CN107342860A - A kind of method for realizing LTE WLAN UNE access authentication agreements - Google Patents

A kind of method for realizing LTE WLAN UNE access authentication agreements Download PDF

Info

Publication number
CN107342860A
CN107342860A CN201710556814.7A CN201710556814A CN107342860A CN 107342860 A CN107342860 A CN 107342860A CN 201710556814 A CN201710556814 A CN 201710556814A CN 107342860 A CN107342860 A CN 107342860A
Authority
CN
China
Prior art keywords
key
waaa
idue
access authentication
wlan
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710556814.7A
Other languages
Chinese (zh)
Other versions
CN107342860B (en
Inventor
刘乃安
赵雅琴
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xidian University
Original Assignee
Xidian University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xidian University filed Critical Xidian University
Priority to CN201710556814.7A priority Critical patent/CN107342860B/en
Publication of CN107342860A publication Critical patent/CN107342860A/en
Application granted granted Critical
Publication of CN107342860B publication Critical patent/CN107342860B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/02Hierarchically pre-organised networks, e.g. paging networks, cellular networks, WLAN [Wireless Local Area Network] or WLL [Wireless Local Loop]
    • H04W84/10Small scale networks; Flat hierarchical networks
    • H04W84/12WLAN [Wireless Local Area Networks]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Algebra (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses one kind to realize LTE WLAN UNE access authentication protocol methods, solves the problems, such as present in prior art easily by attack leak, realizes and is mutually authenticated between each node.The present invention is encrypted and decrypted to node-node transmission parameter using ECDH methods generation symmetric key;To access AP encryptions, AP is verified in HAAA server ends, if inconsistent with access AP, disconnected;To prevent UE identity information leakage, the interim ID for next certification UE is generated at UE ends;To prevent the various attacks of verification process, being mutually authenticated for UE and AP and UE and WAAA is devised.IMSI is invisible to attacker in the present invention, and interim ID is not sent in the form of a message, is independently generated by UE and HSS, effectively protects user identity, and each key generation and random number are chosen and effectively prevent various malicious attacks.The present invention can detect the change of transmission data as early as possible in the course of the work, reduce authentication time delay and bandwidth consumption, the secure accessing for user in UNE.

