUICC receives the authentication algorithm program sent by the LPA; or, after receiving the key encrypting key sent by the LPA, the eUICC may receive the authentication algorithm program sent by the LPA, and after receiving the authentication algorithm program, the eUICC receives the profile sent by the LPA. This is not limited in this embodiment of the present invention.

In an optional implementation, the authentication algorithm program is located outside the profile, and the bound profile package further includes a key encrypting key. The key encrypting key is encrypted by using the session key. While the SM-DP+ server generates the bound profile package, the SM-DP+ server encrypts the authentication algorithm program by using the key encrypting key, and encrypts the profile by using the session key. Correspondingly, after receiving the profile sent by the LPA, the eUICC may further receive the key encrypting key sent by the LPA, and decrypt the key encrypting key by using the session key. After receiving the authentication algorithm program sent by the LPA, the eUICC may further decrypt the authentication algorithm program by using the key encrypting key; or, the eUICC may first receive the key encrypting key sent by the LPA, and decrypt the key encrypting key by using the session key. After completion of the decryption, the eUICC receives the authentication algorithm program sent by the LPA, and adds the authentication algorithm program into the eUICC. Optionally, after completing the operation of adding the authentication algorithm program into the eUICC, the eUICC sends a message of successful adding of the authentication algorithm program to the LPA. The message of successful adding of the authentication algorithm program may be carried in a response application protocol data unit (response APDU) command, and the message of successful adding of the authentication algorithm program is used to instruct the LPA to send the profile in the bound profile package to the eUICC. The eUICC receives the profile sent by the LPA, and the eUICC decrypts the profile by using the session key. After completion of the decryption, the eUICC installs the profile. That is, the eUICC may first receive the key encrypting key sent by the LPA, and then receive the authentication algorithm program sent by the LPA, and finally receive the profile sent by the LPA; or, the eUICC may first receive the profile sent by the LPA, and then receive the key encrypting key sent by the LPA, and finally receive the authentication algorithm program sent by the LPA.

Optionally, a schematic structural diagram of a bound profile package generated by the SM-DP+ server may be shown in FIG. 16 and FIG. 18. As shown in FIG. 16 and FIG. 18, the bound profile package may include initial secure channel information, a configuration issuer security domain-profile, storage metadata, a key encrypting key, an authentication algorithm program, and a profile. In FIG. 16, the key encrypting key exists before the authentication algorithm program; and in FIG. 18, the key encrypting key exists after the authentication algorithm program. That is, in this implementation, the LPA may first send the key encrypting key to the eUICC, and then send the authentication algorithm program to the eUICC, or the LPA may first send the authentication algorithm program to the eUICC and then send the key encrypting key to the eUICC.

Optionally, the SM-DP+ server may use the key encrypting key to encrypt the profile, and then use the session key to encrypt the configuration issuer security domain-profile key encrypting key and the authentication algorithm program in the bound profile package. After receiving the initial secure channel information, the eUICC obtains, from the initial secure channel information, a public key in a one-time key pair generated by the SM-DP+ server, generates a session key by using a digital certificate and a private key in a one-time key pair generated by the eUICC, and uses the session key to decrypt the configuration issuer security domain-profile, the key encrypting key, and the authentication algorithm program that are received from the LPA. After decrypting the key encrypting key, the eUICC decrypts the received profile by using the key encrypting key.

The authentication algorithm program is encrypted by using the session key and the profile is encrypted by using the key encrypting key to improve security of data transmission.

