Heterogeneous wireless network secure access authentication method based on identity self-confirmation

Abstract

The invention discloses a heterogeneous wireless network secure access authentication method based on identity self-confirmation, mainly aiming at solving the problems of low switching efficiency, high on-line computing quantity and high storage expense of heterogeneous wireless network secure access authentication in the prior art. The method comprises the steps of: 1) system initialization setup, establishing system parameters; 2) using a mobile terminal (MT) to send access authentication vector Auth1 to a target network (VN); 3) using the target network (VN) to send access authentication vector Auth2 to the mobile terminal (MT); 4) using the mobile terminal (MT) to send access authentication vector Auth3 to the target network (VN), using the VN to test and verify the identity of the MT, and calculating a session key (K); and 5) using the target network (VN) to send access authentication vector Auth4 to the mobile terminal (MT), using the MT to test and verify the network identity of the VN, calculating the session key (K), and completing two-way authentication. The method has the advantages of low communication overhead and high safety, and can be applied to the heterogeneous wireless network secure access field with higher requirements for switching time delay, QoS, on-line computing quantity, the storage expense and access safety.

Description

technical field [0001] The invention belongs to the technical field of wireless network communication, relates to a two-way authentication method, and is mainly applied to the field of heterogeneous network access with high requirements on switching delay, QoS, online calculation amount, storage overhead and access security. Background technique [0002] One of the main features of the next generation wireless communication network system is to integrate various heterogeneous wireless access technologies to provide users with seamless network access services anytime and anywhere. Typical access technologies include 3G, WLAN, WMN, WiMax, and WSN. Each network has its own access authentication technology, such as the SIM mechanism of the GSM network and the AKA mechanism of the 3G network. 3GPP has proposed 3GPP-WLAN interconnection architecture, which adopts EAP-AKA access authentication protocol. But for all heterogeneous access networks, there is no general access authent...

AI Technical Summary

Problems solved by technology

[0005] 1. The symmetric cryptosystem has poor scalability and cannot provide non-repudiation function

[0006] 2. Identity-based schemes (Identity-based schemes) are easy to leak user identities and make users be tracked, and are vulnerable to fake base station attacks

[0007] 3. Authentication based on trusted third parties (TTP-based schemes) When the user roams to a remote network, the distance between the user's access network and the home network is far away, and the transmission of the authentication vector will increase the network load.

[0008] 4. For certificate-based schemes or public key infrastructure (PKI) authentication protocols, when the access network and the user do not know each other's public key, both parties must transmit the public key certificate through a wireless channel with limited resources and carry out Verification, which seriously increases the network load, calculation burden and transmission delay

[0009] 5. It is difficult to achieve two-way authentication of users and networks on a peer-to-peer basis

[0012] 2. There are redirection attacks

However, the current self-verifying public key-based authentication scheme PKBP / SPAKA proposed in the 3G network uses a trusted CA (Certificate Authority) to connect to access networks in different regions. The public and private keys of users are issued by the CA, which is not fully utilized. Advantages of Self-Verifying Public Keys

On the other hand, due to the large amount of data to be transmitted during the authentication process and the increase in online calculations, PKBP / SPAKA is not only inefficient compared to traditional symmetric encryption schemes, but also has a large storage space.

Images