异构无线网络匿名漫游研究
|
摘要
下一代无线网络的发展趋势是多种无线接入技术并存的全IP异构无线网络融合,提供多样化的、无处不在的接入服务。漫游是实现泛在无线接入的关键技术,但是漫游安全面临着诸多挑战。第一,由于传输介质的开放性与无线设备资源的受限性,无线网络面临着比传统有线网络更加严重的安全威胁;第二,众多网络运营商需要共存及协作,异构无线接入系统的安全解决方案之间也存在很大差异。第三,漫游过程中的用户隐私保护也越来越受到关注。因此,研究匿名漫游具有重要意义。本文研究了匿名漫游认证及异构无线接入网络安全融合,主要包括如下内容:
1.分析了一种基于身份的认证模型的安全缺陷,指出该方案存在身份伪装攻击,无法实现用户身份认证。提出了一种改进方案用于实现无线网络匿名漫游。与原方案相比,改进之处主要体现在2方面:第一,弥补了原协议的安全缺陷,并且在CK模型下是可证明安全的;第二,简化了协议流程,提高了协议的效率。
2.分析了一种结合证书公钥和身份公钥的混合认证方案,指出该方案存在移动节点欺骗攻击和Rogue网络攻击,密钥更新不满足后向保密性等缺陷,及可扩展性低的问题。提出了一种改进的混合匿名认证方案,弥补了安全缺陷,提高了可扩展性。CK模型下的安全性分析表明该协议是可证明安全的。同时,性能对比分析表明改进协议保持了原方案计算量低的特点。
3.分析了一种双因子匿名无线漫游协议,指出该方案不满足强双因子安全,存在多米诺效应、特权内部人员攻击、用户无法更新口令等缺陷。提出了一种改进协议,实现了强双因子安全。在CK模型下进行了安全性分析,特别地,构造了基于智能卡和口令的双因子认证器,分析表明改进方案是可证明安全的。与原协议相比,改进协议弥补了原协议的安全缺陷,同时提高了安全性。
4.针对3G与基于WAPI的WLAN之间的安全融合问题,提出了新的基于USIM的证书分发协议,给出了松耦合和紧耦合两种安全融合方案,统一了3G安全体系与WAPI的用户管理,实现了3G签约用户基于WAPI安全机制的网络接入以及身份隐私保护。利用CK模型分析了证书分发协议的认证性和匿名性,结果表明该协议是可证明安全的。
One of the main trends in next generation wireless networks is the all-IP based heterogeneous wireless network integration with the coexistence of a number of wireless access technologies, which is to provide diversified and ubiquitous access services. Roaming is the key enabling technology for ubiquitous wireless access. However, roaming security faces many challenges. Firstly, due to the openness of wireless channel and resource constraints of wireless devices, wireless networks suffers more severe threats than their wired counterparts. Secondly, a large number of operators coexist and cooperate, and each wireless access systems has addressed security in different ways. Finally, privacy protection during roaming process has become an increasing concern for people. Therefore, the study of anonymous roaming is of great significance. The main contributions are as follows.
1. The security flaws of an identity-based authentication model are analyzed. The scheme fails to achieve entity authentication due to identity impersonation attack. Then, an improved authentication scheme is proposed to realize anonymous roaming in wireless networks. Our authentication scheme improves the original one in two aspects. Firstly, our scheme remedies the security flaws and is provably secure in the CK model. Secondly, our scheme simplifies the protocol interaction and is more efficient.
2. A hybrid authentication scheme integrating certificate based and identity based public key cryptography is analyzed. It is demonstrated that the scheme suffers from mobile node spoofing attack and rogue network attack, and the key updating fails to possess backward secrecy, the scheme also has low scalability. Then, an improved authentication scheme is proposed, which remedies the security flaws and improves the scalability. Security analysis shows that the improved scheme is provably secure in the CK model. Meanwhile, performance comparison indicates that the improved scheme maintains the merit of low computation cost in Zhu et al.’s scheme.
3. A smart card and password based two-factor anonymous authentication protocol for wireless roaming is analyzed. It is demonstrated that the scheme fails to achieve strong two-factor security, and suffers from domino effect, privileged insider attack and no password change option, etc. Then, an improved authentication scheme, which achieves strong two-factor security, is proposed and analyzed in the CK model. In particular, a smart card and password based two-factor authenticator is constructed. Security analysis shows that the improved scheme is provably secure. Compared with the original protocol, our improved protocol remedies its security flaws and enhances its security strength, with a slightly higher computation cost.
4. How to integrate the vastly different security architectures used in each access network and unify user management is to be solved in urgent need. To achieve the security integration of 3G and WAPI based WLAN, a USIM based certificate distribution protocol is proposed. Two security integration schemes, i.e., loosely coupled and tightly coupled, are presented, which unify user management of 3G security architecture and WAPI, and realize WAPI based network access for 3G subscribers and identity privacy protection. The entity authentication and anonymity of the certificate distribution protocol is analyzed in CK model, and the results show that the protocol is provably secure.
1.分析了一种基于身份的认证模型的安全缺陷,指出该方案存在身份伪装攻击,无法实现用户身份认证。提出了一种改进方案用于实现无线网络匿名漫游。与原方案相比,改进之处主要体现在2方面:第一,弥补了原协议的安全缺陷,并且在CK模型下是可证明安全的;第二,简化了协议流程,提高了协议的效率。
2.分析了一种结合证书公钥和身份公钥的混合认证方案,指出该方案存在移动节点欺骗攻击和Rogue网络攻击,密钥更新不满足后向保密性等缺陷,及可扩展性低的问题。提出了一种改进的混合匿名认证方案,弥补了安全缺陷,提高了可扩展性。CK模型下的安全性分析表明该协议是可证明安全的。同时,性能对比分析表明改进协议保持了原方案计算量低的特点。
3.分析了一种双因子匿名无线漫游协议,指出该方案不满足强双因子安全,存在多米诺效应、特权内部人员攻击、用户无法更新口令等缺陷。提出了一种改进协议,实现了强双因子安全。在CK模型下进行了安全性分析,特别地,构造了基于智能卡和口令的双因子认证器,分析表明改进方案是可证明安全的。与原协议相比,改进协议弥补了原协议的安全缺陷,同时提高了安全性。
4.针对3G与基于WAPI的WLAN之间的安全融合问题,提出了新的基于USIM的证书分发协议,给出了松耦合和紧耦合两种安全融合方案,统一了3G安全体系与WAPI的用户管理,实现了3G签约用户基于WAPI安全机制的网络接入以及身份隐私保护。利用CK模型分析了证书分发协议的认证性和匿名性,结果表明该协议是可证明安全的。
One of the main trends in next generation wireless networks is the all-IP based heterogeneous wireless network integration with the coexistence of a number of wireless access technologies, which is to provide diversified and ubiquitous access services. Roaming is the key enabling technology for ubiquitous wireless access. However, roaming security faces many challenges. Firstly, due to the openness of wireless channel and resource constraints of wireless devices, wireless networks suffers more severe threats than their wired counterparts. Secondly, a large number of operators coexist and cooperate, and each wireless access systems has addressed security in different ways. Finally, privacy protection during roaming process has become an increasing concern for people. Therefore, the study of anonymous roaming is of great significance. The main contributions are as follows.
