摘要
第五代移动通信(5G)系统的安全性接入问题逐渐成为了研究热点。目前,演进分组系统(EPS)使用认证和密钥协商(AKA)协议对入网用户进行身份认证以增强网络接入安全性,然而该协议不完善的身份管理机制会导致用户身份泄露、长期密钥泄露,在用户附着过程中可能会发生拒绝服务(DoS)攻击。为改善此类问题,文章提出了一种基于公共基础设施(PKI)与Diffie-Hellman集成加密方案(DHIES)的5G-DHAKA协议。文章以形式化验证对该协议进行了安全性分析,证明了该协议可以有效地提高协议实体的机密性与认证性,提高恶意节点的计算资源成本以缓解DoS攻击,为增强移动通信网络安全性提供了新的方案。
The security access of the fifth generation mobile communication(5G)system has gradually become a hot research direction.At present,the Evolved Packet System(EPS)uses Authentication and Key Agreement(AKA)protocols to authenticate users on the network to enhance network access security.However,the existing protocols still have some disadvantages,such as incomplete identity management mechanisms.As a result,the user's identity is leaked and the long-term key is leaked.A denial of service(DoS)attack may occur during the user attachment process.In order to improve such problems,this paper proposes a 5G-DHAKA protocol based on the infrastructure(PKI)and Diffie-Hellman integrated encryption scheme.The paper analyzes the security of the protocol with formal verification to prove that the protocol can effectively improve the confidentiality and authentication of protocol entities,increase the computing resources of malicious nodes and mitigate DoS attacks.It provides a new solution for enhancing the security of mobile communication networks.
作者
李晓红
刘福文
齐旻鹏
粟栗
杨星星
Li Xiaohong;Liu Fuwen;Qi Minpeng;Su Li;Yang Xingxing(College of Intelligence and Computing,Tianjin University,Tianjin 300072;China Mobile Communications Research Institute,Beijing 100053)
出处
《网络空间安全》
2019年第11期64-73,共10页
Cyberspace Security
基金
国家自然科学基金项目:泛在接入条件下移动应用安全管家技术研究(项目编号:61572349)
