CN103596167B

CN103596167B - Machine type communication Authentication and Key Agreement method based on agency

Info

Publication number: CN103596167B
Application number: CN201310512511.7A
Authority: CN
Inventors: 张跃宇; 李晖; 张敏芳; 李洁英; 詹阳; 陈杰; 王勇
Original assignee: Xidian University
Current assignee: Xidian University
Priority date: 2013-10-25
Filing date: 2013-10-25
Publication date: 2016-06-29
Anticipated expiration: 2033-10-25
Also published as: CN103596167A

Abstract

The invention discloses a kind of machine type communication Authentication and Key Agreement method based on agency, mainly solve the signaling congestion problem that prior art exists.Implementation step is: 1, build the Authentication and Key Agreement system based on agency, 2, key generation centre generate systematic parameter, and calculate and distribute the key corresponding to identity information of mobile management entity, gateway and machine type communication device；3, mobile management entity entrusts signature authority；4, two-way authentication is carried out according to entrusting between gateway and machine type communication device；5, machine type communication device and mobile management entity generate session key.The present invention passes through allograph, gateway is utilized to complete machine type communication device Authentication and Key Agreement in the lte networks, alleviate the signaling congestion degree caused when a large amount of machine type communication device is concurrently accessed network, can be widely applied in the LTE network in future.

Description

Machine type communication authentication and key agreement method based on proxy

Technical Field

The invention belongs to the technical field of communication, and further relates to an authentication and key agreement method of Machine Type Communication (MTC) in a Long Term Evolution (LTE) network, which can be used in a scene that a large number of MTC devices are accessed into the LTE network, is used for solving the problem of signaling congestion, overcoming the difficulty of resource exhaustion of a group, reducing the signaling load of a core network, and completing the key agreement function.

Background

MTC has attracted increasing attention as an important communication means for future mobile communication. In LTE networks, achieving low energy consumption of devices and simultaneous transmission of multiple devices is a key issue for obtaining MTC applications. According to the existing 3GPP standard, when a large number of MTC devices are connected to the network at the same time, each MTC device needs to complete an independent access authentication procedure, which may cause severe signaling congestion in the core network.

In the "Machine-Type-communication (MTC) device group algorithm for congestion association of MTC resources of MTC organization ltentitywork" written by K-r.jung, a.parkands.lee, a group-based congestion avoidance algorithm is proposed, a plurality of MTC devices form a group, and a group leader is selected, through which group members can perform data transmission with the MTC server. Although the scheme reduces the network load, the problem of secure communication between the MTC device and the server thereof is not considered.

In order to solve the above security problem, JinCao, MaodeMaandHuiLi proposed an improved method in the article "agrupu-based authentication and key agreement for mtcinltenetworks", that is, before data transmission is performed between a group leader device and an MTC server, a session key is obtained by both communication parties through authentication and key agreement techniques, and then communication is established on the basis of encryption and decryption, so as to ensure the security of data. However, the method does not consider the limitations of limited communication capability, limited battery capacity, and the inability to provide service to all members of the group online for a long period of time.

Disclosure of Invention

The present invention is directed to solve the problems in the prior art, and an object of the present invention is to provide a method for machine type communication authentication and key agreement based on an agent, so as to reduce the signaling congestion degree generated when a large number of MTC devices access an LTE network, and improve the quality of service.

The main idea for realizing the method is as follows: performing related authorization on a gateway GW through a mobility management entity MME in an LTE network, enabling the gateway GW to be used as an agent of the mobility management entity MME after MTC equipment is accessed to the network, realizing bidirectional authentication with machine type communication equipment, and realizing authentication and key agreement of the MTC equipment at the GW and unloading of authentication signaling by establishing a session key between each MTC equipment and the MME after the authentication is completed; meanwhile, on the premise of ensuring safe communication, the stronger communication capability and battery capacity characteristic of the gateway GW are utilized to well improve the network service quality.

