Academia.eduAcademia.edu

ENHANCED ADAPTIVE SECURITY PROTOCOL IN LTE AKA

Profile image of fidel uwayafidel uwaya
visibility

description

11 pages

link

1 file

AI-generated Abstract

The paper addresses the security concerns surrounding the deployment of the LTE-A (4G) network, emphasizing the evolution of mobile technology security from 1G to 4G. It critiques the existing vulnerabilities in earlier generations, particularly focusing on the limitations of GSM and the enhancements introduced by the 3GPP AKA for UMTS and relationship to the LTE security framework. By analyzing past research and proposing an enhanced adaptive security protocol for LTE, the study aims to address known weaknesses and improve authentication processes while maintaining performance amid evolving cryptographic threats.

Figures (6)

Keys are never reused in LTE AKA.LTE provides integrity, replay protection and encryption between UE and eNB for radio specific signaling. Internet key exchange (IKE) and IPSec protects the backhaul between eNB and MME and it also provides end to end protection of signaling between MME and UE.IKE/IPsec also protect backhaul from eNB to Serving gateway (S-GW) via user plane traffic. Only encryption is efficient in user plane between UE and eNB as bandwidth overhead is expensive for integrity protection here. For the handover in LTE, between two eNBs, eNB needs transfer security parameter to the target eNB while simultaneously restoring forward and backward security should there pe any security branch at any of the eNB. In either case of compromise, core network can provide the target eNB with a new key unknown in the source eNB. Same security context used during Handover between UE and LTE /other 3GPP technologies when initiated. May also be transferred when UE moves between legacy systems like GSM/GERAN, and UTRAN, since LTE includes caching of security contexts as it saves on the number of times a subscriber must be authenticated when a UE rapidly moves pack and forth between LTE and UTRAN.
Keys are never reused in LTE AKA.LTE provides integrity, replay protection and encryption between UE and eNB for radio specific signaling. Internet key exchange (IKE) and IPSec protects the backhaul between eNB and MME and it also provides end to end protection of signaling between MME and UE.IKE/IPsec also protect backhaul from eNB to Serving gateway (S-GW) via user plane traffic. Only encryption is efficient in user plane between UE and eNB as bandwidth overhead is expensive for integrity protection here. For the handover in LTE, between two eNBs, eNB needs transfer security parameter to the target eNB while simultaneously restoring forward and backward security should there pe any security branch at any of the eNB. In either case of compromise, core network can provide the target eNB with a new key unknown in the source eNB. Same security context used during Handover between UE and LTE /other 3GPP technologies when initiated. May also be transferred when UE moves between legacy systems like GSM/GERAN, and UTRAN, since LTE includes caching of security contexts as it saves on the number of times a subscriber must be authenticated when a UE rapidly moves pack and forth between LTE and UTRAN.
LTE utilizes 5 different keys, each used for a specific purpose and valid only for certain duration Different keys are used for communication in the E-UTRAN and the EPS. We believe this approacl greatly reduces the effect of any possible security compromise. All the keys are derived using the Key} Derivation Function (KDF) [9]. The 5 critical security keys derive their basis from the K key with « number of intermediate keys utilized as well. K is the permanent key stored on the USIM (Universa Subscriber Identity Module) on the UE. CK and IK are the pair of keys derived on the USIM during ar AKA exchange. Subsequently, the KASME key is derived from the CK, IK and SN identity using a KDI [9]. The 5 keys are: (i) KNASint and KNASenc integrity and encryption keys respectively are used tc protect NAS traffic between the UE and MME (ii) KUPenc key is used to encrypt user data traffic between the UE and eNodeB (iii) KRRCint and KRRCenc integrity and encryption keys respectively ar used to protect RRC (Radio Resource Control) traffic between the UE and the eNodeB. [9]
LTE utilizes 5 different keys, each used for a specific purpose and valid only for certain duration Different keys are used for communication in the E-UTRAN and the EPS. We believe this approacl greatly reduces the effect of any possible security compromise. All the keys are derived using the Key} Derivation Function (KDF) [9]. The 5 critical security keys derive their basis from the K key with « number of intermediate keys utilized as well. K is the permanent key stored on the USIM (Universa Subscriber Identity Module) on the UE. CK and IK are the pair of keys derived on the USIM during ar AKA exchange. Subsequently, the KASME key is derived from the CK, IK and SN identity using a KDI [9]. The 5 keys are: (i) KNASint and KNASenc integrity and encryption keys respectively are used tc protect NAS traffic between the UE and MME (ii) KUPenc key is used to encrypt user data traffic between the UE and eNodeB (iii) KRRCint and KRRCenc integrity and encryption keys respectively ar used to protect RRC (Radio Resource Control) traffic between the UE and the eNodeB. [9]
The concept. of this paper is implemented and different results are shown below, The proposed paper is implemented in Java technology on a Pentium-IV PC with minimum 20 GB hard-disk and 1GB RAM. The propose paper’s concepts shows efficient results and has been efficiently tested on different Datasets.
