1. 1 Introduction to the Third Generation Mobile Communication and Security Issues Mobile communication has gone through three stages of development: the first generation mobile communication system appeared in the late 1970s, and it is an analog mobile communication system, with analog circuit units as the basic modules to realize voice communication. The main standards are AMPS in the United States, NMT in Northern Europe, TACS in Britain and HCMTS in Japan. The second generation mobile communication system appeared in the late 1980s. It is the second generation digital mobile communication system represented by GSM, DAMPS and PDC. The concept of the third generation was put forward by ITU as early as 1985, when it was called FPLMTS. 1996 was renamed IMT-2000. The first two generations of systems are mainly oriented to voice transmission. In contrast, the main feature of the third generation is to provide data and multimedia services, and voice is only an application of data services. The goals of the third generation mobile communication system are: high consistency of design worldwide; Compatibility with fixed network services; High service quality; Small terminals used all over the world; Global roaming capability: a terminal that supports multimedia functions and various services. In order to achieve the above goals, the third generation wireless transmission technology needs to support high-speed multimedia services (high-speed mobile environment: 144Kbps, outdoor walking environment: 384Kbps, indoor environment: 2Mbps) and has higher spectrum efficiency than the existing system. With the rapid development of communication in recent years, the existing second-generation communication system can no longer meet the needs of existing people, mainly because the contradiction between the huge mobile communication market and the current limited spectrum resources is increasingly prominent, which can not meet the high-density requirements of mobile phone users in industrialized countries and some third world countries. Data network and multimedia communication are gradually combined with the mobility of wireless communication, so mobile multimedia or mobile IP is developing rapidly. However, the low rate of the second generation is far from the current requirements of IP technology and multimedia services, and it cannot meet the requirements of the government, advanced enterprises and emerging "white-collar" classes for high-speed data. Global coverage and seamless connectivity cannot be achieved. The security of communication service is insufficient. With the development of science and technology, more and more attention has been paid to safety. Due to the problems of quality and efficiency, mobile communication has strong penetration and extends in all directions, and it is easy to be intercepted or eavesdropped, so its reliability and security need to be strengthened. In the 1980s, analog communication suffered huge losses, because basically no security technology was adopted, and the voice in the communication process was easily eavesdropped. Although the second generation has made great improvement in security, it adopts digital system and puts forward the concepts of identity authentication and data encryption. The system considers some security factors, but most security specifications are designed from the perspective of operators: to prevent fraud and network abuse. But there are still many security holes. For example, one-way authentication, that is, only considering the authentication of users by the network and ignoring the identification of users by the network. This processing method can not provide a credible environment, nor can it give mobile users enough confidence to conduct e-commerce and exchange sensitive information. Moreover, with the development of decryption technology and the improvement of computing power, the encryption algorithm A5 has been proved to be able to be cracked in a short time. With the maturity of technology and the emergence of mobile data services, users pay more and more attention to the security of mobile communication. Therefore, the application of wireless PKI is the key to solve the security problem. 1.2 Introduction to PKI First of all, we should introduce the infrastructure for translating PKI into public key. Simply put, PKI technology is to provide information security service's infrastructure by using public key theory and technology. Public key system is one of the most widely used encryption systems at present. In this system, the encryption key and decryption key are different. The sender uses the receiver's public key to send encrypted information, and the receiver uses its own private key to decrypt it. This method not only ensures the confidentiality of information, but also ensures the non-repudiation of information. At present, public key system is widely used in CA authentication, digital signature and key exchange. In 3G system, the application of PKI is mainly WPKI, that is, the application of wireless PKI. It is mainly used for entity authentication in the network to gain mutual trust between network service providers and users. In addition, wireless PKI will also be used for data encryption, integrity protection, user identity confidentiality and many other aspects. 1.3 The main structure and abstract of this paper, on the premise of introducing the existing 3G access network security technology, puts forward a new scheme to realize user identity confidentiality based on public key system. The first chapter briefly introduces the development of mobile communication, the security problems it faces and the introduction of PKI. The second chapter introduces some basic knowledge and related operations of wireless PKI. The third chapter gives the access architecture of the existing 3G system and the existing security measures. The fourth chapter is the authentication scheme under public key system. In chapter 5, after introducing some existing identity secret schemes and their shortcomings, a new scheme for protecting user identity secret based on public key system in WPKI environment is given. Finally, this paper summarizes the new scheme. The corresponding technical requirements are put forward. 2. 1 Overview The application in wireless environment is the future development trend of PKI, and its certificate and identity authentication are the necessary conditions to ensure safe communication in an open wireless network. However, the unique characteristics of wireless communication network make the wireless security problem more complicated. If the message is transmitted by radio waves, it is easy to be intercepted and received in a certain area; There are many network access points, so anyone can easily access and attack the network; Wireless communication network is an end-to-end system including wireless and wired parts. The security problems in the traditional wired field will still affect the wireless field, and the tools commonly used in the traditional security field to suppress threats may not be effective in the wireless field. At the same time, there are many other restrictions in the wireless communication environment, including wireless bandwidth. At present, most wireless communication networks only provide limited data transmission rate; Software Development The development environment and tools for mobile communication devices such as mobile phones and PDA are still limited, and the corresponding applications are few. In terms of hardware, the products of different manufacturers in the terminal market are very different, with short life cycle and fast update speed; At the same time, mobile terminal equipment has limited computing power, small memory and storage capacity, small display screen and complicated input method. All these characteristics and limitations make the application of PKI in wireless environment very difficult. In order to solve these difficulties to the greatest extent, the draft WPKI has been