According to the above thought, the implementation steps of the invention include the following:

(1) in an LTE network, a parameter transmission channel, an agent authorization channel and an access authentication channel are established to form an agent-based authentication and key agreement system;

(2) a key generation center generates system parameters, wherein the system parameters comprise a system master key, a system public key, an addition cycle group, a multiplication cycle group, the order of the group, a generation element of the addition cycle group, a bilinear mapping relation and five hash functions;

(3) the key generation center calculates and distributes a private key corresponding to the identity information by using the system parameters and the identity information of the MME, the GW and the MTCD;

(4) the mobile management entity entrusts the signature authority: the mobility management entity MME delegates the self signature authority to the gateway GW, the gateway GW determines whether to accept the delegation of the mobility management entity MME, if so, a key skp required by proxy signature is generated, and if not, the operation is terminated;

(5) bidirectional authentication is carried out between the gateway GW and the machine type communication device MTCD:

(5a) the gateway GW uses the proxy signature key skp to perform proxy signature on a message containing the mobile management entity MME identity information, the gateway GW identity information and the authorization certificate content, and broadcasts the message and the proxy signature to machine type communication equipment MTCD;

(5b) the MTCD verifies the received data, if the verification is passed, the gateway GW is regarded as a proxy of a mobility management entity MME, and the step (5c) is executed, otherwise, the operation is terminated;

(5c) each machine type communication device MTCD sends a reverse authentication message to a gateway GW;

(5d) after receiving the reverse authentication messages sent by all the machine type communication devices MTCD, the gateway GW performs aggregation authentication on the reverse authentication messages, if the aggregation authentication is successful, all the devices are valid, and if the authentication is failed, invalid devices are found out from all the devices and are removed;

(5e) the gateway GW sends the identity information of each effective machine type communication device MTCD to a mobile management entity MME;

(6) the MTCD and the MME generate a session key:

(6a) all the effective machine type communication devices MTCDs calculate session keys between the effective machine type communication devices MTCDs and a mobility management entity MME by using the relevant information;

(6b) and the mobility management entity MME receives a message which is sent by the gateway GW and contains the identity information of the effective machine type communication devices MTCD, generates a session key of each effective machine type communication device MTCD by using the effective identity information, and otherwise, the authentication and key negotiation system based on the proxy fails to operate.

Compared with the prior art, the invention has the following advantages:

1) the gateway is used as the agent of the mobile management entity to finish the authentication when a large number of machine type communication devices are accessed simultaneously, thereby avoiding the signaling congestion phenomenon at the core network caused by the authentication and greatly reducing the signaling load of the core network caused by the access authentication;

2) because the invention utilizes the aggregation authentication method to realize the authentication of the machine type communication equipment group, the speed is far higher than that of one-by-one authentication, so that the signaling congestion degree at the gateway can be greatly reduced while invalid equipment is rapidly detected;

3) the invention realizes the key agreement between the machine type communication equipment and the mobile management entity by using the bidirectional authentication mechanism between the proxy gateway and the machine type communication equipment, thereby ensuring the confidentiality and the reliability of communication contents.

Drawings

FIG. 1 is a flow chart of an implementation of the present invention.

Fig. 2 is a schematic diagram of the proxy-based authentication and key agreement system established in the present invention.

FIG. 3 is a sub-flow diagram of delegating signing authority in accordance with the present invention.

Fig. 4 is a sub-flowchart of the bi-directional authentication of the present invention.

Fig. 5 is a sub-flowchart of key agreement according to the present invention.

Detailed Description

The invention is further described below with reference to the accompanying drawings.

Referring to fig. 1, the implementation steps of the invention are as follows:

step 1, constructing an authentication and key agreement system based on an agent.

(1a) In an LTE network, a key generation center KGC and a home subscriber server HSS are integrated together in a physical connection mode, and a temporary session key between the home subscriber server HSS and a mobility management entity MME is generated through a network domain security mechanism NDS to establish a parameter transmission channel;

(1b) between an LTE network and a machine type communication device, MTCD, a proxy authorization tunnel is established between a gateway GW and a mobility management entity, MME, by the following procedure:

firstly, the gateway GW uses the stored equipment certificate to complete equipment authentication with a core network, and integrity verification of a platform is carried out, namely, a public key certificate is configured in advance by a manufacturer or an operator when the gateway GW leaves a factory or signs a contract with a user, and the gateway GW and a mobility management entity MME carry out bidirectional authentication according to the own certificate to verify the validity of the identity of the gateway GW; the gateway GW compares the current information of the main controller component thereof with the related information stored in the trusted environment TrE equipment, if the current information is inconsistent with the related information stored in the trusted environment TrE equipment, the operation is terminated, otherwise, the information of the interface component and the network access component of the gateway GW is continuously compared, the component with inconsistent comparison result is classified as an untrusted component, an untrusted component information list is generated, and the untrusted component information list is delivered to a Mobility Management Entity (MME);

