本文選題：TD-LTE　切入點：集群　出處：《哈爾濱工業(yè)大學》2014年碩士論文　論文類型：學位論文

【摘要】：隨著我國城市化程度越來越高,城市在公共事務方面的管理,特別是對突發(fā)事件處理能力的要求也變得越來越高,專用的數(shù)字集群系統(tǒng)在協(xié)助各部門處理公共事務方面能夠起到很重要的作用�；赥D-LTE公網(wǎng)建立的寬帶集群通信系統(tǒng)具有成本低、帶寬大、安全性高、業(yè)務覆蓋范圍廣等特點,能夠更好的滿足政府和其它企事業(yè)單位的通信需求,因此具備了廣泛的應用前景。由于集群通信系統(tǒng)的安全等級要求較高,公網(wǎng)現(xiàn)在的鑒權加密機制不能滿足寬帶集群通信系統(tǒng)中的安全要求。所以本文致力于對寬帶集群通信系統(tǒng)的鑒權加密機制的研究。針對系統(tǒng)結構的需求,本文首先針對現(xiàn)有加密算法在安全性和復雜度上的不足,提出了采用高級加密算法祖沖之(ZUC)算法來獲取鑒權所需的密鑰流,并采用加密算法(128-EEA3)和完整性保護算法(128-EIA3)對通信數(shù)據(jù)的安全性和完整性進行保護,實驗結果表明了其加密性能的優(yōu)越性。其次,為了使寬帶集群通信系統(tǒng)的密鑰衍生機制更加復雜和多樣化,本文將ZUC算法加入到密鑰衍生機制中,跟公網(wǎng)相比本文提出的密鑰衍生機制中增加了4種加密算法選擇組合,并且最大計算消耗與公網(wǎng)最大計算消耗相比增加69%,大大提高了系統(tǒng)的安全性。針對集群通信系統(tǒng)中用戶存在不同安全等級,本文改進了初始密鑰的處理方式,實現(xiàn)了基于用戶安全等級的初始密鑰生成機制,能夠為不同等級用戶提供安全性和復雜度相適應的密鑰。最后,由于公網(wǎng)的安全機制不能直接運用在集群脫網(wǎng)模式中,為了保障寬帶集群通信系統(tǒng)在脫網(wǎng)模式的安全通信,以前面的研究內容為基礎,本文提出了一種脫網(wǎng)直通模式下的鑒權機制,通過用戶之間的相互認證,實現(xiàn)了在直通模式情況用戶之間的安全通信。論文對TD-LTE公網(wǎng)背景下,假設虛擬集群專網(wǎng)的特殊結構和需求進行分析,從鑒權機制、信息加密、密鑰衍生等多個角度提升系統(tǒng)的安全性能,實現(xiàn)了密鑰等級和加密算法的多樣化,并且給出了系統(tǒng)故障脫網(wǎng)時的參考工作機制,對于完善系統(tǒng)的加密鑒權機制。本文的研究成果對于提升系統(tǒng)的密鑰等級和加密算法多樣化,保障系統(tǒng)的安全運行,有較強的理論意義和實用價值。
[Abstract]:With the increasing degree of urbanization in China, the management of urban public affairs, especially the ability to deal with emergencies, has become more and more demanding. The dedicated digital trunking system can play a very important role in assisting all departments to deal with public affairs. The broadband trunking communication system based on TD-LTE public network has the characteristics of low cost, large bandwidth, high security, wide service coverage and so on. It can better meet the communication needs of the government and other enterprises and institutions, so it has a broad application prospect. The authentication encryption mechanism of public network can not meet the security requirements of broadband trunking communication system. Therefore, this paper is devoted to the research of authentication encryption mechanism in broadband trunking communication system. In this paper, aiming at the shortage of security and complexity of the existing encryption algorithms, this paper proposes an advanced encryption algorithm Zu Chongzhi ZUC-based algorithm to obtain the key stream required for authentication. The encryption algorithm (128-EEA3) and the integrity protection algorithm (128-EIA3) are used to protect the security and integrity of the communication data. The experimental results show the superiority of the encryption performance. In order to make the key derivation mechanism of wideband trunking communication system more complex and diversified, this paper adds ZUC algorithm to the key derivation mechanism. Compared with the public network, four encryption algorithms are added to the key derivative mechanism proposed in this paper. Compared with the maximum computing consumption of the public network, the maximum computing consumption increases 69%, which greatly improves the security of the system. In view of the different security levels of users in the trunking communication system, this paper improves the processing method of the initial key. An initial key generation mechanism based on user security level is implemented, which can provide security and complexity appropriate keys for users of different levels. Finally, the security mechanism of public network can not be directly used in the cluster delamination mode. In order to ensure the secure communication of the broadband trunking communication system in the off-network mode, based on the previous research content, this paper proposes an authentication mechanism under the de-netted pass-through mode, which can authenticate each other among users. Under the background of TD-LTE public network, this paper analyzes the special structure and requirements of virtual cluster private network, from the authentication mechanism, information encryption, Key derivation improves the security performance of the system, realizes the diversification of key levels and encryption algorithms, and gives the reference working mechanism when the system is disconnected from the network. For improving the encryption authentication mechanism of the system, the research results of this paper have strong theoretical significance and practical value to improve the system key level and encryption algorithm diversification, to ensure the system safe operation.
【學位授予單位】：哈爾濱工業(yè)大學
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TN929.52;TN918.4

【參考文獻】

相關期刊論文 前4條

1 徐婕;高寶建;羅永玲;柳斯婧;王玉潔;郝露微;;基于并行隨機相位旋轉的物理層安全算法[J];電子技術應用;2013年01期

2 馮秀濤;;3GPP LTE國際加密標準ZUC算法[J];信息安全與通信保密;2011年12期

3 關杰;丁林;劉樹凱;;SNOW3G與ZUC流密碼的猜測決定攻擊[J];軟件學報;2013年06期

4 陳超;;LTE關鍵技術與標準演進分析[J];無線互聯(lián)科技;2013年02期

相關碩士學位論文 前1條

1 王雅寧;數(shù)字集群通信系統(tǒng)加密機制的研究[D];哈爾濱工業(yè)大學;2006年

，

本文編號：1595429