本文選題：TD-LTE　切入點(diǎn)：集群　出處：《哈爾濱工業(yè)大學(xué)》2014年碩士論文　論文類(lèi)型：學(xué)位論文

【摘要】：隨著我國(guó)城市化程度越來(lái)越高,城市在公共事務(wù)方面的管理,特別是對(duì)突發(fā)事件處理能力的要求也變得越來(lái)越高,專(zhuān)用的數(shù)字集群系統(tǒng)在協(xié)助各部門(mén)處理公共事務(wù)方面能夠起到很重要的作用�；赥D-LTE公網(wǎng)建立的寬帶集群通信系統(tǒng)具有成本低、帶寬大、安全性高、業(yè)務(wù)覆蓋范圍廣等特點(diǎn),能夠更好的滿(mǎn)足政府和其它企事業(yè)單位的通信需求,因此具備了廣泛的應(yīng)用前景。由于集群通信系統(tǒng)的安全等級(jí)要求較高,公網(wǎng)現(xiàn)在的鑒權(quán)加密機(jī)制不能滿(mǎn)足寬帶集群通信系統(tǒng)中的安全要求。所以本文致力于對(duì)寬帶集群通信系統(tǒng)的鑒權(quán)加密機(jī)制的研究。針對(duì)系統(tǒng)結(jié)構(gòu)的需求,本文首先針對(duì)現(xiàn)有加密算法在安全性和復(fù)雜度上的不足,提出了采用高級(jí)加密算法祖沖之(ZUC)算法來(lái)獲取鑒權(quán)所需的密鑰流,并采用加密算法(128-EEA3)和完整性保護(hù)算法(128-EIA3)對(duì)通信數(shù)據(jù)的安全性和完整性進(jìn)行保護(hù),實(shí)驗(yàn)結(jié)果表明了其加密性能的優(yōu)越性。其次,為了使寬帶集群通信系統(tǒng)的密鑰衍生機(jī)制更加復(fù)雜和多樣化,本文將ZUC算法加入到密鑰衍生機(jī)制中,跟公網(wǎng)相比本文提出的密鑰衍生機(jī)制中增加了4種加密算法選擇組合,并且最大計(jì)算消耗與公網(wǎng)最大計(jì)算消耗相比增加69%,大大提高了系統(tǒng)的安全性。針對(duì)集群通信系統(tǒng)中用戶(hù)存在不同安全等級(jí),本文改進(jìn)了初始密鑰的處理方式,實(shí)現(xiàn)了基于用戶(hù)安全等級(jí)的初始密鑰生成機(jī)制,能夠?yàn)椴煌燃?jí)用戶(hù)提供安全性和復(fù)雜度相適應(yīng)的密鑰。最后,由于公網(wǎng)的安全機(jī)制不能直接運(yùn)用在集群脫網(wǎng)模式中,為了保障寬帶集群通信系統(tǒng)在脫網(wǎng)模式的安全通信,以前面的研究?jī)?nèi)容為基礎(chǔ),本文提出了一種脫網(wǎng)直通模式下的鑒權(quán)機(jī)制,通過(guò)用戶(hù)之間的相互認(rèn)證,實(shí)現(xiàn)了在直通模式情況用戶(hù)之間的安全通信。論文對(duì)TD-LTE公網(wǎng)背景下,假設(shè)虛擬集群專(zhuān)網(wǎng)的特殊結(jié)構(gòu)和需求進(jìn)行分析,從鑒權(quán)機(jī)制、信息加密、密鑰衍生等多個(gè)角度提升系統(tǒng)的安全性能,實(shí)現(xiàn)了密鑰等級(jí)和加密算法的多樣化,并且給出了系統(tǒng)故障脫網(wǎng)時(shí)的參考工作機(jī)制,對(duì)于完善系統(tǒng)的加密鑒權(quán)機(jī)制。本文的研究成果對(duì)于提升系統(tǒng)的密鑰等級(jí)和加密算法多樣化,保障系統(tǒng)的安全運(yùn)行,有較強(qiáng)的理論意義和實(shí)用價(jià)值。
[Abstract]:With the increasing degree of urbanization in China, the management of urban public affairs, especially the ability to deal with emergencies, has become more and more demanding. The dedicated digital trunking system can play a very important role in assisting all departments to deal with public affairs. The broadband trunking communication system based on TD-LTE public network has the characteristics of low cost, large bandwidth, high security, wide service coverage and so on. It can better meet the communication needs of the government and other enterprises and institutions, so it has a broad application prospect. The authentication encryption mechanism of public network can not meet the security requirements of broadband trunking communication system. Therefore, this paper is devoted to the research of authentication encryption mechanism in broadband trunking communication system. In this paper, aiming at the shortage of security and complexity of the existing encryption algorithms, this paper proposes an advanced encryption algorithm Zu Chongzhi ZUC-based algorithm to obtain the key stream required for authentication. The encryption algorithm (128-EEA3) and the integrity protection algorithm (128-EIA3) are used to protect the security and integrity of the communication data. The experimental results show the superiority of the encryption performance. In order to make the key derivation mechanism of wideband trunking communication system more complex and diversified, this paper adds ZUC algorithm to the key derivation mechanism. Compared with the public network, four encryption algorithms are added to the key derivative mechanism proposed in this paper. Compared with the maximum computing consumption of the public network, the maximum computing consumption increases 69%, which greatly improves the security of the system. In view of the different security levels of users in the trunking communication system, this paper improves the processing method of the initial key. An initial key generation mechanism based on user security level is implemented, which can provide security and complexity appropriate keys for users of different levels. Finally, the security mechanism of public network can not be directly used in the cluster delamination mode. In order to ensure the secure communication of the broadband trunking communication system in the off-network mode, based on the previous research content, this paper proposes an authentication mechanism under the de-netted pass-through mode, which can authenticate each other among users. Under the background of TD-LTE public network, this paper analyzes the special structure and requirements of virtual cluster private network, from the authentication mechanism, information encryption, Key derivation improves the security performance of the system, realizes the diversification of key levels and encryption algorithms, and gives the reference working mechanism when the system is disconnected from the network. For improving the encryption authentication mechanism of the system, the research results of this paper have strong theoretical significance and practical value to improve the system key level and encryption algorithm diversification, to ensure the system safe operation.
【學(xué)位授予單位】：哈爾濱工業(yè)大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類(lèi)號(hào)】：TN929.52;TN918.4

【參考文獻(xiàn)】

相關(guān)期刊論文 前4條

1 徐婕;高寶建;羅永玲;柳斯婧;王玉潔;郝露微;;基于并行隨機(jī)相位旋轉(zhuǎn)的物理層安全算法[J];電子技術(shù)應(yīng)用;2013年01期

2 馮秀濤;;3GPP LTE國(guó)際加密標(biāo)準(zhǔn)ZUC算法[J];信息安全與通信保密;2011年12期

3 關(guān)杰;丁林;劉樹(shù)凱;;SNOW3G與ZUC流密碼的猜測(cè)決定攻擊[J];軟件學(xué)報(bào);2013年06期

4 陳超;;LTE關(guān)鍵技術(shù)與標(biāo)準(zhǔn)演進(jìn)分析[J];無(wú)線(xiàn)互聯(lián)科技;2013年02期

相關(guān)碩士學(xué)位論文 前1條

1 王雅寧;數(shù)字集群通信系統(tǒng)加密機(jī)制的研究[D];哈爾濱工業(yè)大學(xué);2006年

，

本文編號(hào)：1595429