LTE-A网络中基于动态组的有效的身份认证和密钥协商方案

doi:10.11772/j.issn.1001-9081.2020091428

计算机应用 ›› 2021, Vol. 41 ›› Issue (6): 1715-1722.DOI: 10.11772/j.issn.1001-9081.2020091428

所属专题：网络空间安全

LTE-A网络中基于动态组的有效的身份认证和密钥协商方案

杜心雨, 王化群

南京邮电大学计算机学院, 南京 210023

收稿日期:2020-09-15 修回日期:2020-11-12 出版日期:2021-06-10 发布日期:2020-11-26
通讯作者: 王化群
作者简介:杜心雨(1996-),女,安徽宿州人,硕士研究生,主要研究方向:应用密码学、区块链;王化群(1974-),男,山东济宁人,教授,博士,CCF会员,主要研究方向:应用密码学、云计算安全、区块链。
基金资助:
国家自然科学基金资助项目（61872192）。

Dynamic group based effective identity authentication and key agreement scheme in LTE-A networks

DU Xinyu, WANG Huaqun

School of Computer Science, Nanjing University of Posts and Telecommunications, Nanjing Jiangsu 210023, China

Received:2020-09-15 Revised:2020-11-12 Online:2021-06-10 Published:2020-11-26
Supported by:
This work is partially supported by the National Natural Science Foundation of China (61872192).

摘要/Abstract

摘要： 机器类通信（MTC）作为未来移动通信中的通信方法之一，在物联网（IoT）中是一种重要的移动通信方法。当大量MTC设备同时想要访问网络时，每个MTC设备需要执行独立的身份认证，而这会导致网络拥塞。为了解决MTC设备在认证时的网络拥塞问题并提高其密钥协商的安全性，在LTE-A网络中提出了一种基于动态组的有效身份认证和密钥协商方案。该方案基于对称二次多项式，可以同时认证大量的MTC设备，并使这些设备分别与网络建立独立的会话密钥。该方案支持多次组认证，并且提供访问策略的更新。带宽分析表明，相较于基于线性多项式的方案，所提方案传输时的带宽消耗得到了优化：在家庭网络（HN）中的MTC设备与服务网络（SN）之间每次组认证传输带宽减少了132 bit，在HN内MTC设备之间的认证传输带宽减少了18.2%。安全性分析和实验结果表明，该方案在实际的身份认证和会话密钥建立中是安全的，能够有效避免网络中的信令拥塞。

关键词: 访问控制, 身份认证, 密钥协商, 机器类通信, LTE-A网络, 对称二元多项式

Abstract: As one of the communication methods in future mobile communications, Machine Type Communication (MTC) is an important mobile communication method in Internet of Things (IoT). When many MTC devices want to access the network at the same time, each MTC device needs to perform independent identity authentication, which will cause network congestion. In order to solve this problem and improve the security of key agreement of MTC device, a dynamic group based effective identity authentication and key agreement scheme was proposed in Long Term Evolution-Advanced (LTE-A) networks. Based on symmetric bivariate polynomials, the proposed scheme was able to authenticate a large number of MTC devices at the same time and establish independent session keys between the devices and the network. In the proposed scheme, multiple group authentications were supported, and the updating of access policies was provided. Compared with the scheme based on linear polynomials, bandwidth analysis shows that the bandwidth consumptions of the proposed scheme during transmission are optimized:the transmission bandwidth between the MTC devices in the Home Network (HN) and the Service Network (SN) is reduced by 132 bit for each group authentication, the transmission bandwidth between the MTC devices within the HN is reduced by 18.2%. Security analysis and experimental results show that the proposed scheme is safe in actual identity authentication and session key establishment, and can effectively avoid signaling congestion in the network.

Key words: access control, identity authentication, key agreement, Machine Type Communication (MTC), Long Term Evolution-Advanced (LET-A) network, symmetric bivariate polynomial

中图分类号:

TP393.08

杜心雨, 王化群. LTE-A网络中基于动态组的有效的身份认证和密钥协商方案[J]. 计算机应用, 2021, 41(6): 1715-1722.

DU Xinyu, WANG Huaqun. Dynamic group based effective identity authentication and key agreement scheme in LTE-A networks[J]. Journal of Computer Applications, 2021, 41(6): 1715-1722.

