Data transmission method, apparatus, and system

What is claimed is: 1 . A data transmission method, comprising: obtaining, by a benefited device, a cooperative-layer key, and performing encryption, or encryption and integrity protection processing on uplink data by using the cooperative-layer key at a cooperative layer to obtain first encrypted data; performing encapsulation processing on the first encrypted data to obtain first encapsulated data; and sending the first encapsulated data to a supporting device in a short-distance communication mode, so that the supporting device processes the first encapsulated data to obtain second encapsulated data and sends the second encapsulated data to a base station. 2 . The data transmission method according to claim 1 , wherein the obtaining, by a benefited device, a cooperative-layer key specifically comprises: performing authentication and key agreement with a network side to obtain a parent key, and obtaining, through calculation, the cooperative-layer key according to the parent key; or performing authentication and key agreement with a network side to obtain a parent key, generating a base-station key according to the parent key, generating an access-stratum key according to the base-station key, and obtaining, through calculation, the cooperative-layer key according to the base-station key or the access-stratum key. 3 . The data transmission method according to claim 2 , wherein the method further comprises: performing encryption algorithm negotiation with the base station to obtain a cooperative-layer encryption algorithm. 4 . A data transmission method, comprising: receiving, by a supporting device, first data, which is sent by a benefited device in a short-distance communication mode; verifying integrity of the first data by using a short-distance-communication-layer key, and decrypting the first data to obtain second data, wherein the second data is data obtained through encryption, or encryption and integrity protection by the benefited device by using a cooperative-layer key of the benefited device; after processing the second data at a cooperative layer, performing encryption processing, or encryption and integrity protection processing on the second data at a Packet Data Convergence Protocol PDCP layer to obtain third data; and sending the third data to a base station, so that the base station performs decryption, or decryption and integrity verification on the third data by using a PDCP-layer key of the supporting device to obtain the second data, and decrypts the second data by using the cooperative-layer key of the benefited device. 5 . The data transmission method according to claim 4 , wherein before the receiving, by a supporting device, first data, which is sent by a benefited device in a short-distance communication mode, the method further comprises: obtaining the short-distance-communication-layer key. 6 . The data transmission method according to claim 5 , wherein the obtaining the short-distance-communication-layer key specifically comprises: receiving the short-distance-communication-layer key sent by the network side; or receiving the short-distance-communication-layer key generated according to a key generator by the benefited device and forwarded by the network side; or receiving a second group of parameters sent by the network side, wherein the second group of parameters is parameters generated by the network side and used by the supporting device to perform key agreement with the benefited device, and after the benefited device receives a first group of parameters, performing, by the supporting device, key agreement with the benefited device, and generating the short-distance-communication-layer key, wherein the first group of parameters is parameters generated by the network side and used by the benefited device to perform key agreement with the supporting device; or receiving a third group of parameters sent by the benefited device, generating a fourth group of parameters and a shared key, sending the fourth group of parameters to the benefited device, and obtaining, through calculation, by the supporting device, the short-distance-communication-layer key according to the shared key, identity information of the benefited device, and identity information of the supporting device. 7 . A data transmission method, comprising: receiving, by a base station, first data sent by a supporting device; performing decryption, or decryption and integrity verification on the first data by using a PDCP-layer key of the supporting device, so as to obtain second data; and decrypting the second data by using a cooperative-layer key of a benefited device to obtain third data. 8 . The data transmission method according to claim 7 , wherein before the receiving first data sent by a supporting device, the method further comprises: obtaining the cooperative-layer key. 9 . The data transmission method according to claim 8 , wherein the obtaining the cooperative-layer key specifically comprises: receiving the cooperative-layer key generated and sent by a mobility management entity or a base station; or performing authentication and key agreement with the benefited device to obtain a parent key, and obtaining, through calculation, the cooperative-layer key according to the parent key; or performing authentication and key agreement with the benefited device to obtain a parent key, generating a base-station key according to the parent key, generating an access-stratum key according to the base-station key, and obtaining, through calculation, the cooperative-layer key according to the base-station key or the access-stratum key. 10 . A benefited device, comprising: a processor, configured to obtain a cooperative-layer key, perform encryption, or encryption and integrity protection processing on uplink data by using the cooperative-layer key at a cooperative layer to obtain first encrypted data, perform encapsulation processing on the first encrypted data to obtain first encapsulated data, and transmit the first encapsulated data to a transmitter; and the transmitter, configured to receive the first encapsulated data sent by the processor, and send the first encapsulated data to a supporting device in a short-distance communication mode, so that the supporting device processes the first encapsulated data to obtain second encapsulated data and sends the second encapsulated data to a base station. 11 . The benefited device according to claim 10 , wherein the processor is specifically configured to: perform authentication and key agreement with a network side to obtain a parent key, and obtain, through calculation, the cooperative-layer key according to the parent key; or perform authentication and key agreement with a network side to obtain a parent key, generate a base-station key according to the parent key, generate an access-stratum key according to the base-station key, and obtain, through calculation, the cooperative-layer key according to the base-station key or the access-stratum key. 12 . The benefited device according to claim 11 , wherein the processor is further configured to: perform encryption algorithm negotiation with the base station to obtain a cooperative-layer encryption algorithm. 13 . A supporting device, comprising: a receiver, configured to receive first data, which is sent by a benefited device in a short-distance communication mode, and transmit the first data to a processor; the processor, configured to receive the first data transmitted by the receiver, verify integrity of the first data by using a short-distance-communication-layer key, and decrypt the first data to obtain second d