Security and Efficiency Enhanced Authentication Scheme Based on Self-Updated Hash Chain for Train-Ground Communication
ZHANG Wenfang1,2, SUN Haifeng1, WANG Yu1, LIN Wei2, WANG Xiaomin1
1. School of Information Science and Technology,Southwest Jiaotong University,Chengdu 610031,China; 2. Center of National Railway Intelligent Transportation System Engineering and Technology,China Academy of Railway Sciences Co. Ltd.,Beijing 100801,China
Abstract:Aiming at the special requirement of security and real-time performance in next generation high-speed railway wireless communication system,long term evolution-railway (LTE-R),a security and efficiency enhanced train-ground authentication scheme based on self-updated hash chain is proposed. In the scheme,the master key of home subscriber sever (HSS) is used for encrypting the anonymous variable temporary identity (TID) of the on-board unity (OBU) so as to protect the privacy of OBU and resist the desynchronization attack. In order to realize efficient mutual authentication between the train and the service network,hash chains are used to replace the authentication vectors,and the local updating of hash chains can avoid restarting the full-authentication protocol caused by exhaustion of authentication vectors. Moreover,by using the identity ticket issued by the mobility management entity (MME),seamless handover-authentication can be realized in coordination with base stations. Security and performance analysis shows that compared with the long term evolution (LTE) standard protocols under the same condition,the computation cost of the proposed full-authentication protocol,re-authentication protocol and handover-authentication protocol is reduced by 41.67%, 44.44%,and 45.45% respectively,and the traffic is reduced by 62.11%,50.91%,and 84.91% respectively,which can meet the security and real-time requirements of LTE-R network.
张文芳, 孙海锋, 王宇, 蔺伟, 王小敏. 基于自更新哈希链的安全高效车-地鉴权方案[J]. 西南交通大学学报, 2020, 55(6): 1171-1180,1206.
ZHANG Wenfang, SUN Haifeng, WANG Yu, LIN Wei, WANG Xiaomin. Security and Efficiency Enhanced Authentication Scheme Based on Self-Updated Hash Chain for Train-Ground Communication. Journal of SouthWest JiaoTong University, 2020, 55(6): 1171-1180,1206.
The 3rd Generation Partnership Project. 3GPP system architecture evolution (SAE);security architecture:3GPP TS 33.401 V12.5.0[S]. Valbonne:3GPP Organizational Partners,2012.
[2]
CAO J, MA M, LI H. A survey on security aspects for LTE & LTE-A networks[J]. IEEE Communications Surveys and Tutorials, 2014, 16(1): 283-302
[3]
ABDRABOU M A,ELBAYOUMY A D E,El-WANIS E A. LTE authentication protocol (EPS-AKA) weaknesses solution[C]//2015 IEEE Seventh International Conference on Intelligent Computing and Information Systems. Cairo: IEEE,2015: 434-441.
[4]
ABDELJEBBAR M,ELKOUCH R. Security analysis of LTE/SAE networks over E-UTRAN[C]//2016 International Conference on Information Technology for Organizations Development (IT4OD). Fez: IEEE,2016: 1-5.
[5]
ALEZABI K A,HASHIM F,HASHIM S J,et al. An efficient authentication and key agreement protocol for 4G (LTE) networks[C]//IEEE REGION 10 SYMPOSIUM. Kuala Lumpur: IEEE,2014: 502-507.
[6]
KIM S,CHOI J Y,JEONG J. On authentication signaling costs in hierarchical LTE networks[C]//IEEE 7th International Conference on Ubi-Media Computing and Workshops. Ulaanbaatar: IEEE,2014: 11-16.
[7]
LI Jinguo, WEN Mi, ZHANG Tao. Group-based authentication and key agreement with dynamic policy updating for MTC in LTE-A networks[J]. IEEE Internet of Things Journal, 2016, 3(3): 408-417
[8]
HUAN C K. Security analysis and enhancements in LTE-advanced networks[D]. Seoul:Sungkyunkwan University,2011.
[9]
HAMANDI K,SARJI I,CHEHAB A,et al. Privacy enhanced and computationally efficient HSK-AKA LTE scheme[C]//IEEE 27th International Conference on Advanced Information Networking and Applications Workshops (WAINA). Barcelona: IEEE,2013: 929-934.
[10]
DEGEFA F B, LEE D, KIM J, et al. Performance and security enhanced authentication and key agreement protocol for SAE/LTE network[J]. Computer Networks, 2016, 94(15): 145-163
[11]
LI Xiehua,WANG Yongjun. Security enhanced authentication and key agreement protocol for LTE/SAE network[C]//2011 7th International Conference on Wireless Communications,Networking and Mobile Computing. Wuhan: IEEE,2011: 1-4.
[12]
DENG Yaping,FU Hong,XIE Xianzhong,et al. A novel 3GPP SAE authentication and key agreement protocol[C]//IEEE International Conference on Network Infrastructure & Digital Content. Beijing: IEEE,2009: 557-561.
[13]
FANG Jiexiang,JIANG Rui. An analysis and improvement of 3GPP SAE AKA protocol based on strand space model[C]//2010 International Conference on Network Infrastructure and Digital Content (IC-NIDC). Beijing: IEEE, 2010: 789-793.
[14]
QIU Y, MA M, WANG X. A proxy signature-based handover authentication scheme for LTE wireless networks[J]. Journal of Network and Computer Applications, 2017, 83(4): 63-71
[15]
PRASAD M, MANOHARAN R. A robust secure DS-AKA with mutual authentication for LTE-A[J]. Applied Mathematical Sciences, 2015, 9(4): 2337-2349
[16]
姚洪磊,张彦,周泽岩. 基于PKI/CA技术的铁路身份认证体系[J]. 中南大学学报(自然科学版),2013,44(1): 356-361YAO Honglei, ZHANG Yan, ZHOU Zeyan. Planning and constructing of PKI/CA certification system of railway industry[J]. Journal of Central South University (Science and Technology), 2013, 44(1): 356-361
[17]
GAO Tingting,SUN Bin. A high-speed railway mobile communication system based on LTE[C]//International Conference on Electronics & Information Engineering. Kyoto: IEEE,2010: 414-417.
[18]
HE Ruisi, AI Bo. High-speed railway communications:from GSM-R to LTE-R[J]. IEEE Vehicular Technology Magazine, 2016, 11(3): 49-58
[19]
LAMPORT L. Password authentication with insecure communication[J]. Communications of the ACM, 1981, 24(24): 770-772
[20]
白媛,王倩,贾其兰,等. 一种高效安全的EPS AKA协议[J]. 北京邮电大学学报,2015,38(1): 10-14BAI Yuan, WANG Qian, JIA Qilan, et al. An efficient and secured AKA for EPS networks[J]. Journal of Beijing University of Posts and Telecommunications, 2015, 38(1): 10-14
[21]
CAO Jin, LI Hui, MA M, et al. A simple and robust handover authentication between HeNB and eNB in LTE networks[J]. Computer Networks, 2012, 56(8): 2119-2131