In an optional implementation, the authentication algorithm program is encrypted by an MNO by using a public key of the eUICC. That is, the authentication algorithm program received by the SM-DP+ server has been encrypted by the MNO by using the public key of the eUICC. Therefore, the SM-DP+ server may not encrypt the authentication algorithm program any longer, but directly sends, by using the LPA, the authentication algorithm program encrypted by the public key of the eUICC to the eUICC. After receiving the authentication algorithm program encrypted by the public key of the eUICC, the eUICC decrypts the authentication algorithm program by using a private key of the eUICC. Optionally, to improve data security, on condition that the authentication algorithm program has been encrypted by the MNO by using the public key of the eUICC, the SM-DP+ server may further encrypt the authentication algorithm program again, and the SM-DP+ server may use the key encrypting key or the session key to encrypt the authentication algorithm program that has been encrypted by the public key of the eUICC. For example, the SM-DP+ server uses the key encrypting key to encrypt the authentication algorithm program that has been encrypted by the public key of the eUICC. Correspondingly, after receiving the authentication algorithm program, the eUICC first uses the key encrypting key to decrypt the authentication algorithm program, and then uses the private key of the eUICC to decrypt the authentication algorithm program. In another example, the SM-DP+ server uses the session key to encrypt the authentication algorithm program that has been encrypted by the public key of the eUICC. Correspondingly, after receiving the authentication algorithm program, the eUICC first uses the session key to decrypt the authentication algorithm program, and then uses the private key of the eUICC to decrypt the authentication algorithm program.

Security of data transmission can be improved by encrypting the authentication algorithm program by using the public key of the eUICC.

In an optional implementation, before encrypting the authentication algorithm program by using the public key of the eUICC, the MNO may further perform the following steps: when agreeing with the card vendor on constraints for generating the authentication algorithm program (for example, the EID issuer identifier, the platform/operating system version information, the firmware version information of the eUICC, and the capability information of the eUICC), the MNO obtains an eUICC certificate (CERT.EUICC.ECDSA) provided by all card vendors. The eUICC certificate includes the public key of the eUICC. After generating the authentication algorithm program, the MNO may match the authentication algorithm program of the corresponding version based on the EID information in the eUICC certificate. The matching may be implemented by finding the authentication algorithm program of the corresponding version based on the EID issuer identifier in the EID information. Alternatively, the matching may be implemented by finding the authentication algorithm program of the corresponding version based on the platform/operating system version information in the EID. Alternatively, the matching may be implemented by finding the authentication algorithm program of the corresponding version based on the EID issuer identifier and the platform/operating system version information in the EID. Alternatively, the matching may be implemented by finding the authentication algorithm program of the corresponding version based on the EID issuer identifier, the platform/operating system version information, the firmware version information of the eUICC, or the capability information of the eUICC in the EID. The firmware version information of the eUICC and the capability information of the eUICC may be provided by the card vendor when the MNO and the card vendor agree to generate the constraints of the authentication algorithm program. That is, after generating the authentication algorithm program, the MNO can find the corresponding authentication algorithm program based on one or more of the EID issuer identifier, the platform/operating system version information, the firmware version information of the eUICC, or the capability information of the eUICC.

In the embodiments of the present invention, functional units of the SM-DP+ server, the LPA, and the eUICC may be divided based on the foregoing method examples. For example, the functional units may be divided corresponding to functions, or two or more functions may be integrated into one unit. The integrated unit may be implemented in a form of hardware, or may be implemented in a form of a software functional unit. It should be noted that, in this embodiment of the present invention, unit division is exemplary, and is merely a logical function division. In actual implementation, another division manner may be used.

FIG. 19 is a schematic structural diagram of an SM-DP+ server 1900 according to an embodiment of the present invention. As shown in FIG. 19, the SM-DP+ server 1900 includes a communications module 1901 and a processing module 1902.

The communications module 1901 is configured to receive an authentication algorithm program sent by a mobile network operator MNO, where the authentication algorithm program corresponds to target information, and the target information is at least one of: firmware version information of an embedded universal integrated circuit card eUICC, an embedded universal integrated circuit card identifier EID issuer identifier of the eUICC, platform/operating system version information of the eUICC, or capability information of the eUICC; the processing module 1902 is configured to generate a bound profile package that includes the authentication algorithm program; and the communications module 1901 is further configured to send the bound profile package to the eUICC by using a local profile assistant LPA.

In an optional implementation, the target information includes the firmware version information of the eUICC, the EID issuer identifier of the eUICC, and the platform/operating system version information of the eUICC; and the communications module 1901 is further configured to: before receiving the authentication algorithm program sent by the mobile network operator MNO, receive first information sent by the MNO, where the first information includes the EID information. The communications module 1901 is further configured to receive second information sent by the LPA, where the second information includes eUICC information. The processing module 1902 is further configured to obtain the firmware version information from the eUICC information. The processing module 1902 is further configured to obtain the EID issuer identifier and the platform/operating system version information from the EID information. The communications module 1901 is further configured to send third information to the MNO, where the third information includes the firmware version information, the EID issuer identifier, and the platform/operating system version information.