参考文献

[1] 王胡成, 徐晖, 程志密, 等. 5G网络技术研究现状和发展趋势[J]. 电信科学, 2015, 31(9):149-155.(WANG H C,XU H, CHENG Z M,et al. Current research and development trend of 5G network technologies[J]. Telecommunications Science,2015,31(9):149-155.)
[2] SAEDY M,MOJTAHED V. Machine-to-machine communications and security solution in cellular systems[J]. International Journal of Interdisciplinary Telecommunications and Networking,2011,3(2):66-75.
[3] FADLULLAH Z M,FOUDA M M,KATO N,et al. Toward intelligent machine-to-machine communications in smart grid[J]. IEEE Communications Magazine,2011,49(4):60-65.
[4] SALAM T,REHMAN W U,TAO X. Data aggregation in massive machine type communication:challenges and solutions[J]. IEEE Access,2019,7:41921-41946.
[5] 3rd Generation Partnership Project. Service requirements for Machine-Type Communication(MTC)(release 13):TS 22.368 V13.1. 0[S]. Sophia Antipolis:3GPP,2014.
[6] 3rd Generation Partnership Project. Study on security aspects of Machine-Type Communications (MTC) and other mobile data applications communications enhancements (release 11):TR 33.868 VO. 7.0[S]. Sophia Antipolis:3GPP,2012.
[7] JUNG K R, PARK A, LEE S. Machine-Type-Communication (MTC) device grouping algorithm for congestion avoidance of MTC oriented LTE network[C]//Proceedings of the 2010 International Conference on Security-Enriched Urban Computing and Smart Grid, CCIS 78. Berlin:Springer,2010:167-178.
[8] CAO J,MA M,LI H. A group-based authentication and key agreement for MTC in LTE networks[C]//Proceedings of the 2012 IEEE Global Communications Conference. Piscataway:IEEE, 2012:1017-1022.
[9] ADHIKARI M,PANDA P K,CHATTOPADHYAY S,et al. a novel group-based authentication and key agreement protocol for IoT enabled LTE/LTE-A network[C]//Proceedings of the 2020 International Conference on Wireless Communications Signal Processing and Networking. Piscataway:IEEE,2020:168-172.
[10] HARN L. Group authentication[J]. IEEE Transactions on Computers,2013,62(9):1893-1898.
[11] HARN L,HSU C F. A novel design of membership authentication and group key establishment protocol[J]. Security and Communication Networks,2017,2017:Article No. 8547876.
[12] LI J,WEN M,ZHANG T. Group-based authentication and key agreement with dynamic policy updating for MTC in LTE-A networks[J]. IEEE Internet of Things Journal,2016,3(3):408-417.
[13] SHAMIR A. How to share a secret[J]. Communications of the ACM,1979,22(11):612-613.
[14] KUMARESAN R, PATRA A, RANGAN C P. The round complexity of verifiable secret sharing:the statistical case[C]//Proceedings of the 2010 International Conference on the Theory and Application of Cryptology and Information Security,LNCS 6477. Berlin:Springer,2010:431-447.
[15] LIU D,NING P,LI R. Establishing pairwise keys in distributed sensor networks[J]. ACM Transactions on Information and System Security,2005,8(1):41-77.
[16] JIANG Q,ZEADALLY S,MA J,et al. Lightweight three-factor authentication and key agreement protocol for internet-integrated wireless sensor networks[J]. IEEE Access,2017,5:3376-3392.
[17] MUHAMMAD M, SAFDAR G A. Survey on existing authentication issues for cellular-assisted V2X communication[J]. Vehicular Communications,2018,12:50-65.
[18] 3rd Generation Partnership Project. 3G security;security threats and requirements(release 4):TS 21.133 V4.1. 0[S]. Sophia Antipolis:3GPP,2002.
[19] 3rd Generation Partnership Project. 3GPP System Architecture Evolution(SAE);security architecture(release 15):TS 33.401 V15.8. 0[S]. Sophia Antipolis:3GPP,2019.
[20] OUAISSA M, HOUMER M, OUAISSA M. An enhanced authentication protocol based group for vehicular communications over 5G networks[C]//Proceedings of the 2020 3rd International Conference on Advanced Communication Technologies and Networking. Piscataway:IEEE,2020:1-8.
[21] 王霏, 陈明. 完美前向安全的基于身份认证密钥协商方案[J]. 密码学报, 2020, 7(1):56-68.(WANG F,CHEN M. An identitybased authenticated key agreement scheme with perfect forward secrecy[J]. Journal of Cryptologic Research,2020,7(1):56-68.)
[22] BASSIL R,CHEHAB A,ELHAJJ I,et al. Signaling oriented denial of service on LTE networks[C]//Proceedings of the 2012 10th ACM International Symposium on Mobility Management and Wireless Access. New York:ACM,2012:153-158.
[23] ZHANG M,FANG Y. Security analysis and enhancements of 3GPP authentication and key agreement protocol[J]. IEEE Transactions on Wireless Communications,2005,4(2):734-742.
[24] LAI C,LI H,LU R,et al. SE-AKA:a secure and efficient group authentication and key agreement protocol for LTE networks[J]. Computer Networks,2013,57(17):3492-3510.
[25] YAO J,WANG T,CHEN M,et al. GBS-AKA:group-based secure authentication and key agreement for M2M in 4G network[C]//Proceedings of the 2016 International Conference on Cloud Computing Research and Innovations. Piscataway:IEEE,2016:42-48.

