混沌映射与中国剩余定理增强的切换认证方案  

作　　者：陈永[1] 常婷 张冰旺 CHEN Yong;CHANG Ting;ZHANG Bingwang(School of Electronic and Information Engineering,Lanzhou Jiaotong University,Lanzhou 730070,China)

机构地区：[1]兰州交通大学电子与信息工程学院,甘肃兰州730070

出　　处：《西安电子科技大学学报》2024年第4期192-205,共14页Journal of Xidian University

基　　金：国家自然科学基金(61963023,61841303);兰州交通大学基础拔尖人才项目(2022JC36);兰州交通大学重点研发项目(ZDYF2304)。

摘　　要：5G-R作为我国下一代高速铁路移动通信系统,其安全性对于保障高速铁路行车安全至关重要。针对高速铁路5G-R网络切换认证过程易受去同步攻击、不具备前向安全性及计算开销大等问题,提出了一种基于切比雪夫混沌映射与中国剩余定理增强的高速铁路切换认证方案。首先,基于切比雪夫混沌映射半群性,设计通信双方密钥协商机制,实现了切换认证过程中源基站与目标基站之间的双向身份鉴权,能够有效抵抗伪基站和去同步攻击。然后,利用中国剩余定理的秘密共享原理,派生出列车和目标基站的会话密钥,确保了链路计数值NCC在切换时的安全传输,从而克服了切换认证不具备前向安全性的不足。最后,利用BAN逻辑形式化理论和Scyther安全分析工具,分别验证了所提方法的安全性,并与同类协议进行安全性和效率分析。结果表明:所提方案安全性更高,在通信和计算开销等方面较比较方法性能更优,能有效满足5G-R切换认证安全的需求。As the next generation of the high-speed railway mobile communication system in China,the safety of 5G-R is crucial for ensuring railway operation safety.Aiming at the problems of 5G-R network handover authentication process,such as vulnerability to desynchronization attack,lack of forward security and high computing cost,an enhancement scheme based on chebyshev chaotic mapping and the Chinese remainder theorem for high-speed railway handover authentication is proposed.First,based on chebyshev chaotic mapping semigroup,a key negotiation mechanism is designed to realize bidirectional identity authentication between source base station which can effectively resist pseudo-base stations and desynchronization attacks and target base station during handover authentication.Then,by using the secret sharing principle of the Chinese remainder theorem,the session key of the train and target base station is derived,which ensures the secure transmission of link count value next-hop chaining count during handover,and overcomes the shortage of forward security in handover authentication.Finally,the security of the proposed method is verified by using the BAN logic formalization theory and Scyther security analysis tool,and the proposed method is compared with similar protocols for security and efficiency analysis.The results show that the proposed scheme has higher security and better performance than the comparison method in terms of communication and computing overhead,and can effectively meet the requirements of 5G-R handover authentication security.

关 键 词：高速铁路 5G-R无线通信 切换安全 混沌映射 密钥协商 

分 类 号：TP391[自动化与计算机技术—计算机应用技术] U285.2[自动化与计算机技术—计算机科学与技术]