In an optional implementation, the target information further includes the capability information of the eUICC, and the processing module 1902 is further configured to obtain the capability information of the eUICC from the eUICC information. The third information further includes the capability information of the eUICC.

In an optional implementation, the first information further includes an authentication algorithm program adding identifier, where the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the firmware version information, the EID issuer identifier, and the platform/operating system version information.

In an optional implementation, the second information further includes an authentication algorithm program adding identifier, where the authentication algorithm program adding identifier is used to instruct the SM-DP+ server to request the authentication algorithm program from the MNO after obtaining the firmware version information, the EID issuer identifier, and the platform/operating system version information.

In an optional implementation, the third information is HandleDownloadProgressInfo.

In an optional implementation, the communications module 1901 is further configured to receive an identifier of the authentication algorithm program and length information of the authentication algorithm program that are sent by the MNO. The processing module 1902 is further configured to generate, after the communications module 1901 receives the authentication algorithm program sent by the MNO, a first digital signature by using an identifier of a first authentication algorithm program and length information of the first authentication algorithm program. The communications module 1901 is further configured to send fourth information to the eUICC by using the LPA, where the fourth information includes the identifier of the authentication algorithm program, the length information of the authentication algorithm program, and the first digital signature. The communications module 1901 is further configured to receive a second digital signature sent by the eUICC by using the LPA. The processing module 1902 is further configured to verify the second digital signature. If the processing module 1902 succeeds in verifying the second digital signature, the processing module 1902 is triggered to generate the bound profile package that includes the authentication algorithm program.

In an optional implementation, the bound profile package further includes the profile, and the authentication algorithm program and the profile are encrypted by using a session key.

In an optional implementation, the authentication algorithm program is encrypted by the MNO by using a public key of the eUICC.

Based on the same inventive concept, a principle of the SM-DP+ server for resolving problems according to this embodiment of the present invention is similar to that of the method embodiment of the present invention, and therefore, the implementation of the SM-DP+ server can be learned by referring to the implementation of the method, and for brevity, is not repeated herein again.

FIG. 20 is a schematic structural diagram of an eUICC 2000 according to an embodiment of the present invention. As shown in FIG. 20, the eUICC 2000 includes a communications module 2001 and a processing module 2002.

The communications module 2001 is configured to receive a bound profile package sent by a local profile assistant LPA, where the bound profile package includes initial secure channel information, storage metadata, an authentication algorithm program, and a profile, the authentication algorithm program corresponds to target information, and the target information is at least one of: firmware version information of the eUICC, an embedded universal integrated circuit card identifier EID issuer identifier of the eUICC, platform/operating system version information of the eUICC, or capability information of the eUICC; and the processing module 2002 is configured to add the authentication algorithm program into the eUICC.

In an optional implementation, the communications module 2001 is further configured to receive, before the communications module 2001 receives the initial secure channel information sent by the LPA, fourth information sent by the SM-DP+ server by using the LPA, where the fourth information includes an identifier of the authentication algorithm program, length information of the authentication algorithm program, and a first digital signature; the processing module 2002 is further configured to verify the first digital signature by using the identifier of the authentication algorithm program and the length information of the authentication algorithm program; the processing module 2002 is further configured to generate a second digital signature by using the first digital signature if the first digital signature is verified successfully; and the communications module 2001 is further configured to send the second digital signature to the SM-DP+ server by using the LPA.

In an optional implementation, the processing module 2002 is further configured to add the identifier of the authentication algorithm program into the eUICC after the communications module 2001 receives the authentication algorithm program sent by the LPA.

In an optional implementation, the storage metadata includes the identifier of the authentication algorithm program, and the processing module 2002 is further configured to add the identifier of the authentication algorithm program into the eUICC.

In an optional implementation, the authentication algorithm program and the profile are encrypted by using a session key, and the processing module 2002 is further configured to decrypt the authentication algorithm program by using the session key after the communications module 2001 receives the authentication algorithm program sent by the LPA. The processing module 2002 is further configured to decrypt, by the eUICC, the profile by using the session key after the communications module 2001 receives the profile sent by the LPA.