LTE-A网络中基于动态组的有效的身份认证和密钥协商方案

Dynamic group based effective identity authentication and key agreement scheme in LTE-A networks

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

[1]	葛纪红, 沈韬. 基于区块链的能源数据访问控制方法[J]. 计算机应用, 2021, 41(9): 2615-2622.
[2]	葛丽娜, 胡雨谷, 张桂芬, 陈园园. 云计算环境基于客体属性匹配的逆向混合访问控制方案[J]. 计算机应用, 2021, 41(6): 1604-1610.
[3]	包玉龙, 朱雪阳, 张文辉, 孙鹏飞, 赵颖琪. 物联网应用中访问控制智能合约的形式化验证[J]. 计算机应用, 2021, 41(4): 930-938.
[4]	张兴兰, 赵怡静. 基于单光子的量子双向同步身份认证协议[J]. 计算机应用, 2020, 40(9): 2634-2638.
[5]	王海勇, 潘启青, 郭凯璇. 基于区块链和用户信用度的访问控制模型[J]. 计算机应用, 2020, 40(6): 1674-1679.
[6]	史锦山, 李茹, 松婷婷. 基于区块链的物联网访问控制框架[J]. 计算机应用, 2020, 40(4): 931-941.
[7]	江泽涛, 徐娟娟. 云环境下基于签密的异构跨域身份认证方案[J]. 计算机应用, 2020, 40(3): 740-746.
[8]	付伟, 顾晨阳, 高强. 基于属性加密的多用户共享ORAM方案[J]. 计算机应用, 2020, 40(2): 497-502.
[9]	王海勇, 彭垚, 郭凯璇. 云存储中基于代理重加密的CP-ABE访问控制方案[J]. 计算机应用, 2019, 39(9): 2611-2616.
[10]	刘欣东, 徐水帅, 陈建华. 基于椭圆曲线密码的智能电网通信认证协议[J]. 计算机应用, 2019, 39(3): 779-783.
[11]	王亚琼, 史国振, 谢绒娜, 李凤华, 王雅哲. 卫星网络中支持策略隐藏的多授权访问控制方案[J]. 计算机应用, 2019, 39(2): 470-475.
[12]	罗霄峰, 杨兴春, 胡勇. 改进的基于属性的访问控制策略评估管理决策图[J]. 计算机应用, 2019, 39(12): 3569-3574.
[13]	曹震寰, 蔡小孩, 顾梦鹤, 顾小卓, 李晓伟. 基于访问控制列表机制的Android权限管控方案[J]. 计算机应用, 2019, 39(11): 3316-3322.
[14]	杨宏宇, 宁宇光. 云平台访问控制自适应风险评估指标权重分配方法[J]. 计算机应用, 2018, 38(6): 1614-1619.
[15]	周逊, 周海东, 任智, 邹明芮, 李光彬. 高效快速的太赫兹无线个域网双信道MAC协议[J]. 计算机应用, 2018, 38(5): 1436-1441.