Security Improvement of Authentication and Key Agreement Protocol for Subscriber Identity

Authors

  • Hitesh T. Loriya, Navinkumar T. Ganeshan, Rahul R. Keshwala

Keywords:

5G Network, 4G Network, AKA, Security, LTE, EPS

Abstract

Subscriber identity security is critical for wireless communication networks. Fake base stations with stronger signal strength than genuine stations attract subscribers to register with fake base stations. An attacker can try bidding down the attack. In this attack, attacker tries to persuade UE and the network entities that opposite side doesn't uphold a security features, despite the fact that the two sides as a matter of fact uphold security features. It opens the gate for various kinds of attacks by taking advantage of the security limitations of old-generation mobile networks. This paper examined security advances and issues related to wireless communication networks. In the first place, 5G architecture is examined. Second, it focuses on a framework of security-based plan for the 5G network. Third, security flaws found in wireless communication networks are examined, with a focus on key confirmation and authentication mechanism. In this paper, we present a strong authentication and key agreement protocol for the 5G network. The proposed protocol’s goal is to improve security of subscriber identity against different types of attacks by sending them over channel. There is no need to modify the network's fundamental foundation for the proposed authentication and key agreement (AKA) protocol. The proposed protocol is verified using the ProVerif tool and shows that it further strengthens the security of authentication and key agreement procedure of wireless communication network. 

DOI: https://doi.org/10.17762/ijisae.v12i16S.6776

Downloads

Download data is not yet available.

References

3GPP, “System Architecture for 5G System”, 3GPP TS 23.501 version 19.0.0. Technical Report, The 3rd Generation Partnership Project.

3GPP, “Security Architecture and Procedures for the 5G System”, 3GPP TS 33.501 version 15.2.0. Technical Report, The 3rd Generation Partnership Project.

A. Ferrag, L. Maglaras, A Argyriou, D. Kosmano, H. Janicke. “Security for 4G and 5G cellular networks: A survey of existing authentication and privacy-preserving schemes”, J. Netw. Comput. Appl. 2018, 101, 55–82.

Jover R P, Marojevic V, “Security and protocol exploit analysis of the 5G specifications”, IEEE Access 2019, 7, 24956–24963.

Ahmad I, Shahabuddin S, Kumar T, Okwuibe, J, Ylianttila M, “Security for 5G and beyond”, IEEE Commun. Surv. Tutor. 2019, 21, 3682–3722.

Khan R, Kumar P, Jayakody D, Liyanage M, “A survey on security and privacy of 5G technologies: Potential solutions, recent advancements, and future directions”, IEEE Commun. Surv. Tutor. 2019, 22, 196–248.

Hussain S.R., Echeverria M., Chowdhury O., Li N., Bertino E., “Privacy attacks to the 4G and 5G cellular paging protocols using side-channel information”, In Proceedings of the 26th Network and Distributed System Security Symposium (NDSS), San Diego, CA, USA, 24–27 February 2019; pp. 1–15.

Khan H., Martin K.M., “A survey of subscription privacy on the 5G radio interface-the past, present and future”, J. Inf. Secure. Appl. 2020, 53, 102537.

C.B. Sankaran,” Network Access Security in Next-generation 3GPP Systems: A Tutorial,” IEEE Commun. Mag., Vol.47, No.2, February 2009, pp.84-91.

N. Seddigh, B. Nandy, R. Makkar, and J.F. Beaumont,” Security Advances and Challenges in 4G Wireless Networks,” Proc. Eighth Annual International Conference on Privacy Security and Trust (PST), August 2010, pp.62-71.

J. Zheng, ”Research on the Security of 4G Mobile System in the IPv6 Network,” Recent Advances in Computer Science and Information Engineering, Vol. 126, 2012, pp. 829-834.

Li Zhu, Hang Qin, Huaqing Mao, Zhiwen Hu, “Research on 3GPP LTE Security Architecture”, International Conference on WiCOM, IEEE Conference publications-2012

Dehnel-Wild M., Cremers C., “Security Vulnerability in 5G-AKA Draft”, Department of Computer Science, University of Oxford, Oxford, UK, 2018.

Meier S., Schmidt B., Cremers C., Basin D., “The Tamarin prover for the symbolic analysis of security protocols”, In Proceedings of the 25th International Conference on Computer Aided Verification, Saint Petersburg, Russia, 13–19 July 2013; pp. 696–701.

