Research On 5G Network Authentication And Key Management Mechanism

The open and integrated 5G network supports new features such as diverse business requirements,heterogeneous coexistence of different access networks,and massive connectivity of multiple terminals,which pose severe challenges to the security of mobile communication networks.One of the important security mechanisms of 5G networks is to achieve mutual authentication between devices and networks and establish session keys to ensure subsequent secure communication.However,there are still many problems in the current authentication mechanism,such as single solidification of authentication process,insufficient flexibility of key lifecycle management,signaling congestion in the scenario of concurrent access of massive devices,etc.It cannot cope with the differentiated requirements of terminals in different service scenarios.In order to improve the access stability and mobile orderliness of 5G user devices,it is of great practical significance and good application prospect to carry out research on secure and efficient authentication and key management mechanisms.Aiming at the above problems,this paper constructs a unified identity authentication framework,and combines spectral clustering algorithm and Access Class Barring Scheme(ACB)to provide customized access authentication services and key management for terminals in multi-service scenarios.In addition,the certificate-free authentication scheme ensures the security of device access authentication and handover authentication in various scenarios based on certificateless authentication scheme,so as to achieve heterogeneous integration and interconnection of terminals in multi-service scenarios.The main research points of this paper are as follows:1.An authentication architecture for large-scale heterogeneous terminals for 5G multi-service scenarios is constructed.The architecture performs dynamic group division of terminals based on spectral clustering;Combined with the ACB mechanism,different numbers of preamble codes are assigned to three delay devices;Finally,access authentication,switching authentication and corresponding batch authentication methods are integrated,and authentication schemes are provided by the translation module according to the requirements to achieve heterogeneous integration of different types of terminals.The simulation shows that all groups in the randomly distributed region show a state of combining position and delay,and the dynamic preamble code allocation process is reflected in the 050ms access time slot,and the 0-16ms gap preamble code is pre-allocated to low-latency devices,which ensures the maximum number of successful network access devices under the condition of meeting the delay requirements.2.An access authentication and key negotiation mechanism for largescale heterogeneous terminals is designed.This mechanism ensures the access privacy and data security of a single user based on certificateless signature.A batch authentication mechanism based on aggregate signature is proposed for simultaneous access of large-scale devices in mMTC service scenarios.Finally,the non-formal security model and formal tool ProVerif were used to verify the mechanism.Simulation results show that the proposed mechanism satisfies the security of mobile terminal authentication and key negotiation,and reduces the transmission delay by 33%compared with 5G authentication mechanism.3.Based on the optimized certificateless mechanism,a new type of handover authentication and key updating is proposed.This mechanism improves the certificateless key mechanism.Mobile devices have the right to initiate key update request independently,and the key update process does not require the participation of the core network.In mMTC scenario,a batch authentication mechanism is proposed to meet the requirement for simultaneous network switching of massive devices.Finally,eCK security model is used to demonstrate the security of the proposed mechanism under Diffie-Hellman problem.Simulation results show that the scheme in this chapter meets the forward security requirements of key management and reduces the transmission delay by about 40%compared with 5G authentication mechanism.Compared with other handover authentication schemes,this scheme has obvious advantages in terms of communication cost and calculation cost.In conclusion,the access authentication mechanism proposed in this paper provides customized access management and security services,alleviating network congestion during concurrent connections in the mMTC scenario.The handover authentication mechanism satisfies the forward security of mobile terminal key negotiation and has lower communication and computing costs.The results of this paper provide a feasible scheme for the research of secure and efficient authentication and key agreement.