1. The security flaws of an identity-based authentication model are analyzed. The scheme fails to achieve entity authentication due to identity impersonation attack. Then, an improved authentication scheme is proposed to realize anonymous roaming in wireless networks. Our authentication scheme improves the original one in two aspects. Firstly, our scheme remedies the security flaws and is provably secure in the CK model. Secondly, our scheme simplifies the protocol interaction and is more efficient.
2. A hybrid authentication scheme integrating certificate based and identity based public key cryptography is analyzed. It is demonstrated that the scheme suffers from mobile node spoofing attack and rogue network attack, and the key updating fails to possess backward secrecy, the scheme also has low scalability. Then, an improved authentication scheme is proposed, which remedies the security flaws and improves the scalability. Security analysis shows that the improved scheme is provably secure in the CK model. Meanwhile, performance comparison indicates that the improved scheme maintains the merit of low computation cost in Zhu et al.’s scheme.
3. A smart card and password based two-factor anonymous authentication protocol for wireless roaming is analyzed. It is demonstrated that the scheme fails to achieve strong two-factor security, and suffers from domino effect, privileged insider attack and no password change option, etc. Then, an improved authentication scheme, which achieves strong two-factor security, is proposed and analyzed in the CK model. In particular, a smart card and password based two-factor authenticator is constructed. Security analysis shows that the improved scheme is provably secure. Compared with the original protocol, our improved protocol remedies its security flaws and enhances its security strength, with a slightly higher computation cost.
4. How to integrate the vastly different security architectures used in each access network and unify user management is to be solved in urgent need. To achieve the security integration of 3G and WAPI based WLAN, a USIM based certificate distribution protocol is proposed. Two security integration schemes, i.e., loosely coupled and tightly coupled, are presented, which unify user management of 3G security architecture and WAPI, and realize WAPI based network access for 3G subscribers and identity privacy protection. The entity authentication and anonymity of the certificate distribution protocol is analyzed in CK model, and the results show that the protocol is provably secure.
引文
[1]马建峰,朱建明等编著.无线局域网安全方法与技术.北京:机械工业出版社, 2005.
[2]彭清泉.无线网络中密钥管理与认证方法及技术研究.西安电子科技大学博士学位论文, 2010.
[3] Akyildiz I F, Wang X, Wang W. Wireless Mesh Networks: A Survey. Computer Networks, 2005, 47(4): 445-487.
[4] Lee M J, Zheng J, Ko Y-B, et al. Emerging Standards for Wireless Mesh Technology, IEEE Wireless Communications, 2006, 13(2): 56-63.
[5] IEEE 802.11 Working Group, http://grouper.ieee.org/groups/ 802/11.
[6] ITU, http://www.itu.int.
[7]朱建民.无线网络安全方法与技术研究.西安电子科技大学博士学位论文, 2005.
[8]胡爱群.无线通信网络的安全问题及对策.电信科学, 2003, 12: 42-45.
[9]王育民,刘建伟编著.通信网的安全——理论与技术.西安电子科技大学出版社, 1999.
[10] Meyer U. Secure Roaming and Handover Procedures in Wireless Access Networks. PhD thesis, Darmstadt University of Technology, 2005.
[11] Samfat D, Molva R, Asokan N. Untraceability in mobile networks. In Proceedings of ACM Mobicom’95, 26-36, 1995.
[12] Chen H, Xiao Y, Hong X, et al. A survey of anonymity in wireless communication systems. Security and Communication Networks, 2008, 2(5):427-444.
[13] Boyd C, Mathuria A. Key establishment protocols for secure mobile communications: a critical survey. Computer Communications, 2000, 23(5-6), 575-587.
[14] Salgarelli L, Buddhikot M, Garay J, et al. Efficient Authentication and Key Distribution in Wireless IP Networks. IEEE Wireless Communications, 2003, 10(6): 52-61.
[15] Hwang K-F, Chang C-C. A self-encryption mechanism for authentication of roaming and teleconferences services. IEEE Transactions on Wireless Communications, 2003, 2(2): 400-407.
[16] Jiang Y, Lin C, Shen X. Mutual authentication and key exchange protocols for roaming services in wireless mobile networks. IEEE Transactions on Wireless Communications, 2006, 5(9): 2569-2577.
[17]周涛,徐静.改进的基于漫游场景的认证密钥交换协议.通信学报, 2009, 30(11A):61-68.
[18] Arkko J, Haverinen H. Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA). The Internet Society RFC 4187. 2006.
[19] Merino A S, Matsunaga Y, Shah M, et al. Secure Authentication System for Public WLAN Roaming. Mobile Networks and Applications, 2005,10(3):355-370.
[20] Lee T, Chang C, Hwang T. Private authentication techniques for the global mobility network. Wireless Personal Communications, 2005, 35(4): 329-336.
[21] Gu J, Park S, Song O, et al. Mobile PKI: A PKI-Based Authentication Framework for the Next Generation Mobile Communications. In ACISP'03, LNCS 2727, pp. 180-191. Springer, 2003.
[22] Bayarou K, Enzmann M, Giessler E, et al. Towards Certificate-Based Authentication for Future Mobile Communications. Wireless Personal Communications, 2004, 29(3-4): 283-301.
[23] Kambourakis G, Rouskas A, Kormentzas G, et al. Advanced SSL/TLS-based authentication for secure WLAN-3G interworking. IEE Proceedings Communications, 2004, 151(5): 501-506.
[24] Park J, Go J, Kim K. Wireless authentication protocol preserving user anonymity. Proceedings of the 2001 Symposium on Cryptography and Information Security. Japan, 2001,23-26.
[25] Wong D S. Security analysis of two anonymous authentication protocols for distributed wireless networks. PerCom 2005 Workshops. Kauai Island, Hawaii, 2005.
[26]朱建明,马建峰.一种高效的具有用户匿名性的无线认证协议.通信学报, 2004, 25(6): 12-18.
[27]彭华熹,冯登国.匿名无线认证协议的匿名性缺陷和改进.通信学报, 2006, 27(9): 78-85.
[28] Yang G, Wong D S, Deng X. Anonymous and authenticated key exchange for roaming networks. IEEE Transactions on Wireless Communications, 2007, 6(9): 1035-1042.
[29] Yang G, Wong D S, Deng X. Formal security definition and efficient construction for roaming with a privacy-preserving extension. Journal of Universal Computer Science, 2008, 14(3): 441-462.
