| Heterogeneous wireless convergence networks have been the trend for the future wireless communication network. Authentication is the primary considered issue in network security, and is the basis of achieving applicable of the heterogeneous wireless convergence networks. Hence, it is significant to research the authentication security problem about heterogeneous wireless convergence networks in this thesis. The main works are as the following:Firstly, the demanding security of multi-mode terminal is higher than the other terminals in heterogeneous wireless convergence networks. The security of user domain is more and more important. A mutual authentication scheme between user, trusted multi-mode terminal and Subscriber Identity Module is proposed by using the Mobile Trusted Module(MTM) to realize the trust of multi-mode terminal, and by combining the user's password, the user's fingerprint, Subscriber Identity Module, symmetrical and Combined Public Key(CPK). By formal analysis, the user identity and trusted multi-mode terminal authentication can be solved. CPK can use a quite small number of seed keys to produce a very large key space, compute and verify public key directly, which can realize offline authentication of entity.Secondly, aiming at the security access for user to heterogeneous wireless convergence networks, an access authentication model based on certificated-based is proposed. The new security demands of heterogeneous wireless convergence networks are considered: the mutual authentication between terminal and access network, the mutual authentication between access network and homework network, the user anonymity and privacy protection, non-repudiation of the user accepting services, public certificate transmission and verification in wireless link. An implemental protocol of authentication and key agreement is designed by the modularized method of the CK model. It also proves that the proposed protocol satisfy the definition of Session Key secure defined in the CK model. Security analysis shows that the proposed protocol has more secure attribute. An improved ECIES algorithm is presented to enhance the efficiency of the designed protocol. A fast re-authentication protocol, which aims at user frequently access the same access network is presented in this thesis.Thirdly, the thesis introduces the Combined Public Key (CPK) into the heterogeneous wireless convergence networks access authentication model, which meets the above security attribute and solves the transmitting and verifying the public certificate of authentication server. An improved ECDH algorithm is proposed to avoid the risk of ephemeral key compromise. An implemental protocol of authentication and key agreement is designed by CK model. A novel symmetrical algorithm and random number based MT-authenticator is presented in order to convert the protocol of AM to the same security protocol of UM. A fast re-authentication protocol, which aims at user frequently access the same access network is presented in this thesis.Finally, a fast inter-domain handover authentication scheme, which combines context transfer, fast handover and CPK, is proposed to solve the handover authentication of the heterogeneous wireless convergence networks. It realizes fast handover authentication when terminal is far from home network and frequently vertical handover between access networks. The scheme realizes in advance the concurrent execution of the full authentication and home registration by fast handover mechanism. It also realizes mutual authentication between terminal and post-handover network by context transfer mechanism, which can transfer authentication message between post-handover and pre-handover network, and can eliminate the transport latency of access authentication. It uses CPK to realize the mutual authentication between pre-handover and post-handover network, and realize secure context transfer.
|
PDF Full Text Request