secondly, the mobility management entity MME decides which authority to delegate itself to the gateway GW according to the untrusted component information list of the gateway GW: if the main controller component is trusted but has other components which are not trusted, the main controller component delegates part of the authority to the gateway GW and proposes the gateway GW to update the untrusted components;

finally, generating a temporary session key between a gateway GW and a mobile management entity MME through a UMTS-AKA protocol to complete the establishment of an agent authorization channel;

(1c) the operator groups the MTC devices by a subscription method, and groups the group information GID of the group in which each MTC device is located and the timestamp T which is the group validity period_iEmbedded in each machine type communication device MTCD. Or each machine type communication device MTCD generates a temporary session key with a mobile management entity MME through a UMTS-AKA protocol to complete the establishment of an access authentication channel; then, the mobility management entity MME groups all the machine type communication devices MTCD that are accessed, and groups the group information GID of the group in which each machine type communication device MTCD is located and the timestamp T that is the group validity period through the access authentication channel_iEmbedded in each machine type communication device MTCD.

And 2, generating system parameters by the key generation center KGC.

(2a) Setting a security parameter k of an agent-based authentication and key agreement system to be more than or equal to 160 according to actual requirements;

(2b) the key generation center KGC selects a prime number q according to a security parameter k of the agent-based authentication and key agreement system and enables the prime number q to satisfy q>2^kReconstructing an addition cyclic group G having an order of q₁And multiplication cyclic group G₂And make it satisfy bilinear mappingI.e. from the addition cycle group G₁Taking two elements A and B as bilinear mappingThe output must be a multiplication cycle group G₂One element of (1);

(2c) the key generation center KGC selects a generation element P ∈ G arbitrarily₁And then randomly selecting an integerAs a master key, whereinRepresenting addition rounds not containing zero elements, and computing the system public key P_pub＝x·P；

(2d) The key generation center KGC selects five secure hash functions H₁、H₂、H₃、H₄And H₅Wherein the first hash function H₁A second hash function H₂A third hash function H₃Is selected such that it maps binary strings of arbitrary length uniformly to addition cyclic groups G₁Conditional on the element of (a), a fourth hash function H₄Is selected such that it can map binary strings of arbitrary length uniformly to integers larger than 0 and smaller than the prime number qConditional on a fifth hash function H₅Is selected on condition that it can map binary strings of arbitrary length uniformly to integers greater than or equal to 0 and less than a prime number q;

(2e) the key generation center KGC secretly holds the system master key x and fully discloses the other system parameters q, G₁，G₂，P，P_pub，H₁，H₂，H₃，H₄，H₅}。

And 3, the key generation center calculates and distributes keys corresponding to the identity information of the mobility management entity MME, the gateway GW and the machine type communication device MTCD.

(3a) The mobility management entity MME, the gateway GW and all the machine type communication devices MTCD all send respective identity information IDs to the key generation center KGC_MME、ID_GWAndwhere i denotes the number of the machine type communication device MTCD;

(3b) the key generation center KGC uses a first hash function H₁Respectively calculating each identity information to obtain an identity mapping parameter Q with a fixed length, and then respectively calculating a private key K corresponding to each identity information by using the following formula:

K＝x·Q；

(3c) k for key generation center KGC_MME、K_GWAndrespectively representing the key of a mobile management entity MME, a gateway GW and a machine type communication device MTCD with the number of i, and transmitting the key K of the mobile management entity MME through a parameter transmission channel_MMEKey K of gateway GW_GWAnd key of machine type communication device MTCD numbered iTransmitting to a mobility management entity MME;

(3d) the mobility management entity MME sends the key K of the gateway GW through the proxy authorization channel_GWForwarding to gateway GW, and accessing authentication channel to key of machine type communication device MTCD numbered iTo the machine type communication device MTCD of the corresponding number.

And 4, the MME delegates the signature authority.

