Towards Resilience 5G-V2N: Efficient and Privacy-Preserving Authentication Protocol for Multi-Service Access and Handover

IF 7.7 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

IEEE Transactions on Mobile Computing Pub Date : 2025-01-20 DOI:10.1109/TMC.2025.3532120

Ye Bi;Chunfu Jia

{"title":"Towards Resilience 5G-V2N: Efficient and Privacy-Preserving Authentication Protocol for Multi-Service Access and Handover","authors":"Ye Bi;Chunfu Jia","doi":"10.1109/TMC.2025.3532120","DOIUrl":null,"url":null,"abstract":"The booming 5G cellular networks sparked tremendous interest in supporting more sophisticated critical use cases through vehicle-to-network (V2N) communications. However, the inherent technical vulnerabilities and densification of 5G raise new security and efficiency challenges. The existing secondary authentication fails to support multi-service access. The random access process lacks authentication of the gNB, possibly leading to fake base station attacks (FBS). Moreover, related research extends key forward/backward secrecy (KF/BS) to require that it also applies to gNBs, thus invalidating most existing schemes. This paper introduces a comprehensive security framework for 5G-V2N that seamlessly integrates with existing standardized architecture to provide privacy-preserving mutual authentication and key agreement for the full service cycle. Specifically, we propose new secondary authentication involving gNBs and support single request access to multi-services. Second, incorporating the service migration idea, we design the g2g (gNB-to-gNB) channel establishment phase to promote secure context share. Finally, the proposed efficient handover phase achieves the security properties of enhanced KF/BS, known randomness secrecy and privacy-preserving, and avoids FBS. We verify the proposed protocol using three different formal techniques: provably secure, BAN-logic, and AVISPA tool. Extensive experimental results and comparison show that our scheme excels in computational and communication efficiencies, and detecting malicious events.","PeriodicalId":50389,"journal":{"name":"IEEE Transactions on Mobile Computing","volume":"24 6","pages":"5446-5463"},"PeriodicalIF":7.7000,"publicationDate":"2025-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Transactions on Mobile Computing","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10848134/","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

The booming 5G cellular networks sparked tremendous interest in supporting more sophisticated critical use cases through vehicle-to-network (V2N) communications. However, the inherent technical vulnerabilities and densification of 5G raise new security and efficiency challenges. The existing secondary authentication fails to support multi-service access. The random access process lacks authentication of the gNB, possibly leading to fake base station attacks (FBS). Moreover, related research extends key forward/backward secrecy (KF/BS) to require that it also applies to gNBs, thus invalidating most existing schemes. This paper introduces a comprehensive security framework for 5G-V2N that seamlessly integrates with existing standardized architecture to provide privacy-preserving mutual authentication and key agreement for the full service cycle. Specifically, we propose new secondary authentication involving gNBs and support single request access to multi-services. Second, incorporating the service migration idea, we design the g2g (gNB-to-gNB) channel establishment phase to promote secure context share. Finally, the proposed efficient handover phase achieves the security properties of enhanced KF/BS, known randomness secrecy and privacy-preserving, and avoids FBS. We verify the proposed protocol using three different formal techniques: provably secure, BAN-logic, and AVISPA tool. Extensive experimental results and comparison show that our scheme excels in computational and communication efficiencies, and detecting malicious events.

查看原文本刊更多论文

面向弹性5G-V2N：多服务访问和切换的高效和隐私保护认证协议

蓬勃发展的5G蜂窝网络引发了人们对通过车辆对网络（V2N）通信支持更复杂的关键用例的巨大兴趣。然而，5G固有的技术漏洞和致密化带来了新的安全和效率挑战。现有从认证不支持多业务访问。随机接入过程缺乏gNB的认证，可能会导致假基站攻击。此外，相关研究将密钥前向/后向保密（KF/BS）扩展到要求它也适用于gnb，从而使大多数现有方案无效。本文介绍了一种全面的5G-V2N安全框架，该框架与现有的标准化架构无缝集成，为全业务周期提供保护隐私的相互认证和密钥协议。具体而言，我们提出了涉及gnb的新的辅助身份验证，并支持对多服务的单个请求访问。其次，结合业务迁移思想，设计g2g （gNB-to-gNB）通道建立阶段，促进安全上下文共享。最后，提出的高效切换阶段实现了增强的KF/BS、已知随机保密和隐私保护的安全特性，避免了FBS。我们使用三种不同的形式化技术来验证所提出的协议：可证明安全，ban逻辑和AVISPA工具。大量的实验结果和比较表明，我们的方案在计算效率和通信效率以及检测恶意事件方面都具有优异的性能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Transactions on Mobile Computing 工程技术-电信学

CiteScore

12.90

自引率

2.50%

发文量

403

审稿时长

6.6 months

期刊介绍： IEEE Transactions on Mobile Computing addresses key technical issues related to various aspects of mobile computing. This includes (a) architectures, (b) support services, (c) algorithm/protocol design and analysis, (d) mobile environments, (e) mobile communication systems, (f) applications, and (g) emerging technologies. Topics of interest span a wide range, covering aspects like mobile networks and hosts, mobility management, multimedia, operating system support, power management, online and mobile environments, security, scalability, reliability, and emerging technologies such as wearable computers, body area networks, and wireless sensor networks. The journal serves as a comprehensive platform for advancements in mobile computing research.