计算机科学
密码
计算机网络
认证(法律)
钥匙(锁)
计算机安全
密钥生成
密钥协议
预共享密钥
密钥分发
公钥密码术
加密
作者
Songsong Zhang,Yining Liu,Tiegang Gao,Yong Xie,Chuan Zhou
标识
DOI:10.1109/jiot.2024.3407714
摘要
As the proliferation of 5th Generation Mobile Communication Technology (5G) accelerates the adoption of Internet of Things (IoT) applications, building robust and secure communication channel becomes increasingly crucial with the exponential growth of connected devices. The 3rd Generation Partnership Project (3GPP) has established security standards for 5G systems, including mechanisms such as the 5G-Authentication and Key Agreement (5G-AKA), which enables establish secure sessions in untrustworthy participants or insecure channels. The private key which untrustworthy parties have independently or transmitted through insecure channels, may involve risk of information leakage in 5G-AKA. Motivated by this challenge, we propose a practical and secure dual-server key agreement scheme based on password authentication for IoT devices in 5G networks. The scheme ensures secure reliable key storage and key transmission, mitigating risks associated with key information leakage through a dual-server architecture and three-lock security policy. Importantly, we avoid ownership of the complete key by any untrustworthy entity in insecure 5G network to ensure key security. The scheme can resilience to various security threats prevalent in 5G networks through rigorous formal security. We analyze the communication and computational loads to illustrate the protocol’s practicality and efficacy.
科研通智能强力驱动
Strongly Powered by AbleSci AI