The Research Of WPKI-based Authentication Protocol In LTE/SAE

With the rapid development of technologies of wireless communication andextensive application of high-speed data services, the mobile communication systemis fast evolving towards the direction of IP-based network structure, integratedservices and diversified access methods. The new services requirements and opennessof the wireless networks have determined that the security is gradually evolving as acore constraint to the development of the system and the popularization of theservices. And as one of the critical security mechanisms to maintain the security ofmobile communication systems, the authentication protocol has become an importantresearch content in Long Term Evolution/System Architecture Evolution (LTE/SAE)which is an evolved model of the next generation mobile communication system. So,the thesis has carried out an in-depth study on the authentication protocol and hascompleted the following major researches:Firstly, this thesis analyzes the authentication protocols adopted by eachdevelopment phase of mobile communication system, and based on the new featuresof the evolving mobile communication system, the basic security requirements andtrends of the access authentication mechanisms in LTE/SAE have been elaborated.Secondly, this thesis does an in-depth study on the Evolved Packet SystemAuthentication and Key Agreement (EPS AKA) Protocol adopted by the LTE/SAEsystem, and by analyzing the security deficiencies of the EPS AKA procedure, a newsecurity enhanced scheme based on Wireless Public Key Infrastructure (WPKI) isproposed. Then, through the formal analysis, it proves that the proposed scheme hasout-performed security and scalability than EPS AKA.Lastly, this thesis studies some authentication scenarios existing in the LTE/SAEsystem, and three authentication protocols including full authentication,re-authentication, roaming authentication are designed respectively for differentauthentication scenarios. Then, the security and efficiency analysis shows that usingdifferent authentication schemes in different scenarios can improve the efficiency ofthe authentication process and reduce the cost of the system while maintaining theexpected security.The thesis has done the following innovative researches:(1) For the security deficiencies of the EPS AKA protocol, a WPKI-based security enhanced scheme is proposed, which can effective protect the sensitiveinformation of the system and has better scalability than other symmetric-key basedauthentication protocols. In addition, the new scheme can provide non-repudiationproof.(2) For the re-authentication scenario and the roaming authentication scenario,two authentication protocols including re-authentication and roaming authenticationare designed respectively, which can make full use of the effective user authenticationvectors, can reduce the signaling transmission cost of the system and can bettersupport user’s fast and seamlessly accesses.