技术领域Technical field
本发明涉及轨道交通无线通信领域,特别是涉及一种移动通信标准LTE-R环境下使用ECDSA签名算法的轻量级身份认证方法、系统及设备。The invention relates to the field of rail transit wireless communications, and in particular to a lightweight identity authentication method, system and equipment using the ECDSA signature algorithm in the mobile communication standard LTE-R environment.
背景技术Background technique
随着铁路行业的快速发展,旧有的通信技术已经无法满足铁路行业日益增长的通信需求。因此,铁路部门开始研究新兴的通信技术,考虑使用LTE技术来满足通信需求。传统的GSM-R难以满足未来高速铁路系统针对高冗余度数据的可靠传输、实时多媒体视频监控等业务的要求。因此,在第七届世界高速铁路大会上,国际铁路联盟(UIC)正式提出发展基于LTE-R的下一代高速铁路无线通信系统。LTE-R(LTE for Railways)是一种专门针对铁路通信需求而设计的LTE无线通信系统,为铁路通信提供高速数据传输和可靠的通信服务。然而,由于铁路特殊的工作环境和高度安全要求,对于LTE技术的要求也更加严格。因此,必须通过认证协议来确保LTE-R系统在铁路环境下的可靠性、安全性和稳定性。为此,制定了一系列关于LTE-R认证的标准和规范,并建立了专门的认证机构和测试中心,以对LTE-R系统进行认证和测试。这些认证和测试将确保LTE-R系统满足铁路行业的要求,为铁路通信提供更加高效、可靠、安全的服务。总之,LTE-R是一种专门为铁路通信需求而优化的LTE无线通信系统,在满足铁路行业特殊需求的同时,也具有广泛的适用性。With the rapid development of the railway industry, old communication technologies can no longer meet the growing communication needs of the railway industry. Therefore, the railway department began to study emerging communication technologies and considered using LTE technology to meet communication needs. Traditional GSM-R is difficult to meet the requirements of future high-speed railway systems for reliable transmission of high-redundancy data, real-time multimedia video surveillance and other services. Therefore, at the Seventh World High-Speed Railway Conference, the International Union of Railways (UIC) officially proposed the development of a next-generation high-speed railway wireless communication system based on LTE-R. LTE-R (LTE for Railways) is an LTE wireless communication system specially designed for railway communication needs, providing high-speed data transmission and reliable communication services for railway communication. However, due to the special working environment and high safety requirements of railways, the requirements for LTE technology are also more stringent. Therefore, certification protocols must be adopted to ensure the reliability, security and stability of the LTE-R system in the railway environment. To this end, a series of standards and specifications for LTE-R certification have been developed, and specialized certification agencies and testing centers have been established to certify and test LTE-R systems. These certifications and tests will ensure that the LTE-R system meets the requirements of the railway industry and provides more efficient, reliable and secure services for railway communications. In short, LTE-R is an LTE wireless communication system optimized specifically for railway communication needs. While meeting the special needs of the railway industry, it also has wide applicability.
LTE-R认证协议中存在身份认证的安全性问题,例如IMSI明文传输、根密钥泄露、服务网络标识明文传输以及认证向量明文传输等问题。本发明提供一种基于ECDSA签名算法的身份认证方法、系统及设备。There are identity authentication security issues in the LTE-R authentication protocol, such as IMSI plaintext transmission, root key leakage, service network identification plaintext transmission, and authentication vector plaintext transmission. The invention provides an identity authentication method, system and equipment based on the ECDSA signature algorithm.
发明内容Contents of the invention
本发明的目的是提供一种基于ECDSA签名算法的身份认证方法、系统及设备,可提高LTE-R认证协议中身份认证的安全性。The purpose of the present invention is to provide an identity authentication method, system and equipment based on the ECDSA signature algorithm, which can improve the security of identity authentication in the LTE-R authentication protocol.
为实现上述目的,本发明提供了如下方案:In order to achieve the above objects, the present invention provides the following solutions:
一种基于ECDSA签名算法的身份认证方法,所述方法包括初始化认证;所述初始化认证包括:An identity authentication method based on the ECDSA signature algorithm, the method includes initialization authentication; the initialization authentication includes:
车载移动单元利用归属用户服务器的公钥对IMSI、车载移动单元身份标识符和所述车载移动单元获取的基站标识符进行加密并生成接入认证消息;所述归属用户服务器的公钥和所述IMSI为所述车载移动单元的USIM卡注册过程中存储在USIM卡中的安全参数;The vehicle-mounted mobile unit uses the public key of the home user server to encrypt the IMSI, the vehicle-mounted mobile unit identity identifier and the base station identifier obtained by the vehicle-mounted mobile unit and generates an access authentication message; the public key of the home user server and the IMSI is the security parameter stored in the USIM card during the USIM card registration process of the vehicle-mounted mobile unit;
移动管理实体接收所述接入认证消息,基于所述接入认证消息、网络服务号和所述移动管理实体获取的基站标识符向所述归属用户服务器发送认证向量请求消息;The mobility management entity receives the access authentication message, and sends an authentication vector request message to the home user server based on the access authentication message, the network service number and the base station identifier obtained by the mobility management entity;
所述归属用户服务器接收所述认证向量请求消息,验证所述认证向量请求消息的准确性,在消息验证通过后生成认证向量组并基于归属用户服务器的私钥应用ECDSA签名算法生成初认证签名,将所述初认证签名和认证向量响应消息发送给所述移动管理实体;所述认证向量响应消息包括所述认证向量组;所述认证向量组中包括多个认证向量;每一所述认证向量包括消息认证码、匿名性密钥、主密钥、认证令牌和期望响应;The home user server receives the authentication vector request message, verifies the accuracy of the authentication vector request message, generates an authentication vector group after the message is verified and applies the ECDSA signature algorithm based on the private key of the home user server to generate an initial authentication signature, Send the initial authentication signature and authentication vector response message to the mobility management entity; the authentication vector response message includes the authentication vector group; the authentication vector group includes multiple authentication vectors; each authentication vector Including message authentication code, anonymity key, master key, authentication token and expected response;
所述移动管理实体接收所述认证向量响应消息和所述初认证签名,对所述初认证签名进行签名验证,在初认证签名验证通过后,生成临时移动用户识别码,基于所述认证向量组和所述临时移动用户识别码生成认证挑战消息并发送给所述车载移动单元;The mobility management entity receives the authentication vector response message and the initial authentication signature, performs signature verification on the initial authentication signature, and after passing the initial authentication signature verification, generates a temporary mobile user identification code based on the authentication vector group and the temporary mobile subscriber identification code to generate an authentication challenge message and send it to the vehicle-mounted mobile unit;
所述车载移动单元接收所述认证挑战消息,验证所述认证挑战消息中的移动管理实体身份标识符,身份验证通过后进行所述消息认证码的验证,认证码验证通过后生成挑战响应消息并发送给所述移动管理实体;The vehicle-mounted mobile unit receives the authentication challenge message, verifies the mobile management entity identity identifier in the authentication challenge message, verifies the message authentication code after passing the identity verification, and generates a challenge response message after passing the verification code. Sent to the mobility management entity;
所述移动管理实体接收所述挑战响应消息,对比所述挑战响应消息和所述期望响应,对比通过后,生成认证成功消息并发送给所述归属用户服务器;所述归属用户服务器接收所述认证成功消息,更新长期共享密钥完成初始化认证。The mobility management entity receives the challenge response message, compares the challenge response message with the expected response, and after passing the comparison, generates an authentication success message and sends it to the home user server; the home user server receives the authentication Success message, the long-term shared key is updated to complete the initial authentication.
可选的,车载移动单元利用归属用户服务器的公钥对IMSI、车载移动单元身份标识符和所述车载移动单元获取的基站标识符进行加密并生成接入认证消息,具体包括:Optionally, the vehicle-mounted mobile unit uses the public key of the home user server to encrypt the IMSI, the vehicle-mounted mobile unit identity identifier and the base station identifier obtained by the vehicle-mounted mobile unit and generate an access authentication message, which specifically includes:
所述车载移动单元确定初认证第一时间戳,并从ECDSA签名算法中椭圆曲线的数域中选取第一随机数,基于所述第一随机数和所述ECDSA签名算法中椭圆曲线的基点计算第一中间数据;所述椭圆曲线的基点和所述椭圆曲线的数域为所述车载移动单元的USIM卡注册过程中存储在USIM卡中的安全参数;所述椭圆曲线的数域为满足椭圆曲线方程的点组成的值域;The vehicle-mounted mobile unit determines the first timestamp of initial authentication, selects a first random number from the number field of the elliptic curve in the ECDSA signature algorithm, and calculates it based on the first random number and the base point of the elliptic curve in the ECDSA signature algorithm. The first intermediate data; the base point of the elliptic curve and the number field of the elliptic curve are the security parameters stored in the USIM card during the USIM card registration process of the vehicle-mounted mobile unit; the number field of the elliptic curve satisfies the ellipse The value range composed of the points of the curve equation;
所述车载移动单元确定所要接入的目标归属用户服务器身份标识符,并基于所述第一中间数据、所述目标归属用户服务器身份标识符、所述长期共享密钥、所述车载移动单元身份标识符和所述初认证第一时间戳应用哈希消息认证码运算得到第一哈希数据;The vehicle-mounted mobile unit determines the identity identifier of the target home user server to be accessed, and based on the first intermediate data, the target home user server identity identifier, the long-term shared key, and the identity of the vehicle-mounted mobile unit Apply a hash message authentication code operation to the identifier and the first timestamp of initial authentication to obtain the first hash data;
所述车载移动单元利用所述归属用户服务器的公钥对所述IMSI、所述第一中间数据、所述车载移动单元身份标识符、所述车载移动单元获取的基站标识符进行加密,得到第一加密数据;The vehicle-mounted mobile unit uses the public key of the home user server to encrypt the IMSI, the first intermediate data, the vehicle-mounted mobile unit identity identifier, and the base station identifier obtained by the vehicle-mounted mobile unit to obtain a third - encrypted data;
所述车载移动单元基于所述第一哈希数据、所述第一加密数据和所述初认证第一时间戳生成所述接入认证消息,并发送至所述移动管理实体。The vehicle-mounted mobile unit generates the access authentication message based on the first hash data, the first encrypted data and the initial authentication first timestamp, and sends it to the mobility management entity.
