中文摘要：

随着MTC（Machine Type Communication）移动终端数量不断增长，网络拥塞问题日益严重。本文提出了一种多群组和设备侧密钥分发的安全认证和密钥协商（Multi．basedand DeviceSideKey Distribution SecureAuthenti．cationand Key Agreement，MGDK—AKA）协议。该协议首先将大量请求接入设备按照一定的规则分成多个群组。组首对组成员的请求信息进行聚合，组首与核心网完成整个认证和密钥协商过程，组成员仅与组首之间完成相互认证，避免了大量设备同时访问核心网络。同时将原核心网侧的密钥分发转移到设备侧完成，进一步克服网络拥塞，并保证数据的安全传输。安全性分析表明了提出的方案可以完成安全目标，并抵抗一些攻击。仿真结果验证了该协议在网络拥塞避免的可行性。

英文摘要：

With the rapid growing of MTC （Machine Type Communication） mobile terminal, network congestion is becom- ing more and more serious. In this paper, we propose a Multi Group-based and Device Side Key Distribution Secure Au- thentication and Key Agreement, MGDK-AKA protocol. In the protocol, firstly large number of requests the access device to be divided into multiple groups according to certain rules. Group header aggregate the request message of group mem- bers, and the group header and the core network complete the whole authentication and key negotiation process. The group members only complete mutual authentication with the group header, thus avoiding a large number of devices to access the core network simultaneously. At the same time, the key distribution on the side of the core network is transferred to the de- vice side, which can further overcome the network congestion and ensure the secure transmission of the data. The security analysis shows that the proposed scheme can achieve the security goals, and prevent the security threats. Simulation results verify the feasibility of the p~tocol in network congestion avoidance