[30] Manulis M, Leroy D, and Koeune F. Authenticated wireless roaming via tunnels: making mobile guests feel at home. http://eprint.iacr.org/2008/382.pdf, 2008.
[31]侯惠芳,刘光强,季新生,张秋闻.基于公钥的可证明安全的异构无线网络认证方案.电子与信息学报, 2009, 31(10): 2385-2391.
[32] Shi M, Rutagemwa H Shen X. A service-agent-based roaming architecture for WLAN/cellular integrated networks. IEEE Transactions on Vehicular Technology, 2007, 56(5): 3168-3181.
[33] Shi M, Shen X, Mark J, et al. User authentication and undeniable billing support for agent-based roaming service in WLAN/cellular integrated mobile networks. Computer Networks, 2008, 52(9): 1693-1702.
[34] Jiang J, He C, and Jiang L. On the design of provably secure identity-based authentication and key exchange protocol for heterogeneous Wireless Access. Proc. International Conference on Communications, Networking and Mobile Computing (ICCNMC 05). Springer-Verlag, 2005, 972-981.
[35]彭华熹.一种基于身份的多信任域认证模型.计算机学报, 2006, 29(8): 1271-1281.
[36] Yang G, Huang Q, Wong D S, et al. Universal authentication protocols for anonymous wirelesscommunications. IEEE Transactions on Wireless Communications, 2010, 9(1): 168-174.
[37] Wan Z, Ren K, Preneet B. A secure privacy-preserving roaming protocol based on hierarchical identity-based encryption for mobile networks. Proc. WiSec 08, 2008, 62-67.
[38] Fatemi M, Salimi S, Salahi A. Anonymous roaming in universal mobile telecommunication system mobile networks. IET Information Security, 2010, 4(2), 93-103.
[39]朱辉,李晖,苏万力.基于身份的匿名无线认证方案.通信学报, 2009, 30(4): 130-136.
[40] Zhu J, Ma J. A new authentication scheme with anonymity for wireless environments. IEEE Transaction on Consumer Electronics, 2004,50(1):230–234.
[41] Lee CC, Hwang MS, Liao IE. Security enhancement on a new authentication scheme with anonymity for wireless environments. IEEE Transaction on Industrial Electronics, 2006,53(5):1683–1687.
[42] Wu CC, Lee WB, Tsaur W J. A secure authentication scheme with anonymity for wireless communications. IEEE Communications. Letters, 2008,12(10):722–723.
[43] Zeng P, Cao ZF, Choo K-K R, et al. On the anonymity of some authentication schemes for wireless communications. IEEE Communications Letters, 2009, 13(3):170–171.
[44] Lee JS, Chang JH, and Lee DH. Security ?aw of authentication scheme with anonymity for wireless communications. IEEE Communications Letters, 2009,13(5):292–293.
[45] Wang R, Juang W, Lei C. A robust authentication scheme with user anonymity for wireless environments. International Journal of Innovative Computing, Information and Control, 2009,5(4):1069–1080.
[46] He DJ, Ma MD, Zhang Y, Chen C. A strong user authentication scheme with smart cards for wireless communications. Computer Communications, DOI: 10.1016/j.comcom.201001.031.
[47] Chen C, He DJ, Chan S, et al. Lightweight and provably secure user authentication with anonymity for the global mobility network. International Journal of Communication Systems. DOI: 10.1002/dac.1158.
[48] Xu J, Zhu WT, Feng DG. An efficient mutual authentication and key agreement protocol preserving user anonymity in mobile networks. Computer Communications, DOI: 10.1016/j.comcom.2010.04041.
[49] Chang CC, Lee CY, and Chiu YC. Enhanced authentication scheme with anonymity for roaming service in global mobility networks. Computer Communications, 2009,32(4):611–618.
[50] Youn TY, Park YH, and Lim J. Weaknesses in an anonymous authentication scheme for roaming service in global mobility networks. IEEE Communications Letters, 2009, 13(7):471–473.
[51] He D, Chan S, Chen C, Bu J. Design and validation of an efficient authentication scheme with anonymity for roaming service in global mobility networks. Wireless Personal Communications,DOI: 10.1007/s11277-010-0033-5.
[52] Ala-Laurila J, Mikkonen J, Rinnemaa J. Wireless LAN access network architecture for mobile operators. IEEE Communications Magazine, 2001, 39(11):82–89.
[53] Buddhikot M, Chandrannmenon G, Han S, et al. Integration of 802.11 and Third-Generation Wireless Data Networks, IEEE INFOCOM 2003, Vol. 1, pp. 503–512, 2003.
[54] Luo H, Jiang Z, Kim B J, et al. Integrating Wireless LAN and Cellular Data for the Enterprise, IEEE Internet Computing, 2003, 7(2): 25–33.
[55] 3GPP TS 23.234: 3GPP system to Wireless Local Area Network interworking; System Description. version 8.1.0 Release 8, 2008-12.
[56] 3GPP TS 23.402: Architecture enhancements for non-3GPP accesses. 2010.
[57] Minho Shin, Justin Ma, Arunesh Mishra and William A. Arbaugh. Wireless network security and interworking. Proceedings of the IEEE, 2006, 94(2): 455-466.
[58] 3GPP TS 33.102: 3G security; Security architecture. 2010.
[59] Rose G, Koien G. Access Security in CDMA2000, including a Comparison with UMTS Access Security.IEEE Wireless Commmunications, 2004, 11(1): 19-25.
[60] IEEE 802.11i. IEEE standard for Information technology—telecommunications and information exchange between systems—local and metropolitan area networks—specific requirements—part 11: wireless LAN medium access control and physical layer specifications amendment 6: medium access control security enhancements. New York:IEEE, 2004.
[61] GB 15629.11-2003/ XG1-2006.信息技术系统间远程通信和信息交换局域网和城域网特定要求第11部分:无线局域网媒体访问控制和物理层规范, 2006.
[62] Arbaugh W, Shankar N, Wan Y, et al. Your 802.11 wireless network has no clothes, IEEE Wireless Communications, 2002, 9(6): 44-51.
[63] 3GPP TS 33.234: 3G: security; Wireless Local Area Network (WLAN) interworking security.
[64] Koien G, Haslestad T. Security Aspects of 3G-WLAN Interworking. IEEE Communication Magazine, 2003, 41(5):82-88.
[65] Yang C C, Chu K H, Yang Y W. 3G and WLAN interworking security: current status and key issues. Internal Journal of Network Security, 2006, 2(1): 1-13.
[66] Sher M, Magedanz T. 3G-WLAN Convergence: Vulnerability, Attacks Possibilities and Security Model. ARES 2007: 198-205.
[67] Xenakis C, Ntantogian C. Security architectures for B3G mobile networks, Telecommunication systems, 2007, 35(3-4): 123-139.