Referring to fig. 3, the specific implementation of this step is as follows:

(4a) mobility management entity MME uses its own private key K_MMEFor delegate certificate m_wSigning is carried out, the function of entrusting the signing authority in the specific message range of the self to the gateway GW is completed, wherein, the entrusting certificate m_wIdentity information ID by gateway GW_GWThe group information GID of the machine type communication device MTCD and the scope of the entrusted signature; the existing signature algorithm includes a complete proxy signature algorithm, a partial proxy signature algorithm, a proxy signature algorithm with a certificate, and the like, and the example is realized by using a safe and efficient signature algorithm S proposed by but not limited to Jingxu, Zhenfeng Zhang, and andDengguoFeng in the paper "ID-BasedProxSignatureUsingBilinerPairings", and the flow is as follows:

(4a1) random selection of integers by a mobility management entity MMEBy the equation U_w＝r_wP (modq) calculates the addition cyclic group G₁Middle and integer r_wCorresponding element U_wReuse of the second hash functionH₂Identity information ID to be managed by the mobility management entity MME_MMEThe request certificate m_wAnd element U_wConversion of composed message strings into fixed-length delegation certificate mapping parameters H_w＝H₂(ID_MME，m_w，U_w)(modq)；

(4a2) Utilization of its own private key K by a mobility management entity MME_MMEAnd a randomly selected integer r_wCalculating a mapping parameter H for a delegation certificate_wCalculated value V of_w＝K_MME+r_w·H_w(modq)；

(4a3) Message string (U)_w，V_w) As a pair delegate certificate m_wSignature s of_wAnd a message string (m)_w，s_w，ID_MME) Sending the information to a gateway GW;

(4b) gateway GW sends message string (m) to received mobile management entity MME_w，s_w，ID_MME) Performing verification to determine whether to receive a delegation of a Mobility Management Entity (MME); the existing verification algorithms include a complete proxy signature verification algorithm, a partial proxy signature verification algorithm, a proxy signature verification algorithm with a certificate, and the like, and the example is realized by using a safe and efficient verification algorithm V which is proposed in a paper ID-base ProxSignatureUsingBilinePairings but not limited to Jingxu, ZhenfengZhang, and andDengguoFeng, and the flow of the method is as follows:

(4b1) gateway GW utilizes received ID of MME_MMECalculating the corresponding identity mapping parameter Q_MME＝H₁(ID_MME) (modq) followed by a second hash function H₂Computing the received delegation certificate m_wMapping parameter H of_w＝H₂(ID_MME，m_w，U_w)(modq)；

(4b2) Gateway GW utilizing additive cyclic group G₁The generator P and the certificate mapping parameter H_wCalculated value V of_wSystem public key P_pubMove, moveIdentity mapping parameter Q of mobility management entity MME_MMEAnd an integer r_wCorresponding element U_wDelegation certificate mapping parameter H_wAnd bilinear mapping relationshipsVerification equationIf the request is true, accepting the delegation of a Mobility Management Entity (MME) if the request is true, and otherwise rejecting the delegation;

(4c) after receiving the delegation of the MME, the gateway GW utilizes the ID of the identity information_GWPrivate key K_GWAnd the received message string (m) sent by the MME_w，s_w，ID_MME) And a fourth hash function H₄The proxy signing key skp is calculated as follows:

skp＝H₄(ID_MME，ID_GW，m_w，U_w)·K_GW＋V_w，

wherein, with an integer r_wCorresponding element U_wAnd a delegation certificate mapping parameter H_wCalculated value V of_wIncluded in the delegate certificate m_wSigned message string s_wIn (1).

And step 5, performing bidirectional authentication between the gateway GW and the MTCD (machine type communication device).

Referring to fig. 4, the specific implementation of this step is as follows:

(5a) gateway GW uses the generated proxy signature key skp to authenticate message m_pSigning is performed, wherein the message m_pIdentity information ID by gateway GW_GWIdentity information ID of mobility management entity MME_MMEThe request certificate m_wThe MTCD group information GID; the existing proxy signature algorithm comprises a complete proxy signature algorithm and a partial proxy signatureThe example is realized by a safe and efficient proxy signature algorithm PS (packet security and efficiency) proposed by but not limited to the paper ID-base ProxSignatureUsingBilinerPairings by Jinnxu, ZhenfengZhang, and andDengguoFeng, and the flow is as follows:

