| With the development of technologies of wireless communication, mobile communication systems have gone through the 1st generation (1G), 2nd generation (2G) and 3rd generation (3G) systems and evolve into the 4th generation (4G) system step by step. The coming 4G wireless systems focus on seamlessly integrating the existing wireless technologies and providing fast and pervasive access and service for mobile user, which will raise furhter security vulnerabilities in turn.On one hand, since the architectures of wireless network will become ever more complex in the scenario of 4G system, we have to reconsider the trusted relationship among the network entities, the security of the wired link, the scalability of the security architecture and non-repudiation of the sensitive service. On the other hand, with improving compuation capability and storage, the mobile equipment (ME) has been facing increasing security threats. However, the current security architectures for wireless network, e.g. 3G security architecture, do not take the preceding two factors into account and fail to harmonize the efficiency, scalability, compatibility, mobility and security within the system. Moreover, as a compensational patch over the existing mobile communication systems, most security architectures are really hard to solve the security risk caused by the original feature of mobile communication system. Thus during the design of the 4G system we must take the security as a critical issue into account with other core technologies and research it as a part of the future standard.In this doctor dissertation, via discussing the security features of wireless networks and analyzing the development of their security architecture, the security threats, security requirements, security policies and security mechanisms are proposed for 4G system according to 4G's feature. Then the security architecture based on Trusted Mobile Platform (TMP) and PKI is presented to provide a considerable robust platform for user's access to sensitive service. More attention has been paid on the security of the ME in the proposed security architecture in which user, ME and USIM (Universal Subscriber Identity Module) have been regarded as three separated entities. Using mainstream smart-phone's processor, a sample model of TMP as well as the authentication scheme based on the combination of password, fingerprint and USIM are proposed to improve the security of the user domain, which satisfies the security requirements of level 3 presented in TMP standard.Then, in order to deal with the security flaws in privacy-key and public-key based scheme, an efficient self-certified public-key based authentication scheme including PKBP (Public-Key Broadcast Protocol) and SPAKA (Self-certified Public-key based Authentication and Key Agreement Protocol) is presented for 4G systems. With the help of PKBP, ME can identify the genuine access point (AP) from the malicious ones without validating the AP's public-key certificate before the authentication. Meanwhile, in SPAKA, without delivering its public-key certificate to the AP, ME can achieve mutual authentication with AP and implement the controllable monitor on user's conversation to meet the legitimate requirements of government in some special occasion. Compared with other public-key based authentication protocols, with the expected security that privacy-key based protocols can not provide, the computational and communicational payloads have been greatly reduced in our scheme.Subsequently, a secure DRM scheme for wireless network based on TMP is proposed to enhance the security of OMA DRM specification v2 and provide interoperability and compatibility between Trusted Computing (TC) and OMA DRM. With the help of the trusted relationship pre-built between the user and the wireless network operator as well as the clock synchronization technology between the wireless network and ME, the presented DRM scheme can resist the possible piracy, DoS (Deny of Service) attack and replay attack remained in the original OMA DRM architecture.Finally, the pseudorandom properties of FCSR (Feedback with Carry Shift Register) sequences have been analyzed and tested with NIST STS software package. Then the pseudorandom properties of the stream cipher based on the combination of LFSR and FCSR has been analyzed and its theoretical upper bound of period and that of linear complexity are also presented. Meanwhile, the stream cipher is realized in FPGA and compared with the implementation result of other stream ciphers, which proves this stream cipher is very efficient to satisfy the requirement of 4G system and can be employed in mobile equipment.
|
PDF Full Text Request