[68] Yang C C, Yang Y W, Liu W T. A robust authentication protocol with non-repudiation service for integrating WLAN and 3G networks, Wireless personal communications, 2006, 39(2): 229-251.
[69] Ntantogian C, Xenakis C. One-pass EAP-AKA authentication in 3G-WLAN integrated networks, Wireless personal communications, 2009, 48(4): 569-584.
[70] Ntantogian C, Xenakis C, Stavrakakis I. A Generic Mechanism for Efficient Authentication in B3G Networks. Computers & Security, 2010, 29(4): 460-475.
[71] Shidhani Ali Al, Leung C M. Local fast re-authentication for 3G-WLAN interworking. Security and communication networks, 2008, 1(4):309-323.
[72] Li X, Lu X, Ma J, et al. Authentications and Key Management in 3G-WLAN Interworking. Mobile Networks and Applications, DOI: 10.1007/s11036-010-0257-3.
[73] Hyeran M, Kyusuk H, Kwangjo K. 3G-WLAN interworking: security analysis and new authentication and key agreement based on EAP-AKA. WTS 2009.
[74] Tsai Y R, Chang C J. SIM-based subscriber authentication mechanism for wireless local area networks. Computer Communications, 2006, 29(10): 1744-1753.
[75] Tsai H C, Chang C C, Chang K J. Roaming across wireless local area networks using SIM-based authentication protocol. Computer Standards & Interfaces, 2009, 31(2): 381-389.
[76] Prasithsangaree P, Krishnamurthy P. A new authentication mechanism for loosely coupled 3G-WLAN integrated networks. IEEE 59th Vehicular Technology Conference, 2004. VTC 2004-Spring, 2004, 2998-3003.
[77]李亚晖,李凤华,杨卫东,马建峰.可证明安全的异构无线网络认证协议.通信学报, 2007, 28(11): 21-29.
[78] Lin P, Lin YB, Feng V, et al. GPRS-based WLAN authentication and auto-configuration. Computer Communications, 2004, 27(8): 739-742.
[79] Tseng Y M, Yang C C, Su J H. Authentication and billing protocols for the integration of WLAN and 3G networks. Wireless Personal Communications, 2004, 29(3): 351-366
[80] Tseng Y M. GPRS/UMTS-aided authentication protocol for wireless LANs. IEE Proceedings Communications, 2006, 153(6): 810-817.
[81] Tseng Y M. USIM-based EAP-TLS authentication protocol for wireless local area networks. Computer Standards & Interfaces,2009, 31(1): 128-136.
[82] Lee JS, Lin, PY, Chang CC. Lightweight secure roaming mechanism between GPRS/UMTS and wireless LANs. 2009,53(4):569-580.
[83]毛文波著,王继林等译.现代密码学理论与实践.北京:电子工业出版社, 2004.
[84]刘建伟.无线个人通信网中的保密与认证协议研究.西安电子科技大学博士学位论文, 2005.
[85] D. Dolev, A. Yao, On the Security of Public Key Protocols. IEEE Transactions on Information Theory, 1983, 29(2): 198-208.
[86]卿斯汉.安全协议的设计与逻辑分析.软件学报, 2003, 14(7), pp. 1300-1309.
[87] Abadi M., Needham R.. Prudent Engineering Practice for Cryptographic Protocols. IEEE Transactions on Software Engineering, 1996, 22(1): pp. 6-15.
[88] Boyd C, Mathuria A, Protocols for Authentication and Key Establishment, Springer, 2003.
[89]李兴华.无线网络中认证及密钥协商协议的研究.西安电子科技大学博士学位论文, 2006.
[90]张帆.无线网络安全协议的形式化分析方法.西安电子科技大学博士学位论文, 2007.
[91] Needham R M, Schroeder M D. Using Encryption for Authentication in Large Networks of Computers. Communications of the ACM, 1978, 21(12): pp. 993-999.
[92] Lowe G.. Breaking and Fixing the Needham-Schroeder Public-key Protocol Using CSP and FDR. In Proceedings of TACAS, LNCS 1055, Springer-Verlag, 1996, 147-166.
[93] Abadi M. Explicit Communication Revisited: Two New Attacks on Authentication Protocols. IEEE Transactions on Software Engineering, 1997, 23(3): 185-186.
[94] Lowe G. Breaking and Fixing the Needham-Schroeder Public-key Protocol Using FDR. Software-Concepts and Tools, 1996, 17(3): pp. 93-102.
[95]王亚弟,束妮娜,韩继红等.密码协议形式化分析.北京:机械工业出版社, 2006.
[96] Burrows M, Abadi M, Needham R. A Logic of Authentication. ACM Transactions on Computer Systems. 1990, 8(1): 18-36.
[97] Paulson L C. The Inductive Approach to Verifying Cryptographic Protocols. Journal of Computer Security, 1998, 6(1): 85-128.
[98] Fabrega F.J.T., Herzog J.C., Guttman J.D.. Strand spaces: why is a security protocol correct. In IEEE Symposium on Security and Privacy, 1998: 160-171.
[99] Schneider S. Verifying authentication protocols in CSP. IEEE Transactions on Software Engineering, 1998, 24(9): 741-758.
[100] Mart A., Andrew D.G.. A Calculus for Cryptographic Protocols: the SPI calculus. In Proceedings of the 4th ACM Conference on Computer and Communications Security. ACM, 1997, 36-47.
[101] Goldwasser S., Micali S.. Probabilisitic Encryption. Journal of Computer and System Sciences, 1984, 28(3): pp. 270-299.
[102] Fiat A., Shamir A.. How to Prove Yourself: Practical Solutions to Identification and Signature Problems. Advances in Cryptology - Crypto '86, 1987: pp. 186-194.
[103] Bellare M., Rogaway P.. Entity Authentication and Key Distribution. Advances in Cryptography - CRYPTO'93, 1994: pp. 232-249.
[104] Bellare M, Canetti R, Krawczyk H. A modular approach to the design and analysis of authentication and key exchange protocols. In: Proceedings of the 30th ACM Symposium on Theory of Computing, ACM, 1998, 419-428.
[105] Shoup V.. On Formal Models for Secure Key Exchange (Version 4) (Technical Report No. RZ3120 (#93166)). IBM Research, Zurich, 1999.
[106] Canetti R., Krawczyk H.. Analysis of Key-exchange Protocols and Their Use for Building Secure Channels. Advances in Cryptology-EUROCRYPT’01, 2001: pp. 453-474.
[107] Canetti R.. Universally Composable Security: A New Paradigm for Cryptographic Protocols. In Proceedings of the 42nd IEEE Symposium on Foundations of Computer Science, 2001, 136-145.
[108] Canetti R., Krawczyk H.. Universally Composable Notions of Key Exchange and Secure channels. Advances in Cryptology– EUROCRYPT’02, 2002, 337-351.
