Handover authentication in high mobility scenarios is characterized by frequent and shortterm parallel execution.Moreover,the penetration loss and Doppler frequency shift caused by high speed also lead to the deterior...Handover authentication in high mobility scenarios is characterized by frequent and shortterm parallel execution.Moreover,the penetration loss and Doppler frequency shift caused by high speed also lead to the deterioration of network link quality.Therefore,high mobility scenarios require handover schemes with less handover overhead.However,some existing schemes that meet this requirement cannot provide strong security guarantees,while some schemes that can provide strong security guarantees have large handover overheads.To solve this dilemma,we propose a privacy-preserving handover authentication scheme that can provide strong security guarantees with less computational cost.Based on Orthogonal Time Frequency Space(OTFS)link and Key Encapsulation Mechanism(KEM),we establish the shared key between protocol entities in the initial authentication phase,thereby reducing the overhead in the handover phase.Our proposed scheme can achieve mutual authentication and key agreement among the user equipment,relay node,and authentication server.We demonstrate that our proposed scheme can achieve user anonymity,unlinkability,perfect forward secrecy,and resistance to various attacks through security analysis including the Tamarin.The performance evaluation results show that our scheme has a small computational cost compared with other schemes and can also provide a strong guarantee of security properties.展开更多
As a major component of thefifth-generation(5G)wireless networks,network densification greatly increases the network capacity by adding more cell sites into the network.However,the densified network increases the hand...As a major component of thefifth-generation(5G)wireless networks,network densification greatly increases the network capacity by adding more cell sites into the network.However,the densified network increases the handover frequency of fast-moving mobile users,like vehicles.Thus,seamless handover with security provision is highly desirable in 5G networks.The third generation partnership project(3GPP)has been working on standardization of the handover procedure in 5G networks to meet the stringent efficiency and security requirement.However,the existing handover authentication process in 5G networks has securityflaws,i.e.vulnerable to replay and de-synchronization attacks,and cannot provide perfect forward secrecy.In this paper,we propose a secure and efficient handover authentication and key management protocol utilizing the Chinese remainder theory.The proposed scheme preserves the majority part of the original 5G system architecture defined by 3GPP,thus can be easily implemented in practice.Formal security analysis based on BAN-logic shows that the proposed scheme achieves secure mutual authentication and can remedy some security flaws in original 5G handover process.Performance analysis shows that the proposed protocol has lower communication overhead and computation overhead compared with other handover authentication schemes.展开更多
There are two types of base stations in the long term evolution (LTE) wireless networks, home eNodeB (HeNB) and eNodeB (eNB). It is critical to achieve seamless handovers between the HeNB and the eNB in order to...There are two types of base stations in the long term evolution (LTE) wireless networks, home eNodeB (HeNB) and eNodeB (eNB). It is critical to achieve seamless handovers between the HeNB and the eNB in order to support mobility in the LTE networks. A handover from an eNB/HeNB to a new eNB/HeNB, suggested by the third generation partnership project (3GPP), requires distinct procedures for different mobility scenarios, which will increase the system complexity. Besides, the existing handover schemes for other wireless networks are not suitable for the mobility scenarios in the LTE networks due to their inherent vulnerabilities. In this paper, we propose a fast and secure handover authentication scheme, which is to fit in with most of the mobility scenarios in the LTE networks. Compared with other handover schemes, our scheme cannot only achieve a simple authentication process with desirable efficiency, but also provide several security features including perfect forward/backward secrecy (PFS/PBS), which have never been achieved by the previous works. The experiment results and formal verification by using the automated validation of internet security protocols and applications (AVISPA) tool show that the proposed scheme is efficient and secure against various malicious attacks.展开更多
基金supported by Natural Science Foundation of China(No.62002006,U2241213,U21B2021,62172025,61932011,61932014,61972018,61972019,61772538,32071775,91646203)Defense Industrial Technology Development Program(No.JCKY2021211B017)。
文摘Handover authentication in high mobility scenarios is characterized by frequent and shortterm parallel execution.Moreover,the penetration loss and Doppler frequency shift caused by high speed also lead to the deterioration of network link quality.Therefore,high mobility scenarios require handover schemes with less handover overhead.However,some existing schemes that meet this requirement cannot provide strong security guarantees,while some schemes that can provide strong security guarantees have large handover overheads.To solve this dilemma,we propose a privacy-preserving handover authentication scheme that can provide strong security guarantees with less computational cost.Based on Orthogonal Time Frequency Space(OTFS)link and Key Encapsulation Mechanism(KEM),we establish the shared key between protocol entities in the initial authentication phase,thereby reducing the overhead in the handover phase.Our proposed scheme can achieve mutual authentication and key agreement among the user equipment,relay node,and authentication server.We demonstrate that our proposed scheme can achieve user anonymity,unlinkability,perfect forward secrecy,and resistance to various attacks through security analysis including the Tamarin.The performance evaluation results show that our scheme has a small computational cost compared with other schemes and can also provide a strong guarantee of security properties.
文摘As a major component of thefifth-generation(5G)wireless networks,network densification greatly increases the network capacity by adding more cell sites into the network.However,the densified network increases the handover frequency of fast-moving mobile users,like vehicles.Thus,seamless handover with security provision is highly desirable in 5G networks.The third generation partnership project(3GPP)has been working on standardization of the handover procedure in 5G networks to meet the stringent efficiency and security requirement.However,the existing handover authentication process in 5G networks has securityflaws,i.e.vulnerable to replay and de-synchronization attacks,and cannot provide perfect forward secrecy.In this paper,we propose a secure and efficient handover authentication and key management protocol utilizing the Chinese remainder theory.The proposed scheme preserves the majority part of the original 5G system architecture defined by 3GPP,thus can be easily implemented in practice.Formal security analysis based on BAN-logic shows that the proposed scheme achieves secure mutual authentication and can remedy some security flaws in original 5G handover process.Performance analysis shows that the proposed protocol has lower communication overhead and computation overhead compared with other handover authentication schemes.
基金supported by the National Basic Research Program of China(2012CB316100)the National Natural Science Foundation of China(61102056)+2 种基金the Fundamental Research Funds for the Central Universities(K50511010001)the National 111 Project(B08038)the Program for Changjiang Scholars and Innovative Research Team in University(PCSIRT1078)
文摘There are two types of base stations in the long term evolution (LTE) wireless networks, home eNodeB (HeNB) and eNodeB (eNB). It is critical to achieve seamless handovers between the HeNB and the eNB in order to support mobility in the LTE networks. A handover from an eNB/HeNB to a new eNB/HeNB, suggested by the third generation partnership project (3GPP), requires distinct procedures for different mobility scenarios, which will increase the system complexity. Besides, the existing handover schemes for other wireless networks are not suitable for the mobility scenarios in the LTE networks due to their inherent vulnerabilities. In this paper, we propose a fast and secure handover authentication scheme, which is to fit in with most of the mobility scenarios in the LTE networks. Compared with other handover schemes, our scheme cannot only achieve a simple authentication process with desirable efficiency, but also provide several security features including perfect forward/backward secrecy (PFS/PBS), which have never been achieved by the previous works. The experiment results and formal verification by using the automated validation of internet security protocols and applications (AVISPA) tool show that the proposed scheme is efficient and secure against various malicious attacks.