Description

A kind of method for realizing LTE-WLAN UNE access authentication agreements
Technical field
The invention belongs to communication technical field, further relates to the network integration, and specifically one kind realizes that LTE-WLAN melts The method for closing network access authentication agreement.The access when present invention switches available for user under the LTE-WLAN network architectures is recognized Card, various attacks can be effective against while also reduce authentication time delay and bandwidth consumption.
Background technology
With the development of mobile Internet, the first choice using LTE and WLAN as access network, LTE are moved active user Flexibly, wide coverage, but cost is high;WLAN data transmission rate is high, and cost is cheap, but mobile very flexible, WLAN and LTE Abundant bandwidth forms strong complementation, both networks be fused to user and operator preferably services.Access authentication is to use The premise of wireless network is accessed at family, should prevent the various malicious attacks being likely to occur in access procedure, to ensure the safety of access. In addition, to be also mutually authenticated between each node, it is ensured that the correctness of transceiving data.It is outstanding for the access authentication of Wireless Heterogeneous Networks Its is important, such as LTE-WLAN UNEs, because they are established in different safe floors, can increase time delay in switching And cost, therefore pre- preventing malicious attack, it is the key issue for needing to solve to reduce time delay and cost.
Kumar et al. is in " Kumar, Suresh, and A.Rajeswari. " Enhanced fast iterative localized re-authentication protocol for UMTS-WLAN interworking."Electronics and Communication Systems(ICECS),2014International Conference on.IEEE,2014.” A kind of iteratively faster local re-authentication agreement is proposed to reduce authentication time delay, in the agreement, initializes full-EAP-AKA After agreement, no longer establish and connect with local radius servers, but by AP grey iterative generation Ciphering Key itself, but this needs not Disconnected updating apparatus, cost is too high, because AP needs to have substantial amounts of computing capability as built-in local authentication agency.
Yu, Binbin et al. are in " Yu, Binbin, Jianwu Zhang, and Zhendong Wu. " Improved EAPAKA Protocol Based on Redirection Defense."P2P,Parallel,Grid,Cloud and Internet Computing(3PGCIC),2014}Ninth International Conference on.IEEE,2014.” In order to prevent Replay Attack from proposing modification EAP-AKA agreements to verify AP, but the shared key updated sends response message in UE When sent with clear-text way, this be more easy to meet with man-in-the-middle attack.
Idrissi et al. is in " Idrissi, Y.E.H.E., Noureddine Zahid, and Mohamed Jedra. " Security analysis of 3GPP(LTE)—WLAN interworking and a new local authentication method based on EAP-AKA."Future Generation Communication Technology (FGCT), 2012, International Conference on.IEEE, 2012. " propose a kind of EAP- FAKA agreements, suggest in document making generating symmetric key, the public keys security that ECDH is provided with ECDH during AKA Height, do not safeguard the burden of public certificate infrastructure yet, based on this set forth herein agreement will also use ECDH generations shared Key.But the agreement is not carried out being mutually authenticated for UE and home network, because the response certification of user is complete by WLANAAA Into.
In above-mentioned access authentication agreement, the full-EAP-AKA agreements that Kumar et al. is proposed are because AP iteration itself is given birth to Into Ciphering Key, it is necessary to which continuous updating apparatus, cost is too high, and need to have substantial amounts of computing capability;Yu, Binbin etc. People's response message that UE is sent in the EAP-AKA agreements of modification is sent with clear-text way, is subject to man-in-the-middle attack; The EAP-FAKA protocol safeties that Idrissi et al. is proposed are high, but the agreement is not carried out mutually recognizing each other for UE and home network Card, simply a kind of unilateral authentication, is subject to attack.
The content of the invention
It is an object of the invention to overcome above-mentioned the deficiencies in the prior art, propose a kind of for realizing that LTE-WLAN merges net The access authentication agreement of network, it is intended to be effective against various malicious attacks, reduce authentication time delay, bandwidth consumption, realize each node It is mutually authenticated, it is ensured that the secure accessing of user.