[109] R. Canetti, S. Halevi, J. Katz et al. Universally Composable Password Based Key Exchange, Advances in Cryptology-EUROCRYPTO’05, LNCS 3494, Springer-Verlag, 2005: pp. 404-421.
[110] M. Bellare, P. Rogaway. Provably Secure Session Key Distribution: the Three Party Case. In Proceedings of the 27th ACM Symposium on the Theory of Computing, 1995: pp. 57-66.
[111] Koblitz N., Menezes A.. Another Look at "Provable Security" (Technical Report CORR 2004-20). Centre for Applied Cryptographic Research, University of Waterloo, Canada, 2004.
[112]曹春杰.可证明安全的认证及密钥交换协议设计与分析.西安电子科技大学博士论文, 2008.
[113]杨超.无线网络协议的形式化分析与设计.西安电子科技大学博士论文, 2008.
[114] Tin Y S T, Boyd C, and Nieto J G. Provably secure key exchange: an engineering approach. Proceedings of the Australasian Information Security Workshop (AISW2003), Australasian, 2003: 97-104.
[115] Shamir A. Identity-based cryptosystems and signature schemes. In: Proceedings of the Cryptology-Crypto’84 , 1984 ,47-53.
[116] Boneh D, Franklin M. Identity-based encryption from the weil pairing. In :Proceedings of the Cryptology-Crypto’01, 2001, 213-229.
[117] CHEN L, KUDLA C. Identity based authenticated key agreement protocols from pairings. Proceedings of the 16th IEEE Computer Security Foundations Workshop, 2003, 219-233.
[118] Boyd C, Mao W, Paterson K. G.. Key agreement using statically keyed authenticators. In: Proceedings of the 2nd International Conference on Applied Cryptography and Network Security, 2004, 248-262.
[119] Tin Y S T, Vasanta H, Boyd C. Protocols with security proofs for mobile applications. Proceedings of the ACISP 2004. Sydney, Australia, 2004, 358-369.
[120] Tin Y S T, Boyd C, Nieto J M G. Provably secure mobile key exchange: applying the Canetti-Krawczyk approach. Proceedings of ACISP, 2003, 166-179.
[121] Kocher P, Jaffe J, Jun B. Differential power analysis. In proceedings of 19th International Advances in Cryptology Conference CRYPTO, Santa Barbara, CA, USA, 1999; pp. 388-397.
[122] Messerges TS, Dabbish EA, Sloan RH. Examining smart card security under the threat of power analysis attacks. IEEE Transactions on Computers, 2002,51(5):541-552.
[123] Yang GM, Wong SD, Wang HX, Deng XT. Two-factor mutual authentication based on smart cards and passwords. Journal of Computer and System Sciences, 2008,74(7):1160–1172.
[124] Halevi S, Krawczyk H. Public-key cryptography and password protocols, ACM Trans. Inf. Syst. Secur. 1999,2(3):230–268.
[125] Gustafsson E., Johnson A., Always best connected, IEEE Wireless Communications, 2003, 10(1): 49-55.
[126] IEEE Std. 802.11x-2004. IEEE Standards for Local and Metropolitan Area Networks: Port based Network Access Control. 2004.
[127] Aboba B., Blunk L., Vollbrecht J., et al. Extensible Authentication Protocol (EAP). IETF RFC 3748, June 2004, Available at http://www.ietf.org/rfc/rfc3748.txt.
[128] Rigney C., Willens S., Rubens A.. Remote Authentication Dial in User Service (RADIUS). IETF RFC 2865, June 2000, Available at http://www.ietf.org/rfc/rfc2865.txt.
[129]陈轶佳. 3G网络中的用户接入鉴权技术研究.四川大学硕士学位论文, 2006.
[130] Tang Q. On the security of three versions of WAI protocol in Chinese WLAN implementation plan (Full Version), http://eprint.iacr.org/2007/122.pdf. 2007.
[131] Long M., Wu C. H., Irwin J. D.. Localized authentication for inter-networking roaming across wireless LANs. IEE Proceedings communications, 2004, 151(5), 496-500.
[132]阎军智.安全群组通信中的分层密钥管理技术研究.西安电子科技大学博士学位论文, 2009.
[133]冯涛.通用可复合的密码协议理论及其应用研究.西安电子科技大学博士学位论文, 2008.
[134]杨力.无线网络可信认证技术研究.西安电子科技大学博士学位论文, 2010.
[135]马卓.无线网络可信接入理论及其应用研究.西安电子科技大学博士学位论文, 2010.
[136] Harbitter A, Menasce D. A methodology for analyzing the performace of authentication protocols. ACM Transaction on Information and System Security, 2002, 5(4): 458-491.
[2]彭清泉.无线网络中密钥管理与认证方法及技术研究.西安电子科技大学博士学位论文, 2010.
[3] Akyildiz I F, Wang X, Wang W. Wireless Mesh Networks: A Survey. Computer Networks, 2005, 47(4): 445-487.
[4] Lee M J, Zheng J, Ko Y-B, et al. Emerging Standards for Wireless Mesh Technology, IEEE Wireless Communications, 2006, 13(2): 56-63.
[5] IEEE 802.11 Working Group, http://grouper.ieee.org/groups/ 802/11.
[6] ITU, http://www.itu.int.
[7]朱建民.无线网络安全方法与技术研究.西安电子科技大学博士学位论文, 2005.
[8]胡爱群.无线通信网络的安全问题及对策.电信科学, 2003, 12: 42-45.
[9]王育民,刘建伟编著.通信网的安全——理论与技术.西安电子科技大学出版社, 1999.
[10] Meyer U. Secure Roaming and Handover Procedures in Wireless Access Networks. PhD thesis, Darmstadt University of Technology, 2005.
[11] Samfat D, Molva R, Asokan N. Untraceability in mobile networks. In Proceedings of ACM Mobicom’95, 26-36, 1995.
[12] Chen H, Xiao Y, Hong X, et al. A survey of anonymity in wireless communication systems. Security and Communication Networks, 2008, 2(5):427-444.
[13] Boyd C, Mathuria A. Key establishment protocols for secure mobile communications: a critical survey. Computer Communications, 2000, 23(5-6), 575-587.
[14] Salgarelli L, Buddhikot M, Garay J, et al. Efficient Authentication and Key Distribution in Wireless IP Networks. IEEE Wireless Communications, 2003, 10(6): 52-61.
[15] Hwang K-F, Chang C-C. A self-encryption mechanism for authentication of roaming and teleconferences services. IEEE Transactions on Wireless Communications, 2003, 2(2): 400-407.
[16] Jiang Y, Lin C, Shen X. Mutual authentication and key exchange protocols for roaming services in wireless mobile networks. IEEE Transactions on Wireless Communications, 2006, 5(9): 2569-2577.