可选的,所述归属用户服务器接收所述认证向量请求消息,验证所述认证向量请求消息的准确性,在消息验证通过后生成认证向量组并基于归属用户服务器的私钥应用ECDSA签名算法生成初认证签名,将所述初认证签名和认证向量响应消息发送给所述移动管理实体;所述认证向量响应消息包括所述认证向量组,具体包括:Optionally, the home user server receives the authentication vector request message, verifies the accuracy of the authentication vector request message, generates an authentication vector group after the message is verified and applies the ECDSA signature algorithm based on the private key of the home user server. Initial authentication signature, sending the initial authentication signature and authentication vector response message to the mobility management entity; the authentication vector response message includes the authentication vector group, specifically including:
所述归属用户服务器接收所述认证向量请求消息和所述初认证签名后,验证所述网络服务号是否正确,若所述网络服务号正确,则利用所述归属用户服务器的私钥对第一加密数据进行解密,得到第一解密数据;所述第一解密数据包括解密的IMSI、解密的第一中间数据、解密的车载移动单元身份标识符和解密的基站标识;After receiving the authentication vector request message and the initial authentication signature, the home user server verifies whether the network service number is correct. If the network service number is correct, the home user server uses the private key of the home user server to verify whether the network service number is correct. The encrypted data is decrypted to obtain the first decrypted data; the first decrypted data includes the decrypted IMSI, the decrypted first intermediate data, the decrypted vehicle-mounted mobile unit identity identifier and the decrypted base station identifier;
所述归属用户服务器利用所述解密的车载移动单元身份标识符验证所述车载移动单元的身份,并检查所述解密的基站标识与所述移动管理实体获取的基站标识符是否匹配;The home user server uses the decrypted vehicle-mounted mobile unit identity identifier to verify the identity of the vehicle-mounted mobile unit, and checks whether the decrypted base station identifier matches the base station identifier obtained by the mobility management entity;
若所述车载移动单元的身份验证通过,且所述解密的基站标识与所述移动管理实体获取的基站标识符匹配,则所述归属用户服务器根据所述解密的IMSI确定所述长期共享密钥;If the identity verification of the vehicle-mounted mobile unit passes and the decrypted base station identifier matches the base station identifier obtained by the mobility management entity, the home user server determines the long-term shared key based on the decrypted IMSI. ;
所述归属用户服务器基于所述长期共享密钥、解密的第一中间数据、解密的车载移动单元身份标识符、所述目标归属用户服务器身份标识符和所述初认证第一时间戳计算第二哈希数据,并判断所述第一哈希数据和所述第二哈希数据是否相等;The home user server calculates a second time based on the long-term shared key, the decrypted first intermediate data, the decrypted vehicle-mounted mobile unit identity identifier, the target home user server identity identifier and the initial authentication first timestamp. Hash data, and determine whether the first hash data and the second hash data are equal;
当所述第一哈希数据和所述第二哈希数据相等,则所述归属用户服务器确定初认证第二时间戳并随机选取多个第二随机数,将每一所述第二随机数分别与所述椭圆曲线的基点计算,得到多个第二中间数据;When the first hash data and the second hash data are equal, the home user server determines the second timestamp of the initial authentication and randomly selects a plurality of second random numbers, and adds each of the second random numbers to Calculate with the base points of the elliptic curve respectively to obtain a plurality of second intermediate data;
所述归属用户服务器将每一所述第二随机数分别与所述第一中间数据计算,得到多个第一协商密钥;对每一所述第二随机数,将对应的所述第二中间数据、所述解密的IMSI、所述网络服务号、对应的所述第一协商密钥、序列号、认证管理域作为输入,利用所述哈希消息认证码运算计算得到所述消息认证码、所述匿名性密钥、所述主密钥、所述认证令牌和所述期望响应;The home user server calculates each second random number with the first intermediate data to obtain a plurality of first negotiation keys; for each second random number, the corresponding second random number is The intermediate data, the decrypted IMSI, the network service number, the corresponding first negotiation key, the serial number, and the authentication management domain are used as inputs, and the message authentication code is calculated using the hash message authentication code operation. , the anonymity key, the master key, the authentication token and the expected response;
所述归属用户服务器将每一个所述消息认证码分别和对应的所述匿名性密钥、所述主密钥、所述认证令牌和所述期望响应组成一个所述认证向量,得到所述认证向量组;The home user server combines each of the message authentication codes with the corresponding anonymity key, the master key, the authentication token and the expected response to form an authentication vector to obtain the Authentication vector group;
所述归属用户服务器从多个所述第二随机数中选取一个随机数,根据选取的第二随机数、所述椭圆曲线的基点、所述初认证第二时间戳和所述选取的第二随机数对应的所述认证向量以及所述归属用户服务器的私钥应用所述ECDSA签名算法生成所述初认证签名;The home user server selects a random number from a plurality of second random numbers, based on the selected second random number, the base point of the elliptic curve, the second initial authentication timestamp and the selected second The authentication vector corresponding to the random number and the private key of the home user server apply the ECDSA signature algorithm to generate the initial authentication signature;
所述归属用户服务器将认证向量响应消息和所述初认证签名发送给所述移动管理实体,所述认证向量响应消息包括所述认证向量组和所述初认证第二时间戳。The home user server sends an authentication vector response message and the initial authentication signature to the mobility management entity, where the authentication vector response message includes the authentication vector group and the initial authentication second timestamp.
可选的,所述移动管理实体接收所述认证向量响应消息,对所述初认证签名进行签名验证,在初认证签名验证通过后,生成临时移动用户识别码,基于所述认证向量组和所述临时移动用户识别码生成认证挑战消息并发送给所述车载移动单元,具体包括:Optionally, the mobility management entity receives the authentication vector response message, performs signature verification on the initial authentication signature, and generates a temporary mobile user identification code based on the authentication vector group and the initial authentication signature after the initial authentication signature is verified. The temporary mobile user identification code generates an authentication challenge message and sends it to the vehicle-mounted mobile unit, specifically including:
所述移动管理实体接收所述认证向量响应消息和所述初认证签名后,检查所述初认证第二时间戳的新鲜度,并进行初认证签名验证,初认证签名验证通过后,将所述认证向量组存储至移动管理实体数据库,并随机抽取一组所述认证向量;After receiving the authentication vector response message and the initial authentication signature, the mobile management entity checks the freshness of the second timestamp of the initial authentication, and performs initial authentication signature verification. After the initial authentication signature is verified, the The authentication vector group is stored in the mobile management entity database, and a group of the authentication vectors is randomly selected;
所述移动管理实体根据第三随机数和所述IMSI应用所述哈希消息认证码运算得到临时移动用户识别码,并确认初认证第三时间戳;所述第三随机数是所述车载移动单元首次接入网络时,所述移动管理实体生成的且向所述车载移动单元发送的随机数;所述第三随机数是所述椭圆曲线的数域中的数据;The mobile management entity applies the hash message authentication code operation according to the third random number and the IMSI to obtain a temporary mobile user identification code, and confirms the third timestamp of initial authentication; the third random number is the vehicle-mounted mobile user identification code. A random number generated by the mobility management entity and sent to the vehicle-mounted mobile unit when the unit first accesses the network; the third random number is data in the number field of the elliptic curve;
所述移动管理实体根据抽取认证向量中的所述主密钥和所述第三随机数计算中间密钥,利用所述中间密钥对移动管理实体身份标识符、所述临时移动用户识别码和所述初认证第三时间戳进行加密,得到第二加密数据;The mobility management entity calculates an intermediate key based on the master key and the third random number in the extracted authentication vector, and uses the intermediate key to pair the mobility management entity identity identifier, the temporary mobile user identification code and the The third timestamp of the initial authentication is encrypted to obtain the second encrypted data;
所述移动管理实体基于所述抽取认证向量、所述第二加密数据和所述初认证第三时间戳生成所述认证挑战消息并发送给所述车载移动单元。The mobility management entity generates the authentication challenge message based on the extracted authentication vector, the second encrypted data and the initial authentication third timestamp and sends it to the vehicle-mounted mobile unit.
可选的,所述车载移动单元接收所述认证挑战消息,验证所述认证挑战消息中的移动管理实体身份标识符,身份验证通过后进行所述消息认证码的验证,认证码验证通过后生成挑战响应消息并发送给所述移动管理实体,具体包括:Optionally, the vehicle-mounted mobile unit receives the authentication challenge message, verifies the mobile management entity identity identifier in the authentication challenge message, verifies the message authentication code after passing the identity verification, and generates the authentication code after passing the verification. The challenge response message is sent to the mobility management entity, specifically including:
所述车载移动单元接收所述认证挑战消息后,根据所述第三随机数和所述抽取认证向量中的所述主密钥计算所述中间密钥,并利用所述中间密钥对所述第二加密数据进行解密,得到第二解密数据;After receiving the authentication challenge message, the vehicle-mounted mobile unit calculates the intermediate key according to the third random number and the master key in the extracted authentication vector, and uses the intermediate key to Decrypt the second encrypted data to obtain the second decrypted data;
所述车载移动单元检查解密后的初认证第三时间戳的新鲜度,并验证解密后的移动管理实体身份标识的准确性,身份标识验证通过后,根据所述抽取认证向量对应的所述第二中间数据和所述第一随机数计算第二协商密钥;The vehicle-mounted mobile unit checks the freshness of the decrypted third timestamp of the initial authentication, and verifies the accuracy of the decrypted mobile management entity identity. After the identity verification passes, the vehicle-mounted mobile unit checks the third time stamp corresponding to the extracted authentication vector. Calculate the second negotiation key with the two intermediate data and the first random number;
所述车载移动单元根据所述第二协商密钥、所述序列号和所述认证管理域应用所述哈希消息认证码运算计算期望消息认证码,并判断所述消息认证码和所述期望消息认证码是否相等,若所述消息认证码和所述期望消息认证码相等,则所述车载移动单元保存所述临时移动用户识别码和所述抽取认证向量中的所述主密钥;The vehicle-mounted mobile unit applies the hash message authentication code operation to calculate the expected message authentication code according to the second negotiation key, the serial number and the authentication management domain, and determines the message authentication code and the expected message authentication code. Whether the message authentication code is equal, if the message authentication code and the expected message authentication code are equal, then the vehicle-mounted mobile unit saves the temporary mobile user identification code and the master key in the extracted authentication vector;
所述车载移动单元基于所述第二协商密钥和所述抽取认证向量对应的所述第二中间数据计算挑战响应,并基于所述挑战响应生成所述挑战响应消息发送给所述移动管理实体。The vehicle-mounted mobile unit calculates a challenge response based on the second negotiation key and the second intermediate data corresponding to the extracted authentication vector, and generates the challenge response message based on the challenge response and sends it to the mobility management entity .
可选的,所述移动管理实体接收所述挑战响应消息,对比所述挑战响应消息和所述期望响应,对比通过后,生成认证成功消息并发送给所述归属用户服务器;所述归属用户服务器接收所述认证成功消息,更新所述长期共享密钥完成初始化认证,具体包括:Optionally, the mobility management entity receives the challenge response message, compares the challenge response message with the expected response, and after passing the comparison, generates an authentication success message and sends it to the home user server; the home user server Receive the authentication success message, update the long-term shared key to complete initialization authentication, specifically including:
所述移动管理实体接收所述挑战响应消息后,将所述挑战响应与所述抽取认证向量中的所述期望响应进行对比,若所述挑战响应与所述抽取认证向量中的所述期望响应相等,则保存所述临时移动用户识别码,所述移动管理实体和所述车载移动单元认证成功;After receiving the challenge response message, the mobility management entity compares the challenge response with the expected response in the extracted authentication vector. If the challenge response is consistent with the expected response in the extracted authentication vector, If equal, the temporary mobile user identification code is saved, and the mobile management entity and the vehicle-mounted mobile unit are authenticated successfully;
所述移动管理实体从所述认证向量组中删除所述抽取认证向量,并将所述抽取认证向量对应的所述第二中间数据作为所述认证成功消息发送给所述归属用户服务器;The mobility management entity deletes the extracted authentication vector from the authentication vector group, and sends the second intermediate data corresponding to the extracted authentication vector to the home user server as the authentication success message;
所述归属用户服务器接收所述认证成功消息后,将所述长期共享密钥更新为所述抽取认证向量对应的所述第一协商密钥,完成初始化认证。After receiving the authentication success message, the home user server updates the long-term shared key to the first negotiation key corresponding to the extracted authentication vector, and completes the initialization authentication.
