論文使用權限 Thesis access permission:自定論文開放時間 user define
開放時間 Available:
校內 Campus:開放下載的時間 available 2024-08-21
校外 Off-campus:開放下載的時間 available 2024-08-21
論文名稱 Title |
在5G環境中基於多營運商之跨網路切片快速認證機制 A Fast Authentication Scheme for Cross-Network-Slicing Based on Multiple Operators in 5G Environments |
||
系所名稱 Department |
|||
畢業學年期 Year, semester |
語文別 Language |
||
學位類別 Degree |
頁數 Number of pages |
83 |
|
研究生 Author |
|||
指導教授 Advisor |
|||
召集委員 Convenor |
|||
口試委員 Advisory Committee |
|||
口試日期 Date of Exam |
2019-07-11 |
繳交日期 Date of Submission |
2019-08-21 |
關鍵字 Keywords |
網路切片、代理重簽章、低時間延遲、5G、認證機制 5G, Network Slicing, Proxy Re-Signature, Authentication, Low Latency |
||
統計 Statistics |
本論文已被瀏覽 5662 次,被下載 0 次 The thesis/dissertation has been browsed 5662 times, has been downloaded 0 times. |
中文摘要 |
最近幾年,第五代行動通訊(5th Generation Mobile Networks, 5th Generation Wireless Systems或5G)被視為是未來世界的關鍵技術,因為5G具有包括高數據速率,可靠的網路存取,低服務延遲以及支持大量數據流量等特性,能夠克服許多無線移動網路的挑戰。在5G環境中會透過網路功能虛擬化(Network Function Virtualization,NFV)以及軟體定義網路(Software-Defined Networking, SDN)來架構稱為網路切片(Network Slicing)的新概念。透過使用網路切片的概念,5G電信運營商可以實現支援具有各種不同服務用戶的目標,並且可以創建具有獨特屬性的切片功能。然而,目前傳統的認證機制並沒有辦法解決網路切片切換中,使用者需要經過繁瑣的認證過程導致計算成本提高的問題。因此,我們提出了一種網路切片的切換認證機制,不僅可以滿足3GPP所定義的標準,也可以通過將計算委託給邊緣雲來實現低時間延遲特性。此外,我們的機制中使用了代理重簽章和無證書簽章的概念。因此,即使用戶需要在不同的電信運營商中切換使用網路切片服務,依然可以滿足低時間延遲的認證流程需求。 |
Abstract |
In recent years, the 5th Generation Mobile Network (5G) is considered as a key technology in the future world, where high-speed data rate, ultra-high reliability network access, low-latency applications, and supporting massive amounts of data open several challenges of wireless mobile networks. In 5G environments, it applies the functionalities of Network Function Virtualization and Software-Defined Networking to support multiple services and proposes a new concept called Network Slicing. By using that concept, the 5G telecommunication operators can achieve the goal of supporting users with a variety of different services and can also create a slice with certain unique characteristics. For examples: eMBB slicing, URLLC slicing, etc. However, the traditional authentication mechanism does not address any concrete strategy for network slicing handover in 5G so that the computational process must be calculated by the core network. Hence, we propose a network slicing handover authentication scheme that not only satisfies the standards defined by 3rd Generation Partnership Project but also achieves low time latency through delegating computation overhead to theedge clouds. In addition, we incorporate the concepts of the proxy re-signature and certificateless signature in our scheme. As a result, when users need to use the network slicing services across the telecommunications operators, they can still meet the requirements of reducing the time latency in the process of the authentication flows. |
目次 Table of Contents |
論文審定書i Acknowledgments iv 摘要v Abstract vi List of Figures ix List of Tables xi Chapter 1 Introduction 1 1.1 Contributions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 1.2 Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Chapter 2 Preliminaries 5 2.1 5G Environments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 2.2 Bilinear Pairings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 2.3 Boneh-Boyen Signature Scheme . . . . . . . . . . . . . . . . . . . . . . . . . 8 2.4 Proxy Re-Signature Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 2.5 Security Games . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 2.5.1 Indistinguishable against Chosen Ciphertext Attack (IND-CCA) Game 10 2.5.2 Pseudorandom permutation (PRP) Game . . . . . . . . . . . . . . . . 10 Chapter 3 Related Works 12 3.1 Yang et al.’s Blockchain-Based Architecture . . . . . . . . . . . . . . . . . . . 12 vii 3.2 Ni et al.’s Network Slicing Scheme . . . . . . . . . . . . . . . . . . . . . . . . 13 3.3 Ying et al.’s Authentication Protocol . . . . . . . . . . . . . . . . . . . . . . . 19 Chapter 4 Our Construction 22 4.1 Notations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 4.2 Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 4.3 Registration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 4.4 Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 4.5 Handover 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 4.6 Handover 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 Chapter 5 Security Proof 35 5.1 Security Models . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35 5.1.1 The Unforgeability Game . . . . . . . . . . . . . . . . . . . . . . . . 35 5.1.2 Secure Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . 36 5.1.3 Secure Handover 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 5.1.4 Secure Handover 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 5.2 Security Proof . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 5.2.1 Unforgeability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39 5.2.2 Secure Mutual Authentication . . . . . . . . . . . . . . . . . . . . . . 42 5.2.3 Secure Handover 1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 5.2.4 Secure Handover 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56 Chapter 6 Comparison 63 6.1 Properties Comparison . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 6.2 Performance Comparison . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 Chapter 7 Conclusion 66 Bibliography 68 |