In an optional implementation, the authentication algorithm program and the profile are encrypted by using a key encrypting key, the bound profile package further includes the key encrypting key, and the key encrypting key is encrypted by using the session key; and the communications module 2001 is further configured to: before receiving the authentication algorithm program sent by the LPA, receive the key encrypting key sent by the LPA. The processing module 2002 is further configured to decrypt the key encrypting key by using the session key. The processing module 2002 is further configured to decrypt the authentication algorithm program by using the key encrypting key after the communications module 2001 receives the authentication algorithm program sent by the LPA. The processing module 2002 is further configured to decrypt the profile by using the key encrypting key after the communications module 2001 receives the profile sent by the LPA.

In an optional implementation, the authentication algorithm program is encrypted by using the session key, the profile is encrypted by using the key encrypting key, the bound profile package further includes the key encrypting key, and the key encrypting key is encrypted by using the session key; and the communications module 2001 is further configured to: before receiving the profile sent by the LPA, receive the key encrypting key sent by the LPA. The processing module 2002 is further configured to decrypt the key encrypting key by using the session key. The processing module 2002 is further configured to decrypt the authentication algorithm program by using the session key after the communications module 2001 receives the authentication algorithm program sent by the LPA. The processing module 2002 is further configured to decrypt the profile by using the key encrypting key after the communications module 2001 receives the profile sent by the LPA.

In an optional implementation, the authentication algorithm program is encrypted by an MNO by using a public key of the eUICC, and the processing module 2002 is further configured to decrypt the authentication algorithm program by using a private key of the eUICC.

In an optional implementation, the processing module 2002 is further configured to delete the authentication algorithm program if the eUICC deletes the profile.

In an optional implementation, the communications module 2001 is further configured to receive, after the processing module 2002 adds the authentication algorithm program into the eUICC, a profile activation command sent by the LPA, where the profile activation command instructs the eUICC to activate the profile. The processing module 2002 is further configured to determine a corresponding authentication algorithm program based on the identifier of the authentication algorithm program in the profile. The processing module 2002 is further configured to configure the authentication algorithm program by using a network access application parameter of the profile. The processing module 2002 is further configured to perform mutual authentication with a network by using the authentication algorithm program.

Based on the same inventive concept, a principle of the eUICC for resolving problems according to this embodiment of the present invention is similar to that of the method embodiment of the present invention, and therefore, the implementation of the eUICC can be learned by referring to the implementation of the method, and for brevity, is not repeated herein again.

An embodiment of the present invention further provides an LPA. The LPA includes a communications module, where the communications module is configured to receive fifth information sent by a subscription management-data preparation SM-DP+ server; the communications module is further configured to send an authentication algorithm program in a bound profile package to an embedded universal integrated circuit card eUICC based on the fifth information; the communications module is further configured to receive a message sent by the eUICC to indicate completion of adding the authentication algorithm program; and the communications module is further configured to send a profile in the bound profile package to the eUICC.

In an optional implementation, the length information of the authentication algorithm program is included in storage metadata of the bound profile package.

Based on the same inventive concept, a principle of the LPA for resolving problems according to this embodiment of the present invention is similar to that of the method embodiment of the present invention, and therefore, the implementation of the LPA can be learned by referring to the implementation of the method, and for brevity, is not repeated herein again.

FIG. 21 is a schematic structural diagram of a user terminal according to an embodiment of the present invention. As shown in FIG. 21, the user terminal includes a communications module 2101 and a processing module 2102.

The communications module 2101 is configured to receive a bound profile package sent by a subscription management-data preparation SM-DP+ server, where the bound profile package includes an authentication algorithm program, the authentication algorithm program corresponds to target information, and the target information is at least one of: firmware version information of an embedded universal integrated circuit card eUICC, an embedded universal integrated circuit card identifier EID issuer identifier of the eUICC, platform/operating system version information of the eUICC, or capability information of the eUICC; and the processing module 2102 is configured to add the authentication algorithm program into the eUICC.

