Responsive image
博碩士論文 etd-0609118-133912 詳細資訊
Title page for etd-0609118-133912
論文名稱
Title
於LTE網路且具匿名性之認證與金鑰協議機制
Anonymous Authentication and Key Agreement Protocol for LTE Networks
系所名稱
Department
畢業學年期
Year, semester
語文別
Language
學位類別
Degree
頁數
Number of pages
39
研究生
Author
指導教授
Advisor
召集委員
Convenor
口試委員
Advisory Committee
口試日期
Date of Exam
2018-07-27
繳交日期
Date of Submission
2018-08-29
關鍵字
Keywords
長程演進技術、認證與金鑰協議協定、簽章認證、匿名性、偽隨機排列
Long Term Evolution, Authentication and Key Agreement Protocol, Signature, Anonymous, Pseudorandom Permutation
統計
Statistics
本論文已被瀏覽 5648 次,被下載 0
The thesis/dissertation has been browsed 5648 times, has been downloaded 0 times.
中文摘要
在2008年,3GPP在Release8版本中,發佈了長程演進技術(LTE),是電信中用於手機終端的高速無線通訊標準,可以支援用戶利用特定的基站,經過認證程序後接取到網際網路,而這些認證程序都由3GPP訂定在TS33.401及TS33.102標準中,而認證程序標準是承襲了RFC3310的認證與金鑰協議協定並且改為屬於LTE的認證機制,原生的LTE認證機制中,用戶如需要進行認證程序,需要向基站以明文傳送傳送屬於自己的國際移動用戶識別碼(IMSI),而此識別碼是有可能被偽基站抓取到的,也有可能被其追蹤,所以,在這篇論文中,我們提出了一個新的機制,利用簽章與假的識別碼來使偽基站無法拿到真的識別碼進而追蹤用戶,也使基站能夠確認用戶合法性,卻讓用戶保有匿名性,並且在假的識別碼與用戶間擁有不可連結性,而此機制不僅增強了安全性,並且對於用戶端的計算成本與原本相同,且在認證端的計算成本只增加了認證及簽章的成本,就達成了目的。
Abstract
In 2008, 3GPP proposed the Long Term Evolution(LTE) in version 8. The standard is used in high-speed wireless communication standard for mobile terminal in telecommunication. It supports subscribers to access internet via specific base station after authentication. These authentication process were defined in standard TS33.401 and TS33.102 by 3GPP. Authenticated processing standard inherits the authentication and key agreement protocol in RFC3310 and has been changed into authenticated scheme suitable for LTE. In the origin LTE authenticated scheme, subscribers need to transfer it’s International Mobile Subscriber Identity (IMSI) with plaintext. The IMSI might be intercepted and traced by fake stations. In this work, we propose a new scheme with a pseudo IMSI so that fake stations can not get the real IMSI and trace the subscriber. The subscriber can keep anonymous and be confirmed by the base station for the legality. The pseudo identity is unlinkable to the subscriber.Not only does the proposed scheme enhance the security but also it just has some extra costs for signature generation and verification as compared to the original scheme.
