共查询到20条相似文献,搜索用时 31 毫秒
1.
An effective approach to solving large communication overhead issue and strengthening the securities of AKA protocols 
下载免费PDF全文
下载免费PDF全文 Authentication and key agreement (AKA) is a challenge‐response‐like security protocol that uses symmetric‐key cryptography to establish authenticated keys between 2 parties. Its application in the third‐generation mobile system universal mobile telecommunications system (UMTS) is called UMTS‐AKA, and the version applied in the fourth‐generation mobile communication system long‐term evolution (LTE) is called LTE‐AKA. Both UMTS‐AKA and LTE‐AKA share the same weakness: the network operators need to maintain a large space of authentication vectors for visiting stations, and the transmission of the vectors causes lots of overhead. This weakness will be amplified when there are billions of devices accessing the network in the Internet‐of‐things scenarios. In addition, these schemes provide only key distribution (not key agreement) and cannot provide session key forward secrecy. In this paper, we propose a range‐bound key assignment technique to tackle the challenges. The proposed scheme drastically reduces the communication overhead and greatly strengthens the security robustness. The securities are analyzed and are verified using the AVISPA toolset. 相似文献
2.
3.
第三代移动通信系统网络接入安全策略 总被引:3,自引:0,他引:3
综述了第三代移动通信系统的网络接入安全机制,并系统地讨论了该机制下采用的安全算法:鉴权和密钥协商算法、机密性算法及完整性算法,最后对其应用前景进行了探讨。 相似文献
4.
ZHAO Xue GUO Shu-xuCollege of Electronic Science Engineering Jilin University Changchun P.R. China 《中国邮电高校学报(英文版)》2006,13(1):60-62
1IntroductionWithin the security architecture of the3GPP systemthere are two standardized algorithms:a confidentialityalgorithmf8,and an integrity algorithm f9.Each ofthese algorithms is based on the KASUMI algorithm.KASUMI is a block cipher that produces… 相似文献
5.
A Wireless Sensor Network (WSN) link layer security protocol called WSNSec is proposed in this paper. The effective usage of limited sensor node resources is of high importance in WSN security protocol design and implementation. In addition, research on increased security for the WSNs employed in especially military and health areas recently receives a remarkable attention as primarily focused on in this presented work. The WSNSec smoothly combines the advantageous aspects of the Scalable Encryption Algorithm (SEA) with the Counter Mode (CTR) and Cipher Block Chaining-Message Authentication Code (CBC-MAC) approaches. It provides not only high data confidentiality but also message authentication and integrity functions. The WSNSec security level can be boosted dynamically if required. It has been shown that using the proposed WSNSec with the 192-bit data block/key size has a trivial increase on the memory usage and energy consumption while providing an extremely high level of security compared to the traditional TinySEC. In addition, modeling and simulation of a WSN employing the proposed WSNSec have been realized using the OPNET Modeler software. The simulation results reveal that the ratios of the delays resulted from the particular use of both WSNSec and TinySEC to the total end to end delays converge at 13% for increasing the network load. Therefore the WSNSec provides a better delay performance in highly scalable applications. 相似文献
6.
Hsia‐Hung Ou Iuon‐Chang Lin Min‐Shiang Hwang Jinn‐Ke Jan 《International Journal of Network Management》2009,19(4):291-303
Mobile communication is definitely one of the major high‐technology applications that offer present‐day people a modern life of appropriate convenience. In recent years, the third‐generation cell phone system has approached maturity. The Universal Mobile Telecommunication System (UMTS) is currently the most widely used system around the world. The Third Generation Partnership Project is equipped with the Authentication and Key Agreement (AKA) protocol to maintain secrecy and security both during the authentication process and during the telecommunication session through UMTS. However, Hung and Li have pointed out that the UMTS‐AKA protocol has three problems, involving bandwidth consumption, space overhead and synchronization of the sequence number, which are yet to be resolved. In addition, they have proposed an extension of the UMTS‐AKA protocol, named the X‐AKA protocol, to overcome these obstacles. Nevertheless, the X‐AKA protocol too appears to have problems of its own. In this article, the weaknesses of X‐AKA are enumerated. In addition, a more practical AKA protocol for UMTS is presented. The new protocol, based on the same framework as its predecessor, proves to be more efficient and practical, satisfying the requirements of modern living. Copyright © 2008 John Wiley & Sons, Ltd. 相似文献
7.
