第五代行動通訊系統( 5th Generation Mobile Networks或5th Generation Wireless Systems, 5G)為行動通訊網路4G的延伸。與其他網路世代最大的差異點在於5G想打造一個萬物皆可以連上網路的網路環境，因此透過網路功能虛擬化（Network Function Virtualization，NFV）和軟體定義網路（Software-Defined Networking, SDN）以達成5G網路環境的願景。NFV將傳統一個網路功能需要一套網路設備的支援虛擬化，再以SDN網路將封包傳遞到正確的路徑。如此一來，即可達到支援多種服務的目標，也就是5G網路環境所提出的新概念 — 網路切片(Network Slicing)。因為SDN網路的加入，5G將傳統的核心網及接入網部分延伸出核心雲(Center Cloud)以及邊緣雲(Edge Cloud)的概念，也因為網路切片的出現，5G電信商就可以根據服務的特性不同去為此服務量身打造一個專屬的切片，如：根據3GPP所定義出的5G三大場景，URLLC(Ultra-Reliable and Low Latency Communications)切片主要提供低延遲高可靠度的服務，因此可以將原本在核心網路計算的單元下放至邊緣雲中以達到低延遲的特性。有鑑於此，我們提出了一個輕量級的認證機制，能滿足3GPP至目前為止所定義的標準，也同是滿足了5G網路環境低時間延遲的特性，讓認證不再需要到最後端做運算，以減少時間成本的支出。

The 5th Generation Mobile Network (or 5th Generation Wireless System, 5G) is an extension of 4G. The major difference between other generations communication networks is that 5G will create a network environment in which everything can be connected to the Internet. It applies the techniques of Network Function Virtualization (NFV) and Software-Defined Networking (SDN) to support multiple services in a 5G network environment and the new concept -Network Slicing is proposed. With the SDN network concept, 5G extends the traditional core network and access network to the center cloud and the edge cloud. And due to the appearance of network slicing, 5G can create a slice with distinctive characteristics. For example, according to the scenarios defined by 3GPP, URLLC (Ultra-Reliable and Low Latency Communications) slices mainly provide the services with low latency and high reliability. Therefore, the computation unit in the core network can be decentralized to the edge cloud to achieve low latency. In view of the characteristics of 5G, we propose a novel authentication scheme tailored for 5G. Not only does the proposed scheme satisfy the standard of 3GPP, but it achieves the low latency feature as well. The authentication flow is no longer to query the operator all the time in order to reduce the time latency.

論文審定書i
Acknowledgments iv
摘要v
Abstract vi
List of Figures ix
List of Tables x
Chapter 1 Introduction 1
1.1 Contributions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.2 Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Chapter 2 Preliminaries 6
2.1 5G Network Environments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
2.2 TS 33.501 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.3 Elliptic Curve Integrated Encryption Scheme (ECIES) . . . . . . . . . . . . . . 10
2.4 Security Games . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.4.1 The IND-CCA Game . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.4.2 The Psudorandom Permutation (PRP) Game . . . . . . . . . . . . . . . 12
Chapter 3 Related Works 14
3.1 Ni et al.’s Network Slicing scheme . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Chapter 4 Our Construction 22
4.1 Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
4.2 Registration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
4.3 Three-Party authentications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
4.4 Handover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Chapter 5 Security Proof 29
5.1 Security Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
5.1.1 Secure Three Party Authentication between the user and the operator . 29
5.1.2 Secure Three Party Authentication between the slice and the operator . 30
5.1.3 Secure Handover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
5.2 Security Proof . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
5.2.1 Three party authentication (Between a user and the operator) . . . . . . 32
5.2.2 Three party authentication (Between the slice and the operator) . . . . 36
5.2.3 Handover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Chapter 6 Comparison 46
6.0.1 Properties Comparison . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
6.0.2 Performance Comparison . . . . . . . . . . . . . . . . . . . . . . . . . . 47
Chapter 7 Conclusion 48
Bibliography 49

[1] ITU-R. M.2083 : Imt vision - "framework and overall objectives of the future development
of imt for 2020 and beyond". Technical report, ITU-R, 9 2015.
[2] IMT-2020(5G) Promotion Group. 5g concept. Technical report, IMT-2020(5G) Promotion
Group, 2 2015.
[3] NOKIA. Security challenges and opportunities for 5g mobile networks. Technical report,
NOKIA, 2017.
[4] ERRICSSON. 5g security: Scenarios and solutions. Technical report, ERRICSSON,
2017.
[5] 3GPP. Ts 23.501 system architecture for the 5g system. Technical report, 3GPP, 2017.
[6] 3GPP. Ts 33.501 security architecture and procedures for 5g system. Technical report,
3GPP, 2018.
[7] Victor Shoup. A proposal for an iso standard for public key encryption (version 2.1).
IACR e-Print Archive, 112, 2001.
[8] V Gayoso Martínez, L Hernández Encinas, and C Sánchez Ávila. A survey of the elliptic
curve integrated encryption scheme. ratio, 80(1024):160–223, 2010.
[9] Goldwasser Shafi and Silvio Micali. Probabilistic encryption. Journal of computer and
system sciences, 28(2):270–299, 1984.
[10] Dawn Xiaoding Song, DavidWagner, and Adrian Perrig. Practical techniques for searches
on encrypted data. In Security and Privacy, 2000. S&P 2000. Proceedings. 2000 IEEE
Symposium on, pages 44–55. IEEE, 2000.
[11] Jianbing Ni, Xiaodong Lin, and Xuemin Sherman Shen. Efficient and secure serviceoriented
authentication supporting network slicing for 5g-enabled iot. IEEE Journal on
Selected Areas in Communications, 36(3):644–657, 2018.