FIG. 22 is another possible schematic structural diagram of an SM-DP+ server 2200 according to an embodiment of the present invention. As shown in FIG. 22, the SM-DP+ server 2200 includes a processor 2201, a memory 2202, and a communications interface 2204. The processor 2201 is connected to the memory 2202, and the communications interface 2204 is connected to the processor 2201. Optionally, the SM-DP+ server 2200 may further include a bus system 2203. The processor 2201, the memory 2202, and the communications interface 2204 are connected through the bus system 2203.

The processor 2201 may be a central processing unit (Central Processing Unit, CPU), a general-purpose processor, a coprocessor, a digital signal processor (Digital Signal Processing, DSP), an application-specific integrated circuit (Application-Specific Integrated Circuit, ASIC), a field programmable gate array (Field Programmable Gate Array, FPGA), or another programmable logical device, a transistor logical device, a hardware component, or any combination thereof. Alternatively, the processor 2201 may be a combination of processors implementing a computing function, for example, a combination of one or more microprocessors, or a combination of the DSP and a microprocessor.

The bus system 2203 may be a peripheral component interconnect (Peripheral Component Interconnect, PCI for short) bus or an extended industry standard architecture (Extended Industry Standard Architecture, EISA for short) bus or the like. The bus system 2203 may be classified into an address bus, a data bus, a control bus, and the like. For ease of representation, only one thick line is used to represent the bus in FIG. 22, but this does not mean that there is only one bus or only one type of bus.

The communications interface 2204 is configured to implement communication with other network elements (such as LPA and MNO).

By invoking program code stored in the memory 2202, the processor 2201 can perform any one or more of steps performed by the SM-DP+ server described in the foregoing method embodiment. For example, by invoking the program code stored in the memory 2202, the processor 2201 can perform steps performed by the SM-DP+ server in FIG. 3 to FIG. 13, and FIG. 15 or FIG. 17.

Based on the same inventive concept, a principle of the SM-DP+ server for resolving problems according to this embodiment of the present invention is similar to the method embodiment of the present invention, and therefore, the implementation of the SM-DP+ server can be learned by referring to the implementation of the method, and for brevity, is not repeated herein again.

FIG. 23 is another possible schematic structural diagram of an eUICC 2300 according to an embodiment of the present invention. As shown in FIG. 23, the eUICC 2300 includes a processor 2301, a memory 2302, and a communications interface 2304. The processor 2301 is connected to the memory 2302, and the communications interface 2304 is connected to the processor 2301. Optionally, the eUICC 2300 may further include a bus system 2303. The processor 2301, the memory 2302, and the communications interface 2304 are connected through the bus system 2303.

The processor 2301 may be a central processing unit (Central Processing Unit, CPU), a general-purpose processor, a coprocessor, a digital signal processor (Digital Signal Processing, DSP), an application-specific integrated circuit (Application-Specific Integrated Circuit, ASIC), a field programmable gate array (Field Programmable Gate Array, FPGA), or another programmable logical device, a transistor logical device, a hardware component, or any combination thereof. Alternatively, the processor 2301 may be a combination of processors implementing a computing function, for example, a combination of one or more microprocessors, or a combination of the DSP and a microprocessor.

The bus system 2303 may be a peripheral component interconnect (Peripheral Component Interconnect, PCI for short) bus or an extended industry standard architecture (Extended Industry Standard Architecture, EISA for short) bus or the like. The bus system 2303 may be classified into an address bus, a data bus, a control bus, and the like. For ease of representation, only one thick line is used to represent the bus in FIG. 23, but this does not mean that there is only one bus or only one type of bus.

The communications interface 2304 is configured to implement communication with other network elements (such as LPA).

By invoking program code stored in the memory 2302, the processor 2301 can perform any one or more of steps performed by the eUICC described in the foregoing method embodiment. For example, by invoking the program code stored in the memory 2302, the processor 2301 can perform steps performed by the eUICC in FIG. 3 to FIG. 13, and FIG. 15 or FIG. 17.

Based on the same inventive concept, a principle of the eUICC for resolving problems according to this embodiment of the present invention is similar to the method embodiment of the present invention, and therefore, the implementation of the eUICC can be learned by referring to the implementation of the method, and for brevity, is not repeated herein again.