(5a1) gateway GW randomly selects integerBy the equation U_p＝r_pP (modq) calculates the addition cyclic group G₁Middle and integer r_pCorresponding element U_pReuse the third hash function H₃Identity information ID to be transmitted by gateway GW_GWAuthentication message m_pAnd element U_pConversion of composed message strings into fixed length authentication message mapping parameters H_p＝H₃(ID_GW，m_p，U_p)(modq)；

(5a2) Gateway GW uses the generated proxy signature key skp and randomly selected integer r_pComputing a pair authentication message mapping parameter H_pCalculated value V of_p＝skp+r_p·H_p(modq)；

(5a3) Gateway GW will message string (m)_w，ID_GW，U_w，U_p，V_p) As a pair authentication message m_pS of the proxy_pAnd a message string (m)_p，s_p) Broadcast to machine type communication devices MTCD within a group;

(5b) each MTCD device sends message string (m) to gateway GW_p，s_p) Verifying to determine whether the gateway GW is a proxy of the MME, the existing proxy verification algorithms include a full proxy signature verification algorithm, a partial proxy signature verification algorithm, a proxy signature verification algorithm with certificate, and the like, and the example employs but is not limited to the secure and efficient proxy verification algorithm proposed by JingXu, ZhenfengZhang, and andDengguoFeng in the paper "ID-base proxysignatureusage bilinearPairingsThe verification algorithm PV is realized by the following flow:

(5b1) MTCD (machine type communication device) utilizes received identity information ID of gateway GW (gateway)_GWAnd identity information ID of mobility management entity MME_MMERespectively calculating the corresponding identity mapping parameters Q_GW＝H₁(ID_GW) (modq) and Q_MME＝H₁(ID_MME)；

(5b2) Using a second hash function H₂A third hash function H₃Identity information ID of mobility management entity MME_MMEIdentity information ID of gateway GW_GWThe request certificate m_wAuthentication message m_pAnd an integer r_wCorresponding element U_wAnd an integer r_pCorresponding element U_pSeparately calculating mapping parameters H of the received delegation certificate_w＝H₂(ID_MME，m_w，U_w) (modq) and a mapping parameter H for authentication messages_p＝H₃(ID_GW，m_p，U_p)(modq)；

(5b3) Gateway GW utilizing additive cyclic group G₁Generated element P and authentication message mapping parameter H_pCalculated value V of_pSystem public key P_pubIdentity mapping parameter Q of gateway GW_GWThe fourth hash function H₄Identity information ID of mobility management entity MME_MMEIdentity information ID of gateway GW_GWThe request certificate m_wIdentity mapping parameter Q of mobility management entity MME_MMEAnd an integer r_pCorresponding element U_pAnd an integer r_wCorresponding element U_wAuthentication message mapping parameter H_pDelegation certificate mapping parameter H_wAnd bilinear mapping relationshipsVerification equationIf yes, judging that the gateway GW is an agent of a Mobility Management Entity (MME), otherwise, terminating the operation;

(5c) each machine type communication device MTCD generates a signature:

(5c1) MTCD random selection integer for each MTC deviceUsing the equationCalculate the additive cyclic group G₁Is a neutral integerCorresponding element U_iReuse the fifth hash function H₅Identity information to be transmitted by the MTC device numbered iGroup information GID and timestamp T_iAnd addition cyclic group G₁Is a neutral integerCorresponding element U_iConversion of composed message strings into fixed-length reverse authentication message mapping parameters

(5c2) Each MTC device using its private keyRandomly selected integersAnd system public key P_pubAnd a reverse authentication message mapping parameter h_iCalculating a mapping parameter h for the reverse authentication message according to the following formula_iCalculated value V of_i：

V_{i} = K_{{MTCD}_{i}} + h_{i} \cdot r_{{MTCD}_{i}} \cdot P_{p u b};

(5c3) Each mtc device concatenates messages: (U_i，V_i，GID，T_i) Sending the information to a gateway GW;

(5d) and the gateway GW performs aggregation authentication on the signatures generated by all the machine type communication devices MTCDs in the group:

(5d1) time stamp T for each machine type communication device MTCD_iThe gateway GW checks whether the current time is within the valid period, if not, the corresponding mtc device is invalid and sends a message of device invalidation to the corresponding mtc device, otherwise, a message string (MTCD) sent by the corresponding mtc device is used，U_i，V_i，GID，T_i) The following operations are performed;