可选的,当所述车载移动单元需要与已经完成初始化认证的所述移动管理实体进行再次连接时,所述方法还包括重认证;所述重认证包括:Optionally, when the vehicle-mounted mobile unit needs to reconnect with the mobile management entity that has completed initial authentication, the method also includes re-authentication; the re-authentication includes:
所述车载移动单元从车载移动单元内存中提取所述临时移动用户识别码并生成重认证第一时间戳,基于所述临时移动用户识别码、所述重认证第一时间戳和车载移动单元的私钥应用所述ECDSA签名算法生成重认证签名,并将所述重认证签名和重认证请求消息发送至所述移动管理实体;所述重认证请求消息包括所述临时移动用户识别码和所述重认证第一时间戳;The vehicle-mounted mobile unit extracts the temporary mobile user identification code from the memory of the vehicle-mounted mobile unit and generates a first re-authentication timestamp, based on the temporary mobile user identification code, the first re-authentication timestamp and the vehicle-mounted mobile unit. The private key applies the ECDSA signature algorithm to generate a re-authentication signature, and sends the re-authentication signature and the re-authentication request message to the mobility management entity; the re-authentication request message includes the temporary mobile user identification code and the The first timestamp of re-authentication;
所述移动管理实体接收所述重认证请求消息和所述重认证签名后,进行重认证签名验证,并在重认证签名验证通过后,生成重认证的临时移动用户识别码,基于所述重认证的临时移动用户识别码生成重认证请求响应消息发送至所述车载移动单元;After receiving the re-authentication request message and the re-authentication signature, the mobility management entity performs re-authentication signature verification, and after the re-authentication signature verification passes, generates a temporary mobile user identification code for re-authentication, based on the re-authentication Generate a re-authentication request response message with a temporary mobile subscriber identification code and send it to the vehicle-mounted mobile unit;
所述车载移动单元接收所述重认证请求响应消息后,计算所述挑战响应,并生成重认证响应消息发送至所述移动管理实体;After receiving the re-authentication request response message, the vehicle-mounted mobile unit calculates the challenge response, generates a re-authentication response message and sends it to the mobility management entity;
所述移动管理实体接收所述重认证响应消息后,进行所述挑战响应和所述期望响应的对比,对比通过后则完成所述车载移动单元和所述移动管理实体之间的双向重认证。After receiving the re-authentication response message, the mobility management entity compares the challenge response with the expected response. After the comparison passes, the two-way re-authentication between the vehicle-mounted mobile unit and the mobility management entity is completed.
可选的,当所述车载移动单元需要与其他所述移动管理实体进行连接时,所述方法还包括切换认证;所述切换认证包括:Optionally, when the vehicle-mounted mobile unit needs to connect with other mobility management entities, the method further includes handover authentication; the handover authentication includes:
所述车载移动单元基于切换前的所述移动管理实体的基站标识符、切换认证第一时间戳和从所述车载移动单元内存中提取的所述临时移动用户识别码生成切换认证请求消息并发送至切换后的所述移动管理实体;所述切换后的所述移动管理实体接收所述切换认证请求消息并转发至切换前的所述移动管理实体;The vehicle-mounted mobile unit generates and sends a handover authentication request message based on the base station identifier of the mobility management entity before handover, the handover authentication first timestamp and the temporary mobile user identification code extracted from the memory of the vehicle-mounted mobile unit. To the mobility management entity after handover; the mobility management entity after handover receives the handover authentication request message and forwards it to the mobility management entity before handover;
切换前的所述移动管理实体接收所述切换认证请求消息后,确定所述临时移动用户识别码对应的所述认证向量,并将所述临时移动用户识别码对应的所述认证向量从当前所述认证向量组中删除;应用所述ECDSA签名算法生成切换认证签名,将所述切换认证签名和第一切换认证响应消息发送至所述切换后的所述移动管理实体;所述第一切换认证响应消息包括当前所述认证向量组中的剩余认证向量;After receiving the handover authentication request message, the mobility management entity before handover determines the authentication vector corresponding to the temporary mobile user identification code, and changes the authentication vector corresponding to the temporary mobile user identification code from the current location. Delete from the authentication vector group; apply the ECDSA signature algorithm to generate a handover authentication signature, and send the handover authentication signature and the first handover authentication response message to the mobility management entity after the handover; the first handover authentication The response message includes the remaining authentication vectors in the current authentication vector group;
所述切换后的所述移动管理实体接收所述切换认证签名和所述第一切换认证响应消息后,进行切换认证签名验证,并在切换认证签名验证通过后,生成切换认证的临时移动用户识别码,并基于所述切换认证的临时移动用户识别码生成第二切换认证响应消息发送给所述车载移动单元;After the mobile management entity after the handover receives the handover authentication signature and the first handover authentication response message, it performs handover authentication signature verification, and after the handover authentication signature verification passes, generates a temporary mobile user identification for handover authentication. code, and generate a second handover authentication response message based on the temporary mobile user identification code for handover authentication and send it to the vehicle-mounted mobile unit;
所述车载移动单元接收所述第二切换认证响应消息后,计算所述挑战响应并向所述切换后的所述移动管理实体发送切换挑战响应消息;After receiving the second handover authentication response message, the vehicle-mounted mobile unit calculates the challenge response and sends a handover challenge response message to the mobility management entity after the handover;
所述切换后的所述移动管理实体接收所述切换挑战响应消息后,进行所述挑战响应和所述期望响应的对比,对比通过后则完成所述车载移动单元和所述切换后的所述移动管理实体之间的双向切换认证。After the mobile management entity after the handover receives the handover challenge response message, it compares the challenge response with the expected response. After the comparison is passed, the vehicle-mounted mobile unit and the handover after the handover are completed. Bidirectional handover authentication between mobility management entities.
本发明还提供一种基于ECDSA签名算法的身份认证系统,所述系统包括初始化认证子系统;所述初始化认证子系统包括:The present invention also provides an identity authentication system based on the ECDSA signature algorithm. The system includes an initialization authentication subsystem; the initialization authentication subsystem includes:
接入认证消息发送模块,用于车载移动单元利用归属用户服务器的公钥对IMSI、车载移动单元身份标识符和所述车载移动单元获取的基站标识符进行加密并生成接入认证消息;所述归属用户服务器的公钥和所述IMSI为所述车载移动单元的USIM卡注册过程中存储在USIM卡中的安全参数;The access authentication message sending module is used for the vehicle-mounted mobile unit to use the public key of the home user server to encrypt the IMSI, the vehicle-mounted mobile unit identity identifier and the base station identifier obtained by the vehicle-mounted mobile unit and generate an access authentication message; The public key of the home user server and the IMSI are the security parameters stored in the USIM card during the USIM card registration process of the vehicle-mounted mobile unit;
认证向量请求消息发送模块,用于移动管理实体接收所述接入认证消息,基于所述接入认证消息、网络服务号和所述移动管理实体获取的基站标识符向所述归属用户服务器发送认证向量请求消息;An authentication vector request message sending module, configured for the mobility management entity to receive the access authentication message, and send authentication to the home user server based on the access authentication message, the network service number and the base station identifier obtained by the mobility management entity. vector request message;
认证向量响应消息发送模块,用于所述归属用户服务器接收所述认证向量请求消息,验证所述认证向量请求消息的准确性,在消息验证通过后生成认证向量组并基于归属用户服务器的私钥应用ECDSA签名算法生成初认证签名,将所述初认证签名和认证向量响应消息发送给所述移动管理实体;所述认证向量响应消息包括所述认证向量组;所述认证向量组中包括多个认证向量;每一所述认证向量包括消息认证码、匿名性密钥、主密钥、认证令牌和期望响应;Authentication vector response message sending module, used for the home user server to receive the authentication vector request message, verify the accuracy of the authentication vector request message, and generate an authentication vector group based on the private key of the home user server after the message is verified. Apply the ECDSA signature algorithm to generate an initial authentication signature, and send the initial authentication signature and an authentication vector response message to the mobile management entity; the authentication vector response message includes the authentication vector group; the authentication vector group includes multiple Authentication vectors; each of the authentication vectors includes a message authentication code, an anonymity key, a master key, an authentication token, and an expected response;
认证挑战消息发送模块,用于所述移动管理实体接收所述认证向量响应消息和所述初认证签名,对所述初认证签名进行签名验证,在初认证签名验证通过后,生成临时移动用户识别码,基于所述认证向量组和所述临时移动用户识别码生成认证挑战消息并发送给所述车载移动单元;An authentication challenge message sending module, configured for the mobile management entity to receive the authentication vector response message and the initial authentication signature, perform signature verification on the initial authentication signature, and generate a temporary mobile user identification after the initial authentication signature is verified. code, generate an authentication challenge message based on the authentication vector group and the temporary mobile user identification code and send it to the vehicle-mounted mobile unit;
挑战响应消息发送模块,用于所述车载移动单元接收所述认证挑战消息,验证所述认证挑战消息中的移动管理实体身份标识符,身份验证通过后进行所述消息认证码的验证,认证码验证通过后生成挑战响应消息并发送给所述移动管理实体;Challenge response message sending module, used for the vehicle-mounted mobile unit to receive the authentication challenge message, verify the mobile management entity identity identifier in the authentication challenge message, and verify the message authentication code after the identity verification is passed. The authentication code After passing the verification, generate a challenge response message and send it to the mobility management entity;
认证成功消息发送模块,用于所述移动管理实体接收所述挑战响应消息,对比所述挑战响应消息和所述期望响应,对比通过后,生成认证成功消息并发送给所述归属用户服务器;所述归属用户服务器接收所述认证成功消息,更新长期共享密钥完成初始化认证。An authentication success message sending module, configured for the mobility management entity to receive the challenge response message, compare the challenge response message with the expected response, and after passing the comparison, generate an authentication success message and send it to the home user server; The home user server receives the authentication success message, updates the long-term shared key, and completes the initialization authentication.
本发明还提供一种电子设备,包括存储器及处理器,存储器用于存储计算机程序,处理器运行计算机程序以使电子设备执行基于ECDSA签名算法的身份认证方法。The invention also provides an electronic device, including a memory and a processor. The memory is used to store a computer program. The processor runs the computer program to enable the electronic device to execute an identity authentication method based on the ECDSA signature algorithm.