FIG. 24 is a possible schematic structural diagram of an LPA 2400 according to an embodiment of the present invention. As shown in FIG. 24, the LPA 2400 includes a processor 2401, a memory 2402, and a communications interface 2404. The processor 2401 is connected to the memory 2402, and the communications interface 2404 is connected to the processor 2401. Optionally, the LPA 2400 may further include a bus system 2403. The processor 2401, the memory 2402, and the communications interface 2404 are connected through the bus system 2403.

The processor 2401 may be a central processing unit (Central Processing Unit, CPU), a general-purpose processor, a coprocessor, a digital signal processor (Digital Signal Processing, DSP), an application-specific integrated circuit (Application-Specific Integrated Circuit, ASIC), a field programmable gate array (Field Programmable Gate Array, FPGA), or another programmable logical device, a transistor logical device, a hardware component, or any combination thereof. Alternatively, the processor 2401 may be a combination of processors implementing a computing function, for example, a combination of one or more microprocessors, or a combination of the DSP and a microprocessor.

The bus system 2403 may be a peripheral component interconnect (Peripheral Component Interconnect, PCI for short) bus or an extended industry standard architecture (Extended Industry Standard Architecture, EISA for short) bus or the like. The bus system 2403 may be classified into an address bus, a data bus, a control bus, and the like. For ease of representation, only one thick line is used to represent the bus in FIG. 24, but this does not mean that there is only one bus or only one type of bus.

The communications interface 2404 is configured to implement communication with other network elements (such as eUICC or SM-DP+ server).

By invoking program code stored in the memory 2402, the processor 2401 can perform any one or more of steps performed by the LPA described in the foregoing method embodiment. For example, by invoking the program code stored in the memory 2402, the processor 2401 can perform steps performed by the LPA in FIG. 3 to FIG. 13, and FIG. 15 or FIG. 17.

Based on the same inventive concept, a principle of the LPA for resolving problems according to this embodiment of the present invention is similar to the method embodiment of the present invention, and therefore, the implementation of the LPA can be learned by referring to the implementation of the method, and for brevity, is not repeated herein again.

FIG. 25 is a possible schematic structural diagram of a user terminal 2500 according to an embodiment of the present invention. As shown in FIG. 25, the user terminal 2500 includes an LPA 2501, a communications module 2502, and an eUICC 2503.

The LPA 2501 is configured to receive a bound profile package sent by an SM-DP+ server, where the bound profile package includes an authentication algorithm program, the authentication algorithm program corresponds to target information, and the target information is at least one of: firmware version information of the eUICC 2503, an embedded universal integrated circuit card identifier EID issuer identifier of the eUICC 2503, platform/operating system version information of the eUICC 2503, or capability information of the eUICC 2503.

The LPA 2501 is further configured to send or add the authentication algorithm program into the eUICC 2503 by using the communications module 2502.

The communications module may be a modem (Modem).

It should be noted that, in the foregoing embodiments, the description of each embodiment has respective focuses. For a part that is not described in detail in an embodiment, reference may be made to related descriptions in other embodiments.

A sequence of the steps of the method in the embodiments of the present invention may be adjusted, and the steps may also be combined or removed according to an actual requirement.

The modules of the embodiments of the present invention may be executed by a universal integrated circuit, such as a CPU (Central Processing Unit, central processing unit) or an ASIC (Application Specific Integrated Circuit, application specific integrated circuit).

Finally, it should be noted that the foregoing embodiments are merely intended for describing the technical solutions of this application other than limiting this application. Although this application is described in detail with reference to the foregoing embodiments, persons of ordinary skill in the art should understand that they may still make modifications to the technical solutions described in the foregoing embodiments or make equivalent replacements to some or all technical features thereof, without departing from the scope of the technical solutions of the embodiments of this application.

METHOD FOR ADDING AUTHENTICATION ALGORITHM PROGRAM, AND RELEVANT DEVICE AND SYSTEM

Information

Publication Number

Date Filed

Date Published

Inventors

Original Assignees

CPC

International Classifications

Abstract

Description

Claims

CROSS-REFERENCE TO RELATED APPLICATIONS

PCT Information

Related Publications (1)