Light fidelity (LiFi) is a light communication system [1], [2]. It utilizes visible light, ultraviolet, and infrared spectrums for data transmission. Thus, LiFi can provide a more secure and faster data transmission service than wireless fidelity (WiFi) [3]. However, this does not mean that LiFi is immune to all security threats. On the one hand, although the uplink channel of LiFi is naturally more secure than that of WiFi due to the directionality of light [4], the uplink channel is also vulnerable to some security threats (e.g., man-in-the-middle attacks, impersonation attacks, etc.) in some public transportation places (e.g., buses, subways, etc.). This is because the standing user’s equipment (UE) in these scenarios may naturally be in the middle of the light-path between the seated UE and the access point (AP). On the other hand, the downlink channel of LiFi is as vulnerable as WiFi to some security threats (such as replay attacks) due to the broadcast nature of light [5]. Therefore, mutual authentication and encrypted communication are also essential for LiFi communications. IEEE 802.11i provides a full mutual authentication scheme for wireless local area network (WLAN) by utilizing the extensible authentication protocol (EAP) framework [6]. This protocol can offer protection against nearly all identified WLAN attacks related to privacy, integrity, and authenticity in wireless communications [7]. However, this full mutual authentication protocol requires a high number of signaling interactions [8]. In the metro scenario, a large number of UEs will switch from the platform network to the subway network simultaneously. If the full authentication process is executed separately for each UE, the signaling congestion problem will be incurred in the subway LiFi network [9].

Research to reduce signaling congestion can be divided into two main categories: (i) by simplifying the individual authentication process, and (ii) by applying the group authentication method. In the first category of research, key caching techniques are widely used to simplify the interaction steps in re-authentication protocols. IEEE 802.11i defines sticky key caching (SKC) and opportunistic key caching (OKC) methods that allow APs to share the key material of UEs [10]. In this way, UEs can avoid duplicate authentication when roaming between APs. IEEE 802.11r specifies a fast basic service set switching (FT-BSS) mechanism [11]. This mechanism combines authentication and key negotiation in a re-association process, thereby simplifying authentication interactions. In the second category of research, the technology of aggregate message authentication code (AMAC) is fully utilized. By the AMAC, similar mobility users are seen as a group and their authentication messages will be aggregated into a single value, thus decreasing the group authentication overhead. Fu et al. [12] propose a novel group-based handover authentication scheme for mobile WiMAX networks. This scheme divides users who take the same vehicle into a group and achieves fast authentication of users within roaming vehicles. Cao et al. [13] propose an efficient group-based handover authentication protocol for massive machine type of communication (mMTC) in LTE-A-WLAN heterogeneous networks. In this scheme, these mMTC devices that resided in the same place or belong to the same user are constructed as a group. Aydin et al. [14] propose a group handover solution for the replacement of drone base stations in large outdoor stadiums. In this solution, users inside the stadium will be switched to the new drone base station together as a group.

The above group-based handover authentication schemes are mainly applicable to radio frequency (RF) networks. They have several common features: (i) the research target is the handover between two base stations or APs; (ii) the mobility patterns of all UEs are correlated (either static or moving together); (iii) the channel qualities of all UEs are similar and continuous. However, these features are significantly different in the subway LiFi network studied in this paper. Firstly, the number of APs will be numerous due to the small coverage area of a single LiFi AP. Secondly, the trajectories of UEs in the subway are scattered and random. Thirdly, the channel qualities may vary significantly between UEs because the light-path is easily blocked or misaligned. Therefore, group-based handover authentication schemes for RF networks cannot be directly applied to LiFi networks. Besides, the SKC/OKC technology can only be used for the re-authentication process. In the metro scenario, the platform network and the subway network belong to different mobile domains. To achieve secure communication, UEs need to perform mutual authentication and key negotiation operations before accessing the subway LiFi network. With an inappropriate authentication scheme, the subway LiFi network is susceptible to severe signaling congestion. Currently, research on authentication management for LiFi networks is just beginning. In [15], [16], LiFi APs are designed to be integrated into the 5G network as non-3GPP APs. By enhancing the core network functionality, LiFi UEs can be authenticated and managed uniformly by the 5G core network.

Ma et al. [17] proposed a fixed-trajectory group pre-handover authentication mechanism (FTGPHA) for 5G high-speed rail networks. In this scheme, mobile relay nodes (MRNs) as group leaders aggregate authentication messages from onboard users and perform pre-handover operations in advance. Due to the fixed trajectory of the train and the stable quality of the RF link, FTGPHA can effectively reduce the authentication overhead in 5G high-speed rail networks. Here, a bi-group pre-handover authentication model (BGPHA) is proposed for subway LiFi networks. The main contribution of this paper can be summarized as follows.

The proposed BGPHA is compatible with the existing core network architecture. In contrast to [15], [16], the proposed model does not rely on the assistance of the core network and thus is more cost-effective.

According to the ultra-dense deployment of LiFi networks, a bi-group authentication mechanism is created in the BGPHA. This mechanism aggregates not only the authentication messages of users, but also those of LiFi APs. Compared with the single-group authentication mechanism in [17], the proposed model further decreases the authentication overhead.

According to the link vulnerability of LiFi networks, a re-authentication mechanism is created in the BGPHA. This mechanism ensures other legitimate group members pass the authentication when some group members suffer from light-path blockages or angular misalignment events during the group authentication process. Compared with [17], the proposed model can significantly decrease the handover latency in the presence of light-path blockages and angular misalignment events.

According to the random mobility of subway users, a quick rejoin mechanism is created in the BGPHA. By this mechanism, users will not require a full authentication process again after entering the subway, thus reducing handover failures.

The rest of this paper is organized as follows. Section 2 illustrates the network architecture, LiFi channel model, mobility model and light-path blockage model in the research. Section 3 details the modeling process of BGPHO. Sections 4 Numerical analysis, 5 Simulation analysis are the numerical analyses and simulation analyses of BGPHO, respectively. Section 6 is the conclusion of this paper.