根据本发明提供的具体实施例,本发明公开了以下技术效果:According to the specific embodiments provided by the present invention, the present invention discloses the following technical effects:
本发明提供的一种基于ECDSA签名算法的身份认证方法、系统及设备,使用了ECDSA签名算法,可以用于确认通信双方的身份信息和证明其所持有的公钥是否有效,从而确保认证信道的安全性。本发明使用HSS的公钥对敏感信息IMSI、LAI进行加密,使之在传输过程中都不以明文的形式传输,有效的保证了敏感信息的机密性。在认证过程中,OBU与HSS之间的长期共享密钥会在每次认证成功后进行更新,可以很好地抵御重放攻击、保证前向安全性等攻击,因此本发明相较于目前现有的协议,更具有安全特征。The invention provides an identity authentication method, system and equipment based on the ECDSA signature algorithm, which uses the ECDSA signature algorithm and can be used to confirm the identity information of both communicating parties and prove whether the public keys they hold are valid, thereby ensuring the authentication channel. security. The present invention uses the public key of the HSS to encrypt the sensitive information IMSI and LAI so that they are not transmitted in plain text during the transmission process, effectively ensuring the confidentiality of the sensitive information. During the authentication process, the long-term shared key between the OBU and HSS will be updated after each successful authentication, which can well resist replay attacks and ensure forward security. Therefore, compared with the current Some protocols have more security features.
附图说明Description of the drawings
为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。In order to explain the embodiments of the present invention or the technical solutions in the prior art more clearly, the drawings needed to be used in the embodiments will be briefly introduced below. Obviously, the drawings in the following description are only some of the drawings of the present invention. Embodiments, for those of ordinary skill in the art, other drawings can also be obtained based on these drawings without exerting creative efforts.
图1为本发明实施例1提供的轨道交通LTE-R下基于ECDSA签名算法的身份认证完整流程图;Figure 1 is a complete flow chart of identity authentication based on the ECDSA signature algorithm under rail transit LTE-R provided in Embodiment 1 of the present invention;
图2为本发明实施例1提供的初始化认证的详细认证过程图;Figure 2 is a detailed authentication process diagram of initialization authentication provided by Embodiment 1 of the present invention;
图3为本发明实施例1提供的重认证的详细认证过程图;Figure 3 is a detailed authentication process diagram of re-authentication provided by Embodiment 1 of the present invention;
图4为本发明实施例1提供的切换认证的详细认证过程图。Figure 4 is a detailed authentication process diagram of handover authentication provided by Embodiment 1 of the present invention.
具体实施方式Detailed ways
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some of the embodiments of the present invention, rather than all the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative efforts fall within the scope of protection of the present invention.
LTE-R认证协议中还存在以下问题:(1)车辆移动速度快,导致连接的不稳定性;(2)车辆密集会导致信号塔的通信负荷增大,从而影响身份认证协议的效率。There are also the following problems in the LTE-R authentication protocol: (1) Vehicles move quickly, causing connection instability; (2) Dense vehicles will increase the communication load of the signal tower, thus affecting the efficiency of the identity authentication protocol.
对此,本发明的目的是提供一种基于ECDSA签名算法的身份认证方法、系统及设备,可使用ECDSA签名算法,为LTE-R提供更加高可靠、高效率的数据通信与身份认证,为铁路行业提供了更安全、更全面、更智能的通信服务,另外还能够提高连接的稳定性和降低LTE-R网络的通信负担。In this regard, the purpose of the present invention is to provide an identity authentication method, system and device based on the ECDSA signature algorithm. The ECDSA signature algorithm can be used to provide more reliable and efficient data communication and identity authentication for LTE-R, and to provide railways with more reliable and efficient data communication and identity authentication. The industry provides safer, more comprehensive and smarter communication services, which can also improve the stability of connections and reduce the communication burden of LTE-R networks.
为使本发明的上述目的、特征和优点能够更加明显易懂,下面结合附图和具体实施方式对本发明作进一步详细的说明。In order to make the above objects, features and advantages of the present invention more obvious and understandable, the present invention will be described in further detail below with reference to the accompanying drawings and specific embodiments.
实施例1Example 1
本实施例提供一种基于ECDSA签名算法的身份认证方法,如图1所示,所述方法包括初始化认证。身份认证方法的执行主体包括:车载移动单元OBU、移动管理实体MME和归属用户服务器HSS。eNodeB为Evolved Node B,中文译为“演进型NodeB”,是LTE中基站的名称。This embodiment provides an identity authentication method based on the ECDSA signature algorithm. As shown in Figure 1, the method includes initialization authentication. The execution subjects of the identity authentication method include: vehicle-mounted mobile unit OBU, mobility management entity MME and home user server HSS. eNodeB is Evolved Node B, which is translated as "evolved NodeB" in Chinese. It is the name of the base station in LTE.
(一)全球用户识别卡注册:(1) Global Subscriber Identity Card Registration:
在进行初始化认证之前需要进行USIM卡注册:USIM card registration is required before initial authentication:
车载移动单元OBU在接入移动管理实体MME之前需要先申请注册LTE-R中专用的全球用户识别卡USIM卡,选取作为OBU的私钥,/>作为OBU的公钥,同理选取/>作为HSS的私钥,/>作为HSS的公钥。在完成身份注册后,公开车载移动单元OBU的公钥Upb和归属用户服务器HSS的公钥Hpb,并在USIM卡中存储安全参数,包括:国际移动用户识别码IMSI、车载移动单元OBU的公钥Upb和私钥Upr、移动管理实体HSS的公钥Hpb和私钥Hpr、车载移动单元OBU与归属用户服务器HSS之间的长期共享密钥K和ECDSA签名算法中椭圆曲线中涉及的相关变量,而后将USIM卡安装在OBU上。其中,ECDSA签名算法中椭圆曲线中涉及的相关变量包括椭圆曲线的基点和数域;椭圆曲线的数域指满足椭圆曲线方程的点组成的值域。The vehicle-mounted mobile unit OBU needs to apply for registration of the dedicated global subscriber identity card USIM card in LTE-R before accessing the mobile management entity MME. Select As the private key of OBU,/> As the public key of OBU, select it in the same way/> As the private key of HSS,/> As the public key of HSS. After completing the identity registration, the public key Upb of the vehicle-mounted mobile unit OBU and the public key Hpb of the home user server HSS are disclosed, and the security parameters are stored in the USIM card, including: International Mobile Subscriber Identity IMSI, the vehicle-mounted mobile unit OBU's public key H pb The public key Upb and the private key Upr , the public key Hpb and the private key Hpr of the mobility management entity HSS, the long-term shared key K between the on-board mobile unit OBU and the home user server HSS, and the elliptic curve in the ECDSA signature algorithm The relevant variables involved, and then install the USIM card on the OBU. Among them, the relevant variables involved in the elliptic curve in the ECDSA signature algorithm include the base points and number fields of the elliptic curve; the number field of the elliptic curve refers to the value range composed of points that satisfy the elliptic curve equation.
(二)初始化认证:当OBU首次接入网络时需要执行初始化接入阶段。(2) Initialization authentication: When the OBU accesses the network for the first time, it needs to perform the initialization access phase.
具体的,如图2所示,初始化认证具体包括:Specifically, as shown in Figure 2, initialization authentication specifically includes:
(1)车载移动单元利用归属用户服务器的公钥对IMSI、车载移动单元身份标识符和所述车载移动单元获取的基站标识符进行加密并生成接入认证消息。该步骤具体包括:(1) The vehicle-mounted mobile unit uses the public key of the home user server to encrypt the IMSI, the vehicle-mounted mobile unit identity identifier, and the base station identifier obtained by the vehicle-mounted mobile unit and generate an access authentication message. This step specifically includes:
OBU首次接入MME时,会先收到MME生成的一个第三随机数,以及身份标识符/>。接着自身选取一个第一随机数/>,其中,/>表示椭圆曲线的数域,并且确定初认证第一时间戳T1,选择需要接入的目标归属用户服务器身份标识符IDHSS,计算第一中间数据/>与第一哈希数据/>,H2表示输出64比特的哈希消息认证码运算;IDOBU表示车载移动单元身份标识符;P表示椭圆曲线的基点。而后,使用HSS的公钥Hpb对国际移动用户识别码IMSI、车载移动单元身份标识符IDOBU、车载移动单元获取的基站标识符LAI以及计算得到第一中间数据A进行加密,用Q表示,生成接入认证消息M1:{O,Q,T1},通过无线的安全信道发送给移动管理实体MME。When the OBU accesses the MME for the first time, it will first receive a third random number generated by the MME. , and the identifier/> . Then select a first random number/> , where,/> represents the number field of the elliptic curve, and determines the first timestamp T1 of the initial authentication, selects the identity identifier IDHSS of the target home user server that needs to be accessed, and calculates the first intermediate data/> with first hash data/> , H2 represents the output 64-bit hash message authentication code operation; IDOBU represents the on-board mobile unit identity identifier; P represents the base point of the elliptic curve. Then, the public key Hpb of the HSS is used to encrypt the international mobile subscriber identity IMSI, the vehicle-mounted mobile unit identity identifier IDOBU , the base station identifier LAI obtained by the vehicle-mounted mobile unit, and the calculated first intermediate data A, represented by Q, The access authentication message M1 :{O, Q, T1 } is generated and sent to the mobility management entity MME through the wireless secure channel.
(2)移动管理实体MME接收所述接入认证消息,基于所述接入认证消息、网络服务号和所述移动管理实体获取的基站标识符LAI’向所述归属用户服务器发送认证向量请求消息。(2) The mobility management entity MME receives the access authentication message, and sends an authentication vector request message to the home user server based on the access authentication message, network service number and base station identifier LAI' obtained by the mobility management entity. .
当移动管理实体MME收到接入认证消息M1后,先检查初认证第一时间戳T1的新鲜度,接着检查选择接入的归属用户服务器HSS是否存在;获取与移动管理实体MME关联的基站标识符LAI’与网络服务号SNID,将基站标识符LAI’、网络服务号SNID与接入认证消息M1进行串联生成认证向量请求消息M2:{M1,LAI’,SNID},通过无线的安全信道发送给归属用户服务器HSS。When the mobility management entity MME receives the access authentication message M1 , it first checks the freshness of the first timestamp T1 of the initial authentication, and then checks whether the home user server HSS selected for access exists; obtains the information associated with the mobility management entity MME The base station identifier LAI' and the network service number SNID are concatenated with the base station identifier LAI', the network service number SNID and the access authentication message M1 to generate the authentication vector request message M2 : {M1 , LAI', SNID}, through The wireless security channel is sent to the home user server HSS.
(3)所述归属用户服务器接收所述认证向量请求消息,验证所述认证向量请求消息的准确性,在消息验证通过后生成认证向量组并基于归属用户服务器的私钥应用ECDSA签名算法生成初认证签名,将所述初认证签名和认证向量响应消息发送给所述移动管理实体;所述认证向量响应消息包括所述认证向量组;认证向量组中包括多个认证向量;每一所述认证向量包括消息认证码、匿名性密钥、主密钥、认证令牌和期望响应。具体包括:(3) The home user server receives the authentication vector request message, verifies the accuracy of the authentication vector request message, generates an authentication vector group after the message is verified and applies the ECDSA signature algorithm based on the private key of the home user server to generate an initial Authentication signature, sending the initial authentication signature and authentication vector response message to the mobility management entity; the authentication vector response message includes the authentication vector group; the authentication vector group includes multiple authentication vectors; each of the authentication vectors The vector includes the message authentication code, anonymity key, master key, authentication token, and expected response. Specifically include:
1)所述归属用户服务器HSS接收所述认证向量请求消息M2后,验证所述网络服务号是否正确,若所述网络服务号不正确,则终止会话;若所述网络服务号正确,则利用所述归属用户服务器的私钥Hpr对第一加密数据Q进行解密,得到第一解密数据;所述第一解密数据包括解密的IMSI、解密的第一中间数据A、解密的车载移动单元身份标识符IDOBU和解密的基站标识LAI;1) After receiving the authentication vector request messageM2 , the home user server HSS verifies whether the network service number is correct. If the network service number is incorrect, terminate the session; if the network service number is correct, then Decrypt the first encrypted data Q using the private key Hpr belonging to the user server to obtain the first decrypted data ;The first decrypted data includes decrypted IMSI, decrypted first intermediate data A, decrypted vehicle-mounted mobile unit identity identifier IDOBU and decrypted base station identification LAI;
2)所述归属用户服务器利用所述解密的车载移动单元身份标识符验证所述车载移动单元的身份,并检查所述解密的基站标识LAI与所述移动管理实体获取的基站标识符LAI’是否匹配。2) The home user server uses the decrypted vehicle-mounted mobile unit identity identifier to verify the identity of the vehicle-mounted mobile unit, and checks whether the decrypted base station identifier LAI is the same as the base station identifier LAI' obtained by the mobility management entity. match.