The concept. of this paper is implemented and different results are shown below, The proposed paper is implemented in Java technology on a Pentium-IV PC with minimum 20 GB hard-disk and 1GB RAM. The propose paper’s concepts shows efficient results and has been efficiently tested on different Datasets.
Figure 3: Delay Vs Time Instance (A ttack Mode) Memory consumed at different instances of t. Memory consumed in loading protocol after the first dro while consumes large amount of memory but later times , t1,t2,t3, t4.... Memory utilization increase gradually due t communication transfer which needs to save in mobile for some period of time.
Figure 3: Delay Vs Time Instance (A ttack Mode) Memory consumed at different instances of t. Memory consumed in loading protocol after the first dro while consumes large amount of memory but later times , t1,t2,t3, t4.... Memory utilization increase gradually due t communication transfer which needs to save in mobile for some period of time.
This graph shows what happens when an attack node is initiated plotted against when protocol is about to be initiated. So it high at initial point but when loaded its uniform. It observed that when protocol is loaded its delay is uniform meaning even with an attack node delay in communication is same. So proves that attack is null and void. No attack can happen with this protocol. The graph in figure 4 shows what happens with memory usage when attack node is applied, at initial node its same as delay as protocol is yet to be loaded and when protocol is loaded and attack is initiated, with different time limits, memory usage is insignificantly different. Meaning that an attack will not affect memory usage, so no attack could happen within our enhanced security adaptive protocol. This paper investigates the security with the LTE AKA protocol and also examines the operational difficulty associated with the string number operations. The LTE AKA protocol is based on the structure of 3GPP AKA and expects to wipe out real and also perceived attacks, especially the so-called false base place attack. Within this paper, we demonstrated that LTE AKA is susceptible to a version of false base station attack. The weaknesses allow an adversary to redirect user traffic derived from one of network to another. It in addition allows an adversary to utilize authentication vectors at a corrupted foreign network to impersonate some other networks. Also, the usage of synchronization in between a cellular station and home circle incurs sizeable difficulty with the normal operation of LTE AKA. To deal with the safety measures problems and supply further development on LTE AKA, we presented a fresh authentication and also key arrangement protocol (SEAP-AKA) which can defeat the redirection strike and drastically mitigates the impact involving network data corruption. The protocol SEAP-AKA in addition eliminates the synchronization between the mobile station plus the home circle. Depending on the execution atmosphere, entities inside protocol hold the flexibility involving adaptively picking flows with regard to execution. We show that the adaptability allows you optimize the efficiency involving SEAP-AKA in the home circle and foreign networks. we also showed removal of synchronization between a cell station and its home system improves efficiency without compromising security.
This graph shows what happens when an attack node is initiated plotted against when protocol is about to be initiated. So it high at initial point but when loaded its uniform. It observed that when protocol is loaded its delay is uniform meaning even with an attack node delay in communication is same. So proves that attack is null and void. No attack can happen with this protocol. The graph in figure 4 shows what happens with memory usage when attack node is applied, at initial node its same as delay as protocol is yet to be loaded and when protocol is loaded and attack is initiated, with different time limits, memory usage is insignificantly different. Meaning that an attack will not affect memory usage, so no attack could happen within our enhanced security adaptive protocol. This paper investigates the security with the LTE AKA protocol and also examines the operational difficulty associated with the string number operations. The LTE AKA protocol is based on the structure of 3GPP AKA and expects to wipe out real and also perceived attacks, especially the so-called false base place attack. Within this paper, we demonstrated that LTE AKA is susceptible to a version of false base station attack. The weaknesses allow an adversary to redirect user traffic derived from one of network to another. It in addition allows an adversary to utilize authentication vectors at a corrupted foreign network to impersonate some other networks. Also, the usage of synchronization in between a cellular station and home circle incurs sizeable difficulty with the normal operation of LTE AKA. To deal with the safety measures problems and supply further development on LTE AKA, we presented a fresh authentication and also key arrangement protocol (SEAP-AKA) which can defeat the redirection strike and drastically mitigates the impact involving network data corruption. The protocol SEAP-AKA in addition eliminates the synchronization between the mobile station plus the home circle. Depending on the execution atmosphere, entities inside protocol hold the flexibility involving adaptively picking flows with regard to execution. We show that the adaptability allows you optimize the efficiency involving SEAP-AKA in the home circle and foreign networks. we also showed removal of synchronization between a cell station and its home system improves efficiency without compromising security.