[17]周涛,徐静.改进的基于漫游场景的认证密钥交换协议.通信学报, 2009, 30(11A):61-68.
[18] Arkko J, Haverinen H. Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA). The Internet Society RFC 4187. 2006.
[19] Merino A S, Matsunaga Y, Shah M, et al. Secure Authentication System for Public WLAN Roaming. Mobile Networks and Applications, 2005,10(3):355-370.
[20] Lee T, Chang C, Hwang T. Private authentication techniques for the global mobility network. Wireless Personal Communications, 2005, 35(4): 329-336.
[21] Gu J, Park S, Song O, et al. Mobile PKI: A PKI-Based Authentication Framework for the Next Generation Mobile Communications. In ACISP'03, LNCS 2727, pp. 180-191. Springer, 2003.
[22] Bayarou K, Enzmann M, Giessler E, et al. Towards Certificate-Based Authentication for Future Mobile Communications. Wireless Personal Communications, 2004, 29(3-4): 283-301.
[23] Kambourakis G, Rouskas A, Kormentzas G, et al. Advanced SSL/TLS-based authentication for secure WLAN-3G interworking. IEE Proceedings Communications, 2004, 151(5): 501-506.
[24] Park J, Go J, Kim K. Wireless authentication protocol preserving user anonymity. Proceedings of the 2001 Symposium on Cryptography and Information Security. Japan, 2001,23-26.
[25] Wong D S. Security analysis of two anonymous authentication protocols for distributed wireless networks. PerCom 2005 Workshops. Kauai Island, Hawaii, 2005.
[26]朱建明,马建峰.一种高效的具有用户匿名性的无线认证协议.通信学报, 2004, 25(6): 12-18.
[27]彭华熹,冯登国.匿名无线认证协议的匿名性缺陷和改进.通信学报, 2006, 27(9): 78-85.
[28] Yang G, Wong D S, Deng X. Anonymous and authenticated key exchange for roaming networks. IEEE Transactions on Wireless Communications, 2007, 6(9): 1035-1042.
[29] Yang G, Wong D S, Deng X. Formal security definition and efficient construction for roaming with a privacy-preserving extension. Journal of Universal Computer Science, 2008, 14(3): 441-462.
[30] Manulis M, Leroy D, and Koeune F. Authenticated wireless roaming via tunnels: making mobile guests feel at home. http://eprint.iacr.org/2008/382.pdf, 2008.
[31]侯惠芳,刘光强,季新生,张秋闻.基于公钥的可证明安全的异构无线网络认证方案.电子与信息学报, 2009, 31(10): 2385-2391.
[32] Shi M, Rutagemwa H Shen X. A service-agent-based roaming architecture for WLAN/cellular integrated networks. IEEE Transactions on Vehicular Technology, 2007, 56(5): 3168-3181.
[33] Shi M, Shen X, Mark J, et al. User authentication and undeniable billing support for agent-based roaming service in WLAN/cellular integrated mobile networks. Computer Networks, 2008, 52(9): 1693-1702.
[34] Jiang J, He C, and Jiang L. On the design of provably secure identity-based authentication and key exchange protocol for heterogeneous Wireless Access. Proc. International Conference on Communications, Networking and Mobile Computing (ICCNMC 05). Springer-Verlag, 2005, 972-981.
[35]彭华熹.一种基于身份的多信任域认证模型.计算机学报, 2006, 29(8): 1271-1281.
[36] Yang G, Huang Q, Wong D S, et al. Universal authentication protocols for anonymous wirelesscommunications. IEEE Transactions on Wireless Communications, 2010, 9(1): 168-174.
[37] Wan Z, Ren K, Preneet B. A secure privacy-preserving roaming protocol based on hierarchical identity-based encryption for mobile networks. Proc. WiSec 08, 2008, 62-67.
[38] Fatemi M, Salimi S, Salahi A. Anonymous roaming in universal mobile telecommunication system mobile networks. IET Information Security, 2010, 4(2), 93-103.
[39]朱辉,李晖,苏万力.基于身份的匿名无线认证方案.通信学报, 2009, 30(4): 130-136.
[40] Zhu J, Ma J. A new authentication scheme with anonymity for wireless environments. IEEE Transaction on Consumer Electronics, 2004,50(1):230–234.
[41] Lee CC, Hwang MS, Liao IE. Security enhancement on a new authentication scheme with anonymity for wireless environments. IEEE Transaction on Industrial Electronics, 2006,53(5):1683–1687.
[42] Wu CC, Lee WB, Tsaur W J. A secure authentication scheme with anonymity for wireless communications. IEEE Communications. Letters, 2008,12(10):722–723.
[43] Zeng P, Cao ZF, Choo K-K R, et al. On the anonymity of some authentication schemes for wireless communications. IEEE Communications Letters, 2009, 13(3):170–171.
[44] Lee JS, Chang JH, and Lee DH. Security ?aw of authentication scheme with anonymity for wireless communications. IEEE Communications Letters, 2009,13(5):292–293.
[45] Wang R, Juang W, Lei C. A robust authentication scheme with user anonymity for wireless environments. International Journal of Innovative Computing, Information and Control, 2009,5(4):1069–1080.
[46] He DJ, Ma MD, Zhang Y, Chen C. A strong user authentication scheme with smart cards for wireless communications. Computer Communications, DOI: 10.1016/j.comcom.201001.031.
[47] Chen C, He DJ, Chan S, et al. Lightweight and provably secure user authentication with anonymity for the global mobility network. International Journal of Communication Systems. DOI: 10.1002/dac.1158.
[48] Xu J, Zhu WT, Feng DG. An efficient mutual authentication and key agreement protocol preserving user anonymity in mobile networks. Computer Communications, DOI: 10.1016/j.comcom.2010.04041.
[49] Chang CC, Lee CY, and Chiu YC. Enhanced authentication scheme with anonymity for roaming service in global mobility networks. Computer Communications, 2009,32(4):611–618.
[50] Youn TY, Park YH, and Lim J. Weaknesses in an anonymous authentication scheme for roaming service in global mobility networks. IEEE Communications Letters, 2009, 13(7):471–473.
[51] He D, Chan S, Chen C, Bu J. Design and validation of an efficient authentication scheme with anonymity for roaming service in global mobility networks. Wireless Personal Communications,DOI: 10.1007/s11277-010-0033-5.
[52] Ala-Laurila J, Mikkonen J, Rinnemaa J. Wireless LAN access network architecture for mobile operators. IEEE Communications Magazine, 2001, 39(11):82–89.
[53] Buddhikot M, Chandrannmenon G, Han S, et al. Integration of 802.11 and Third-Generation Wireless Data Networks, IEEE INFOCOM 2003, Vol. 1, pp. 503–512, 2003.