The present invention is a kind of method for realizing LTE-WLAN UNE access authentication agreements, it is characterised in that is included Following two stages:
(1) parametric step is generated:It is symmetrical close using the generation of ECDH (Elliptic Curve Diffie Hellman) method Key, for the parameter for needing certification to be encrypted and decrypted, specifically in finite field FqOne elliptic curve equation E of upper definitionq, Point Q, HAAA are randomly selected on elliptic curve has public key UH=dH* Q, UE and HSS have shared key to (UE, dE), wherein UE =dE*Q;
(2) the UE authentication stage:Certification starts rear each node needs encryption, it is necessary to encrypt only in configured transmission Shi Caiyong ECDH methods generate key at random, and the key is to be consulted by key exchange both sides in the case of not shared any secret It is determined that.
Compared with prior art, the present invention has advantages below:
First, IMSI are not sent with clear-text way, invisible to attacker, for the interim ID of certification next time not to disappear The form of breath is sent, but is independently generated by UE and HSS, so as to be effectively protected user identity;Mutually recognized each other between each node Card, it is ensured that send the correctness of message.The generation of each key and the selection of random number effectively prevent man-in-the-middle attack, The various malicious attacks such as Replay Attack.
Second, the method invented herein can detect the change either attacker of parameter as early as possible in verification process, ECDH use avoids the processing time for using the PKIX with certificate, reducing server.To IDue and CTue Successful decryption avoid again ask UE and AP identity.UE certification is completed by WAAA in the present invention, at least can be 50% bandwidth consumption is reduced between WAAA and HAAA, while the present invention does not use sequence number synchronization in UE and LTE network, This reduces bandwidth consumption to a certain extent.
Brief description of the drawings
Fig. 1 is LTE-WLAN UNE Organization Charts;
Fig. 2 is the detailed protocol authentication process figure of the present invention.
Embodiment
Below in conjunction with the accompanying drawings 1 and accompanying drawing 2 the present invention is described in detail.
Embodiment 1
With the fast development of mobile Internet, the explosive growth of mobile data flow, LTE merges with wlan network As the focus studied at this stage, service disconnection can be caused when user switches between WLAN and LTE network at this stage, and by WLAN After access LTE core network merges with LTE network, user will realize seamless switching between network, be not in service disconnection, simultaneously WLAN can also play a part of shunting.The access authentication of user is premise in fusion is netted, and existing certification needs constantly to rise Level equipment, cost is too high, and needs to have substantial amounts of computing capability;Some EAP-AKA agreements are also easy to attack by go-between Hit, be also not carried out being mutually authenticated for UE and home network, simply a kind of unilateral authentication, is subject to attack.The present invention is directed to This state of the art, by researching and proposing a kind of more efficient access authentication agreement, it is ensured that the secure accessing of user.
For the implementation of access authentication agreement in the present invention, design one kind realizes that LTE-WLAN UNEs access authentication is assisted The network architecture of view, referring to Fig. 1, including WLAN domains and LTE domains two parts, WLAN domains include one or more AP, LTE domains bag Wireless access part E-UTRAN and core net EPC are included, wherein E-UTRAN includes multiple eNodeB, and EPC includes HSS, MME (mobility management entity) and S-Gw (gateway), referring to Fig. 1 before by LTE and WLAN fusions, user is in WLAN and LTE two When switching between kind network, the interruption of business can be caused;And the WAAA and HAAA of credible WLAN access networks are connected with STa interfaces Connect, be attached WAAA the and HAAA interfaces of untrusted WLAN access networks with Wa interfaces, it then follows the access authentication association after improvement View realizes the secure communication in WLAN domains and LTE domains;Before LTE and WLAN fusions, when user switches between two kinds of networks, it can cause The interruption of business;Wlan network is accessed into LTE core network, after being merged with LTE, user is by accessing wlan network to LTE Network plays a part of shunting, can reach seamless switching, and business will not interrupt.