Key takeaways

  • Vendors can integrate this modules as one device or separately as 3GPP standard demands [9].Part of the LTE security architecture evolution is the EAP AKA Authentication and Key Agreement scheme (LTE-AKA) which defines the protocol through which the User Equipment (UE) and the Home Network (HN) are mutually authenticated and the mechanism through which the master encryption keys are generated.
  • Source: [11] Keys are never reused in LTE AKA.LTE provides integrity, replay protection and encryption between UE and eNB for radio specific signaling.
  • The initialization of SEAP-AKA is aiming at security flaws, this module proposes a Security-Enhanced Authentication and Key Agreement protocol (SE-APA AKA) based on WPKI, using existing 128 bit key encryption as in 3GPP AKA where CA: denotes the Certification Agency; K : denotes the long term key shared between UE and HSS; PK : denotes the public key of UE, MME and HSS; SK: denotes the cipher key of UE, MME and HSS; f 3, f 4, s10 : denotes the key generating functions; ASME K : denotes the intermediate key; ASME KSI : denotes, the key identification allocated by MME for ASME KSI;sig m : denotes the signature to message m.
  • Using the same method, the authentication of MME to UE is also can be validated.
  • To deal with the safety measures problems and supply further development on LTE AKA, we presented a fresh authentication and also key arrangement protocol (SEAP-AKA) which can defeat the redirection strike and drastically mitigates the impact involving network data corruption.

Related papers

Security Enhanced Authentication and Key Agreement Protocol for LTE/SAE Network
Adarsh Amruth

The 3 rd Generation Partnership (3GPP) standard is developing System Architecture Evolution(SAE)/Long Term Evolution(LTE) architecture for the next generation mobile communication system. In the LTE/SAE architecture, EPS AKA(Evolved Packet System Authentication and Key Agreement) procedure is used to provide mutual authentication between the user and the network. However the EPS AKA has several vulnerabilities such as disclosure of user identity, man-inmiddle attack, etc. Therefore, this paper analyzes the deficiencies of the EPS AKA, and proposes a Security Enhanced Authentication and Key agreement (SE-EPS AKA) based on Wireless Public Key Infrastructure (WPKI). Then, the new SE-EPS AKA has been proved with the formal verification method, and the proof result shows that the SE-EPS AKA can satisfy the security and efficiency propoerties in the LTE/SAE architecture.