3)若所述车载移动单元的身份验证通过,且所述解密的基站标识与所述移动管理实体获取的基站标识符匹配,则所述归属用户服务器根据所述解密的IMSI确定所述长期共享密钥K;若身份验证未通过或基站标识符匹配未通过则终止会话。3) If the identity verification of the vehicle-mounted mobile unit passes, and the decrypted base station identifier matches the base station identifier obtained by the mobility management entity, the home user server determines the long-term sharing based on the decrypted IMSI. Key K; if the authentication fails or the base station identifier fails to match, the session is terminated.
4)所述归属用户服务器基于所述长期共享密钥、解密的第一中间数据、解密的车载移动单元身份标识符、所述目标归属用户服务器身份标识符和所述初认证第一时间戳计算第二哈希数据,并判断所述第一哈希数据O和所述第二哈希数据XO是否相等;以此来检查认证向量请求消息M2的准确性,若不相等,则终止会话。4) The home user server calculates based on the long-term shared key, the decrypted first intermediate data, the decrypted vehicle mobile unit identity identifier, the target home user server identity identifier and the initial authentication first timestamp. Second hash data , and determine whether the first hash data O and the second hash data XO are equal; use this to check the accuracy of the authentication vector request messageM2 , and if they are not equal, terminate the session.
5)若所述第一哈希数据和所述第二哈希数据相等,则所述归属用户服务器确定初认证第二时间戳并随机选取多个第二随机数,记为b(i),i=1,2,...,n;将每一所述第二随机数分别与所述椭圆曲线的基点计算,得到多个第二中间数据以及多个第一协商密钥/>;对每一个所述第二随机数,将对应的第二中间数据B(i)、所述解密的IMSI、所述网络服务号SNID、对应的所述第一协商密钥KUH(i)、序列号SQN、认证管理域AMF作为输入,利用所述哈希消息认证码运算计算得到所述消息认证码、所述匿名性密钥/>、所述主密钥、所述认证令牌和所述期望响应/>;H1表示输出128比特的哈希消息认证码运算、H2表示输出64比特的哈希消息认证码运算、H3表示输出48比特的哈希消息认证码运算、H4表示输出256比特的哈希消息认证码运算。5) If the first hash data and the second hash data are equal, the home user server determines the second timestamp of the initial authentication and randomly selects a plurality of second random numbers, denoted as b(i), i=1, 2,...,n; calculate each second random number with the base point of the elliptic curve respectively to obtain a plurality of second intermediate data and multiple first negotiation keys/> ; For each second random number, combine the corresponding second intermediate data B(i), the decrypted IMSI, the network service number SNID, and the corresponding first negotiation key KUH (i) , serial number SQN, and authentication management domain AMF as input, the message authentication code is calculated using the hash message authentication code operation. , the anonymity key/> , the master key , the authentication token and the desired response/> ; H1 represents the output of the 128-bit hash message authentication code operation, H2 represents the output of the 64-bit hash message authentication code operation, H3 represents the output of the 48-bit hash message authentication code operation, and H4 represents the output of the 256-bit hash message authentication code operation. Hash message authentication code operation.
6)所述归属用户服务器将所述消息认证码MAC(i)、所述匿名性密钥AK(i)、所述主密钥KASME(i)、所述认证令牌AUTN(i)和所述期望响应XRES(i)组成一个认证向量,得到包括多个所述认证向量的所述认证向量组AV。6) The home user server uses the message authentication code MAC(i), the anonymity key AK(i), the master key KASME (i), the authentication token AUTN(i) and The expected response XRES(i) constitutes an authentication vector, and the authentication vector group AV including multiple authentication vectors is obtained.
7)所述归属用户服务器从多个所述第二随机数中选取一个随机数,根据选取的第二随机数b、所述椭圆曲线的基点P、所述初认证第二时间戳T2和所述选取的第二随机数对应的所述认证向量AV(i)以及所述归属用户服务器的私钥Hpr应用所述ECDSA签名算法生成所述初认证签名,即计算,,生成初认证签名/>。其中,mod()表示取模;q表示椭圆曲线中的大素数。所述归属用户服务器将认证向量响应消息M3:{认证向量组AV,T2}与初认证签名SigH,通过无线的安全信道发送给移动管理实体MME。7) The home user server selects a random number from a plurality of second random numbers, based on the selected second random number b, the base point P of the elliptic curve, the initial authentication second timestamp T2 and The authentication vector AV(i) corresponding to the selected second random number and the private key Hpr of the home user server apply the ECDSA signature algorithm to generate the initial authentication signature, that is, calculate , , generate initial authentication signature/> . Among them, mod() represents the modulus; q represents the large prime number in the elliptic curve. The home user server sends the authentication vector response message M3 :{authentication vector group AV, T2 } and the initial authentication signature SigH to the mobility management entity MME through the wireless secure channel.
(4)所述移动管理实体接收所述认证向量响应消息M3,对所述初认证签名SigH进行签名验证,在初认证签名验证通过后,生成临时移动用户识别码,基于所述认证向量组和所述临时移动用户识别码生成认证挑战消息并发送给所述车载移动单元。(4) The mobile management entity receives the authentication vector response message M3 , performs signature verification on the initial authentication signature SigH, and after passing the initial authentication signature verification, generates a temporary mobile user identification code based on the authentication vector group and the temporary mobile subscriber identification code to generate an authentication challenge message and send it to the vehicle-mounted mobile unit.
当移动管理实体MME收到接入认证向量响应消息M3与初认证签名SigH后,先检查初认证第二时间戳T2的新鲜度,并进行初认证签名验证,计算,,/>,/>,验证等式/>,若不相等,则终止会话;否则(初认证签名验证通过),将收到的认证向量组AV存入自身数据库,再随机抽取出一组认证向量;接着移动管理实体MME会为车载移动单元OBU生成临时移动用户识别码/>和初认证第三时间戳T3,根据抽取出的认证向量AV(i)中的所述主密钥KASME(i)和所述第三随机数Ra计算中间密钥,利用所述中间密钥KM对移动管理实体身份标识符IDMME、所述临时移动用户识别码TMSI和所述初认证第三时间戳T3进行加密,得到第二加密数据,而后将抽取的认证向量AV(i)与初认证第三时间戳T3、第二加密数据INF进行串联生成认证挑战消息M4:{抽取的认证向量AV(i),INF,T3},通过无线的安全信道发送给车载移动单元OBU。When the mobility management entity MME receives the access authentication vector response messageM3 and the initial authentication signature SigH, it first checks the freshness of the second timestampT2 of the initial authentication, and performs initial authentication signature verification, and calculates , ,/> ,/> , verify the equation/> , if not equal, terminate the session; otherwise (the initial authentication signature verification is passed), store the received authentication vector group AV in its own database, and then randomly extract a group of authentication vectors; then the mobile management entity MME will provide the vehicle-mounted mobile unit with OBU generates temporary mobile subscriber identification code/> and the third timestamp T3 of initial authentication, calculate the intermediate key according to the master key KASME (i) and the third random number Ra in the extracted authentication vector AV(i) , using the intermediate key KM to encrypt the mobility management entity identity identifier IDMME , the temporary mobile subscriber identity code TMSI and the third initial authentication timestamp T3 to obtain the second encrypted data , and then concatenate the extracted authentication vector AV(i) with the third timestamp T3 of the initial authentication and the second encrypted data INF to generate the authentication challenge message M4 : {Extracted authentication vector AV(i), INF, T3 } , sent to the vehicle-mounted mobile unit OBU through the wireless secure channel.
(5)所述车载移动单元接收所述认证挑战消息,验证所述认证挑战消息中的移动管理实体身份标识符,身份验证通过后进行所述消息认证码的验证,认证码验证通过后生成挑战响应消息并发送给所述移动管理实体。(5) The vehicle-mounted mobile unit receives the authentication challenge message, verifies the mobile management entity identity identifier in the authentication challenge message, verifies the message authentication code after passing the identity verification, and generates a challenge after passing the authentication code verification. The response message is sent to the mobility management entity.
当车载移动单元OBU收到认证挑战消息M4后,先根据第三随机数Ra和所述抽取认证向量中的所述主密钥KASME(i)计算中间密钥,并利用所述中间密钥对第二加密数据INF进行解密,得到第二解密数据,/>;检查初认证第三时间戳T3的新鲜度,并验证解密后的移动管理实体身份标识的准确性(即判断解密的IDMME是否等于步骤(1)中收到的/>),若不相等,则终止会话;否则身份标识验证通过,接着根据所述抽取认证向量对应的所述第二中间数据和所述第一随机数计算OBU与HSS之间的第二协商密钥/>,根据所述第二协商密钥、所述序列号和所述认证管理域计算期望消息认证码/>,检查XMAC(i)是否等于消息认证码MAC(i),若不相等,则终止会话;否则,车载移动单元OBU保存临时移动用户识别码TMSI以及抽取认证向量中的所述主密钥KASME(i),基于所述第二协商密钥和所述抽取认证向量对应的所述第二中间数据生成挑战响应/>,以此作为挑战响应消息M5:{RES(i)},通过无线的安全信道发送给移动管理实体MME。When the on-board mobile unit OBU receives the authentication challenge messageM4 , it first calculates the intermediate key based on the third random number Ra and the master key KASME (i) in the extracted authentication vector. , and use the intermediate key to decrypt the second encrypted data INF to obtain the second decrypted data,/> ;Check the freshness of the third timestamp T3 of the initial authentication, and verify the accuracy of the decrypted mobile management entity identity (that is, determine whether the decrypted IDMME is equal to the received in step (1)/> ), if not equal, terminate the session; otherwise, the identity verification passes, and then calculate the second negotiation key between the OBU and the HSS based on the second intermediate data corresponding to the extracted authentication vector and the first random number. /> , calculate the expected message authentication code based on the second negotiation key, the sequence number and the authentication management domain/> , check whether XMAC(i) is equal to the message authentication code MAC(i), if not, terminate the session; otherwise, the on-board mobile unit OBU saves the temporary mobile subscriber identity code TMSI and the master key KASME extracted from the authentication vector (i), generate a challenge response based on the second negotiation key and the second intermediate data corresponding to the extracted authentication vector/> , which is used as the challenge response message M5 :{RES(i)} and is sent to the mobility management entity MME through the wireless secure channel.