The present invention is a kind of method for realizing LTE-WLAN UNE access authentication agreements, referring to Fig. 2, is included following Two stages:
(1) parametric step is generated:It is symmetrical close using the generation of ECDH (Elliptic Curve Diffie Hellman) method Key, for the parameter for needing certification to be encrypted and decrypted, specifically in finite field FqOne elliptic curve equation E of upper definitionq, Point Q, HAAA are randomly selected on elliptic curve has public key UH=dH* Q, UE and HSS have shared key to (UE, dE), wherein UE =dE*Q。
(2) the UE authentication stage:Certification has certain randomness and promptness after starting, and each node is only passing Encryption is needed, it is necessary to generate key at random using ECDH methods when encrypting during defeated parameter, and it is easy to effectively prevent long-term storage key The problem of by attack, the key are to exchange both sides' negotiation in the case of not shared any secret by key to determine, security It is higher.
The concrete thought that access authentication method proposed by the present invention is realized is:Using ECDH (Elliptic Curve Diffie Hellman) method generation symmetric key, for encrypting and decrypting to node-node transmission parameter;The AP of access is encrypted, AP is verified in HAAA server ends, if inconsistent with the AP of access, disconnected;In order to prevent UE identity information Leakage, the interim ID for next certification UE is generated at UE ends;In order to prevent the various attacks in verification process, devise UE and AP's and UE and WAAA is mutually authenticated, and ensures the secure communication of each node.
Embodiment 2
Realize the method for LTE-WLAN UNE access authentication agreements with embodiment 1, wherein UE authentication stage In, authentication procedures include following steps:
(2a) user UE and access point AP establishes connection;
(2b) AP sends EAP-Identity Request message to UE;
(2c) UE generation random numbers rUEFor generating a temporary key KUH, for encrypting IMSI, the result after encryption is IDue, while UE generates cipher token (cryptographic token) CTue and is used for adding the AP identity of connection Close, UE sends EAP packets { IDue, CTue, RUEArrive AP;
EAP packets { IDue, CTue, the R that (2d) AP receives oneselfUEAnd the IDap of oneself be sent to via WAAA HAAA;
(2e) HAAA calculates KUH=dH*RUE, use KUHIMSI is decrypted from IDue, while is decrypted from CTue IDap, verifies whether consistent with the IDap received from AP, is disconnected if inconsistent.IMSI is sent to HSS and please by HAAA Seek survival into Ciphering Key AV;
Whether (2f) HSS checkings IMSI is legal, if legal HSS generates a random number rHFor calculating Khu, generation is random Number Rh includes XRES, CK, IK, nIDue, CTh and MACh for generating Ciphering Key AV, AV, then sends out AV via HAAA It is sent to WAAA;
The XRES that (2g) WAAA storages receive, MSK is then calculated, and { Rh, MACh, CTh } is sent to UE via AP;
(2h) UE decrypts Rh from CTh, verifies whether equal with the Rh received from WAAA, and UE calculates CK, IK afterwards, NIDue, MSK, and calculate MACh and with what is received from WAAA verify, and then UE calculates RES and MACu and passed through WAAA is sent to by AP;
(2i) WAAA verifies to the MACu received, and checks whether the RES received is equal with the XRES stored before, Certification success message EAP-Success and EMSK to AP is sent if equal, so far, UE and WAAA's is mutually authenticated completion;
(2j) AP oneself ID and UE public keys RUEKa is calculated to decrypt EMSK for being authenticated UE;
(2k) AP is switched to authentication port to sending certification success message EAP-Success to UE after UE certifications success, Certification is completed and allows UE to access network.
IMSI is not sent with clear-text way in the present invention, invisible to attacker, and the interim ID for certification next time is not Send, but independently generated by UE and HSS in form of a message, be effectively protected user identity;Mutually recognized each other between each node Card, it is ensured that send the correctness of message.The generation of each key and the selection of random number effectively prevent man-in-the-middle attack, The various malicious attacks such as Replay Attack.
Embodiment 3
The methods of LTE-WLAN UNE access authentication agreements is realized with embodiment 1-2, the IDue in step (2c) is The interim ID of current UE, is kUHResult after being encrypted to IMSI, it is calculated as follows shown:
RUE=rUE*UE RUE'=rUE*UH
kUH=dE*RUE'
IDue={ IMSI } _ kUH
Wherein (UE, dE) be UE and HSS shared key pair, rUEIt is the random number of user UE generations, for generating at random Symmetric key RUEAnd RUE', for key kUHGeneration, kUHFor encryption key, for IMSI to be encrypted.
Embodiment 4
The methods of LTE-WLAN UNE access authentication agreements is realized with embodiment 1-3, the certification in step (2f) to Amount AV includes XRES, CK, IK, nIDue, CTh and MACh, and their calculating difference is as follows:
RH=rH*UH RH'=rH*UE
XRES=f2 (Khu,Rh)
CK=f3 (K, Rh)
IK=f4 (Khu,Rh)
NIDue=FKhu(K,Rh)
CTh={ Rh}_Khu
MACh=f1 (IK, nIDue, Rh)
Wherein XRES is expected response, and CK is encryption key, and IK is Integrity Key, and nIDue is the interim of next UE ID, for the certification of UE next time, CTh is to RhThe cipher token of encryption, f1, f2 are message authentication functions, and f3, f4 are keys Generating function.
Series of parameters in Ciphering Key AV is by random number RhWith corresponding key input message authentication function or Derived in key-function, each parameter has certain randomness, is not easy to be attacked, security is higher.
Embodiment 5
The methods of LTE-WLAN UNE access authentication agreements is realized with embodiment 1-4, MSK in step (2g) of the present invention Be calculated as follows shown in formula:
MSK=H (PRF (CK, IK, IDue))
Wherein PRF is pseudo-random function so that generation key MSK has certain randomness, is not easy to be cracked, H () is Hash encryption function based on SHA-256, compares higher with MD5 algorithm securities, and by CK, IK, IDue export letter as key Several inputs, MSK is exported, for certifications of the UE to WAAA.
Embodiment 6
The methods of LTE-WLAN UNE access authentication agreements is realized with embodiment 1-5, RES and MACu in step (2h) Be calculated as follows shown in formula:
RES=f2 (Khu, Rh)
MACu=f1 (IK, RES, Rh)
Wherein, whether RES is expected response, equal with the XRES in step (2f) for verifying, if unequal, is disconnected Connection, it is ensured that detect the change either attacker of parameter as early as possible in verification process;F1, f2 are message authentication functions, are protected Card user is not easily susceptible to various attacks in certification.
Embodiment 7
The methods of LTE-WLAN UNE access authentication agreements is realized with embodiment 1-6, EMSK is to use in step (2i) Being calculated as follows for encryptions of the key Kw to MSK, Kw and EMSK is shown:
Kw=f5 (IDap, UE)
EMSK={ MSK } _ Kw
Wherein f5 is key-function, by access point AP IDap and shared key UEIt is defeated as the input of the function Go out for key Kw, then encrypt export EMSK to MSK with Kw and complete checkings of the WAAA to UE, with step (2g) realize jointly UE with WAAA's is mutually authenticated.
A detailed certification example is given below, the present invention is further described.
Embodiment 8
Realize the method for LTE-WLAN UNE access authentication agreements with embodiment 1-2.
The present invention is carried out on LTE-WLAN UNE frameworks, referring to Fig. 1, LTE-WLAN UNE framework bags The part of UE, AP, WAAA, HAAA and HSS five is included, wherein WAAA and HAAA servers play the part of bridging nodes in WLAN and LTE domains Role, by STa or Wa interfaces connect WAAA and HAAA realize access authentication.LTE radio network portion is evolution UMTS Grounding wireless access network E-UTRAN, it is made up of enode eNodeB.Core net EPC (Evolved Packet Core) includes HSS, MME (Mobility Management Entity) and gateway S-GW, whole system are defined as evolution packet system Unite (Evolved Packet System).In a WLAN domain, WAAA server controls one or more AP.
Referring to Fig. 2, the present invention is the realization based on LTE-WLAN UNE framework access authentication agreements, and in Fig. 1 Carry out, specifically comprise the following steps on shown UNE framework:
Step 1, user UE and access point AP establishes connection.
Step 2, AP sends EAP-Identity Request message to UE.
Step 3, UE sends { IDue, CTue, RUEAP is arrived, specific implementation step is as follows:
3a) UE generates random number rUE, for calculating IDue, protect IMSI not sent with clear-text way, IDue calculating is such as Shown in following formula:
RUE=rUE*UE RUE'=rUE*UH
kUH=dE*RUE'
IDue={ IMSI } _ kUH
3b) UE regenerates the AP bodies that cipher token (cryptographic token) CTue is used to connect selection Part is encrypted.
Step 4, EAP packets { IDue, CTue, the R that AP receives oneselfUEAnd the ID identity IDap of oneself pass through oneself Unverified port send, be sent to HAAA via WAAA.