View PDFchevron_right
Enhanced Authentication Protocol for Improving Security in 3GPP LTE Networks
vijay franklin

ipcsit.com

Abstract. The 3rd Generation Partnership Project(3GPP) standard is developing System Architecture Evolution(SAE)/Long Term Evolution(LTE) architecture for the next generation mobile communication system. To provide secure 3G-WLAN interworking in the SAE/LTE architecture, Extensible ...

View PDFchevron_right
New Authentication and Key Agreement Protocol for LTE-WLAN Interworking
Ahmed Abdel-Hafez

International Journal of Computer Applications, 2013

New cellular networks are capable of providing high mobility, whereas WLANs are known for having relatively higher bandwidths. Therefore, interworking cellular networks with WLANs offers ubiquitous data services and relatively high data rates across modern networks. This interworking will enable a user to access new cellular services via a WLAN, while roaming within a range of hotspots. To provide secure 3G-WLAN interworking in the SAE/LTE architecture, Extensible Authentication Protocol-Authentication and Key Agreement (EAP-AKA) is used. However, EAP-AKA has several vulnerabilities. This paper analyzes vulnerabilities in LTE-WLAN interworking and proposes a new authentication and key agreement protocol based on EAP-AKA.

View PDFchevron_right
Mutual Authentication Protocol for LTE Based Mobile Networks
Talha Naqash

Femtocells are used to enhance the service coverage inside the office or home, particularly where access is narrow or engaged. Femtocells enhance the service quality that is attractive for the client and the mobile operator. Currently, security of core network from the unauthorized user in public environment is a big issue and there is no integrated solution to verify a rouge femtocell or unauthorized user equipment (UE). Forged equipment can launch any attack or hack the core network to act actively or passively. Hence, there is a need for a mutual authentication protocol, so communication equipments can verify each other during connection establishment and make a secure tunnel for communication. In this paper we have critically analyzed the Rapid Development Authentication Protocol (RDAP) and its structural design. Then a novel protocol has been proposed which provide mutual authentication between User Equipment (UE) and femtocell that will make the system more secure than conventional RDAP. Moreover, novel scheme is also compatible with the current network architecture and resist various network attacks e.g., Sybil attack, MITM, DOS, Eavesdropping & Injecting attack and Packet Sniffing.

View PDFchevron_right
Analyzing the security techniques used in LTE Advanced and their evaluation
CDN RIZWAN

Eighth International Conference on Digital Information Management (ICDIM 2013), 2013

In this paper we discuss about security which is the main element in the wireless communication. As the generation changes many steps are used to improve the security so in this we discuss many security techniques choose, implement and compare two of them which provide better security to customers in LTE Advanced. LTE Advanced is evolved and advanced version of LTE (Long Term Evolution) which is developed by 3GPP. We implement the security techniques which we can use in LTE Advanced. To secure our data we use security algorithms (KASUMI & TDES) which have two parts encryption and decryption. In encryption process we convert our original data in cipher text by using keys and then transmit this encrypted data to the receiver. And at the receiving end we decrypt the encrypted data with the same keys to recover the original data. KASUMI Algorithm is a block cipher that produces a 64-bit output from 64-bit input under the control of a 128-key and three functions. It has 8 rounds. TDES Algorithm is a block cipher that produces a 64-bit output from a 64-bit input under the control of three keys of 64-bits with a function. It has 16 rounds. We implement these techniques in Matlab for verifying our results, and then we conclude that both algorithms are efficient for security purposes, so that no one can crack our data.