(6)所述移动管理实体接收所述挑战响应消息M5,对比所述挑战响应消息和所述期望响应,对比通过后,生成认证成功消息并发送给所述归属用户服务器;所述归属用户服务器接收所述认证成功消息,更新长期共享密钥完成初始化认证。(6) The mobility management entity receives the challenge response message M5 , compares the challenge response message with the expected response, and after passing the comparison, generates an authentication success message and sends it to the home user server; the home user The server receives the authentication success message, updates the long-term shared key, and completes the initial authentication.
当移动管理实体MME收到挑战响应消息M5后,将所述挑战响应与所述抽取认证向量中的所述期望响应进行对比,若不相同,则终止会话;否则保存临时移动用户识别码TMSI,移动管理实体MME与车载移动单元OBU之间认证成功。随后,删除提取到的认证向量,更新认证向量组AV。将提取到的认证向量对应的第二中间数据B(i)作为认证成功消息M6:{B(i)},通过无线的安全信道发送给归属用户服务器HSS。When the mobility management entity MME receives the challenge response messageM5 , it compares the challenge response with the expected response in the extracted authentication vector. If they are not the same, the session is terminated; otherwise, the temporary mobile subscriber identity code TMSI is saved. , the authentication between the mobility management entity MME and the on-board mobile unit OBU is successful. Subsequently, the extracted authentication vector is deleted and the authentication vector group AV is updated. The second intermediate data B(i) corresponding to the extracted authentication vector is sent as the authentication success message M6 :{B(i)} to the home user server HSS through the wireless secure channel.
当归属用户服务器HSS收到认证成功消息M6后,将归属用户服务器HSS与车载移动单元OBU之间的长期密钥K更新成抽取认证向量对应的第一协商KUH(i),即完成初始化认证,车载移动单元OBU可以与移动管理实体MME之间进行通信。When the home user server HSS receives the authentication success message M6 , it updates the long-term key K between the home user server HSS and the on-board mobile unit OBU to the first negotiation KUH (i) corresponding to the extracted authentication vector, that is, the initialization is completed After authentication, the on-board mobile unit OBU can communicate with the mobility management entity MME.
(三)重认证阶段:当OBU发生位置变化需要重新请求接入网络时,进行重认证。如图3所示,所述重认证包括:(3) Re-authentication stage: When the OBU changes location and needs to re-request access to the network, re-authentication is performed. As shown in Figure 3, the re-authentication includes:
(a)所述车载移动单元OBU从车载移动单元内存中提取所述临时移动用户识别码TMSI并生成重认证第一时间戳,基于所述临时移动用户识别码、所述重认证第一时间戳和车载移动单元的私钥Upr应用所述ECDSA签名算法生成重认证签名,并将所述重认证签名和重认证请求消息发送至所述移动管理实体。所述重认证请求消息包括所述临时移动用户识别码和所述重认证第一时间戳。(a) The on-board mobile unit OBU extracts the temporary mobile subscriber identity code TMSI from the on-board mobile unit memory and generates the first re-authentication timestamp , based on the temporary mobile user identification code and the first re-authentication timestamp Apply the ECDSA signature algorithm to the private key Upr of the vehicle-mounted mobile unit to generate a re-authentication signature, and send the re-authentication signature and the re-authentication request message to the mobility management entity. The re-authentication request message includes the temporary mobile subscriber identification code and the first re-authentication timestamp.
车载移动单元OBU从内存中提取TMSI并生成重认证第一时间戳,从所述椭圆曲线的数域中选取第四随机数/>,计算/>,/>,,/>,生成重认证签名/>,将重认证请求消息N1:{TMSI,/>}和重认证签名SigU,通过无线的安全信道发送给移动管理实体MME。The on-board mobile unit OBU extracts the TMSI from the memory and generates the first re-authentication timestamp. , select the fourth random number/> from the number field of the elliptic curve , calculate/> ,/> , ,/> , generate a re-authentication signature/> , convert the re-authentication request message N1 : {TMSI,/> } and the re-authentication signature SigU are sent to the mobility management entity MME through the wireless secure channel.
(b)所述移动管理实体接收所述重认证请求消息和所述重认证签名后,进行重认证签名验证,并在重认证签名验证通过后,生成重认证的临时移动用户识别码,基于所述重认证的临时移动用户识别码生成重认证请求响应消息发送至所述车载移动单元。(b) After receiving the re-authentication request message and the re-authentication signature, the mobility management entity performs re-authentication signature verification, and after the re-authentication signature verification passes, generates a re-authentication temporary mobile user identification code, based on the re-authentication signature. The re-authentication temporary mobile subscriber identification code generates a re-authentication request response message and sends it to the vehicle-mounted mobile unit.
当移动管理实体MME收到重认证请求消息N1与重认证签名SigU后,先检查重认证第一时间戳的新鲜度,进行重认证签名验证,计算,/>,,验证等式/>,若不相等,则终止会话;否则,通过IMSI搜索出对应的认证向量组,若不存在,执行(一)初认证过程;从搜索到的所述认证向量组抽取出一组认证向量AV(i),从所述椭圆曲线的数域中选取生成第五随机数/>并确定重认证第二时间戳/>,基于IMSI和所述第五随机数为OBU生成重认证的临时移动用户识别码/>,保存抽取出的认证向量中的主密钥KASME(i)和期望响应XRES(i),将抽取出的认证向量对应的第二中间数据B(i)和消息验证码MAC(i)进行串联生成重认证请求响应N2:{B(i),MAC(i),/>,/>},通过无线的安全信道发送给车载移动单元OBU。When the mobility management entity MME receives the re-authentication request message N1 and the re-authentication signature SigU, it first checks the first re-authentication timestamp. freshness, perform re-authentication signature verification, and calculate ,/> , , verify the equation/> , if not equal, terminate the session; otherwise, search for the corresponding authentication vector group through IMSI. If it does not exist, perform (1) initial authentication process; extract a set of authentication vectors AV from the searched authentication vector group ( i), select and generate a fifth random number from the number field of the elliptic curve/> And determine the second timestamp of re-authentication/> , generate a re-authentication temporary mobile subscriber identification code for the OBU based on the IMSI and the fifth random number/> , save the master key KASME (i) and the expected response XRES (i) in the extracted authentication vector, and perform the second intermediate data B (i) and message verification code MAC (i) corresponding to the extracted authentication vector. Generate re-authentication request response N2 in series: {B(i), MAC(i),/> ,/> }, sent to the on-board mobile unit OBU through the wireless secure channel.
(c)所述车载移动单元接收所述重认证请求响应消息后,计算所述挑战响应,并生成重认证响应消息发送至所述移动管理实体;(c) After receiving the re-authentication request response message, the vehicle-mounted mobile unit calculates the challenge response, generates a re-authentication response message and sends it to the mobility management entity;
当车载移动单元OBU收到重认证请求响应消息N2后,先检查重认证第二时间戳的新鲜度,计算车载移动单元OBU与归属用户服务器HSS之间的第二协商密钥,生成期望消息认证码/>,检查XMAC(i)是否等于MAC(i),若不相等,则终止会话;否则,车载移动单元OBU与移动管理实体MME认证成功;保存重认证的临时移动用户识别码,接着生成挑战响应/>,以此作为重认证响应消息N3:{RES(i)},通过无线的安全信道发送给移动管理实体MME。When the on-board mobile unit OBU receives the re-authentication request response message N2 , it first checks the second re-authentication timestamp. freshness, calculate the second negotiation key between the on-board mobile unit OBU and the home user server HSS , generate the expected message authentication code/> , check whether XMAC(i) is equal to MAC(i), if not, terminate the session; otherwise, the on-board mobile unit OBU and the mobile management entity MME are successfully authenticated; save the temporary mobile user identification code for re-authentication, and then generate a challenge response/ > , which is used as the re-authentication response message N3 :{RES(i)} and is sent to the mobility management entity MME through the wireless secure channel.
(d)所述移动管理实体接收所述重认证响应消息后,进行所述挑战响应和所述期望响应的对比,对比通过后则完成所述车载移动单元和所述移动管理实体之间的双向重认证。(d) After receiving the re-authentication response message, the mobility management entity compares the challenge response with the expected response. After the comparison is passed, the two-way communication between the vehicle-mounted mobile unit and the mobility management entity is completed. Reauthentication.
当移动管理实体MME收到重认证响应消息N3后,将挑战响应与步骤(b)中提取的认证向量中的期望响应XRES(i)进行对比,若不相同,则终止会话;否则,移动管理实体MME与归属用户服务器OBU认证成功,同样保存重认证的临时移动用户识别码。随后,删除步骤(b)中提取到的认证向量,更新认证向量组AV,即完成了OBU与MME之间的双向重认证。When the mobile management entity MME receives the re-authentication response message N3 , it compares the challenge response with the expected response XRES(i) in the authentication vector extracted in step (b). If they are not the same, the session is terminated; otherwise, the mobile The management entity MME and the home user server OBU are authenticated successfully, and the temporary mobile user identification code for re-authentication is also saved. . Subsequently, the authentication vector extracted in step (b) is deleted and the authentication vector group AV is updated, that is, the two-way re-authentication between the OBU and the MME is completed.
(四)切换认证:当OBU移动至旧MME0与新MMEn的交界处时,即当所述车载移动单元需要与其他所述移动管理实体进行连接时,所述方法还包括切换认证;所述切换认证包括:(4) Handover authentication: When the OBU moves to the junction of the old MME0 and the new MMEn , that is, when the vehicle-mounted mobile unit needs to connect with other mobile management entities, the method also includes handover authentication; The above handover certification includes:
(i)所述车载移动单元基于切换前的所述移动管理实体的基站标识符、切换认证第一时间戳和从所述车载移动单元内存中提取的所述临时移动用户识别码生成切换认证请求消息并发送至所述切换后的所述移动管理实体;所述切换后的所述移动管理实体接收所述切换认证请求消息并转发至切换前的所述移动管理实体。(i) The vehicle-mounted mobile unit generates a handover authentication request based on the base station identifier of the mobility management entity before handover, the handover authentication first timestamp and the temporary mobile subscriber identification code extracted from the memory of the vehicle-mounted mobile unit. The message is sent to the mobility management entity after the handover; the mobility management entity after the handover receives the handover authentication request message and forwards it to the mobility management entity before the handover.
当OBU移动至旧MME0(切换前的所述移动管理实体)与新MMEn(切换后的所述移动管理实体)的交界处时,OBU从内存中提取TMSI、旧MME0的基站标识符LAIo并生成切换认证第一时间戳,将其串联生成切换认证请求消息S1:{TMSI,/>,LAIo},通过无线的安全信道发送给新的MMEn。When the OBU moves to the junction of the old MME0 (the mobility management entity before the handover) and the new MMEn (the mobility management entity after the handover), the OBU extracts the TMSI and the base station identifier of the old MME0 from the memory. LAIo and generate the first timestamp of handover authentication , concatenate them to generate handover authentication request message S1 :{TMSI,/> ,LAIo }, sent to the new MMEn through the wireless secure channel.