Step 5, HAAA sends IMSI to HSS, and asks generation Ciphering Key AV to HSS.It is as follows to implement step:
5a) HAAA calculates KUH=dH*RUE, use KUHDecrypt IDue and obtain IMSI;
5b) HAAA decrypts IDap from from CTue, verifies whether with receiving consistent, the disconnection company if inconsistent from AP Connect.
Step 6, after HSS verifies UE identity, Ciphering Key AV is generated, it is sent to WAAA via HAAA.It is specific real Existing step is as follows:
6a) HSS verifies whether IMSI is legal, if allows UE to access network, if IMSI is legal, performs 6b), do not conform to rule Disconnect;
6b) HSS generates a random number rHFor calculating Khu, for generating XRES, IK and CTh is encrypted.Khu meter Calculate as shown in following formula:
RH=rH*UH RH'=rH*UE
Khu=dH*RH'
6c) HSS generates random number R h and is used to generating Ciphering Key AV, wherein AV include XRES, CK, IK, nIDue, CTh and MACh, wherein nIDue are used for next certification, do not send, are independently generated by UE and HSS in form of a message.AV calculating such as with Shown in lower formula:
XRES=f2 (Khu,Rh)
CK=f3 (K, Rh)
IK=f4 (Khu,Rh)
NIDue=FKhu(K,Rh)
CTh={ Rh}_Khu
MACh=f1 (IK, nIDue, Rh)
Wherein XRES is expected response, and CK is encryption key, and IK is Integrity Key, and nIDue is the interim of next UE ID, for the certification for user UE next time, CTh is to RhThe cipher token of encryption, f1, f2 are message authentication functions, f3, F4 is key-function.
Step 7, the XRES that WAAA storages receive, MSK is then calculated, and { Rh, MACh, CTh } is sent to via AP UE.MSK's is calculated as follows shown in formula:
MSK=H (PRF (CK, IK, IDue))
Wherein PRF is pseudo-random function, and H () is the hash function based on SHA-256, and by CK, IK, IDue is led as key Go out the input of function, export MSK.
Step 8, UE verifies Rh, after MACh successes, calculates RES and MACu and it is sent into WAAA via AP.Specifically Step is as follows:
8a) UE decrypts Rh from CTh, see it is whether consistent with the Rh received from WAAA, it is inconsistent, disconnect;
8b) UE calculates CK, IK, nIDue and MSK with the Rh received;
8c) UE calculates MACh and verifies whether and received from WAAA consistent, is disconnected if inconsistent;
8d) UE calculates WAAA to be sent to RES and MACu, as shown in following formula:
RES=f2 (Khu, Rh)
MACu=f1 (IK, RES, Rh)
Step 9, WAAA verifies to the MACu received from UE, and checks whether the RES received is equal with XRES, if phase It is shown Deng being calculated as follows for then transmission certification success message EAP-Success and EMSK to AP, Kw and EMSK:
Kw=f5 (IDap, UE)
EMSK={ MSK } _ Kw
Wherein f5 is key-function.
Step 10, AP calculates Ka with oneself ID and UE public keys and EMSK decryption is authenticated to UE.
Step 11, AP sends certification success message EAP-Success to UE, AP and is switched to certification end from non-authentication port Mouthful.UE is allowed to access network after the completion of certification.
In summary, a kind of method for realizing LTE-WLAN UNE access authentication agreements disclosed by the invention, mainly Solve present in prior art some leaks for easily allowing attacker to attack, and being mutually authenticated between each node.This hair Bright concrete thought is:Using ECDH (Elliptic Curve Diffie Hellman) method generate symmetric key, for pair Node-node transmission parameter is encrypted and decryption;The AP of access is encrypted, AP verified in HAAA server ends, if the AP with access It is inconsistent, then disconnect;In order to prevent UE identity information leakage, the interim ID for next certification UE is generated at UE ends; In order to prevent the various attacks in verification process, being mutually authenticated for UE and AP and UE and WAAA is devised.IMSI in the present invention Invisible to attacker, IDue is not sent in form of a message, but is independently generated by UE and HSS, so as to be effectively protected User identity, the generation of each key and the selection of random number effectively prevent various malicious attacks.The present invention is worked Cheng Zhongneng detects the change of transmission data as early as possible, authentication time delay and bandwidth consumption is reduced, for user in UNE Secure accessing.
Above description is only example of the present invention, does not form any limitation of the invention, is not being departed from In the case of the principle of the invention, the various modifications and variations in form and details can be carried out to this example, but these are based on The modifications and variations of inventive concept are still within the claims of the present invention.

