摘要
部分窄带物联网设备因资源受限无法利用群组认证方式接入核心网络,在5G网络接入认证框架下,大量设备同时接入核心网络将导致设备处于排队等待状态,引起网络拥塞。本文基于IETF工作组发布的关于资源受限设备的RFC7228标准,提出3种设备类型的群组认证方案。首先,指出窄带物联网设备采用5G接入认证存在的安全与拥塞问题;然后,提出解决的群组认证方案;最后,为3种资源受限设备确定接入认证方式。实验结果对性能与安全分析表明,所提方案符合设备群组认证所需的资源能力。相较于5G接入认证方案,所提方案可降低60%以上的网络信令数,并随组内设备的增加而降低。安全上,具有抗重放攻击、中间人攻击与Dos攻击等能力。
Some narrowband IoT devices cannot use group authentication to access the core network due to resource constraints.Under the framework of 5G network access authentication,a large number of devices accessing the core network at the same time will cause the devices to wait in a queue and cause network congestion.Based on the RFC7228 standard on resource-constrained devices issued by the IETF working group,this paper proposes a group authentication scheme for 3 device types.Firstly,the se⁃curity and congestion problems of 5G access authentication for narrowband IoT devices are pointed out;then,a solution group au⁃thentication scheme is proposed;finally,the access authentication methods are determined for three resource-constrained de⁃vices.Experimental results and performance and security analysis show that the proposed scheme meets the resource capabilities required for device group authentication.Compared with the 5G access authentication scheme,the proposed scheme can reduce the number of network signaling by more than 60%,and it decreases with the increase of devices in the group.In terms of secu⁃rity,it has the ability to resist replay attacks,man-in-the-middle attacks and Dos attacks.
作者
李伟群
常朝稳
李鹏劲
LI Wei-qun;CHANG Chao-wen;LI Peng-jing(School of Cryptography Engineering,University of Information Engineering,Zhengzhou 450001,China;Zhicheng College,Fuzhou University,Fuzhou 350000,China)
出处
《计算机与现代化》
2023年第2期104-109,115,共7页
Computer and Modernization
基金
国家自然科学基金资助项目(61572517)。
关键词
窄带物联网
资源受限设备
群组认证
5G网络认证协议
网络拥塞
IETF工作组
NB-IoT
resource constrained devices
group authentication
5G network authentication protocol
network conges⁃tion
IETF working group