(5d2) mapping parameter h to reverse authentication message transmitted using each active MTC device_iCalculated value V of_iObtaining the sum of the above calculated values

(5d3) Using a first hash function H₁The fifth hash function H₅Identity information of machine type communication device MTCD numbered iAdditive cyclic group G₁Is a neutral integerCorresponding element U_iGroup information GID and time stamp T_iSeparately calculating reverse authentication message mapping parameters) And identity mapping parameters of machine type communication device MTCD numbered i

(5d4) Generating element P selected by using sum V of calculated values and key generation center KGC and identity mapping parameter of machine type communication equipment MTCD with number iReverse authentication message mapping parameter h_iAddition cyclic group G₁Is a neutral integerCorresponding element U_iSystem public keyP_pubAnd bilinear mapping relationshipsVerification of equationIf the determination is true, all the devices included in the whole MTCD group are valid, otherwise, a method of ' bandwidth and ' throttle ' is adopted to find out invalid devices or attackers, and the steps are as follows:

firstly, dividing all machine type communication devices MTCD into two subgroups by a gateway GW, performing aggregation authentication on each subgroup, if the subgroups pass the aggregation authentication, enabling the machine type communication devices MTCD in the subgroups to be valid, and otherwise, enabling invalid machine type communication devices MTCD in the subgroups to exist;

secondly, for a subgroup containing invalid machine type communication equipment MTCD, dividing the subgroup into two subgroups by the gateway GW, performing aggregation verification on each subgroup, and judging whether invalid equipment exists in the subgroups or not through the first step;

a third step of repeatedly performing the second step until only one machine type communication device MTCD is present in each sub-group containing an invalid machine type communication device MTCD, the device being an invalid device;

fourthly, the gateway GW sends an access failure message to the invalid machine type communication device MTCD;

(5e) the gateway GW will be composed of message string(s) of relevant information of the active machine type communication devices MTCD，U_i) And sending the information to a Mobile Management Entity (MME).

And 6, the machine type communication device MTCD and the mobile management entity MME generate a session key.

Referring to fig. 5, the specific implementation of this step is as follows:

(6a) MTCD of each MTC device is randomly selected by the MTCDAnd the received addition cyclic group G₁Middle and integer r_wCorresponding element U_wCalculating the session key between the mobile management entity MME and the self according to the following formula

{SK}_{{MTCD}_{i}} = r_{{MTCD}_{i}} \cdot U_{w},

Wherein the addition cycles group G₁Middle and integer r_wCorresponding element U_wSatisfies the equation U with the generation element P selected by the key generation center KGC_w＝r_wP, session key between each machine type communication device MTCD and mobility management entity MMEAll satisfy the equation

(6b) The mobility management entity MME receives the message string sent by the gateway GW (message queue)，U_i) Then, reuse the previously randomly selected integer r_wCalculating the session key SK between itself and each effective MTC device according to the following formula_MME：

SK_MME＝U_i·r_w，

Wherein the addition cycles group G₁Element U corresponding to integer in_iSatisfies the equation with the generation element P selected by the key generation center KGCThe session key between the mobility management entity MME and each machine type communication device MTCD satisfies the equation

By this point, the proxy-based authentication and key agreement system ends.

The above description is only one specific example of the present invention and should not be construed as limiting the invention in any way. It will be apparent to persons skilled in the relevant art(s) that various modifications and changes in form and detail can be made therein without departing from the principles and results of the invention, but these modifications and changes are still within the scope of the invention as defined in the appended claims.

Claims

1. A machine type communication authentication and key agreement method based on an agent comprises the following steps:

(6) the MTCD and the MME generate a session key:

(6b) and the mobility management entity MME receives a message which is sent by the gateway GW and contains the identity information of the effective machine type communication devices MTCD, and generates a session key of the mobility management entity MME and each effective machine type communication device MTCD by using the effective identity information, otherwise, the proxy-based authentication and key negotiation system fails to operate.

2. The method of claim 1, wherein the step (1) of establishing the parameter transmission channel, the proxy authorization channel and the access authentication channel in the LTE network to form a proxy-based authentication and key agreement system comprises the following steps:

(1a) in an LTE network, a key generation center KGC and a home subscriber server HSS can be deployed in a centralized manner or separately, and a parameter transmission channel is established between the key generation center KGC and a mobility management entity MME through a network domain security mechanism NDS;

(1b) between an LTE network and a machine type communication device MTCD, a gateway GW generates an information list of an untrusted component of the gateway GW and delivers the information list to a mobility management entity MME; the MME determines which proxy authority is granted to the gateway GW according to the list, and then authenticates the gateway GW through a UMTS-AKA protocol, and establishes a proxy authorization channel;

(1c) and accessing the MTCD (machine type communication device) into a Mobility Management Entity (MME) through a UMTS-AKA (Universal Mobile Telecommunications-authentication and authentication-Key Association) protocol, and establishing an access authentication channel to complete the construction of an agent-based authentication and key agreement system.

3. The method of claim 1, wherein the key generation center of step (2) generates system parameters by:

(2b) the KGC selects a security parameter k larger than 2 according to the authentication based on the agent and the key agreement system^kAnd constructing an addition cyclic group G of order q₁And multiplication cyclic group G₂So that it satisfies the slave addition cyclic group G₁To multiplication loop group G₂Bilinear mapping relationship of

(2c) Key generation center KGC slave addition cycle group G₁Firstly, randomly selecting a generating element P, then randomly selecting an integer x which is greater than 0 and less than q, using the integer x as a main key of the system, and using the product of the integer x and the generating element P as a system public key P_pub；

(2d) The key generation center KGC selects five hash functions H₁、H₂、H₃、H₄、H₅Wherein the hash function H₁、H₂、H₃To be able to map binary strings of arbitrary length uniformly to additive cyclic groups G₁Element of (1), hash function H₄To be able to map binary strings of arbitrary length uniformly to integers larger than 0 and smaller than a prime number q, a hash function H₅Binary strings of any length are mapped uniformly to integers which are greater than or equal to 0 and less than a prime number q;

(2e) the key generation center KGC secretly stores a system master key x and completely discloses a prime number q and an addition cyclic group G₁Multiplication loop group G₂Generating a meta-P, bilinear mapping relationshipSystem public key P_pubAnd five hash functions H₁、H₂、H₃、H₄、H₅。

4. The method as claimed in claim 1 or 2, wherein the key generation center of step (3) calculates and distributes a key corresponding to the identity information using the system parameters and the identity information of the mobility management entity MME, the gateway GW and the machine type communication device MTCD, according to the following steps:

(3a) a mobility management entity MME, a gateway GW and a machine type communication device MTCD submit respective identity information ID to a key generation center KGC;

(3b) the first hash function H is firstly utilized by the KGC₁Handle changeThe long identity information ID is mapped into an identity mapping parameter Q with a fixed length, and then a private key K corresponding to each identity information is calculated by the following formula:

K＝x·Q；

(3c) the key generation center KGC sends private keys of a mobility management entity MME, a gateway GW and machine type communication equipment MTCD to the mobility management entity MME through a parameter transmission channel;

(3d) the MME forwards the private key of the gateway GW to the gateway GW through the proxy authorization channel;

(3e) and the mobility management entity MME forwards the private key of the machine type communication device MTCD to the machine type communication device MTCD through the access authentication channel.

5. The method of claim 1, wherein all valid Machine Type Communication Devices (MTCDs) of step (6a) utilize the relevant information to calculate a session key between themselves and a Mobility Management Entity (MME) by the following formula:

{SK}_{{MTCD}_{i}} = r_{{MTCD}_{i}} \cdot U_{w},

wherein,is an integer selected randomly by MTCD of each MTC device_wIs an additive cyclic group G₁Middle and integer r_wThe corresponding elements are shown in the figure, and,is a machine type communication device MTCD with number i and a mobility management entity MMEInter session key.

6. The method of claim 1, wherein the step (6b) of generating a session key with each active machine type communication device, MTCD, using the active identity information is calculated by the following formula:

SK_MME＝U_i·r_w，

wherein, U_iIs an additive cyclic group G₁Integer randomly selected by MTCD (multiple Carrier-driven device) of medium and machine type communication equipmentCorresponding element, r_wIs a delegation certificate, SK, generated by a mobility management entity, MME_MMEIs the session key of the mobility management entity MME and each active machine type communication device MTCD.