摘 要
由于现代工艺越来越多的需要对实时温度进行监测和控制,而且需要的精度越来越高。所以温度控制系统国内外许多有关人员的重视,得到了十分广泛的应用。温度控制系统发展迅速,而且成果显著。
随着移动通信技术的飞速发展和普及,其中的安全问题正受到越来越多的关注。在第三代移动通信系统中,除了传统的语音和数据业务外,还提供多媒体业务、交互式数据业务、电子商务、互联网服务等多种信息服务。因此,如何保证业务信息的安全性以及网络资源使用的安全性已成为 3G 系统中重要而迫切的问题。
本文着重研究了第三代移动通信系统的安全。首先介绍了 2G 系统结构及其存在的安全缺陷。然后概述了 3G 的安全原则、目标、要求及其面临的安全威胁,详细分析了 3G 移动通信系统的安全体系结构,对其 5 个安全特征组的安全性加以研究,分析了 3G 的安全特征。对 3G 接入网络中的鉴权和认证、数据机密性和数据完整性服务等机制进行了深入的探讨,对实现上述各种机制的算法和协议做了详细
的介绍。
通过对 3G 中认证和密钥分配协议的安全性研究,分析其加密机制和作用原理,从而分析出 3G 的认证与密钥协商过程可能存在的安全隐患和可能遭到的攻击,由此提出一种改进方案,以保证传输信息的机密性,提高了系统安全性,使得窃听者无法获得认证向量,从而防止了假冒 VLR 的攻击。
本文还对 3G 的核心加密算法 KASUMI 算法进行研究,介绍了算法的原理和构成,及其应用。并通过编程对算法进行实现与安全性测试。最终对该算法抵抗差分和线性攻击性进行分析,得出在 3GPP的环境下该算法满足其设计初衷和性能要求,其良好的安全性强度很适合于 3G 移动通信系统。
关键词:3G;移动通信;安全算法;KASUMI
ABSTRACT
Along with the prosperous developing and popularity of the mobile communication technology, the
more advanced security is required in the communication system. In 3G mobile communication system, more
and more new services are provided, such as multimedia, interactive data transaction, electronic business and
internet services, except for traditionalvoice service and data service. So how to guarantee the security of the
information transmitted in the mobile communication system and the security of the network resources has
become an urgent problem.
This paper is devoted to the security of 3G mobile communication system. It first introduced 2G system
architecture and the existing security defects. After that, it covered the security menaces faced by 3G, the
security principles, objects and requirements. It also analyzed and studied the security characteristics of 3G.
Detailed discussion was focused on the authentication and authorization in 3G access network, and the
mechanisms adopted for providing data encryption service and data integrity service. The algorithms and
protocols used to implement the above mechanisms were introduced.
Through the research on encryption mechanism and principium of AKA, it analyzed the probable
menace and attack in the process of authentication and key agreement. So this paper presented an improved
scheme to ensured confidentiality of the information transmission and to enhanced the security of 3G, and
avoided the attack to VLR.
The 3G core cryptographic algorithm: KASUMI algorithm was researched in the paper, including its
principles, components and application. Then the paper tested the algorithm security by programme and
finally analyzed that KASUMI algorithm could resist mostly difference attacks. Its nicer security character
was propitious to 3G mobile communication.
