Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

A method for realizing LTE-WLAN converged network access authentication protocol

An access authentication and converged network technology, which is applied in the field of network convergence and realizes the LTE-WLAN converged network access authentication protocol, and can solve the problems of failing to implement mutual authentication between UE and home network, being vulnerable to man-in-the-middle attacks, and being vulnerable to attacks, etc. Achieve the effect of protecting user identity, reducing bandwidth consumption, and ensuring correctness

Active Publication Date: 2020-07-14
XIDIAN UNIV
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, this protocol does not realize the mutual authentication between UE and home network, because the user's response authentication is completed by WLANAAA
[0006] Among the above-mentioned access authentication protocols, the full-EAP-AKA protocol proposed by Kumar et al. needs to continuously upgrade the equipment due to the iterative generation of authentication vectors by the AP itself, which is too costly and requires a large amount of computing power; Yu, Binbin et al. In the modified EAP-AKA protocol, the response message sent by the UE is sent in plain text, which is vulnerable to man-in-the-middle attacks; the EAP-FAKA protocol proposed by Idrissi et al. has high security, but this protocol does not realize mutual authentication between the UE and the home network. Just a one-way authentication, vulnerable to attack

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method for realizing LTE-WLAN converged network access authentication protocol
  • A method for realizing LTE-WLAN converged network access authentication protocol

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0018] With the rapid development of the mobile Internet and the explosive growth of mobile data traffic, the integration of LTE and WLAN networks has become a research hotspot at this stage. At this stage, when users switch between WLAN and LTE networks, services will be interrupted, and WLAN access After the integration of the LTE core network and the LTE network, users will realize seamless switching between networks without service interruption, and WLAN can also play a role in offloading traffic. In the converged network, user access authentication is the premise. Existing authentication needs to continuously upgrade equipment, the cost is too high, and a large amount of computing power is required; some EAP-AKA protocols are also vulnerable to man-in-the-middle attacks, and UE Mutual authentication with the home network is only a one-way authentication, which is vulnerable to attacks. Aiming at the present technical situation, the present invention proposes a more effici...

Embodiment 2

[0025] The method for realizing the LTE-WLAN converged network access authentication protocol is the same as in embodiment 1, wherein in the identity authentication phase of the UE, the identity authentication process includes the following steps:

[0026] (2a) The user UE establishes a connection with the access point AP;

[0027] (2b) The AP sends an EAP-Identity Request message to the UE;

[0028] (2c) UE generates random number r UE Used to generate a temporary key K UH , used to encrypt the IMSI, the encrypted result is IDue, and the UE generates a cryptographic token (cryptographic token) CTue ​​to encrypt the identity of the connected AP, and the UE sends the EAP data packet {IDue, CTue, R UE} to AP;

[0029] (2d) The AP sends the received EAP packet {IDue, CTue, R UE} and own IDap are sent to HAAA via WAAA;

[0030] (2e) HAAA calculates K UH = d H *R UE , with K UH Decrypt the IMSI from the IDue, and decrypt the IDap from the CTue ​​at the same time, verify wh...

Embodiment 3

[0039] The method for realizing the LTE-WLAN converged network access authentication protocol is the same as in embodiment 1-2, and IDue in step (2c) is the temporary ID of the current UE, which is k UH The result of encrypting the IMSI is calculated as follows:

[0040] R UE = r UE * U E R UE '=r UE * U H

[0041] k UH =dE*R UE '

[0042] IDue={IMSI}_k UH

[0043] where (U E , d E) is the shared key pair of UE and HSS, r UE is a random number generated by the user UE, which is used to randomly generate the symmetric key R UE and R UE ’, for key k UH generation of k UH It is the encryption key used to encrypt the IMSI.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a method for realizing an LTE-WLAN converged network access authentication protocol. The problem that vulnerabilities are easy to attack in the prior art is solved, and mutual authentication among nodes is realized. The method includes the following steps: generating a symmetric key through an ECDH method to encrypt and decrypt node transmission parameters; encrypting an access point AP, verifying the AP at a HAAA server, and breaking the connection if there is inconsistency with the AP; in order to prevent the disclosure of the identity information of UE, generating a temporary ID used to authenticate the UE next time at the UE; and in order to prevent various attacks in the authentication process, designing mutual authentication between the UE and the AP and mutual authentication between the UE and WAAA. According to the invention, IMSI is invisible to attackers, the temporary ID is not sent in the form of message and is generated independently by UE and HSS, the user identity is protected, and various malicious attacks are prevented through generation of keys and selection of random numbers. The change in transmitted data can be detected as soon as possible during work. The authentication delay and bandwidth consumption are reduced. The method is used in secure access of a user to a converged network.

Description

technical field [0001] The invention belongs to the technical field of communication, and further relates to network fusion, in particular to a method for realizing an LTE-WLAN fusion network access authentication protocol. The invention can be used for access authentication when users switch under the LTE-WLAN network architecture, can effectively resist various attacks, and simultaneously reduces authentication time delay and bandwidth consumption. Background technique [0002] With the development of mobile Internet, LTE and WLAN are currently the first choice for users to access the network. LTE has flexible mobility and wide coverage, but high cost; WLAN has high data transmission rate and low cost, but poor mobile flexibility. WLAN and LTE Abundant bandwidth forms a powerful complement, and the integration of these two networks provides better services for users and operators. Access authentication is the prerequisite for users to access the wireless network. Various ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/08H04L9/30H04W12/02H04W12/04H04W12/08H04W84/12
CPCH04L9/085H04L9/0861H04L9/0869H04L9/3066H04W12/02H04W12/04H04W12/08H04W84/12
Inventor 刘乃安赵雅琴
Owner XIDIAN UNIV
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com