目次 Table of Contents
論文審定書 i
摘要 iv
Abstract v
List of Figures viii
List of Tables ix
Chapter 1 Introduction 1
1.1 The System model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
1.2 Contributions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Chapter 2 Preliminaries 3
2.1 The AKA protocols in 3GPP Standards . . . . . . . . . . . . . . . . . . . . . . . 3
2.1.1 Request Phase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
2.1.2 HSS/AuC Computes Phase . . . . . . . . . . . . . . . . . . . . . . . . . 3
2.1.3 Verification Phase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
2.2 Pseudorandom Permutation Security . . . . . . . . . . . . . . . . . . . . . . . . . 5
Chapter 3 Related Works 8
3.1 Anonymous Authentication and Location Privacy Preserving Schemes for LTEA
Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
3.1.1 System Initialization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
3.1.2 Anonymous Authentication . . . . . . . . . . . . . . . . . . . . . . . . . 9
3.1.2.1 UE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
3.1.2.2 BS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
3.1.2.3 MME . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
3.1.2.4 Verify . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
3.2 A Secure Anonymity Key of Authentication and Key Agreement Protocol for
LTE Networks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
3.2.1 Authentication Process Session . . . . . . . . . . . . . . . . . . . . . . . 11
Chapter 4 The Proposed Protocol 15
4.1 The Proposed Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
4.1.1 Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
4.1.2 IMSI-request . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
4.1.3 Set-XRES . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
4.1.4 Verify-HSS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
4.1.5 Verify-UE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
4.2 Correctness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Chapter 5 Security Proof 20
5.1 Security Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
5.1.1 The Authentication Game I . . . . . . . . . . . . . . . . . . . . . . . . . 20
5.1.2 The Authentication Game II . . . . . . . . . . . . . . . . . . . . . . . . . 20
5.2 Security Proof . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
5.3 Anonymity Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Chapter 6 Comparison 24
Chapter 7 Conclusion 26
Bibliography 27
參考文獻 References
[1] 3g security; security architecture. 2008. www.3gpp.org/dynareport/33102.htm,2018/05/13.
[2] 3gpp system architecture evolution (sae); security architecture. 2008. www.3gpp.org/dynareport/33401.htm ,2018/05/12.
[3] Zaher Jabr Haddad, Sanaa Taha, and Saroit Imane Aly. Anonymousauthentication and location privacy preserving schemes for lte networks. Egyptian Informatics Journal, 18(3):193–203, 2017. https://www.sciencedirect.com/science/article/pii/S1110866517300142 ,2018/05/15.
[4] Hamandi Khodor, Bou Abdo Jacques, H. Elhajj Imad, I. Kayssi Ayman,and Chehab Ali. A privacy-enhanced computationally efficient and comprehensive lte-aka. Computer Communications, 98:20–30, 2017. https://www.sciencedirect.com/science/article/pii/S0140366416303449 ,2018/05/19.
[5] Xiehua Li and Yongjun Wang. Security enhanced authentication and keyagreement protocol for lte/sae network. 2011 7th International Conference on Wireless Communications, Networking and Mobile Computing, pages 1–4, 2011. https://ieeexplore.ieee.org/abstract/document/6040169/ ,2018/05/02.
[6] Michael Luby and Charles Rackoff. How to construct pseudorandom permutations from pseudorandom functions. SIAM Journal on Computing, 17(2):373–386, 1988. https://epubs.siam.org/doi/abs/10.1137/0217022 ,2018/06/18.
[7] Hsia-Hung Ou, Min-Shiang Hwang, and Jinn-Ke Jan. A cocktail protocol with the authentication and key agreement on the umts. J. Syst. Softw. https://www.sciencedirect.com/science/article/pii/S016412120900199X ,2018/05/10.
[8] Nashwan Shadi. SAK-AKA: a secure anonymity key of authentication and key agreement protocol for LTE network. Int. Arab J. Inf. Technol. https://link.springer.com/article/10.1007/s10916-015-0258-7 ,2018/05/12.
[9] Joe-Kai Tsay and Mjølsnes Stig F. A vulnerability in the umts and lte authentication and key agreement protocols. In Kotenko Igor and Victor Skormin, editors, Computer Network Security. Springer Berlin Heidelberg, 2012.
電子全文 Fulltext
本電子全文僅授權使用者為學術研究之目的,進行個人非營利性質之檢索、閱讀、列印。請遵守中華民國著作權法之相關規定,切勿任意重製、散佈、改作、轉貼、播送,以免觸法。
論文使用權限 Thesis access permission:自定論文開放時間 user define
開放時間 Available:
校內 Campus: 已公開 available
校外 Off-campus: 已公開 available


紙本論文 Printed copies
紙本論文的公開資訊在102學年度以後相對較為完整。如果需要查詢101學年度以前的紙本論文公開資訊,請聯繫圖資處紙本論文服務櫃台。如有不便之處敬請見諒。
開放時間 available 已公開 available

QR Code