摘要
介绍了第三代移动通信系统所采用的认证和密钥分配 (AKA)协议 ,网络归属位置寄存器 /访问位置寄存器 (HLR/VLR)对用户UE(用户设备 )的认证过程和用户UE对网络HLR/VLR的认证过程分别采用了两种不同的认证方式 ,前者采用基于“询问 应答”式的认证过程 ,后者采用基于“知识证明”式的认证过程。使用BAN形式化逻辑分析方法分别对这两种认证过程进行了分析 ,指出在假定HLR与VLR之间系统安全的前提下 ,基于“知识证明”式的认证过程仍然存在安全漏洞。 3GPP采取基于顺序号的补充措施 ;同时 。
In this paper, the authentication and key agreement protocol for 3G mobile communication (3G AKA) are introduced. Both the authentication of user to network and the authentication of network to user have been analyzed using the BAN logic. It is shown that there is still security vulnerability though the communication between HLR and VLR is assumed to be secure. As to the vulnerability, two amendments of 3G authentication and key agreement protocol are proposed.
出处
《电子工程师》
2004年第5期21-24,共4页
Electronic Engineer