Basin D., Dreier J., Hirschi L., Radomirovic S., Sasse R., Stettler V, “A formal analysis of 5G authentication”. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, Toronto, ON, Canada, 15–19 October 2018; pp. 1383–1396.

Borgaonkar R., Hirschi L., Park S., Shaik A., “New privacy threat on 3G, 4G, and upcoming 5G AKA Protocols”. Proc. Priv. Enhancing Technol. 2019, 3, 108–127.

Cremers C., Dehnel-Wild M., “Component-based formal analysis of 5G-AKA: Channel assumptions and session confusion”, In Proceedings of the 26th Network and Distributed System Security Symposium (NDSS), San Diego, CA, USA, 24–27 February 2019; pp. 1–15.

Koutsos A., “The 5G-AKA authentication protocol privacy”, In Proceedings of the 2019 IEEE European Symposium on Security and Privacy (EuroS&P), Stockholm, Sweden, 17–19 June 2019; pp. 464–479.

Bana G., Comon-Lundh H., “Towards unconditional soundness: Computationally complete symbolic attacker”, In Proceedings of the First International Conference on Principles of Security and Trust (ETAPS), Tallinn, Estonia, 24 March–1 April 2012; pp. 189–208.

Bana G., Comon-Lundh H., “A computationally complete symbolic attacker for equivalence properties”, In Proceedings of the 2014 ACMSIGSAC Conference on Computer and Communications Security, Scottsdale, AZ, USA, 3–7 November 2014; pp. 609–620

C. Vintila, V. Patriciu, and I. Bica, “Security Analysis of LTE Access Network”, Proceedings of the Tenth International Conference on Networks (ICN 2011), January 2011, pp. 29-34.

D. Forsberg, L. Huang, K. Tsuyoshi, and S. Alanara, “Enhancing Security and Privacy in 3GPP E-UTRAN Radio Interface,” Proc. Personal,

D. Yu and W. Wen, “Non-access-stratum Request Attack in E-UTRAN,” Proc. Computing, Communications and Applications Conference (Com-ComAp), January 2012, pp.48-53.

Y. Park, T. Park, “A Survey of Security Threats on 4G Networks,” in GLOBECOM-07.

Braeken A., Liyanage M., Kumar P., Murphy J., “Novel 5G authentication protocol to improve the resistance against active attacks and malicious serving networks”, IEEE Access 2019, 7, 64040–64052.

Gharsallah I., Smaoui S., Zarai F., “A secure efficient and lightweight authentication protocol for 5G cellular networks: SEL-AKA”. In Proceedings of the 2019 15th International Wireless Communications & Mobile Computing Conference (IWCMC), Tangier, Morocco, 24–28 June 2019; pp. 1311–1316.

Jeff Hoffstein Daniel Lieman Jill Pipher Joseph H. Silverman, “NTRU: A Ring-Based Public Key Cryptosystem” Available online on www.ntru.org.

Hien Ba Nguyen, Thesis on “An Overview of the NTRU Cryptographic system”, San Diego State University, 2014.

Priit Karu, “Practical Comparison of Fast Public-key Cryptosystems” Proceedings of the Helsinki University of Technology Seminar on Network Security fall 2000.

Hu X., Liu C., Liu S., Li J., Cheng X., “A vulnerability in 5G authentication protocols and its Countermeasure”, IEICE Trans. Inf. Syst. 2020, 103, 1806–1809.

Xiao Y., Wu Y., “5G-IPAKA: An Improved Primary Authentication and Key Agreement Protocol for 5G Networks”, Information 2022, 13, 125.

Blanchet, B.; Smyth, B.; Cheval, V.; Sylvestre, M. “ProVerif 2.05: Automatic Cryptographic Protocol Verifier, User Manual and Tutorial”. Proverif User Manual, 2023. https://bblanche.gitlabpages.inria.fr/proverif/

Downloads

Published

15.02.2024

How to Cite

Hitesh T. Loriya. (2024). Security Improvement of Authentication and Key Agreement Protocol for Subscriber Identity. International Journal of Intelligent Systems and Applications in Engineering, 12(16s), 737 –. Retrieved from https://www.ijisae.org/index.php/IJISAE/article/view/6776

Issue

Vol. 12 No. 16s (2024)

Section

Research Article

License

Creative Commons License

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.

All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.

IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.