3GPP认证与密钥协商协议安全性分析

通用移动通信系统采用3GPP认证与密钥协商协议作为其安全框架,该协议对GSM存在的安全隐患作了有效的改进.对3GPP认证与密钥协商协议进行安全性研究,分析其容易遭受4种类型攻击方式.为了解决上述存在的安全隐患,提出在位置更新与位置不变两种情况下的基于公钥密码学的认证与密钥协商协议,采用形式化的分析方式证明了所提出算法的安全性,并将该协议与已有协议在安全性方面进行了比较.结果显示,所提出的协议算法能够极大地增强3GPP认证与密钥协商协议的安全性.

Security Analysis of 3GPP Authentication and Key Agreement Protocol

The Universal Mobile Telecommunication System (UMTS) adopts 3GPP authentication and key agreement (3GPP AKA) protocol as its security framework, and this protocol has made effective improvements on the hidden security problems of GSM (global system for mobile communications). This paper investigates into the security of the 3GPP authentication and key agreement protocol, and analyzes four types of attacks to which it is vulnerable. To solve the security problems mentioned above, it presents an efficient authentication and key agreement protocol, which is based on public key cryptography, under the circumstances of location updating and location immovability, adopts formal analysis to prove the security of two protocols proposed, and compares it with other protocols from the aspect of security. The results show that this proposed protocol can significantly enhance the security of 3GPP AKA protocol.