View PDFchevron_right
SEPS-AKA: A SECURE EVOLVED PACKET SYSTEM AUTHENTICATION AND KEY AGREEMENT SCHEME FOR LTE-A NETWORKS
Computer Science & Information Technology (CS & IT) Computer Science Conference Proceedings (CSCP)

In this paper, we propose a secure authentication of the Evolved Packet System Authentication and Key Agreement (EPS-AKA) for the LTE-A network. Our scheme is proposed to solve the problem of sending the IMSI as a clear text, and hence prevents the mobility management entity attack. We will use public key (PK) cryptography to protect the transmitted messages, the RSA scheme computation to compute a temporary value to the IMSI, and nonce to generate challenge messages toward the opposite side. Our scheme does not need to change the original framework and the infrastructure of the LTE-A network, although a ciphered IMSI is transmitted. The authentication procedure is performed by the HSS to authenticate the UEs and the MME; therefore, the impersonating of the MME and UEs is not possible. Our evaluation demonstrates that the proposed scheme is secure and achieves the security requirements of the LTE-A subscribers such as privacy, authentication, confidentiality and integrity. In our scheme, we try to maintain the problems defined in the previous related works.

View PDFchevron_right
3G-WLAN interworking: security analysis and new authentication and key agreement based on EAP-AKA
Kyusuk Han

2009 Wireless Telecommunications Symposium, 2009

The 3rd Generation Partnership Project(3GPP) standard is developing System Architecture Evolution(SAE)/Long Term Evolution(LTE) architecture for the next generation mobile communication system. The SAE/LTE architecture provides secure service and 3G-WLAN interworking [9]. To provide secure 3G-WLAN interworking in the SAE/LTE architecture, Extensible Authentication Protocol-Authentication and Key Agreement(EAP-AKA) is used. However, EAP-AKA has several vulnerabilities such as disclosure of user identity, man-in-themiddle attack, Sequence Number(SQN) synchronization, and additional bandwidth consumption. Therefore, this paper analyzes threats and attacks in 3G-WLAN interworking and proposes a new authentication and key agreement protocol based on EAP-AKA. The proposed protocol combines Elliptic Curve Diffie-Hellman(ECDH) with symmetric key cryptosystem to overcome these vulnerabilities. Moreover, our protocol provides Perfect Forward Secrecy(PFS) to guarantee stronger security, mutual authentication, and resistance to replay attack. Compared with previous protocols which use public key cryptosystem with certificates, our protocol can reduce computational overhead.

View PDFchevron_right
A Hybrid Authentication Protocol for LTE/LTE-A Network
Maode Ma

IEEE Access, 2019

The wireless technology has revolutionized and had a significant impact on every aspect of people's life. Confidential information, financial transactions, and sensitive conversations are frequent via the wireless network and securing all these data are of the utmost importance. In this paper, we discuss the major weaknesses of the long-term evolution (LTE) authentication process and propose a new approach-the hybrid evolved packet system (HEPS) protocol to address the vulnerabilities. The proposed protocol has been verified logically, using Burrows-Abadi-Needham logic, and systematically, using the automated validation of internet security protocol and application tool. The HEPS protocol will optimize the performance of the LTE authentication process and fundamentally solve the security issue of the process. INDEX TERMS Long term evolution, hybrid evolved packet system, Burrows-Abadi-Needham logic, automated validation of Internet security protocol, application tool.

View PDFchevron_right
A Cryptographic Analysis of UMTS/LTE AKA
Pierre-alain Fouque

Lecture Notes in Computer Science, 2016

Secure communications between mobile subscribers and their associated operator networks require mutual authentication and key derivation protocols. The 3GPP standard provides the AKA protocol for just this purpose. Its structure is generic, to be instantiated with a set of seven cryptographic algorithms. The currently-used proposal instantiates these by means of a set of AES-based algorithms called MILENAGE; as an alternative, the ETSI SAGE committee submitted the TUAK algorithms, which rely on a truncation of the internal permutation of Keccak. In this paper, we provide a formal security analysis of the AKA protocol in its complete three-party setting. We formulate requirements with respect to both Man-in-the-Middle (MiM) adversaries, i.e. keyindistinguishability and impersonation security, and to local untrusted serving networks, denoted "servers", namely state-confidentiality and soundness. We prove that the unmodified AKA protocol attains these properties as long as servers cannot be corrupted. Furthermore, adding a unique server identifier suffices to guarantee all the security statements even in in the presence of corrupted servers. We use a modular proof approach: the first step is to prove the security of (modified and unmodified) AKA with generic cryptographic algorithms that can be represented as a unitary pseudorandom function-PRF-keyed either with the client's secret key or with the operator key. A second step proceeds to show that TUAK and MILENAGE guarantee this type of pseudorandomness, though the guarantee for MILENAGE requires a stronger assumption. Our paper provides (to our knowledge) the first complete, rigorous analysis of the original AKA protocol and these two instantiations. We stress that such an analysis is important for any protocol deployed in real-life scenarios.