3G系统安全技术研究 总被引:1,自引:0,他引:1
文章介绍了第3代移动通信系统的安全结构,包括网络结构、功能结构;讨论了第3代移动通信系统的空中接口安全保护技术,包括数据螂性保护、数据完整性保护。 相似文献
8.
To provide mutual authentication and communication confidentiality between mobile clients and servers, numerous identity‐based authenticated key agreement (ID‐AKA) protocols were proposed to authenticate each other while constructing a common session key. In most of the existing ID‐AKA protocols, ephemeral secrets (random values) are involved in the computations of the common session key between mobile client and server. Thus, these ID‐AKA protocols might become vulnerable because of the ephemeral‐secret‐leakage (ESL) attacks in the sense that if the involved ephemeral secrets are compromised, an adversary could compute session keys and reveal the private keys of participants in an AKA protocol. Very recently, 2 ID‐AKA protocols were proposed to withstand the ESL attacks. One of them is suitable for single server environment and requires no pairing operations on the mobile client side. The other one fits multi‐server environments, but requires 2 expensive pairing operations. In this article, we present a strongly secure ID‐AKA protocol resisting ESL attacks under mobile multi‐server environments. By performance analysis and comparisons, we demonstrate that our protocol requires the lowest communication overhead, does not require any pairing operations, and is well suitable for mobile devices with limited computing capability. For security analysis, our protocol is provably secure under the computational Diffie‐Hellman assumption in the random oracle model. 相似文献
9.
Gupta Shubham Parne Balu L. Chaudhari Narendra S. Saxena Sandeep 《Wireless Personal Communications》2022,122(4):2925-2962
Recently, the Third Generation Partnership Project (3GPP) has initiated the research in the Fifth Generation (5G) network to fulfill the security characteristics of IoT-based services. 3GPP has proposed the 5G handover key structure and framework in a recently published technical report. In this paper, we evaluate the handover authentication mechanisms reported in the literature and identify the security vulnerabilities such as violation of global base-station attack, failure of key forward/backward secrecy, de-synchronization attack, and huge network congestion. Also, these protocols suffer from high bandwidth consumption that doesn’t suitable for energy-efficient mobile devices in the 5G communication network. To overcome these issues, we introduce Secrecy and Efficiency Aware Inter-gNB (SEAI) handover Authentication and Key Agreement (AKA) protocol. The formal security proof of the protocol is carried out by Random Oracle Model (ROM) to achieve the session key secrecy, confidentiality, and integrity. For the protocol correctness and achieve the mutual authentication, simulation is performed using the AVISPA tool. Also, the informal security evaluation represents that the protocol defeats all the possible attacks and achieves the necessary security properties.Moreover, the performance evaluation of the earlier 5G handover schemes and proposed SEAI handover AKA protocol is carried out in terms of communication, transmission, computation overhead, handover delay, and energy consumption. From the evaluations, it is observed that the SEAI handover AKA protocol obtains significant results and strengthens the security of the 5G network during handover scenarios.
相似文献10.
11.
Security video communication is a challenging task, especially for wireless video applications. An efficient security multimedia system on embedded platform is designed. By analyzing the hardware architecture and resource, the efficient DSP-based H.264/AVC coding is studied by efficient video coding techniques and system optimizing implementation.To protect the confidentiality and integrity of media information, a novel security mechanism is presented, which includes user identify authentication and a perceptual video encryption algorithm based on exploiting the special feature of entropy coding in H.264. Experimental results show that the proposed hardware framework has high performance and achieves a better balance between security and efficiency. The proposed security mechanism can achieve high security and low complexity cost, and has a little effect on the compression ratio and transmission bandwidth. What’s more, encoding and encryption at the same time, the performance of data process can meet real-time application. 相似文献
12.
George Xylomenos Vasilis Vogkas George Thanos 《Wireless Communications and Mobile Computing》2008,8(2):255-265
This article provides an overview of the multimedia broadcast/multicast service (MBMS) for universal mobile telecommunications system (UMTS) networks. We first outline the features of UMTS networks as defined by the 3rd generation partnership project (3GPP) in order to provide a background for the discussion to follow. We then present the overall MBMS architecture, the services that it provides to the users and the differences between the broadcast and multicast options. The implementation details of MBMS are explained in terms of the modifications needed to the network, the new signaling procedures required and the impact of MBMS on the radio part of the network. We then describe how the security architecture of UMTS is used to support content protection and key distribution for MBMS groups. We evaluate the prospects of MBMS by comparing it first with IP multicast and then with DVB‐H, considered by many to be the closest competitor of MBMS. Finally, we conclude with a discussion of the technical and business challenges still faced by MBMS. Copyright © 2006 John Wiley & Sons, Ltd. 相似文献
13.