Keywords: 3G; Mobile Communication; Security Algorithm; KASUMI
目 录
第 1 章 绪论.......................................................................................... 1
1.1 论文研究的背景和意义......................................................................... 1
1.2 3G 技术国内外发展现状................................................................... 2
1.3 本文研究主要内容................................................................................. 2
1.4 论文结构安排.......................................................................... ... .. 2
第 2 章 GSM 的安全机制................................................... ... ............. 4
2.1 GSM 的系统结构.................................................... ... ... ... ...................... 4
2.2 GSM 的鉴权和认证...................................................... ... ........................... 5
2.2.1 GSM 网络中用户身份的保密.............................................................. 5
2.2.2 GSM 系统中用户鉴权..................................................... ..................... 5
2.2.3 在 GSM 无线信道上发送加密后的数据........................................ ................... 7
2.3 GSM 中安全要素的分布...................................................... ....................... 7
2.4 GSM 存在的安全问题......................................................................... 8
第 3 章 3G 移动通信系统的安全框架............................................................... 9
3.1 3G 系统新业务特征及其安全特性...................................................................... 9
3.2 3G 系统的安全原则、目标和要求....................................................................10
3.2.1 3G 系统的安全原则...................................................................................10
3.2.2 3G 系统的安全目标.............................................................................10
3.2.3 3G 系统的安全要求..............................................................................10
3.3 3G 的安全威胁.................................................................................11
3.3.1 3G 系统的安全威胁大致分类....................................................................11
3.3.2 针对系统无线接口的攻击...............................................................................11
3.3.3 针对系统核心网的攻击.......................................................................12
3.3.4 针对终端的攻击.....................................................................................12
3.4 3G 的安全体系结构.............................................................................12
3.4.1 3G 安全结构.......................................................................................12
3.4.2 3G 系统安全功能结构...........................................................................13
3.5 安全特征.............................................................................................15
3.5.1 网络接入安全...............................................................................15
3.5.2 网络域安全.......................................................................................15
3.5.3 用户域安全..........................................................................................16
3.5.4 应用域安全.........................................................................................16
3.5.5 安全特性的可视性和可配置性.....................................................................16
3.6 3G 的鉴权和认证.................................................................................17
3.6.1 引言.................................................................................................17
3.6.2 3G 系统中的安全算法............................................................................17
3.6.3 3G 鉴权认证过程.................................................................................18
3.6.4 用户信息加密.....................................................................................22
3.6.5 用户信息完整性保护...............................................................................22
3.6.6 增强的用户身份认证(EUIC) .....................................................................23
3.7 3G 认证与密钥分配协议及其改进................................................................24
3.7.1 AKA 协议过程.................................................................................24
3.7.2 AKA 安全目标............................................................................................25
3.7.3 BAN 认证逻辑.........................................................................................25
3.7.4 对两种认证模式的 BAN 逻辑分析.....................................................26
3.7.5 安全漏洞和可能受到的攻击.........................................................................27
3.7.6 改进方案...............................................................................................27
3.7.7 安全性分析............................................................................................28
3.8 3G 网络对 GSM 网络的安全兼容性.........................................................28
3.8.1 2G 和 3G 共存网络的安全性准则....................................................28
3.8.2 2G 和 3G 网络共存时的用户鉴权...................................................29
3.8.3 2G 和 3G 安全上下文之间转换运算的算法..........................................31
第 4 章 3G 核心加密算法 KASUMI 算法.....................................................................32
4.1 算法的背景介绍...............................................................................................32
4.2 KASUMI 算法的构成原理 ..............................................................................32
4.2.1 KASUMI 算法 ..........................................................................................32
4.2.2 第 i 轮函数 fi.......................................................................................34
4.2.3 函数 FL................................................................................................34
4.2.4 函数 FO.............................................................................................35
4.2.5 函数 FI..................................................................................................36
4.2.6S-盒 S7 和 S9.......................................................................................37
4.2.7 子密钥的生成..............................................................................................40
4.3 KASUMI 算法的应用 .....................................................................40
4.3.1 f8 算法....................................................................................................41
4.3.2 f9 算法.................................................................................................42
4.4 KASUMI 分组密码算法安全性分析 ....................................................................44
4.4.1 理论分析...............................................................................................44
4.4.2 数学分析 KASUMI .................................................................................46
4.4.3 差分攻击分析........................................................................................47
4.4.4 安全性总结.........................................................................................49
结论....................................................................................................50
致谢..................................................................................................................51
附录 A KASUMI 源程序...............................................................................................52
参考文献.....................................................................................................59
[1] [2] [3] 下一页 |
第三代移动通信系统岸全技术研究
网友评论:(只显示最新5条。评论内容只代表网友观点,与本站立场无关!)