published, which involves the operation mode of WPKI and how WPKI can be combined with existing PKI services. Simply put, transforming PKI into a wireless environment is WPKI. Wireless PKI defines the version number of certificate based on X.509 public key infrastructure of traditional IETF. If the certificate does not contain any extensions, the version should be set to 1 to explain the parts not covered by the standard part of the certificate. The certificate application must be able to recognize all the specific name attributes listed in X.509v3. The SN length of mobile user certificate is less than eight bytes, and the SN length of server certificate is less than twenty bytes. Two signature algorithms are defined: SHA 1WithRSAEncryption and ecdsawawithsha 1, and the latter is preferred. As with the Issuer field, the certificate application must be able to recognize all the specific name attributes listed in X.509v3. Two types of public keys are defined here: RSA and ECC. Because each certificate has a validity period, when the certificate of the root CA is about to expire, the root CA certificate stored in the mobile terminal needs to be updated, that is, a new root CA certificate needs to be downloaded through the wireless network. How to ensure the safety of this process, WPKI has stipulated two schemes. The first scheme allows the user terminal to download the new root CA certificate directly through the insecure channel, but it needs to "activate" the CA by inputting a 30-digit decimal number. Obviously, this method increases the burden on users. The certificate of the root ca only represents the identity of the root ca, and the process of changing the certificate of the root CA is equivalent to changing an identity, so the second scheme can be understood as the process of introducing a new CA to take over its mission for the expiring CA. The CA signs a new CA certificate with the root key that is about to expire, and sends it to the user. This method is convenient for users without additional operation, but two certificates must be valid at the same time for a period of time, which increases the workload of background processing. Certificate revocation list is defined in PKI specification X.509 and PKIX, and is used to issue revoked certificates. As mentioned earlier, WPKI stipulates "short-term gateway certificate", so that users do not need to query the certificate status of the gateway at all. WAP gateway generates key pair and certificate request, and sends the certificate request to CA. After CA confirms, issue gateway certificate to the gateway. In fact, the validity period of the certificate can be long or short, but the validity period of the gateway certificate is very short, so it is called "short-term gateway certificate". The shorter the validity period of the certificate, the less likely it is to go wrong, that is, the less likely it is to be revoked. If it is as short as a day or two or even a few hours, the CRL of the gateway certificate can be saved. So is the validity period of the user certificate also very short? That's not true. The status of the user certificate is queried by the gateway, which is very powerful in computing and storage, and can completely store the CRL of the user certificate locally or query the certificate status. Because the storage capacity is limited, and a mobile terminal may have several certificates suitable for different occasions, and the certificates need to be updated after expiration, it is not a good idea for mobile terminals to store their certificates locally. If the certificate is stored elsewhere, downloading it to the terminal will put forward too high bandwidth requirements if necessary. Therefore, WPKI stipulates that only the URL of the certificate is stored locally. Certificates are stored in RA. When the gateway needs to establish a secure connection with the terminal, it needs to go to RA to obtain the user's certificate for verification. 2.6 The main functions of WPKI and PKI are to provide reliable and effective key management and authentication in a private or * * * owned environment. WPKI is basically an extension of PKI application in wireless environment. Both of them aim to provide security services in the application environment, and their similarities are as follows: an open and trusted third party: certification authority CA; Examination and approval center ra; Each entity holds a pair of keys; Certificate is the carrier of public key and the means of key governance; Functions: authentication, confidentiality, data integrity. Due to the different application environments, that is, the capabilities and communication modes of mobile terminals in wireless environment are different, as shown in Table 2. 1: 3. 1 Wireless access network architecture 3G is a new stage of personal communication development, which introduces IP technology and supports voice and non-voice services. It is developed on the basis of the second generation network. 3G system consists of three parts: CN, UTRAN and UE. The interface between CN and UTRAN is defined as Iu interface, and the interface between UTRAN and UE is defined as Uu interface, as shown in Figure 3. 1. Uu interface and Iu interface protocols are divided into two parts: user plane protocol and control plane protocol. The UTRAN includes many rns connected to the CN through the Iu interface. Each RNS includes an RNC and multiple NodeB. NodeB is connected to RNC through Iub interface, which supports FDD mode, TDD mode or dual mode. NodeB includes one or more cells. RNC is responsible for deciding the handover of UE, and has merging/separating function to support macro diversity among different NodeB base stations. Within UTRAN, RNC in RNSs can exchange information through Iur interface, which is a logical interface. The Iur interface can be a physical direct connection between rncs, or can be realized through an appropriate transmission network. The structure of UTRAN is shown in Figure 3.2. Here is a brief description of the functions of UTRAN: system access control function: access control; Congestion control; System information broadcasting; Encryption and decryption of wireless channel. Mobile function: switching; SRNS moved. Management and control of wireless resources: wireless environment investigation: radio bearer control; Wireless fidelity function, etc. 3.23G Network Security Architecture 3G system is developed on the basis of 2G. Being familiar with the security defects of GSM/GPRS, 3GPP adopted an open and transparent design method to improve the public's confidence in mobile data services. Its security design is based on the following assumptions: passive and active attacks are very serious threats; The terminal equipment is not trusted; The signaling protocols between networks and within networks are not secure; It can deal with pseudo base station attacks that deceive users. The security design of 3G system follows the following principles: all security features that are considered necessary or should be enhanced in GSM or other 2G systems must be retained in 3G system, including: wireless interface encryption; Wireless interface user identification security; The identity of the wireless interface user is confidential; User access service authentication; Minimize the trust of the service network in the home environment; The network operator manages the mobile hardware security module SIM, and its security function is independent of the terminal. 3G will improve the existing and potential weak security functions of the 2G system. Provide security protection for new services provided by 3G system. 3G system not only supports traditional voice and data services, but also provides interactive and distributed services. The brand-new business environment embodies brand-new business characteristics, and also requires the system to provide corresponding security features. These new business features and security features are as follows: different service providers provide various