View PDFchevron_right
Authentication Protocol for an IoT-Enabled LTE Network
Santiago Grijalva, Neetesh Saxena

The Evolved Packet System-based Authentication and Key Agreement (EPS-AKA) protocol of the longterm evolution (LTE) network does not support Internet of Things (IoT) objects and has several security limitations, including transmission of the object's (user/device) identity and key set identifier in plaintext over the network, synchronization, large overhead, limited identity privacy, and security attack vulnerabilities. In this article, we propose a new secure and efficient AKA protocol for the LTE network that supports secure and efficient communications among various IoT devices as well as among the users. Analysis shows that our protocol is secure, efficient, and privacy preserved, and reduces bandwidth consumption during authentication.

View PDFchevron_right

Related papers

Security protocols for 2G and 3G wireless communications
Thomas Newe
View PDFchevron_right
User-to-User Mutual Authentication and Key Agreement Scheme for LTE Cellular System
Mohammed Ramadan

Int. J. Netw. Secur., 2016

View PDFchevron_right
PSEH: A provably secure and efficient handover AKA protocol in LTE/LTE-A network
Dr. Narendra S Chaudhari

Peer-to-Peer Networking and Applications, 2018

View PDFchevron_right
Mobility and Key Management in SAE/LTE
Alf Zugenmaier

Signals and Communication Technology, 2007

View PDFchevron_right
ES-AKA: An Efficient and Secure Authentication and Key Agreement Protocol for UMTS Networks
Neetesh Saxena
View PDFchevron_right
Secure-AKA: An Efficient AKA Protocol for UMTS Networks
Neetesh Saxena

Wireless Personal Communications, 2014

View PDFchevron_right
PA-AKA: Privacy-Aware and Lightweight Authentication Scheme for Long Term Evolution (LTE)
Adedamola Dada

Communications on Applied Electronics, 2019

View PDFchevron_right
An Enhancement of Authentication Protocol and Key Agreement (AKA) For 3G Mobile Networks
Mustafa Al Fayoumi

2011

View PDFchevron_right
Temporary Internet Access for Authentication and Key Agreement for LTE Networks
Maode Ma

Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, 2018

View PDFchevron_right
Efficient Modified Intra-MME Handover Authentication and Key Management Protocol for LTE Networks
abd elrahman elbayoumy

The International Conference on Electrical Engineering

View PDFchevron_right
A J-PAKE based solution for secure authentication in a 4G network
Cristina Vintila

… robotics and automation, and 3rd WSEAS …, 2011

View PDFchevron_right
A Console GRID Leveraged Authentication and Key Agreement Mechanism for LTE/SAE
Rajakumar Arul

IEEE Transactions on Industrial Informatics, 2018

View PDFchevron_right
Survey of Network Access Security in UMTS/LTE Networks
Zahri Afdal
View PDFchevron_right
Security of 3G and LTE
Sebastian Banescu

blogdir.ro

View PDFchevron_right
Reducing the Overhead Messages Cost of the SAK-AKA Authentication Scheme for 4G/5G Mobile Networks
Shadi Nashwan

IEEE Access

View PDFchevron_right
Handover authentication between different types of eNBs in LTE networks
Maode Ma

The Journal of China Universities of Posts and Telecommunications, 2013

View PDFchevron_right

Related topics

Information SecurityComputer Security