Claims (7)

  1. A kind of 1. method for realizing LTE-WLAN UNE access authentication agreements, it is characterised in that include following two ranks Section:
    (1) parametric step is generated:Symmetric key is generated using ECDH methods, for the parameter for needing certification to be encrypted and decrypted, Specifically in finite field FqOne elliptic curve equation E of upper definitionq, point Q, HAAA are randomly selected on elliptic curve has public key UH=dH* Q, UE and HSS have shared key to (UE, dE), wherein UE=dE*Q;
    (2) the UE authentication stage:Certification starts rear each node needs encryption, it is necessary to be adopted when encrypting only in configured transmission Key is generated at random with ECDH methods, and the key is consulted really in the case of not shared any secret by key exchange both sides It is fixed.
  2. 2. the method according to claim 1 for realizing LTE-WLAN UNE access authentication agreements, it is characterised in that body Part verification process includes following steps:
    (2a) UE, AP establish connection;
    (2b) AP sends EAP-Identity Request message to UE;
    (2c) UE generation random numbers rUEFor generating a temporary key KUH, for encrypting IMSI, the result after encryption is IDue, UE generates a cipher token CTue and is used for that the AP identity of connection is encrypted simultaneously, UE transmission EAP packets IDue, CTue, RUEArrive AP;
    EAP packets { IDue, CTue, the R that (2d) AP receives oneselfUEAnd the IDap of oneself be sent to HAAA via WAAA;
    (2e) HAAA calculates KUH=dH*RUE, use KUHIMSI is decrypted from IDue, while IDap is decrypted from CTue, is tested Whether card is consistent with the IDap received from AP, is disconnected if inconsistent.IMSI is sent to HSS and asks generation to be recognized by HAAA Syndrome vector AV;
    Whether (2f) HSS checkings IMSI is legal, if legal HSS generates a random number rHFor calculating Khu, generation random number R h Include XRES, CK, IK, nIDue, CTh and MACh for generating Ciphering Key AV, AV, be then sent to AV via HAAA WAAA;
    The XRES that (2g) WAAA storages receive, MSK is then calculated, and { Rh, MACh, CTh } is sent to UE via AP;
    (2h) UE decrypts Rh from CTh, verifies whether equal with the Rh received from WAAA, and UE calculates CK, IK afterwards, NIDue, MSK, and calculate MACh and with what is received from WAAA verify, and then UE calculates RES and MACu and passed through WAAA is sent to by AP;
    (2i) WAAA verifies to the MACu received, and checks whether the RES received is equal with the XRES stored before, if phase Deng then sending certification success message EAP-Success and EMSK to AP, so far, UE and WAAA's is mutually authenticated completion;
    (2j) AP oneself ID and UE public keys RUEKa is calculated to decrypt EMSK for being authenticated UE;
    (2k) AP is switched to authentication port to sending certification success message EAP-Success to UE after UE certifications success, certification Complete and allow UE to access network.
  3. 3. a kind of method for realizing LTE-WLAN UNE access authentication agreements according to claim 2, its feature exist In the IDue in step (2c) is the interim ID of current UE, is kUHResult after being encrypted to IMSI, it is calculated as follows shown:
    RUE=rUE*UE RUE'=rUE*UH
    kUH=dE*RUE'
    IDue={ IMSI } _ kUH
    Wherein kUHFor encryption key.
  4. 4. a kind of method for realizing LTE-WLAN UNE access authentication agreements according to claim 2, its feature exist In the Ciphering Key AV in step (2f) includes XRES, CK, IK, nIDue, CTh and MACh, and following institute is distinguished in their calculating Show:
    RH=rH*UH RH'=rH*UE
    XRES=f2 (Khu,Rh)
    CK=f3 (K, Rh)
    IK=f4 (Khu,Rh)
    NIDue=FKhu(K,Rh)
    CTh={ Rh}_Khu
    MACh=f1 (IK, nIDue, Rh)
    Wherein XRES is expected response, and CK is encryption key, and IK is Integrity Key, and nIDue is next UE interim ID, is used In verification process next time, CTh is to RhThe cipher token of encryption, f1, f2 are message authentication functions, and f3, f4 are key generations Function.
  5. 5. a kind of method for realizing LTE-WLAN UNE access authentication agreements according to claim 2, its feature exist In MSK's is calculated as follows shown in formula in step (2g):
    MSK=H (PRF (CK, IK, IDue))
    Wherein PRF is pseudo-random function, and H () is the hash function based on SHA-256, and CK, IK, IDue are exported into letter as key Several inputs, export MSK.
  6. 6. a kind of method for realizing LTE-WLAN UNE access authentication agreements according to claim 2, its feature exist In in step (2h) shown in being calculated as follows of RES and MACu:
    RES=f2 (Khu, Rh)
    MACu=f1 (IK, RES, Rh)。
  7. 7. a kind of method for realizing LTE-WLAN UNE access authentication agreements according to claim 2, its feature exist In EMSK is the encryption with Kw to MSK in step (2i), shown in being calculated as follows of Kw and EMSK:
    Kw=f5 (IDap, UE)
    EMSK={ MSK } _ Kw
    Wherein f5 is key-function.
CN201710556814.7A 2017-07-10 2017-07-10 Method for realizing L TE-W L AN fusion network access authentication protocol Active CN107342860B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710556814.7A CN107342860B (en) 2017-07-10 2017-07-10 Method for realizing L TE-W L AN fusion network access authentication protocol

