There is provided a performed by a first node for use in connecting a remote user equipment (UE) to a cellular network. An identity of the remote UE is acquired (102). A cryptographic function is applied (104) to the identity of the remote UE to generate a string identity for the remote UE. The string identity for the remote UE is stored (106) in a memory with the identity of the remote UE for use in connecting the remote UE to the cellular network via a relay UE connected to the cellular network.

There is provided a performed by a first node for use in connecting a remote user equipment (UE) to a cellular network. An identity of the remote UE is acquired (102). A cryptographic function is applied (104) to the identity of the remote UE to generate a string identity for the remote UE. The string identity for the remote UE is stored (106) in a memory with the identity of the remote UE for use in connecting the remote UE to the cellular network via a relay UE connected to the cellular network.

In response to a UE in a wireless network leaving a multicast group to which the user equipment belonged or switching between multiple access nodes belonging to the multicast group, sending by an access node a rekeying token for UE(s) in the multicast group to use to access data for the multicast group. The access node generates key(s) based at least on the rekeying token. The access node multicasts traffic to the UE(s) in the multicast group using the key(s). In response to an other UE in a wireless network leaving a multicast group to which a UE belongs or switching by the UE between multiple access nodes belonging to the multicast group, receiving, at the UE from an access node, a rekeying token to use. The UE generates key(s) based at least on the rekeying token and receives multicast traffic using the key(s).

A method includes receiving, by a mobility management entity (MME), a redirection request message from an access and mobility management function (AMF) node, where the redirection request message includes key-related information. The method also includes generating, by the MME, an encryption key and an integrity protection key based on the key-related information. The redirection request message is used to request to hand over a voice service from a packet switched (PS) domain to a circuit switched (CS) domain.

A method includes receiving, by a mobility management entity (MME), a redirection request message from an access and mobility management function (AMF) node, where the redirection request message includes key-related information. The method also includes generating, by the MME, an encryption key and an integrity protection key based on the key-related information. The redirection request message is used to request to hand over a voice service from a packet switched (PS) domain to a circuit switched (CS) domain.

Embodiments of this application provide key update methods and apparatuses in the field of communications technologies. A communications system includes a terminal and a core network device. The terminal can access the core network device using both a first access technology and a second access technology. The first connection and the second connection have a shared key. Key update for the first connection is performed in obtaining a first key identifier that identifies a first key obtained by performing the key update for the first connection. In response to determining that the second connection is in a connected state, the shared key for the second connection and a second key identifier that identifies the shared key are retained. The shared key is kept using for the second connection before performing key update for the second connection.

Embodiments of this application provide key update methods and apparatuses in the field of communications technologies. A communications system includes a terminal and a core network device. The terminal can access the core network device using both a first access technology and a second access technology. The first connection and the second connection have a shared key. Key update for the first connection is performed in obtaining a first key identifier that identifies a first key obtained by performing the key update for the first connection. In response to determining that the second connection is in a connected state, the shared key for the second connection and a second key identifier that identifies the shared key are retained. The shared key is kept using for the second connection before performing key update for the second connection.

A method includes establishing a multi-link security association between a transmitter upper Media Access Control (MAC) logic entity of a transmitter and a receiver upper MAC logic entity of a receiver. The transmitter includes one or more transmitter links. The receiver includes one or more receiver links.

A method includes establishing a multi-link security association between a transmitter upper Media Access Control (MAC) logic entity of a transmitter and a receiver upper MAC logic entity of a receiver. The transmitter includes one or more transmitter links. The receiver includes one or more receiver links.

Disclosed is method and an evolved NodeB (eNB) for use in a Long Term Evolution (LTE) network including establishing an X2 interface between the eNB and another eNB and communicating information between the eNB and the another eNB via the X2 interface.