Security analysis and enhancements of 3GPP authentication and key agreement protocol
- 4 April 2005
- journal article
- Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Transactions on Wireless Communications
- Vol. 4 (2), 734-742
- https://doi.org/10.1109/twc.2004.842941
Abstract
This paper analyzes the authentication and key agreement protocol adopted by Universal Mobile Telecommunication System (UMTS), an emerging standard for third-generation (3G) wireless communications. The protocol, known as 3GPP AKA, is based on the security framework in GSM and provides significant enhancement to address and correct real and perceived weaknesses in GSM and other wireless communication systems. In this paper, we first show that the 3GPP AKA protocol is vulnerable to a variant of the so-called false base station attack. The vulnerability allows an adversary to redirect user traffic from one network to another. It also allows an adversary to use authentication vectors corrupted from one network to impersonate all other networks. Moreover, we demonstrate that the use of synchronization between a mobile station and its home network incurs considerable difficulty for the normal operation of 3GPP AKA. To address such security problems in the current 3GPP AKA, we then present a new authentication and key agreement protocol which defeats redirection attack and drastically lowers the impact of network corruption. The protocol, called AP-AKA, also eliminates the need of synchronization between a mobile station and its home network. AP-AKA specifies a sequence of six flows. Dependent on the execution environment, entities in the protocol have the flexibility of adaptively selecting flows for execution, which helps to optimize the efficiency of AP-AKA both in the home network and in foreign networks.Keywords
This publication has 15 references indexed in Scilit:
- On Key Distribution and Authentication in Mobile Radio NetworksPublished by Springer Science and Business Media LLC ,2001
- Extensions to an authentication technique proposed for the global mobility networkIEEE Transactions on Communications, 2000
- Inter-protocol interleaving attacks on some authentication and key distribution protocolsInformation Processing Letters, 1999
- Key establishment protocols for secure mobile communications: A selective surveyPublished by Springer Science and Business Media LLC ,1998
- On the design of security protocols for mobile communicationsPublished by Springer Science and Business Media LLC ,1996
- The KryptoKnight family of light-weight protocols for authentication and key distributionIEEE/ACM Transactions on Networking, 1995
- Optimal privacy and authentication on a portable communications systemACM SIGOPS Operating Systems Review, 1994
- Privacy and authentication on a portable communications systemIEEE Journal on Selected Areas in Communications, 1993
- Fully-fledged two-way public key authentication and key agreement for low-cost terminalsElectronics Letters, 1993
- A logic of authenticationACM Transactions on Computer Systems, 1990