摘要
提出了一种混合采用对称密码加密和公钥密码认证的第3代移动通信系统认证和密钥协商(UMTS AKA)协议。在该协议中,归属网络负责在线验证拜访网络公钥证书的有效性,然后生成一个简短的安全凭据,拜访网络通过向移动设备(ME)出示该凭据证实自己的身份,ME无需在线接收并验证拜访网络的公钥证书即可确认其身份,从而降低了ME的通信传输和计算开销。实现了拜访网络与归属网络之间的身份认证和消息安全传输,提高了UMTS AKA全过程的安全性。采用BAN逻辑证明了协议的安全性。与SPAKA协议和Lee方案的对比分析表明,所提出的协议效率更高。
In this paper,a novel authentication and key agreement protocol for UMTS named PKCB-AKA is proposed.In the protocol,home network validates the validity of the certificate of visiting network,and then generates a short secure ticket.Visiting network proves its identity by providing this ticket to mobile equipment(ME).By this way,ME is able to verify VLR's identity without receiving and validating the certificate of visiting network online,thus reduces the communicating and computing cost.PKCB-AKA achieves the security goals of authentication and wireless communication.BAN logic is employed to prove the security feature of PKCB-AKA.Comparative analyses indicate that PKCB-AKA is more efficient than both SPAKA Protocol and the Lee's scheme.
出处
《武汉理工大学学报》
CAS
CSCD
北大核心
2012年第9期129-134,共6页
Journal of Wuhan University of Technology
基金
国家"863"计划(2009AA01Z437)
国家自然科学基金(61100042)
