一种新的隐私保护型车载网络切换认证协议

doi:10.11999/JEIT160015

摘要
图/表
参考文献(19)
相关文章 (3)

全文: PDF (337 KB)
输出: BibTeX | EndNote (RIS)

摘要

该文针对现有车载网络切换认证协议存在的安全性、隐私等方面的不足，在LIAP协议的基础上提出改进方案。首先将随机数与伪标识串联，再用二次模运算对串联的信息进行加密，以生成动态身份标识保护用户位置隐私；与此同时，在移动终端切换过程中，新路侧单元重新生成新会话秘密序列，并与终端伪标识进行异或加密，对LIAP协议中存在的平行会话攻击进行安全防护。理论分析及实验表明，改进协议不仅满足终端匿名性和抵御各种攻击的安全需求，也实现了较快的切换速度，与同类切换认证协议相比，实用中具明显优越性。

	服务

	把本文推荐给朋友
	加入我的书架
	加入引用管理器
	E-mail Alert
	RSS
	作者相关文章
	周治平
	张惠根
	孙子文
	李静

关键词 ：车载网络, 切换认证, 二次剩余定理, 隐私防护, 平行会话攻击

Abstract：

To overcome the shortages in security and privacy of existing handover authentication protocols for vehicle network, an improved scheme based on the Lightweight Identity Authentication Protocol (LIAP) protocol is proposed in this paper. Firstly, terminal’s pseudo-identity is concatenated with a random number, then quadratic residues operation is utilized to encrypt the connected information and to generate a dynamic identity, which can protect the user’s location privacy. Meanwhile, the new road side unit regenerates a new session secret sequence and computes the challenge sequence with the terminal user’s pseudo-identity by XOR encryption, which can provide secure protection against parallel session attack during the handover process. Theoretical analysis and experiments show that the proposed protocol can not only meet security requirements of providing terminal anonymity and defending various attacks, but also achieve a faster switching speed. Therefore, the improved protocol shows obvious superiorities over most existing schemes.

Key words： Vehicle network Handover authentication Quadratic residue theorem Privacy protection Parallel session attack

收稿日期: 2016-01-04 出版日期: 2016-07-19

PACS:

TP309.2

基金资助:

国家自然科学基金(61373126); 中央高校基本科研业务费专项资金(JUSRP51510); 江苏省自然科学基金(BK20131107)

通讯作者: 周治平：男，1962年生，博士，教授，研究领域为检测技术与自动化装置、信息安全等. E-mail: zzp@jiangnan.edu.cn

作者简介: 周治平：男，1962年生，博士，教授，研究领域为检测技术与自动化装置、信息安全等. 张惠根：男，1990年生，硕士生，研究领域为物联网安全认证. 孙子文：女，1968年生，博士，教授，研究领域为无线传感器网络理论与技术，信息隐藏、模式识别与图像处理等. 李静：女，1992年生，硕士生，研究领域为检测技术与自动化装置.

引用本文:

周治平,张惠根,孙子文,李静. 一种新的隐私保护型车载网络切换认证协议[J]. 电子与信息学报, 2016, 38(10): 2633-2639. ZHOU Zhiping, ZHANG Huigen, SUN Ziwen, LI Jing. Improved Privacy Protection Handover Authentication Protocol for Vehicular Ad Hoc Networks. JEIT, 2016, 38(10): 2633-2639.

链接本文:

http://jeit.ie.ac.cn/CN/10.11999/JEIT160015 或 http://jeit.ie.ac.cn/CN/Y2016/V38/I10/2633

[1]	LEE J H and BONNIN J M. HOTA: Handover optimized ticket-based authentication in network-based mobility management[J]. Information Sciences, 2013, 230(5): 64-77. doi:10.1016/j.ins.2012.11.006
[2]	JIA X D, CHANG Y F, ZHANG Z Z, et al. A critique of a lightweight identity authentication protocol for vehicular network[J]. Journal of Information Hiding and Multimedia Signal Processing, 2015, 6(3): 183-188.
[3]	YANG X, HUANG X, HAN J, et al. Improved handover authentication and key pre-distribution for wireless mesh networks[J]. Concurrency and Computation: Practice and Experience, 2015, 42(9): 621-628. doi: 10.1002/cpe.3544.
[4]	XIAO P, HE J, and FU Y. An access authentication protocol for trusted handoff in wireless mesh networks[J]. Computer Standards & Interfaces, 2014, 36(3): 480-488.
[5]	CHOI H H. Ad hoc cooperative vertical handover for next- generation heterogeneous networks[J]. AEU-International Journal of Electronics and Communications, 2015, 69(10): 1557-1561.
[6]	HE D, CHEN C, CHAN S, et al. Secure and efficient handover authentication based on bilinear pairing functions[J]. IEEE Transactions on Wireless Communications, 2012, 11(1): 48-53.
[7]	TSAI J L, LO N W, and WU T C. Secure handover authentication protocol based on bilinear pairings[J]. Wireless Personal Communications, 2013, 73(3): 1037-1047.
[8]	YEO S L, YAP W S, LIU J K, et al. Comments on “analysis and improvement of a secure and efficient handover authentication based on bilinear pairing functions”[J]. IEEE Communications Letters, 2013, 17(8): 1521-1523.
[9]	LI J S and LIU K H. A lightweight identity authentication protocol for vehicular networks[J]. Telecommunication Systems, 2013, 53(4): 425-438.
[10]	JURCUT A D, COFFEY T, and DOJEN R. Design guidelines for security protocols to prevent replay & parallel session attacks[J]. Computers & Security, 2014, 45(6): 255-273.
[11]	ZHANG Y, CHEN X, LI J, et al. Generic construction for secure and efficient handoff authentication schemes in EAP-based wireless networks[J]. Computer Networks, 2014, 75(12): 192-211. doi:10.1016/j.comnet.2014.10.009.
[12]	HE D, BU J, CHAN S C, et al. Handauth: efficient handover authentication with conditional privacy for wireless networks[J]. IEEE Transactions on Computers, 2013, 62(3): 616-622.
[13]	WANG W and HU L. A secure and efficient handover authentication protocol for wireless networks[J]. Sensors, 2014, 14(7): 11379-11394.
[14]	HE D, CHAN S, and GUIZANI M. Handover authentication for mobile networks: security and efficiency aspects[J]. Network, 2015, 29(3): 96-103.
[15]	YEH L Y and HUANG J L. PBS: a portable billing scheme with fine-grained access control for service-oriented vehicular networks[J]. IEEE Transactions on Mobile Computing, 2014, 13(11): 2606-2619.
[16]	WU H T, YEIN A D, and HAIEH W S. Message authentication mechanism and privacy protection in the context of vehicular Ad Hoc networks[J]. Mathematical Problems in Engineering, 2015, 501(12): 1-11.
[17]	GUO S, ZENG D, and XIANG Y. Chameleon hashing for secure and privacy-preserving vehicular communications[J]. IEEE Transactions on Parallel and Distributed Systems, 2014, 25(11): 2794-2803.
[18]	CAO J, LI H, MA M, et al. A simple and robust handover authentication between HeNB and eNB in LTE networks[J]. Computer Networks, 2012, 56(8): 2119-2131.
[19]	LI G, JIANG Q, WEI F, et al. A new privacy-aware handover authentication scheme for wireless networks[J]. Wireless Personal Communications, 2015, 80(2): 581-589.
[20]	SHAMUS SOFTWARE LTD. Miracllibrary[OL]. http://www.shmus.ie/index.php?pages=home,2012.