Interworking UMTS and WiMAX networks offers global roaming and cost effective broadband wireless Internet access. Designing
efficient Intra and Inter WiMAX handovers in the interworking architecture is a challenging problem. Handovers must be instantaneous
and secure at the same time. We attempt to solve this problem by designing Intra and Inter WiMAX handover protocols which
are capable of operating in the UMTS-WiMAX interworking architecture and perform mutual pre-authentication between the mobile
station and the target network prior to handover. Due to the pre-authentication procedure, our proposed handover protocols
outperform standard handover protocols by dispatching fewer handover signaling messages, experiencing less handover delay
and preserving computation resources of critical nodes in the interworking architecture. Furthermore, our proposed handover
protocols meet essential security requirements and defend against common attacks affecting handover protocols. 相似文献
14.
Authentication and key agreement (AKA) provides flexible and convenient sercices. Most traditional AKA protocols are designed to apply in single-server environment, where a user has to register at different servers to access different types of network services and the user have to remember or manage a large number of usernames and passwords. Later, multi-server AKA protocols resolve the repeated registration problem of single-server AKA protocols, where a user can access different servers to get different services using a single registration and the same username and password. Recently, in 2015, Lu et al proposed a light-weight ID based authentication and key agreement protocol for multi-server architecture, referred to as LAKA protocol. They claimed their protocol can overcome all shortcomings which existed in Xue et al’s protocol. Unfortunately, our further research shows that LAKA protocol still suffers from server spoofing attack, stolen smart card attack etc. To overcome the weakness of LAKA protocol, an energy-efficient and lightweight authentication and key agreement protocol for multi-server architecture is proposed (abbreviated to ELAKA). The ELAKA protocol not only provides the security features declared by LAKA protocol, but also has some other advantages. First, the ELAKA protocol can realize authentication and key agreement just by three handshakes with extremely low communication cost and computation cost between users and servers, which can achieve a delicate balance of security and performance. Second, ELAKA protocol can enable the user enjoy the remote services with privacy protection. Finally the ELAKA protocol is proved secure against known possible attacks by using BAN logic. As a result, these features make ELAKA protocol is very suitable for computation-limited mobile devices (such as smartphone, PAD, tablets) in comparison to other related existing protocols. 相似文献
15.
16.
IMS终端AKA认证过程的研究与实现 总被引:1,自引:1,他引:0
介绍了IMS网络的安全体系结构,并在此基础上分析了IMS终端用户接入IMS网络时需要进行网络与用户之间的双向认证,也就是3GPP提出的AKA认证机制。通过分析AKA认证过程,实现了AKA算法,并且用网络分析仪对客户端注册到网络的过程进行数据分析,证明了代码实现AKA算法的正确性,涉及到的AKA算法对IMS终端成功使用IMS网络具有通用的指导和推广意义。 相似文献
17.
张全伟 《信息安全与通信保密》2012,(8):86-89
随着信息价值的不断提升,安全事件层出不穷。传统的基于协议分析、检测响应技术为主体的安防技术体系已明显不能独立支撑信息安全的大厦。文中通过融合检测响应及密码基础设施,面向服务,面向治理提出新一代的安全集成服务架构。通过该架构,融合网络检测响应设施与密码基础设施,融合技术与管理,从而充分保障信息安全保密性、完整性、可用性、可控性、可审计的要求,为纷繁复杂的数字世界提供更为全面和有力的安全保障。 相似文献
18.
19.
van den Broek W. Brydon A.N. Cullen J.M. Kukkonen S. Lensink A. Mason P.C. Tuoriniemi A. 《Electronics & Communication Engineering Journal》1993,5(3):165-172
The universal mobile telecommunication system (UMTS) will implement terminal mobility and a form of personal mobility limited to UMTS. The most essential procedures to provide this are related to user registration, location management, handover and security. These mobility procedures are specified using specific functional models. In these models, the required functions are identified and the distribution of the functions in the network is anticipated. In a next step, the specific models are mapped onto a generic functional model. This generic model can be considered as the integration and unification of the specific models. Its structure reflects two important implementation aspects. First, the integration of UMTS into future networks for fixed telecommunications is anticipated. Secondly, the application of the intelligent network architecture for the implementation of the UMTS mobility procedures and service provision is assumed 相似文献