摘要： 针对当前3G网络身份认证与密钥协商方案存在扩展性差、用户身份信息易泄露的问题，提出一种基于无线公钥体制的安全增强型无线认证与密钥协商协议，实现实体间的双向身份认证，保护空中接口及有线通信链路，防止用户和接入网络身份标识泄露。该方案支持数字签名，可提供不可否认性业务。形式化方法验证分析表明，该协议能够满足安全需求。

关键词: 无线公钥基础设施, 认证与密钥协商协议, 认证测试, 协议分析

Abstract: In view of some defects existing in current 3G authentication and key agreement protocols, a Security-enhanced Evolved Packet System-Authentication and Key Agreement(SE-EPS AKA) protocol is put forward based on Wireless Public Key Infrastructure(WPKI). The enhanced scheme realizes bidirectional authentication between the entities, protects the air interfaces and wired links, and resolves the problem of the user and access networks identity leakage. Meanwhile, the scheme can support digital signature to provide non-repudiation services. The formal verification result shows that the proposed protocol can satisfy the security requirements.

Key words: Wireless Public Key Infrastructure(WPKI), Authentication and Key Agreement(AKA) protocol, authentication test, protocol analysis

中图分类号: 

• TP309