基于格密码的5G-R车地认证密钥协商方案  被引量：1

作　　者：陈永[1] 刘雯 张薇[2] CHEN Yong;LIU Wen;ZHANG Wei(School of Electronic and Information Engineering,Lanzhou Jiaotong University,Lanzhou 730070,China;School of Traffic and Transportation,Lanzhou Jiaotong University,Lanzhou 730070,China)

机构地区：[1]兰州交通大学电子与信息工程学院,甘肃兰州730070 [2]兰州交通大学交通运输学院,甘肃兰州730070

出　　处：《铁道学报》2024年第2期82-93,共12页Journal of the China Railway Society

基　　金：国家自然科学基金(61963023,61841303);兰州交通大学基础拔尖人才项目(2022JC36);兰州交通大学重点研发项目(ZDYF2304)。

摘　　要：5G-R作为我国下一代高速铁路无线通信系统,其安全性对于保障行车安全至关重要。针对5G-AKA协议存在隐私泄露、根密钥不变和效率低等问题,基于格密码理论提出一种新型5G-R车地认证方案。首先,使用临时身份信息GUTI代替SUCI,克服了SUCI明文传输的缺点。其次,设计基于格密码的根密钥更新策略,采用格上公钥密码体制、近似平滑投射散列函数和密钥共识算法,实现了根密钥的动态更新和前后向安全性。再次,加入随机质询和消息认证码,实现了通信三方的相互认证,可有效防范重放、DoS等多种恶意攻击。最后,采用串空间形式化方法进行安全验证,结果表明:本文方法较其他方法有更高的安全性,被攻击成功的概率最低,仅为O(n^(2))×2^(-128),且有较低的计算开销和通信开销,能够满足5G-R高安全性的需求。The safety of 5G-R,as China’s next-generation high-speed railway wireless communication system,is crucial for ensuring train operation safety.Aiming at the problems of SUCI privacy disclosure,unupdated root key and low authentication efficiency in the 5G-AKA protocol,a novel 5G-R train-ground authentication key agreement scheme using lattice-based cryptography was proposed.First,temporary identity information GUTI was used instead of SUCI to transmit in the request message,overcoming the shortcoming of SUCI plaintext transmission.Then,a root key update strategy using lattice-based cryptography was designed,and the dynamic update of the root key and the forward and backward security were realized by adopting public key cryptosystem on the lattice,approximate smooth projection hash function and key consensus algorithm.Subsequently,random challenge and message authentication code were added to realize the mutual authentication of the three communication parties,effectively preventing various malicious attacks such as replay and DoS.Finally,security verification was carried out by using the strand space formal method.The results show that the proposed method,with higher security than other methods,the lowest probability of being attacked,with the value being only O(n^(2))×2^(-128),with low computing and communication overhead,can meet the high security requirements of 5G-R.

关 键 词：5G-R 车地认证密钥协商 格密码 前后向安全性 串空间模型 

分 类 号：U285.2[交通运输工程—交通信息工程及控制] U929.5[交通运输工程—道路与铁道工程]