參考文獻 References |
[1] Nisha Panwar, Shantanu Sharma, and Awadhesh Kumar Singh. A survey on 5G: The next generation of mobile communication. Physical Communication, 18:64–84, 2016. [2] ITU-R. M.2083 : Imt vision - "framework and overall objectives of the future development of imt for 2020 and beyond". Technical report, ITU-R, 9 2015. [3] Afif Osseiran, Federico Boccardi, Volker Braun, Katsutoshi Kusume, Patrick Marsch, Michal Maternia, Olav Queseth, Malte Schellmann, Hans Schotten, Hidekazu Taoka, et al. Scenarios for 5G mobile and wireless communications: the vision of the metis project. IEEE communications magazine, 52:26–35, 2014. [4] Simone Redana, Alexandros Kaloxylos, Alex Galis, Peter Rost, Patrick Marsch, Olav Queseth, Volker Jungnickel, Chen Tao, Guo Fang-Chun, and Hans Van der Veen. View on 5G architecture. Technical report, 7 2016. [5] Alexandros Kaloxylos. A survey and an analysis of network slicing in 5G networks. IEEE Communications Standards Magazine, 2(1):60–65, 2018. [6] Xenofon Foukas, Georgios Patounas, Ahmed Elmokashfi, and Mahesh K Marina. Network slicing in 5g: Survey and challenges. IEEE Communications Magazine, 55(5):94– 100, 2017. [7] 3GPP. Ts 23.501 system architecture for the 5G system. Technical report, 3GPP, 2017. [8] 3GPP. Ts 33.501 security architecture and procedures for 5G system. Technical report, 3GPP, 2018. [9] Wan-Ru Chiu. Cross-network-slice authentication scheme for the 5th generation mobile communication system. Master thesis, National Sun Yet-sen University, 2018. [10] Victor Shoup. A proposal for an iso standard for public key encryption (version 2.1). IACR e-Print Archive, 112, 2001. [11] Dan Boneh and Xavier Boyen. Short signatures without random oracles. In International Conference on the Theory and Applications of Cryptographic Techniques, pages 56–73. Springer, 2004. [12] Masahiro Mambo, Keisuke Usuda, and Eiji Okamoto. Proxy signatures: Delegation of the power to sign messages. IEICE transactions on fundamentals of electronics, communications and computer sciences, 79(9):1338–1354, 1996. [13] Matt Blaze, Gerrit Bleumer, and Martin Strauss. Divertible protocols and atomic proxy cryptography. In International Conference on the Theory and Applications of Cryptographic Techniques, pages 127–144. Springer, 1998. [14] Giuseppe Ateniese and Susan Hohenberger. Proxy re-signatures: new definitions, algorithms, and applications. In Proceedings of the 12th ACM conference on Computer and communications security, pages 310–319. ACM, 2005. [15] Hui Yang, Haowei Zheng, Jie Zhang, Yizhen Wu, Young Lee, and Yuefeng Ji. Blockchain-based trusted authentication in cloud radio over fiber network for 5G. In 2017 16th International Conference on Optical Communications and Networks (ICOCN), pages 1–3. IEEE, 2017. [16] Jianbing Ni, Xiaodong Lin, and Xuemin Sherman Shen. Efficient and secure serviceoriented authentication supporting network slicing for 5G-enabled iot. IEEE Journal on Selected Areas in Communications, 36:644–657, 2018. [17] Bidi Ying and Amiya Nayak. Lightweight remote user authentication protocol for multiserver 5G networks using self-certified public key cryptography. Journal of Network and Computer Applications, 131:66–74, 2019. [18] RHH Chun-Ifan and PH Ho. Truly non-repudiation certificateless short signature scheme from bilinear pairings. J. Inf. Sci. Eng, 27:969–982, 2011. [19] Benoît Libert and Damien Vergnaud. Multi-use unidirectional proxy re-signatures. In Proceedings of the 15th ACM conference on Computer and communications security, pages 511–520. ACM, 2008. [20] Digital-Signature-using-RSA-and-SHA-256. https://github.com/henmja/ Digital-Signature-using-RSA-and-SHA-256, 2018. [Online; accessed 25- August-2018]. [21] AES 256bit Encryption/Decryption and storing in the database using java. https://medium.com/@danojadias/aes-256bit-encryption-decryption-/ /and-storing-in-the-database-using-java-2ada3f2a0b14, 2016. [Online; accessed 25-August-2018]. [22] Class BigInteger. https://docs.oracle.com/javase/7/docs/api/java/math/ BigInteger.html. [Online; accessed 25-August-2018]. [23] Class Cipher. https://docs.oracle.com/javase/7/docs/api/javax/crypto/ Cipher.html. [Online; accessed 25-August-2018]. |
電子全文 Fulltext |
本電子全文僅授權使用者為學術研究之目的,進行個人非營利性質之檢索、閱讀、列印。請遵守中華民國著作權法之相關規定,切勿任意重製、散佈、改作、轉貼、播送,以免觸法。 論文使用權限 Thesis access permission:自定論文開放時間 user define 開放時間 Available: 校內 Campus:開放下載的時間 available 2024-08-21 校外 Off-campus:開放下載的時間 available 2024-08-21 您的 IP(校外) 位址是 18.222.120.133 現在時間是 2024-04-26 論文校外開放下載的時間是 2024-08-21 Your IP address is 18.222.120.133 The current date is 2024-04-26 This thesis will be available to you on 2024-08-21. |
紙本論文 Printed copies |
紙本論文的公開資訊在102學年度以後相對較為完整。如果需要查詢101學年度以前的紙本論文公開資訊,請聯繫圖資處紙本論文服務櫃台。如有不便之處敬請見諒。 開放時間 available 2024-08-21 |
QR Code |