当新的MMEn收到切换认证请求消息S1后,先检查切换认证第一时间戳的新鲜度,然后检查旧MME0的基站标识符LAIo的真实性,接着向旧的MMEo发送S2:{TMSI,LAIo}的切换请求。When the new MMEn receives the handover authentication request messageS1 , it first checks the first timestamp of handover authentication. freshness, then checks the authenticity of the base station identifier LAIo of the old MME0 , and then sends a handover request of S2 : {TMSI, LAIo } to the old MMEo .
(ii)切换前的所述移动管理实体接收切换认证请求消息S2后,确定所述临时移动用户识别码对应的所述认证向量,并将所述临时移动用户识别码对应的所述认证向量从当前所述认证向量组中删除;应用所述ECDSA签名算法生成切换认证签名,将所述切换认证签名和第一切换认证响应消息发送至所述切换后的所述移动管理实体;所述第一切换认证响应消息包括当前所述认证向量组中的剩余认证向量。(ii) After receiving the handover authentication request messageS2 , the mobility management entity before handover determines the authentication vector corresponding to the temporary mobile user identification code, and assigns the authentication vector corresponding to the temporary mobile user identification code to Delete it from the current authentication vector group; apply the ECDSA signature algorithm to generate a handover authentication signature, and send the handover authentication signature and the first handover authentication response message to the mobility management entity after the handover; A handover authentication response message includes the remaining authentication vectors in the current authentication vector group.
当旧的MMEo收到切换认证请求消息S2后,根据TMSI搜索剩余的认证向量,通过TMSI检索到相关认证向量信息,删除此认证向量,得到未使用的认证向量;接着生成第六随机数作为私钥,得到公钥/>,生成第七随机数/>,计算,/>,/>,/>,生成切换认证签名/>,将串联成第一切换认证响应消息S3:{剩余未使用的向量组,Mpb}与切换认证签名SigM,通过无线的安全信道发送给新的MMEn。When the old MMEo receives the handover authentication request messageS2 , it searches for the remaining authentication vectors according to the TMSI, retrieves the relevant authentication vector information through the TMSI, deletes this authentication vector, and obtains an unused authentication vector; then generates a sixth random number As the private key, get the public key/> , generate the seventh random number/> ,calculate ,/> ,/> ,/> , generate switching authentication signature/> , will be concatenated into the first handover authentication response message S3 : {remaining unused vector group, Mpb } and handover authentication signature SigM, and sent to the new MMEn through the wireless secure channel.
(iii)所述切换后的所述移动管理实体接收所述切换认证签名和所述第一切换认证响应消息后,进行切换认证签名验证,并在切换认证签名验证通过后,生成切换认证的临时移动用户识别码,并基于所述切换认证的临时移动用户识别码生成第二切换认证响应消息发送给所述车载移动单元。(iii) After receiving the handover authentication signature and the first handover authentication response message, the mobility management entity after the handover performs handover authentication signature verification, and after passing the handover authentication signature verification, generates a temporary handover authentication Mobile Subscriber ID , and generate a second handover authentication response message based on the temporary mobile user identification code for handover authentication and send it to the vehicle-mounted mobile unit.
当MMEn收到第一切换认证响应消息S3与切换认证签名SigM后,进行签名验证,计算,/>,/>,,验证等式/>,若不相等,则终止会话;When MMEn receives the first handover authentication response messageS3 and the handover authentication signature SigM, it performs signature verification and calculates ,/> ,/> , , verify the equation/> , if not equal, terminate the session;
否则,将剩余的认证向量进行存储,生成第八随机数和切换认证第二时间戳/>,为OBU生成切换认证的临时移动用户识别码/>,从剩余的认证向量中随机提取一组认证向量/>,串联成第二切换认证响应消息S4:{/>,/>,},通过无线的安全信道发送给OBU。Otherwise, store the remaining authentication vectors and generate the eighth random number and switch authentication second timestamp/> , generate a temporary mobile user identification code for OBU handover authentication/> , randomly extract a set of authentication vectors from the remaining authentication vectors/> , concatenated into the second handover authentication response message S4 :{/> ,/> , }, sent to the OBU through the wireless secure channel.
(IV)所述车载移动单元接收所述第二切换认证响应消息后,计算所述挑战响应并向所述切换后的所述移动管理实体发送切换挑战响应消息;(IV) After receiving the second handover authentication response message, the vehicle-mounted mobile unit calculates the challenge response and sends a handover challenge response message to the mobility management entity after the handover;
当OBU收到第二切换认证响应消息S4后,先检查切换认证第二时间戳的新鲜度,计算车载移动单元OBU与归属用户服务器HSS之间的第二协商密钥/>,生成期望消息认证码/>,检查XMAC(i)是否等于MAC(i),若不相等,则终止会话;否则,车载移动单元OBU与移动管理实体MME认证成功;保存切换认证的临时移动用户识别码/>,接着生成挑战响应/>,以此作为切换挑战响应消息S5:{RES(i)},通过无线的安全信道发送给给新的MMEn。After receiving the second handover authentication response messageS4 , the OBU first checks the second handover authentication timestamp. freshness, calculate the second negotiation key between the vehicle-mounted mobile unit OBU and the home user server HSS/> , generate the expected message authentication code/> , check whether XMAC(i) is equal to MAC(i), if not, terminate the session; otherwise, the on-board mobile unit OBU and the mobile management entity MME are successfully authenticated; save the temporary mobile user identification code for handover authentication/> , then generate a challenge response/> , which is used as the handover challenge response message S5 :{RES(i)} and is sent to the new MMEn through the wireless secure channel.
(V)所述切换后的所述移动管理实体接收所述切换挑战响应消息后,进行所述挑战响应和所述期望响应的对比,对比通过后则完成所述车载移动单元和所述切换后的所述移动管理实体之间的双向切换认证。(V) After the mobile management entity after the handover receives the handover challenge response message, it compares the challenge response with the expected response. After the comparison is passed, the vehicle-mounted mobile unit and the handover are completed. Bidirectional handover authentication between the mobility management entities.
将挑战响应与步骤(iii)中提取的认证向量中的期望响应XRES(i)进行对比,若不相同,则终止会话;否则,移动管理实体MME与归属用户服务器OBU认证成功,同样保存切换认证的临时移动用户识别码。随后,删除步骤(iii)中提取到的认证向量,更新认证向量组AV,即完成了OBU与新的MMEn之间的双向切换认证。Compare the challenge response with the expected response XRES(i) in the authentication vector extracted in step (iii). If they are not the same, terminate the session; otherwise, the mobility management entity MME and the home user server OBU are successfully authenticated, and the handover authentication is also saved. Temporary Mobile Subscriber Identity Code. Subsequently, the authentication vector extracted in step (iii) is deleted and the authentication vector group AV is updated, that is, the bidirectional handover authentication between the OBU and the new MMEn is completed.
本实施例具有以下有益效果:This embodiment has the following beneficial effects:
(1)本发明使用了ECDSA签名算法,可以用于确认通信双方的身份信息和证明其所持有的公钥是否有效,从而确保认证信道的安全性。以及使用椭圆曲线生成实体的公私钥,基于离散对数困难可以很好地保证密钥的安全性。(1) The present invention uses the ECDSA signature algorithm, which can be used to confirm the identity information of the communicating parties and prove whether the public keys they hold are valid, thereby ensuring the security of the authentication channel. As well as using elliptic curves to generate the public and private keys of entities, the security of the keys can be well guaranteed based on discrete logarithm difficulty.
(2)本发明使用HSS的公钥对敏感信息IMSI、LAI进行加密,使之在传输过程中都不以明文的形式传输,有效的保证了敏感信息的机密性。在认证过程中,频繁的检查时间戳的新鲜度,并且使用了较多随机数来隐藏原始信息,OBU与HSS之间的长期共享密钥会在每次认证成功后进行更新,可以很好地抵御重放攻击、保证前向安全性等攻击,因此本发明相较于目前现有的协议,更具有安全特征。(2) The present invention uses the public key of HSS to encrypt sensitive information IMSI and LAI so that they are not transmitted in plain text during the transmission process, effectively ensuring the confidentiality of sensitive information. During the authentication process, the freshness of the timestamp is frequently checked, and more random numbers are used to hide the original information. The long-term shared key between OBU and HSS will be updated after each successful authentication, which can be very good. It resists replay attacks and ensures forward security. Therefore, compared with the current existing protocols, the present invention has more security features.
(3)本发明中HSS的公钥在USIM注册时就直接写入卡的内存中,避免公钥证书管理与传递的问题,同时在认证过程中也没有使用较为复杂的加密算法,只使用了ECC运算(基于椭圆曲线的运算,即在认证过程中从椭圆曲线的数域中取值参与计算,例如例如第一中间数据将随机数与基点相乘的过程:A=a·P)、哈希函数,可以有效地降低LTE-R网络的通信负担,实现了轻量化的身份认证协议。(3) In the present invention, the public key of the HSS is directly written into the card's memory when USIM is registered to avoid the problem of public key certificate management and transmission. At the same time, no more complex encryption algorithm is used during the authentication process, only ECC operation (operation based on elliptic curve, that is, taking values from the number field of the elliptic curve to participate in the calculation during the authentication process, for example, the first intermediate data multiplies the random number and the base point: A=a·P), The hash function can effectively reduce the communication burden of the LTE-R network and implement a lightweight identity authentication protocol.
实施例2Example 2
本实施例提供一种基于ECDSA签名算法的身份认证系统,所述系统包括初始化认证子系统;所述初始化认证子系统包括:This embodiment provides an identity authentication system based on the ECDSA signature algorithm. The system includes an initialization authentication subsystem; the initialization authentication subsystem includes:
接入认证消息发送模块,用于车载移动单元利用归属用户服务器的公钥对IMSI、车载移动单元身份标识符和所述车载移动单元获取的基站标识符进行加密并生成接入认证消息;所述归属用户服务器的公钥和所述IMSI为所述车载移动单元的USIM卡注册过程中存储在USIM卡中的安全参数。The access authentication message sending module is used for the vehicle-mounted mobile unit to use the public key of the home user server to encrypt the IMSI, the vehicle-mounted mobile unit identity identifier and the base station identifier obtained by the vehicle-mounted mobile unit and generate an access authentication message; The public key of the home user server and the IMSI are security parameters stored in the USIM card during the USIM card registration process of the vehicle-mounted mobile unit.
认证向量请求消息发送模块,用于移动管理实体接收所述接入认证消息,基于所述接入认证消息、网络服务号和所述移动管理实体获取的基站标识符向所述归属用户服务器发送认证向量请求消息。An authentication vector request message sending module, configured for the mobility management entity to receive the access authentication message, and send authentication to the home user server based on the access authentication message, the network service number and the base station identifier obtained by the mobility management entity. Vector request message.
认证向量响应消息发送模块,用于所述归属用户服务器接收所述认证向量请求消息,验证所述认证向量请求消息的准确性,在消息验证通过后生成认证向量组并基于归属用户服务器的私钥应用ECDSA签名算法生成初认证签名,将所述初认证签名和认证向量响应消息发送给所述移动管理实体;所述认证向量响应消息包括所述认证向量组;所述认证向量组中包括多个认证向量;每一所述认证向量包括消息认证码、匿名性密钥、主密钥、认证令牌和期望响应。Authentication vector response message sending module, used for the home user server to receive the authentication vector request message, verify the accuracy of the authentication vector request message, and generate an authentication vector group based on the private key of the home user server after the message is verified. Apply the ECDSA signature algorithm to generate an initial authentication signature, and send the initial authentication signature and an authentication vector response message to the mobile management entity; the authentication vector response message includes the authentication vector group; the authentication vector group includes multiple Authentication vectors; each of said authentication vectors includes a message authentication code, an anonymity key, a master key, an authentication token and an expected response.
认证挑战消息发送模块,用于所述移动管理实体接收所述认证向量响应消息和所述初认证签名,对所述初认证签名进行签名验证,在初认证签名验证通过后,生成临时移动用户识别码,基于所述认证向量组和所述临时移动用户识别码生成认证挑战消息并发送给所述车载移动单元。An authentication challenge message sending module, configured for the mobile management entity to receive the authentication vector response message and the initial authentication signature, perform signature verification on the initial authentication signature, and generate a temporary mobile user identification after the initial authentication signature is verified. code, and generates an authentication challenge message based on the authentication vector group and the temporary mobile user identification code and sends it to the vehicle-mounted mobile unit.
挑战响应消息发送模块,用于所述车载移动单元接收所述认证挑战消息,验证所述认证挑战消息中的移动管理实体身份标识符,身份验证通过后进行所述消息认证码的验证,认证码验证通过后生成挑战响应消息并发送给所述移动管理实体。Challenge response message sending module, used for the vehicle-mounted mobile unit to receive the authentication challenge message, verify the mobile management entity identity identifier in the authentication challenge message, and verify the message authentication code after the identity verification is passed. The authentication code After passing the verification, a challenge response message is generated and sent to the mobility management entity.
认证成功消息发送模块,用于所述移动管理实体接收所述挑战响应消息,对比所述挑战响应消息和所述期望响应,对比通过后,生成认证成功消息并发送给所述归属用户服务器;所述归属用户服务器接收所述认证成功消息,更新长期共享密钥完成初始化认证。An authentication success message sending module, configured for the mobility management entity to receive the challenge response message, compare the challenge response message with the expected response, and after passing the comparison, generate an authentication success message and send it to the home user server; The home user server receives the authentication success message, updates the long-term shared key, and completes the initialization authentication.
实施例3Example 3
本实施例提供一种电子设备,包括存储器及处理器,存储器用于存储计算机程序,处理器运行计算机程序以使电子设备执行实施例1的基于ECDSA签名算法的身份认证方法。This embodiment provides an electronic device, including a memory and a processor. The memory is used to store a computer program. The processor runs the computer program to cause the electronic device to execute the identity authentication method based on the ECDSA signature algorithm of Embodiment 1.
可选地,上述电子设备可以是服务器。Optionally, the above-mentioned electronic device may be a server.
另外,本发明实施例还提供一种计算机可读存储介质,其存储有计算机程序,该计算机程序被处理器执行时实现实施例1的基于ECDSA签名算法的身份认证方法。In addition, an embodiment of the present invention also provides a computer-readable storage medium that stores a computer program. When the computer program is executed by a processor, the identity authentication method based on the ECDSA signature algorithm of Embodiment 1 is implemented.
本发明的实施例可提供为方法、系统、或计算机程序产品。因此,本发明可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本发明可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。Embodiments of the invention may be provided as a method, system, or computer program product. Thus, the invention may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
本发明是参照根据本发明实施例的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each process and/or block in the flowchart illustrations and/or block diagrams, and combinations of processes and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing device to produce a machine, such that the instructions executed by the processor of the computer or other programmable data processing device produce a use A device for realizing the functions specified in a process or processes in a flowchart and/or a block or blocks in a block diagram.
这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中,使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品,该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。These computer program instructions may also be stored in a computer-readable memory that causes a computer or other programmable data processing apparatus to operate in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including the instruction means, the instructions The device implements the functions specified in a process or processes in the flowchart and/or in a block or blocks in the block diagram.
这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions may also be loaded onto a computer or other programmable data processing device, causing a series of operating steps to be performed on the computer or other programmable device to produce computer-implemented processing, thereby executing on the computer or other programmable device. Instructions provide steps for implementing the functions specified in a process or processes of a flowchart diagram and/or a block or blocks of a block diagram.
本说明书中各个实施例采用递进的方式描述,每个实施例重点说明的都是与其他实施例的不同之处,各个实施例之间相同相似部分互相参见即可。对于实施例公开的系统而言,由于其与实施例公开的方法相对应,所以描述的比较简单,相关之处参见方法部分说明即可。Each embodiment in this specification is described in a progressive manner. Each embodiment focuses on its differences from other embodiments. The same and similar parts between the various embodiments can be referred to each other. As for the system disclosed in the embodiment, since it corresponds to the method disclosed in the embodiment, the description is relatively simple. For relevant details, please refer to the description in the method section.
本文中应用了具体个例对本发明的原理及实施方式进行了阐述,以上实施例的说明只是用于帮助理解本发明的方法及其核心思想;同时,对于本领域的一般技术人员,依据本发明的思想,在具体实施方式及应用范围上均会有改变之处。综上所述,本说明书内容不应理解为对本发明的限制。This article uses specific examples to illustrate the principles and implementation methods of the present invention. The description of the above embodiments is only used to help understand the method and the core idea of the present invention; at the same time, for those of ordinary skill in the art, according to the present invention There will be changes in the specific implementation methods and application scope of the ideas. In summary, the contents of this description should not be construed as limitations of the present invention.
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310833201.9ACN116567633B (en) | 2023-07-10 | 2023-07-10 | Identity authentication method, system and equipment based on ECDSA signature algorithm |
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310833201.9ACN116567633B (en) | 2023-07-10 | 2023-07-10 | Identity authentication method, system and equipment based on ECDSA signature algorithm |
| Publication Number | Publication Date |
|---|---|
| CN116567633A CN116567633A (en) | 2023-08-08 |
| CN116567633Btrue CN116567633B (en) | 2023-10-10 |
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310833201.9AActiveCN116567633B (en) | 2023-07-10 | 2023-07-10 | Identity authentication method, system and equipment based on ECDSA signature algorithm |
| Country | Link |
|---|---|
| CN (1) | CN116567633B (en) |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2025059984A1 (en)* | 2023-09-21 | 2025-03-27 | Oppo广东移动通信有限公司 | Authentication methods and devices |
| CN119402209A (en)* | 2024-10-30 | 2025-02-07 | 武汉大学 | A method, device, equipment and storage medium for generating double authentication signature |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104754581A (en)* | 2015-03-24 | 2015-07-01 | 河海大学 | Public key password system based LTE wireless network security certification system |
| CN108092776A (en)* | 2017-12-04 | 2018-05-29 | 南京南瑞信息通信科技有限公司 | A kind of authentication server and authentication token |
| CN108809637A (en)* | 2018-05-02 | 2018-11-13 | 西南交通大学 | The car-ground communication Non-Access Stratum authentication key agreement methods of LTE-R based on mixed cipher |
| CN112055333A (en)* | 2020-10-21 | 2020-12-08 | 西南交通大学 | A security authentication method for LTE-R vehicle-ground wireless communication without certificate proxy signature |
| CN114362993A (en)* | 2021-11-24 | 2022-04-15 | 北京理工大学 | Block chain assisted Internet of vehicles security authentication method |
| CN116405187A (en)* | 2023-04-21 | 2023-07-07 | 石家庄铁道大学 | Distributed node intrusion situation sensing method based on block chain |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11190510B2 (en)* | 2017-11-15 | 2021-11-30 | Parallel Wireless, Inc. | Two-factor authentication in a cellular radio access network |
| US12052350B2 (en)* | 2021-07-08 | 2024-07-30 | Cisco Technology, Inc. | Quantum resistant secure key distribution in various protocols and technologies |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104754581A (en)* | 2015-03-24 | 2015-07-01 | 河海大学 | Public key password system based LTE wireless network security certification system |
| CN108092776A (en)* | 2017-12-04 | 2018-05-29 | 南京南瑞信息通信科技有限公司 | A kind of authentication server and authentication token |
| CN108809637A (en)* | 2018-05-02 | 2018-11-13 | 西南交通大学 | The car-ground communication Non-Access Stratum authentication key agreement methods of LTE-R based on mixed cipher |
| CN112055333A (en)* | 2020-10-21 | 2020-12-08 | 西南交通大学 | A security authentication method for LTE-R vehicle-ground wireless communication without certificate proxy signature |
| CN114362993A (en)* | 2021-11-24 | 2022-04-15 | 北京理工大学 | Block chain assisted Internet of vehicles security authentication method |
| CN116405187A (en)* | 2023-04-21 | 2023-07-07 | 石家庄铁道大学 | Distributed node intrusion situation sensing method based on block chain |
| Publication number | Publication date |
|---|---|
| CN116567633A (en) | 2023-08-08 |
| Publication | Publication Date | Title |
|---|---|---|
| CN110971415B (en) | An anonymous access authentication method and system for a space-earth integrated spatial information network | |
| CN108809637B (en) | LTE-R vehicle-ground communication non-access stratum authentication key agreement method based on mixed password | |
| WO2020177768A1 (en) | Network verification method, apparatus, and system | |
| CN104579694B (en) | A kind of identity identifying method and system | |
| CN111865603B (en) | Authentication method, authentication device and authentication system | |
| CN111147231B (en) | A method, related device and system for key negotiation | |
| CN111050322B (en) | GBA-based client registration and key sharing method, device and system | |
| CN116567633B (en) | Identity authentication method, system and equipment based on ECDSA signature algorithm | |
| CN108260102B (en) | Proxy signature-based non-access stratum authentication method for LTE-R vehicle-ground communication | |
| US20200195445A1 (en) | Registration method and apparatus based on service-based architecture | |
| CN101902476B (en) | Method for authenticating identity of mobile peer-to-peer user | |
| US12118093B2 (en) | Extended authentication method and apparatus for generic bootstrapping architecture, and storage medium | |
| CN104145465B (en) | The method and apparatus of bootstrapping based on group in machine type communication | |
| CN111314056A (en) | Heaven and earth integrated network anonymous access authentication method based on identity encryption system | |
| CN113395166B (en) | A cloud-side-terminal collaborative secure access authentication method for power terminals based on edge computing | |
| CN114037457B (en) | A cross-domain access authentication method for industrial complex product terminals based on identity identification | |
| CN101009919A (en) | Authentication method based on the end-to-end communication of the mobile network | |
| CN110012467B (en) | Grouping authentication method of narrow-band Internet of things | |
| WO2020216338A1 (en) | Parameter sending method and apparatus | |
| CN104955040B (en) | Network authentication method and equipment | |
| CN115767539A (en) | 5G authentication method based on terminal identifier update | |
| CN108737431B (en) | Confusion-based hierarchical distributed authentication method, device and system in IoT scenarios | |
| CN116506857A (en) | Unmanned aerial vehicle body authentication method based on timely generation and updating of authentication information | |
| CN103781026B (en) | The authentication method of common authentication mechanism | |
| CN113747433B (en) | Equipment authentication method based on block side chain structure in fog network |
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |