Study On LTE And WLAN Heterogeneous Integrated Network Access Authentication Protocol

With the development of wireless communication technology,communication efficiency drawn much more attention to people.For different situations,WLAN and LTE networks have their own advantages and disadvantages.WLAN has high bandwidth and low cost,and it can provide users with high-speed data exchange,but the coverage range is narrow.On the contrary,LTE can cover a wide range,but the data exchange rate is lower.Therefore,the network data exchange capacity will be increased if the two networks are integrated.In the integrated network of LTE and WLAN,the access authentication is an indispensable part,and its security has become the focus of our research.This thesis mainly studies the access authentication and key agreement protocols of LTE-WLAN integrated networks.Through the analysis of the security schemes of the traditional EAP-AKA protocols,it can be seen that there are certain security risks in the protocols,including the transferring of the user's identity in plaintext,and the no identity authentication between WLAN-UE and WLAN-AN in the integrated networks.On this basis,we proposed an efficient authentication scheme for improving the original EAP-AKA protocol.Firstly,we propose a new certificateless short signature algorithm.Compared with the traditional public key cryptosystem,certificateless public key cryptography,not only simplifies the needs of public key certificate of traditional PKI,but also solve the key escrow problem of ID-based public key cryptography.Compared with other signature,short signatures has shorter signature length,faster calculation speed and higher efficiency.According to the advantages of certificateless public key cryptography and short signature algorithms,the proposed certificateless short signature scheme integrates security and efficiency.The scheme does not involve bilinear pair operations on the signer side,and there are only two pair operations on the verifier side,which improves the operation efficiency of the networks obviously.The scheme also binds the public key with the corresponding user's private key,avoiding the public key replacement attack,so that the security of the networks has been guaranteed.A new access authentication protocol for LTE-WLAN integrated network is proposed by deploying the new certificateless short signature scheme with EAP-AKA protocol.The protocol has the following advantages:(1)The user's anonymity.The WLAN-UE creates a user's identity list instead of the user's real identity information IMSI to fulfill the anonymity of users.(2)Two-way authentication between network entities.WLAN-UE,WLAN-AN,3GPP AAA Server,HSS / HLR have been mutual authenticated.They create their own signatures so that the message recipient can verify the sender's identity via the signature.In this way,the WLAN-UE and the WLAN-AN fake attacks can be avoided.(3)Replay attack defense.Since the WLAN-UE chooses the random number t as a timestamp in messages during the authentication phase,the message is timed.This design prevents the attacker from sending the authentication request for authentication vector to the HSS / HLR constantly,so that it will avoid the overload of the communication network and affecting the communication efficiency.With the improvements above,the proposed access authentication process of LTE and WLAN integrated network becomes safer and more efficient.