基于量子密钥的高速铁路异构网络安全切换  被引量：3

作　　者：陈永[1] 刘雯 常婷 CHEN Yong;LIU Wen;CHANG Ting(School of Electronic and Information Engineering,Lanzhou Jiaotong University,Lanzhou 730070,China)

机构地区：[1]兰州交通大学电子与信息工程学院,甘肃兰州730070

出　　处：《铁道学报》2023年第11期78-89,共12页Journal of the China Railway Society

基　　金：国家自然科学基金(61963023,61841303);兰州交通大学天佑创新团队支持计划(TY202003);兰州交通大学基础研究拔尖人才项目(2022JC36)。

摘　　要：随着高速铁路新一代无线通信系统的建设推进和GSM-R逐步退网,GSM-R和LTE-R网络将存在较长的共存期,如何保证高速列车在GSM-R和LTE-R异构网络之间的快速、安全切换,亟待解决。针对高速铁路无线通信异构网络切换认证过程中存在切换安全性低、认证开销高等问题,提出一种基于量子密钥的高速铁路异构网络安全切换认证方法。首先采用哈希操作生成伪身份PID和切换通行码PASS,实现异构网络间通信的平滑过渡。其次使用量子密钥分发策略实现认证切换过程中源网络和目标网络之间的预认证,降低异构网络间切换认证时延、抵抗临时通话密钥泄露。同时采用哈希、模指运算完成会话密钥的动态更新,实现密钥前后向安全性。最后采用认证测试方法进行安全性验证,并采用朔黄铁路LTE-R线路数据对本方法进行有效性验证。分析验证结果表明:本方法不仅能够抵抗伪装用户、中间人等攻击,而且在计算开销和通信开销等方面也较比较方法更优,能够满足下一代高速铁路异构网络的切换认证需求。With the construction of a new generation of high-speed railway wireless communication system and the phase out of GSM-R from the network,GSM-R and LTE-R networks will have a long coexistence period.Ensuring the fast and safe switching between GSM-R and LTE-R heterogeneous networks for high-speed trains is required.Aiming at the problems of low security and high authentication overhead in the process of high-speed railway wireless communication heterogeneous network handoff authentication,a quantum key-based secure handoff authentication method was proposed for high-speed railway heterogeneous networks.Firstly,a hash operation was used to generate the pseudo-identity PID and the switching pass code PASS,which realized the smooth transition of communication between heterogeneous networks.Secondly,quantum key distribution strategy was used to achieve pre-authentication between the source network and the target network in the process of authentication handoff,reduce the handoff authentication delay between heterogeneous networks,and resist temporary session key disclosure.Simultaneously,hash and modulus operations were used to dynamically update session keys,achieving key forward and backward security.Finally,the authentication test method was used to verify the safety,and the measured data of the LTE-R line of the Shuohuang Railway was used to verify the effectiveness of the proposed method.The analysis and verification results show that the proposed method can not only resist attacks from masqueraded users and man-in-the-middle,but also is better than the comparative literature in terms of computing and communication overhead,which can meet the handoff authentication requirements of the next-generation high-speed railway heterogeneous network.

关 键 词：异构通信网络 下一代铁路无线通信 量子密钥 切换认证协商 

分 类 号：U285.2[交通运输工程—交通信息工程及控制] U929.5[交通运输工程—道路与铁道工程]