[54] Luo H, Jiang Z, Kim B J, et al. Integrating Wireless LAN and Cellular Data for the Enterprise, IEEE Internet Computing, 2003, 7(2): 25–33.
[55] 3GPP TS 23.234: 3GPP system to Wireless Local Area Network interworking; System Description. version 8.1.0 Release 8, 2008-12.
[56] 3GPP TS 23.402: Architecture enhancements for non-3GPP accesses. 2010.
[57] Minho Shin, Justin Ma, Arunesh Mishra and William A. Arbaugh. Wireless network security and interworking. Proceedings of the IEEE, 2006, 94(2): 455-466.
[58] 3GPP TS 33.102: 3G security; Security architecture. 2010.
[59] Rose G, Koien G. Access Security in CDMA2000, including a Comparison with UMTS Access Security.IEEE Wireless Commmunications, 2004, 11(1): 19-25.
[60] IEEE 802.11i. IEEE standard for Information technology—telecommunications and information exchange between systems—local and metropolitan area networks—specific requirements—part 11: wireless LAN medium access control and physical layer specifications amendment 6: medium access control security enhancements. New York:IEEE, 2004.
[61] GB 15629.11-2003/ XG1-2006.信息技术系统间远程通信和信息交换局域网和城域网特定要求第11部分:无线局域网媒体访问控制和物理层规范, 2006.
[62] Arbaugh W, Shankar N, Wan Y, et al. Your 802.11 wireless network has no clothes, IEEE Wireless Communications, 2002, 9(6): 44-51.
[63] 3GPP TS 33.234: 3G: security; Wireless Local Area Network (WLAN) interworking security.
[64] Koien G, Haslestad T. Security Aspects of 3G-WLAN Interworking. IEEE Communication Magazine, 2003, 41(5):82-88.
[65] Yang C C, Chu K H, Yang Y W. 3G and WLAN interworking security: current status and key issues. Internal Journal of Network Security, 2006, 2(1): 1-13.
[66] Sher M, Magedanz T. 3G-WLAN Convergence: Vulnerability, Attacks Possibilities and Security Model. ARES 2007: 198-205.
[67] Xenakis C, Ntantogian C. Security architectures for B3G mobile networks, Telecommunication systems, 2007, 35(3-4): 123-139.
[68] Yang C C, Yang Y W, Liu W T. A robust authentication protocol with non-repudiation service for integrating WLAN and 3G networks, Wireless personal communications, 2006, 39(2): 229-251.
[69] Ntantogian C, Xenakis C. One-pass EAP-AKA authentication in 3G-WLAN integrated networks, Wireless personal communications, 2009, 48(4): 569-584.
[70] Ntantogian C, Xenakis C, Stavrakakis I. A Generic Mechanism for Efficient Authentication in B3G Networks. Computers & Security, 2010, 29(4): 460-475.
[71] Shidhani Ali Al, Leung C M. Local fast re-authentication for 3G-WLAN interworking. Security and communication networks, 2008, 1(4):309-323.
[72] Li X, Lu X, Ma J, et al. Authentications and Key Management in 3G-WLAN Interworking. Mobile Networks and Applications, DOI: 10.1007/s11036-010-0257-3.
[73] Hyeran M, Kyusuk H, Kwangjo K. 3G-WLAN interworking: security analysis and new authentication and key agreement based on EAP-AKA. WTS 2009.
[74] Tsai Y R, Chang C J. SIM-based subscriber authentication mechanism for wireless local area networks. Computer Communications, 2006, 29(10): 1744-1753.
[75] Tsai H C, Chang C C, Chang K J. Roaming across wireless local area networks using SIM-based authentication protocol. Computer Standards & Interfaces, 2009, 31(2): 381-389.
[76] Prasithsangaree P, Krishnamurthy P. A new authentication mechanism for loosely coupled 3G-WLAN integrated networks. IEEE 59th Vehicular Technology Conference, 2004. VTC 2004-Spring, 2004, 2998-3003.
[77]李亚晖,李凤华,杨卫东,马建峰.可证明安全的异构无线网络认证协议.通信学报, 2007, 28(11): 21-29.
[78] Lin P, Lin YB, Feng V, et al. GPRS-based WLAN authentication and auto-configuration. Computer Communications, 2004, 27(8): 739-742.
[79] Tseng Y M, Yang C C, Su J H. Authentication and billing protocols for the integration of WLAN and 3G networks. Wireless Personal Communications, 2004, 29(3): 351-366
[80] Tseng Y M. GPRS/UMTS-aided authentication protocol for wireless LANs. IEE Proceedings Communications, 2006, 153(6): 810-817.
[81] Tseng Y M. USIM-based EAP-TLS authentication protocol for wireless local area networks. Computer Standards & Interfaces,2009, 31(1): 128-136.
[82] Lee JS, Lin, PY, Chang CC. Lightweight secure roaming mechanism between GPRS/UMTS and wireless LANs. 2009,53(4):569-580.
[83]毛文波著,王继林等译.现代密码学理论与实践.北京:电子工业出版社, 2004.
[84]刘建伟.无线个人通信网中的保密与认证协议研究.西安电子科技大学博士学位论文, 2005.
[85] D. Dolev, A. Yao, On the Security of Public Key Protocols. IEEE Transactions on Information Theory, 1983, 29(2): 198-208.
[86]卿斯汉.安全协议的设计与逻辑分析.软件学报, 2003, 14(7), pp. 1300-1309.
[87] Abadi M., Needham R.. Prudent Engineering Practice for Cryptographic Protocols. IEEE Transactions on Software Engineering, 1996, 22(1): pp. 6-15.
[88] Boyd C, Mathuria A, Protocols for Authentication and Key Establishment, Springer, 2003.
[89]李兴华.无线网络中认证及密钥协商协议的研究.西安电子科技大学博士学位论文, 2006.
[90]张帆.无线网络安全协议的形式化分析方法.西安电子科技大学博士学位论文, 2007.
[91] Needham R M, Schroeder M D. Using Encryption for Authentication in Large Networks of Computers. Communications of the ACM, 1978, 21(12): pp. 993-999.
[92] Lowe G.. Breaking and Fixing the Needham-Schroeder Public-key Protocol Using CSP and FDR. In Proceedings of TACAS, LNCS 1055, Springer-Verlag, 1996, 147-166.
[93] Abadi M. Explicit Communication Revisited: Two New Attacks on Authentication Protocols. IEEE Transactions on Software Engineering, 1997, 23(3): 185-186.
[94] Lowe G. Breaking and Fixing the Needham-Schroeder Public-key Protocol Using FDR. Software-Concepts and Tools, 1996, 17(3): pp. 93-102.
[95]王亚弟,束妮娜,韩继红等.密码协议形式化分析.北京:机械工业出版社, 2006.
[96] Burrows M, Abadi M, Needham R. A Logic of Authentication. ACM Transactions on Computer Systems. 1990, 8(1): 18-36.
