Randomized 5G AKA Protocol Ensembling Security in Fast Forward Mobile Device

The 5G security standard inherits good security features from the previous generations and also proposes some significant features to make 5G system more secure and open to meet the new stringent system requirements. Key exchange between the components shows about the network and it’s authentication power. 5G AKA (Authentication and Key Agreement) has been standardized by 3rd Generation Partnership Project (3GPP) which is used for authentication of mobile network during handover. Several weakness has been identified in the current version of the 5G AKA protocol. Weakness identified in 5G AKA protocol are user localization, activity leakage, active attackers, and in the presence of malicious serving networks. Evolution of 5G AKA is from 4G EPS-AKA. The authentication in 4G EPS-AKA is taken in SN (Serving Network), in which Home Network is considered for generation of authentication vector. However in 5G final decision is taken by Home Network (HN) hence it uses sequence numbers to protect against reply attacks for every request from SN. This sequence numbers causes activity monitoring attacks. The main approach is the use of random numbers and create unique session. The usage of random numbers for the 5G AKA protocol is possible since the current Universal Subscriber Identity Modules (USIMs) are now capable of performing randomized asymmetric encryption operations. The session management has also been established with encryption technique to prevent personal details theft.

[1]  Taekyoung Kwon,et al.  Two-Factor Authenticated Key Agreement Supporting Unlinkability in 5G-Integrated Wireless Sensor Networks , 2018, IEEE Access.

[2]  Rose Qingyang Hu,et al.  Security for 5G Mobile Wireless Networks , 2018, IEEE Access.

[3]  Cjf Cas Cremers Scyther : semantics and verification of security protocols , 2006 .

[4]  Bruno Blanchet,et al.  A Computationally Sound Mechanized Prover for Security Protocols , 2008, IEEE Transactions on Dependable and Secure Computing.

[5]  David A. Basin,et al.  The TAMARIN Prover for the Symbolic Analysis of Security Protocols , 2013, CAV.

[6]  Jimmy Ming-Tai Wu,et al.  A Sanitization Approach to Secure Shared Data in an IoT Environment , 2019, IEEE Access.

[7]  Ralf Sasse,et al.  A Formal Analysis of 5G Authentication , 2018, CCS.

[8]  Garima Chopra,et al.  Possible Security Attack Modeling in Ultradense Networks Using High-Speed Handover Management , 2018, IEEE Transactions on Vehicular Technology.

[9]  田端 利宏,et al.  Network and Distributed System Security Symposiumにおける研究動向の調査 , 2004 .

[10]  An Braeken,et al.  Novel 5G Authentication Protocol to Improve the Resistance Against Active Attacks and Malicious Serving Networks , 2019, IEEE Access.

[11]  Edgar Weippl,et al.  On Security Research Towards Future Mobile Network Generations , 2017, IEEE Communications Surveys & Tutorials.

[12]  Ravishankar Borgaonkar,et al.  New Privacy Threat on 3G, 4G, and Upcoming 5G AKA Protocols , 2019, IACR Cryptol. ePrint Arch..

[13]  Peng Zhang,et al.  A Survey on C-RAN Security , 2017, IEEE Access.

[14]  Stig Fr. Mjølsnes,et al.  A Vulnerability in the UMTS and LTE Authentication and Key Agreement Protocols , 2012, MMM-ACNS.

[15]  Ming Wang,et al.  Verifiable Public Key Encryption Scheme With Equality Test in 5G Networks , 2017, IEEE Access.

[16]  Elisa Bertino,et al.  LTEInspector: A Systematic Approach for Adversarial Testing of 4G LTE , 2018, NDSS.