一种新型的LTE-A网络切换认证协议

doi:10.3969/j.issn.0372-2112.2017.02.030

摘要
图/表
参考文献(0)
相关文章 (2)

全文: PDF (3642 KB) HTML (1 KB)
输出: BibTeX | EndNote (RIS)

摘要

针对典型蜂窝网络LTE-A网络的切换认证问题，本文通过引入SDN（Software Defined Network，软件定义网络），提出了软件定义LTE-A异构网络架构，在中心控制器中共享UE（User Equipment，用户设备）的安全上下文信息，以实现简化切换认证过程，提高认证效率的目标.中心控制器的加入，使蜂窝与核心网通信时需要增加一次信令开销，而LTE-A网络的标准切换认证方法过于复杂，应用在软件定义LTE-A异构网络中，会产生较多的信令开销.基于代理签名的切换认证方法，使UE在验证身份时不用经过核心网，减少了信令开销.在安全性相同的情况下，基于椭圆曲线的加密体系比基于RSA的加密体系计算量更小，有利于减少中心控制器的计算压力.本文采用椭圆曲线代理签名方法，提出了一种新型的切换认证协议，并运用着色Petri网进行建模和仿真分析.仿真结果表明，该协议是有效的，且安全性更高.

	服务

	把本文推荐给朋友
	加入我的书架
	加入引用管理器
	E-mail Alert
	RSS
	作者相关文章
	陈昕
	宋亚鹏
	刘志强

关键词 ： LTE-A, 切换认证, SDN (Software Defined Network), 椭圆曲线代理签名, 着色Petir网

Abstract：

Aiming at the handover authentication in the LTE-A,SDN is introduced and a new heterogeneous network framework named Software Defined LTE-A is proposed.This framework simplifies the handover authentication via the sharing of security context information in the Controllers.The use of Controller leads to one more communication overhead when the base station communicates to the core network.The standard handover authentication in LTE-A is a complex system that will generate a lot of communication overhead.The handover authentication based on proxy signature make the UE(User Equipment) need not to communicate to core network when UE is authenticated,which reduces the communication overhead.Compared to RSA Cryptography,the Elliptic Curve Cryptography needs less computation that will decrease the computation overhead in the Controller.Adopted the proxy signature based on the Elliptic Curve,a new handover authentication protocol is proposed,and is modeled,simulated,and analyzed by the Colored Petri Nets.The results of the simulation show that the proposed handover authentication is efficient and more secure.

Key words： LTE-A handover authentication SDN(software defined network) proxy signature based on elliptic curve colored Petri Nets

收稿日期: 2015-10-08

ZTFLH:

TP391.9

基金资助:

国家自然科学基金（No.61370065，No.61502040）；国家十二五科技支撑计划（No.2015BAK12B03-3）；北京市优秀人才培养资助青年骨干个人项目（No.2014000020124G099）

作者简介: 陈昕,男,1965年出生,教授,兼职博士生导师,于2003年在北京理工大学获得博士学位,现为北京信息科技大学计算机学院教授,主要研究领域为计算机网络及性能评价、网络安全、航电网络,曾在《TheJournalofSupercomputing》、《MultimediaToolsandApplications》、《电子学报》和《计算机科学》等期刊上发表多篇论文.E-mail:chenxin@bistu.edu.cn;宋亚鹏,男,1990年出生,硕士,于2016年在北京信息科技大学获得硕士学位,主要研究方向为无线网络与安全.E-mail:songyapeng_bistu@sina.com

引用本文:

陈昕, 宋亚鹏, 刘志强. 一种新型的LTE-A网络切换认证协议[J]. 电子学报, 2017, 45(2): 485-491. CHEN Xin, SONG Ya-peng, LIU Zhi-qiang. A New Handover Authentication Protocol for LTE-A Network. Acta Electronica Sinica, 2017, 45(2): 485-491.

链接本文:

http://www.ejournal.org.cn/CN/10.3969/j.issn.0372-2112.2017.02.030 或 http://www.ejournal.org.cn/CN/Y2017/V45/I2/485

[1] Niafar,S,X Tan,D H K Tsang.The optimal user scheduling for LTE-A downlink with heterogeneous traffic types[A].International Conference on Heterogeneous Networking for Quality,Reliability,Security and Robustness[C].Rhodes Greece:IEEE,2014.56-62.
[2] Cisco.Global Mobile Data Traffic Forecast Update 2014-2019 White Paper,Feb 2015[J/OL].See:http://www.cisco.com/c/en/us/solutions/collateral/service-provider/visual-networking-index-vni/white-paper-c11-520862.html,2015.
[3] Forsberg D.LTE key management analysis with session keys context[J].Computer Communications,2010,33(16):1907-1915.
[4] Gudipati A,Perry D,Li L E.SoftRAN:Software defined radio access network[A].ACM SIGCOMM Workshop on Hot Topics in Software Defined Networking[C].Hong Kong:ACM,2013.25-30.
[5] Bhaumik S,Chandrabose S P,Jataprolu M K.CloudIQ:a framework for processing base stations in a data center[A].Proceedings of the 18th Annual International Conference on Mobile Computing and Networking[C].Istanbul,Turkey:ACM,2012.125-136.
[6] Duan X,Wang X.Authentication handover and privacy protection in 5G hetnets using software-defined networking[J].IEEE Communications Magazine,2015,53(4):28-35.
[7] Song M,Choi J Y,Cho J D.Reduction of authentication cost based on key caching for inter-MME handover support[A].The 2014 International Conference on High Performance Computing & Simulation(HPCS 2014)[C].Bologna,Italy:IEEE,2014.885-892.
[8] A Bohk,L Buttyn,L Dra.An authentication scheme for fast handover between WiFi access points[A].Proceeding of ACM Wireless Internet Conference (WICON 2007)[C].Austin,USA:ACM,2007.22-24.
[9] Choi J,Jung S.A handover authentication using credentials based on chameleon hashing[J].IEEE Communications Letters,2010,14(1):54-56.
[10] Jing Q,Zhang Y,Fu A.A privacy preserving handover authentication scheme for EAP-based wireless networks[A].Global Telecommunications Conference (GLOBECOM 2011)[C].Houston,USA:IEEE,2011.1-6.
[11] Cao J,Li H,Ma M.A simple and robust handover authentication between HeNB and eNB in LTE networks[J].Computer Networks,2012,56(8):2119-2131.
[12] 3GPP TS 36.300 v10.4.0.Evolved Universal Terrestrial Radio Access (E-UTRA) and Evolved Universal Terrestrial Radio Access Network (E-UTRAN)[S].2011.
[13] 3GPP TS 36.401 v10.3.0.Evolved Universal Terrestrial Radio Access Network (E-UTRAN):Architecture description[S].2011.
[14] 3GPP TS 33.401 v10.5.0.3GPP System Architecture Evolution (SAE);Security architecture[S].2011.
[15] 3GPP TS 23.401 V10.5.0.General Packet Radio Service (GPRS) Enhancements for Evolved Universal Terrestrial Radio Access Network (E-UTRAN)[S].2011.
[16] Mambo M,Usuda K,Okamoto E.Proxy signatures:delegation of the power to sign messages[J].Ieice Transactions on Fundamentals of Electronics Communications & Computer Sciences,1996,79(9):1338-1354.
[17] Hwang M S,Tzeng S F,Tsai C S.Generalization of proxy signature based on elliptic curves[J].Computer Standards & Interfaces,2004,26(2):73-84.
[18] Jacobson,Michael Jr.Elliptic curves and cryptography[J].Dr Dobbs Journal,1997,19(3):173-193.