摘要
为保证数据传输的安全性,该协议实现网络和用户之间的双向认证,增加数据完整性的验证防止对信息的篡改,在认证令牌AUTN中包括序列号SQN确保认证过程的最新性,防止重放攻击;然而认证过程却假定HLR/AUC和VLR/SGSN之间的内部系统链路足够安全,该假设导致该链路上的数据易被窃听,针对此缺陷提出了基于VLR和HLR之间共享秘密密钥的认证与密钥分配协议,实现HLR对VLR认证,保证VLR和HLR之间认证向量传输的安全性。
For the security of data transferred during the communication, The protocol achieves mutual authentication via the user and the network, validates the data integrity which prevents from tampering with the data, ensures the fresh authentication procedure by using the sequence number SQN; However, It is assumed that the intra-system links between the VLR/SGSN and the HE/AUC are adequately secure. The data transferred on this links easily be eavesdropped. For solving the problem, A improved AKA protocol based on secret key which is shared between VLR and HLR is put forward, The authentication of HLR to VLR is implemented and the security of authentication vector is assured which is transferred from HLR to VLR.
出处
《计算机工程与设计》
CSCD
北大核心
2006年第14期2705-2707,共3页
Computer Engineering and Design