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710556814.7A CN107342860B (en) 2017-07-10 2017-07-10 Method for realizing L TE-W L AN fusion network access authentication protocol

Publications (2)

Publication Number Publication Date
CN107342860A true CN107342860A (en) 2017-11-10
CN107342860B CN107342860B (en) 2020-07-14

Family

ID=60219010

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710556814.7A Active CN107342860B (en) 2017-07-10 2017-07-10 Method for realizing L TE-W L AN fusion network access authentication protocol

Country Status (1)

Country Link
CN (1) CN107342860B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108289313A (en) * 2017-12-04 2018-07-17 天津津航计算技术研究所 A kind of onboard wireless design method of compatible WLAN and LTE
CN109495889A (en) * 2018-12-20 2019-03-19 中山大学新华学院 Heterogeneous mobile network access control method based on mutual confidence-building mechanism

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101442522A (en) * 2008-12-25 2009-05-27 中国电子科技集团公司第五十四研究所 Identification authentication method for communication entity based on combined public key
CN101616410A (en) * 2009-06-25 2009-12-30 中兴通讯股份有限公司 A kind of cut-in method of cellular mobile communication networks and system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101442522A (en) * 2008-12-25 2009-05-27 中国电子科技集团公司第五十四研究所 Identification authentication method for communication entity based on combined public key
CN101616410A (en) * 2009-06-25 2009-12-30 中兴通讯股份有限公司 A kind of cut-in method of cellular mobile communication networks and system

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108289313A (en) * 2017-12-04 2018-07-17 天津津航计算技术研究所 A kind of onboard wireless design method of compatible WLAN and LTE
CN109495889A (en) * 2018-12-20 2019-03-19 中山大学新华学院 Heterogeneous mobile network access control method based on mutual confidence-building mechanism
CN109495889B (en) * 2018-12-20 2022-01-04 中山大学新华学院 Heterogeneous mobile network access control method based on mutual trust mechanism

Also Published As

Publication number Publication date
CN107342860B (en) 2020-07-14

Similar Documents

Publication Publication Date Title
US10931445B2 (en) Method and system for session key generation with diffie-hellman procedure
Cao et al. CPPHA: Capability-based privacy-protection handover authentication mechanism for SDN-based 5G HetNets
CN107196920B (en) A kind of key generation distribution method towards wireless communication system
EP2296392A1 (en) Authentication method, re-certification method and communication device
CN109104727A (en) One kind is based on authorizing procedure safety Enhancement Method between the core network element of EAP-AKA '
CN107820239A (en) Information processing method and device
CN106714152A (en) Secret key distribution and reception methods, first secret key management center, and first network element
Arkko et al. A USIM compatible 5G AKA protocol with perfect forward secrecy
Nashwan SAK-AKA: A Secure Anonymity Key of Authentication and Key Agreement protocol for LTE network.
Fu et al. Fast and secure handover authentication scheme based on ticket for WiMAX and WiFi heterogeneous networks
Irshad et al. SUSIC: A secure user access control mechanism for SDN-enabled IIoT and cyber–physical systems
Elbouabidi et al. An efficient design and validation technique for secure handover between 3GPP LTE and WLANs systems
Mobarhan et al. REPS-AKA3: A secure authentication and re-authentication protocol for LTE networks
Wang et al. Security analysis and improvements on WLANs
CN106992866A (en) It is a kind of based on wireless network access methods of the NFC without certificate verification
Mathi et al. Prevention of desynchronization attack in 4G LTE networks using double authentication scheme
CN110012467A (en) The packet authentication method of narrowband Internet of Things
CN107342860A (en) A kind of method for realizing LTE WLAN UNE access authentication agreements
Abdeljebbar et al. Security analysis of LTE/SAE networks over E-UTRAN
Dey et al. An efficient dynamic key based eap authentication framework for future ieee 802.1 x wireless lans
Moroz et al. Methods for ensuring data security in mobile standards
Kumar et al. A secure, efficient and lightweight user authentication scheme for wireless LAN
Patkar et al. Secure 3GPP-WLAN authentication protocol based on EAP-AKA
Abdrabou et al. Security enhancement for LTE authentication protocol (EPS-AKA)
Singh et al. Security analysis of lte/sae networks with the possibilities of tampering e-utran on ns3

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant