摘要： 针对3GPP R8版本中的EPS-WLAN互联网络，分析EPS-WLAN互联网络接入认证协议EAP-AKA的安全性，指出其存在的安全隐患以及对于特定攻击存在的脆弱性。在EAP协议的基础上，引入基于身份的加密和密钥协商的要素，提出基于身份密码学的改进方案。通过性能和安全性分析，证明该协议能够在不增加协议步骤和系统负担的条件下，克服EAP-AKA协议的安全隐患，提高协议的安全性。

关键词: EPS-WLAN互联网络, EAP-AKA协议, IBAKA协议, 基于身份密码学, 认证

Abstract: For EPS-WLAN internetworking described in 3GPP Release 8, this paper analyzes security threats and attacks on EAP-AKA. In order to overcome vulnerabilities of EAP-AKA, it proposes an authentication and key agreement protocol based on EAP. The proposed protocol combines the elements of the IBE and IBAKA Scheme. Results of analysis show that the scheme can resist typical attacks and fulfill the security requirement without increasing complexity or system load.

Key words: EPS-WLAN internetworking, EAP-AKA protocol, IBAKA protocol, Identity-Based Cryptograph(IBC), authentication

中图分类号: 

• TP393.08