面向B5G网络的高效切换认证与安全密钥更新机制

崔琪楣; 赵文静; 顾晓阳; 朱增宝; 朱晓暄; 陶小峰; 倪巍

doi:10.11959/j.issn.1000-436x.2021240

您当前的位置：

首页 >

文章列表页 >

面向B5G网络的高效切换认证与安全密钥更新机制

学术论文 | 更新时间：2024-06-05

- 面向B5G网络的高效切换认证与安全密钥更新机制
- Efficient handover authentication and secure key-updating mechanism for B5G networks
- 通信学报 2021年42卷第12期页码：96-108
- 作者机构：
  
  1. 北京邮电大学信息与通信工程学院，北京 100876
  2. 鹏城实验室，广东深圳 518055
  3. 中国科学技术交流中心，北京 100045
  4. 澳大利亚联邦科学与工业研究组织，悉尼 2122
- 作者简介：
  
  [ "崔琪楣（1979- ），女，河南驻马店人，博士，北京邮电大学教授、博士生导师，主要研究方向为宽带移动通信网络的新理论及技术、无线大数据基础理论研究等" ]
  [ "赵文静（1998- ），女，贵州安顺人，北京邮电大学硕士生，主要研究方向为无线通信网络安全、形式化分析与研究等" ]
  [ "顾晓阳（1996- ），男，宁夏吴忠人，北京邮电大学硕士生，主要研究方向为5G网络安全、云虚拟化网络技术等" ]
  [ "朱增宝（1998- ），男，安徽六安人，北京邮电大学博士生，主要研究方向为无线通信网络安全等" ]
  [ "朱晓暄（1983- ），女，湖北荆州人，博士，中国科学技术交流中心副研究员，主要研究方向为无线网络传输、科技创新合作政策等" ]
  [ "陶小峰（1970- ），男，湖北黄冈人，博士，北京邮电大学教授、博士生导师，主要研究方向为 5G 网络技术与移动网络技术等" ]
  [ "倪巍（1977- ），男，上海人，博士，澳大利亚联邦科学与工业研究组织研究员、悉尼科技大学教授，主要研究方向为随机优化、博弈论和图论等" ]
- 基金信息：
  
  国家自然科学基金资助项目(61941114);国家自然科学基金资助项目(61941105);中国移动研究院联合创新中心基金资助项目
- DOI：10.11959/j.issn.1000-436x.2021240
  中图分类号： TN929.5
- 网络出版日期：2021-12，
  
  纸质出版日期：2021-12-25
- 稿件说明：
移动端阅览
崔琪楣, 赵文静, 顾晓阳, 等. 面向B5G网络的高效切换认证与安全密钥更新机制[J]. 通信学报, 2021,42(12):96-108.

Qimei CUI, Wenjing ZHAO, Xiaoyang GU, et al. Efficient handover authentication and secure key-updating mechanism for B5G networks[J]. Journal on communications, 2021, 42(12): 96-108.
崔琪楣, 赵文静, 顾晓阳, 等. 面向B5G网络的高效切换认证与安全密钥更新机制[J]. 通信学报, 2021,42(12):96-108. DOI： 10.11959/j.issn.1000-436x.2021240.

Qimei CUI, Wenjing ZHAO, Xiaoyang GU, et al. Efficient handover authentication and secure key-updating mechanism for B5G networks[J]. Journal on communications, 2021, 42(12): 96-108. DOI： 10.11959/j.issn.1000-436x.2021240.

摘要

为了解决5G网络切换认证与密钥更新机制不具备前向安全性、易遭受旁路攻击、存在信令拥塞等问题，针对 5G 增强（B5G）网络，提出一种基于无证书的高效切换认证与安全密钥更新机制。在网络边缘侧引入基于无证书的密钥协商机制，使移动终端主动发起密钥更新请求，在空口侧完成无证书密钥更新全过程；在eCK安全模型下基于 Diffie-Hellman 困难问题，从理论上证明了该密钥更新机制的安全性。仿真评估表明，所提机制不仅满足了移动终端密钥管理的前向安全，与其他同类切换认证相比有更低的通信开销和计算开销。

Abstract

In order to solve the problems of 5G network handover authentication and key update mechanism， such as lacking of forward security， being vulnerable to bypass attack and having signaling congestion， for 5G enhanced （B5G） network， an efficient handover authentication and security key-updating mechanism based on no certificate was proposed.The certificateless key agreement mechanism was introduced in the network edge side， which made the mobile terminals in-itiate the key-updating request actively and complete the whole certificateless key-updating process on the fly.The security of the key-updating mechanism was proved theoretically based on the Diffie-Hellman problem under the eCK security model.Simulation results demonstrate that the proposed mechanism not only meets the forward security of mobile terminal key management， but also has lower communication and computing overheads compared with other similar handoff authentication.

关键词

Keywords

references

3GPP . System architecture for the 5G system:TS23.501 V17.0.0 [S ] . 2021 .

3GPP . Security architecture and procedures for 5G system:TS33.501 V17.0.0 [S ] . 2020 .

KONG Q L , LU R X , MA M D , et al . A privacy-preserving and verifiable querying scheme in vehicular fog data dissemination [J ] . IEEE Transactions on Vehicular Technology , 2019 , 68 ( 2 ): 1877 - 1887 .

HUANG S Y , WANG X Y , XU G W , et al . Conditional cube attack on reduced-round keccak sponge function [C ] // Annual International Conference on the Theory and Applications of Cryptographic Techniques . Berlin:Springer , 2017 : 259 - 288 .

HUSSAIN S R , ECHEVERRIA M , CHOWDHURY O , et al . Privacy attacks to the 4G and 5G cellular paging protocols using side channel information [C ] // Proceedings 2019 Network and Distributed System Security Symposium . Reston:Internet Society , 2019 : 24 - 27 .

HAN K H , MA M D , LI X H , et al . An efficient handover authentication mechanism for 5G wireless network [C ] // Proceedings of 2019 IEEE Wireless Communications and Networking Conference (WCNC) . Piscataway:IEEE Press , 2019 : 1 - 8 .

GUPTA S , PARNE B L , CHAUDHARI N S . Security vulnerabilities in handover authentication mechanism of 5G network [C ] // Proceedings of 2018 First International Conference on Secure Cyber Computing and Communication (ICSCCC) . Piscataway:IEEE Press , 2018 : 369 - 374 .

张文波 , 黄文华 , 冯景瑜 . 基于无证书签密的车联社会网络安全通信机制 [J ] . 通信学报 , 2021 , 42 ( 7 ): 128 - 136 .

ZHANG W B , HUANG W H , FENG J Y . Secure communication mechanism for VSN based on certificateless signcryptiont [J ] . Journal on Communications , 2021 , 42 ( 7 ): 128 - 136 .

ERISSI Y E H , ZAHID N , JEDRA M . An efficient authentication protocol for 5G heterogeneous networks [C ] // International Symposium on Ubiquitous Networking . Berlin:Springer , 2017 : 496 - 508 .

HARN L . Group authentication [J ] . IEEE Transactions on Computers , 2013 , 62 ( 9 ): 1893 - 1898 .

AYDIN Y , KURT G K , OZDEMIR E , et al . A flexible and lightweight group authentication scheme [J ] . IEEE Internet of Things Journal , 2020 , 7 ( 10 ): 10277 - 10287 .

BASUDAN S . LEGA:a lightweight and efficient group authentication protocol for massive machine type communication in 5G networks [J ] . Journal of Communications and Information Networks , 2020 , 5 ( 4 ): 457 - 466 .

LI J G , WEN M , ZHANG T . Group-based authentication and key agreement with dynamic policy updating for MTC in LTE-A networks [J ] . IEEE Internet of Things Journal , 2016 , 3 ( 3 ): 408 - 417 .

CAO J , YAN Z , MA R H , et al . LSAA:a lightweight and secure access authentication scheme for both UE and mMTC devices in 5G networks [J ] . IEEE Internet of Things Journal , 2020 , 7 ( 6 ): 5329 - 5344 .

SUN Y Q , CAO J , MA M D , et al . EAP-DDBA:efficient anonymity proximity device discovery and batch authentication mechanism for massive D2D communication devices in 3GPP 5G HetNet [J ] . IEEE Transactions on Dependable and Secure Computing , 2020 , PP ( 99 ): 1 .

LAI C Z , LI H , LI X Q , et al . A novel group access authentication and key agreement protocol for machine-type communication [J ] . Transactions on Emerging Telecommunications Technologies , 2015 , 26 ( 3 ): 414 - 431 .

FAN C N , HUANG J J , ZHONG M Z , et al . ReHand:secure region-based fast handover with user anonymity for small cell networks in mobile communications [J ] . IEEE Transactions on Information Forensics and Security , 2020 , 15 : 927 - 942 .

裴旭明 , 贾建鑫 , 钱骅 , 等 . 5G双连接场景下的低传输时延切换机制 [J ] . 通信学报 , 2019 , 40 ( 4 ): 212 - 222 .

PEI X M , JIA J X , QIAN H , et al . Low latency handover scheme for 5G dual-connectivity scenario [J ] . Journal on Communications , 2019 , 40 ( 4 ): 212 - 222 .

GUPTA S , PARNE B L , CHAUDHARI N S . An efficient handover AKA protocol for wireless network using Chameleon Hash function [C ] // Proceedings of 2018 4th International Conference on Recent Advances in Information Technology (RAIT) . Piscataway:IEEE Press , 2018 : 1 - 7 .

ZHANG Y H , CHEN X F , LI H , et al . Identity-based construction for secure and efficient handoff authentication schemes in wireless networks [J ] . Security and Communication Networks , 2012 , 5 ( 10 ): 1121 - 1130 .

ZHANG Y H , CHEN X F , LI J , et al . Generic construction for secure and efficient handoff authentication schemes in EAP-based wireless networks [J ] . Computer Networks , 2014 , 75 : 192 - 211 .

KUMAR P , KUMARI S , SHARMA V , et al . A certificateless aggregate signature scheme for healthcare wireless sensor network [J ] . Sustainable Computing:Informatics and Systems , 2018 , 18 : 80 - 89 .

SABELLA D , VAILLANT A , KUURE P , et al . Mobile-edge computing architecture:the role of MEC in the Internet of things [J ] . IEEE Consumer Electronics Magazine , 2016 , 5 ( 4 ): 84 - 91 .

张伟 , 田丽萍 , 梁玉 , 等 . 面向车联网多点协作联合传输的安全认证与密钥更新方法 [J ] . 中国公路学报 , 2019 , 32 ( 6 ): 308 - 318 .

ZHANG W , TIAN L P , LIANG Y , et al . Key management scheme to secure coordinated multi-point joint transmission for vehicular networks [J ] . China Journal of Highway and Transport , 2019 , 32 ( 6 ): 308 - 318 .

LIPPOLD G , BOYD C , NIETO J G . Strongly secure certificateless key agreement [C ] // International Conference on Pairing-Based Cryptography . Berlin:Springer , 2009 : 206 - 230 .

CHENG Z H , NISTAZAKIS M , COMLEY R , et al . On the indistinguishability-based security model of key agreement protocols-simple cases [J ] . IACR Cryptology ePrint Archive , 2005 , 129 : 1 - 39 .

LAMACCHIA B , LAUTER K , MITYAGIN A . Stronger security of authenticated key exchange [C ] // International Conference on Provable Security . Berlin:Springer , 2007 : 1 - 16 .

浏览量

703

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于群签名的无线Mesh网络匿名切换认证方案