[97] Paulson L C. The Inductive Approach to Verifying Cryptographic Protocols. Journal of Computer Security, 1998, 6(1): 85-128.
[98] Fabrega F.J.T., Herzog J.C., Guttman J.D.. Strand spaces: why is a security protocol correct. In IEEE Symposium on Security and Privacy, 1998: 160-171.
[99] Schneider S. Verifying authentication protocols in CSP. IEEE Transactions on Software Engineering, 1998, 24(9): 741-758.
[100] Mart A., Andrew D.G.. A Calculus for Cryptographic Protocols: the SPI calculus. In Proceedings of the 4th ACM Conference on Computer and Communications Security. ACM, 1997, 36-47.
[101] Goldwasser S., Micali S.. Probabilisitic Encryption. Journal of Computer and System Sciences, 1984, 28(3): pp. 270-299.
[102] Fiat A., Shamir A.. How to Prove Yourself: Practical Solutions to Identification and Signature Problems. Advances in Cryptology - Crypto '86, 1987: pp. 186-194.
[103] Bellare M., Rogaway P.. Entity Authentication and Key Distribution. Advances in Cryptography - CRYPTO'93, 1994: pp. 232-249.
[104] Bellare M, Canetti R, Krawczyk H. A modular approach to the design and analysis of authentication and key exchange protocols. In: Proceedings of the 30th ACM Symposium on Theory of Computing, ACM, 1998, 419-428.
[105] Shoup V.. On Formal Models for Secure Key Exchange (Version 4) (Technical Report No. RZ3120 (#93166)). IBM Research, Zurich, 1999.
[106] Canetti R., Krawczyk H.. Analysis of Key-exchange Protocols and Their Use for Building Secure Channels. Advances in Cryptology-EUROCRYPT’01, 2001: pp. 453-474.
[107] Canetti R.. Universally Composable Security: A New Paradigm for Cryptographic Protocols. In Proceedings of the 42nd IEEE Symposium on Foundations of Computer Science, 2001, 136-145.
[108] Canetti R., Krawczyk H.. Universally Composable Notions of Key Exchange and Secure channels. Advances in Cryptology– EUROCRYPT’02, 2002, 337-351.
[109] R. Canetti, S. Halevi, J. Katz et al. Universally Composable Password Based Key Exchange, Advances in Cryptology-EUROCRYPTO’05, LNCS 3494, Springer-Verlag, 2005: pp. 404-421.
[110] M. Bellare, P. Rogaway. Provably Secure Session Key Distribution: the Three Party Case. In Proceedings of the 27th ACM Symposium on the Theory of Computing, 1995: pp. 57-66.
[111] Koblitz N., Menezes A.. Another Look at "Provable Security" (Technical Report CORR 2004-20). Centre for Applied Cryptographic Research, University of Waterloo, Canada, 2004.
[112]曹春杰.可证明安全的认证及密钥交换协议设计与分析.西安电子科技大学博士论文, 2008.
[113]杨超.无线网络协议的形式化分析与设计.西安电子科技大学博士论文, 2008.
[114] Tin Y S T, Boyd C, and Nieto J G. Provably secure key exchange: an engineering approach. Proceedings of the Australasian Information Security Workshop (AISW2003), Australasian, 2003: 97-104.
[115] Shamir A. Identity-based cryptosystems and signature schemes. In: Proceedings of the Cryptology-Crypto’84 , 1984 ,47-53.
[116] Boneh D, Franklin M. Identity-based encryption from the weil pairing. In :Proceedings of the Cryptology-Crypto’01, 2001, 213-229.
[117] CHEN L, KUDLA C. Identity based authenticated key agreement protocols from pairings. Proceedings of the 16th IEEE Computer Security Foundations Workshop, 2003, 219-233.
[118] Boyd C, Mao W, Paterson K. G.. Key agreement using statically keyed authenticators. In: Proceedings of the 2nd International Conference on Applied Cryptography and Network Security, 2004, 248-262.
[119] Tin Y S T, Vasanta H, Boyd C. Protocols with security proofs for mobile applications. Proceedings of the ACISP 2004. Sydney, Australia, 2004, 358-369.
[120] Tin Y S T, Boyd C, Nieto J M G. Provably secure mobile key exchange: applying the Canetti-Krawczyk approach. Proceedings of ACISP, 2003, 166-179.
[121] Kocher P, Jaffe J, Jun B. Differential power analysis. In proceedings of 19th International Advances in Cryptology Conference CRYPTO, Santa Barbara, CA, USA, 1999; pp. 388-397.
[122] Messerges TS, Dabbish EA, Sloan RH. Examining smart card security under the threat of power analysis attacks. IEEE Transactions on Computers, 2002,51(5):541-552.
[123] Yang GM, Wong SD, Wang HX, Deng XT. Two-factor mutual authentication based on smart cards and passwords. Journal of Computer and System Sciences, 2008,74(7):1160–1172.
[124] Halevi S, Krawczyk H. Public-key cryptography and password protocols, ACM Trans. Inf. Syst. Secur. 1999,2(3):230–268.
[125] Gustafsson E., Johnson A., Always best connected, IEEE Wireless Communications, 2003, 10(1): 49-55.
[126] IEEE Std. 802.11x-2004. IEEE Standards for Local and Metropolitan Area Networks: Port based Network Access Control. 2004.
[127] Aboba B., Blunk L., Vollbrecht J., et al. Extensible Authentication Protocol (EAP). IETF RFC 3748, June 2004, Available at http://www.ietf.org/rfc/rfc3748.txt.
[128] Rigney C., Willens S., Rubens A.. Remote Authentication Dial in User Service (RADIUS). IETF RFC 2865, June 2000, Available at http://www.ietf.org/rfc/rfc2865.txt.
[129]陈轶佳. 3G网络中的用户接入鉴权技术研究.四川大学硕士学位论文, 2006.
[130] Tang Q. On the security of three versions of WAI protocol in Chinese WLAN implementation plan (Full Version), http://eprint.iacr.org/2007/122.pdf. 2007.
[131] Long M., Wu C. H., Irwin J. D.. Localized authentication for inter-networking roaming across wireless LANs. IEE Proceedings communications, 2004, 151(5), 496-500.
[132]阎军智.安全群组通信中的分层密钥管理技术研究.西安电子科技大学博士学位论文, 2009.
[133]冯涛.通用可复合的密码协议理论及其应用研究.西安电子科技大学博士学位论文, 2008.
[134]杨力.无线网络可信认证技术研究.西安电子科技大学博士学位论文, 2010.
[135]马卓.无线网络可信接入理论及其应用研究.西安电子科技大学博士学位论文, 2010.
[136] Harbitter A, Menasce D. A methodology for analyzing the performace of authentication protocols. ACM Transaction on Information and System Security, 2002, 5(4): 458-491.