A Survey of Public Key Infrastructure-Based Security for Mobile Communication Systems

Mobile communication security techniques are employed to guard the communication between the network entities. Mobile communication cellular systems have become one of the most important communication systems in recent times and are used by millions of people around the world. Since the 1990s, considerable efforts have been taken to improve both the communication and security features of the mobile communications systems. However, these improvements divide the mobile communications field into different generations according to the communication and security techniques such as A3, A5 and A8 algorithms for 2G-GSM cellular system, 3G-authentication and key agreement (AKA), evolved packet system-authentication and key agreement (EPS-AKA), and long term evolution-authentication and key agreement (LTE-AKA) algorithms for 3rd generation partnership project (3GPP) systems. Furthermore, these generations have many vulnerabilities, and huge security work is involved to solve such problems. Some of them are in the field of the public key cryptography (PKC) which requires a high computational cost and more network flexibility to be achieved. As such, the public key infrastructure (PKI) is more compatible with the modern generations due to the superior communications features. This paper surveys the latest proposed works on the security of GSM, CDMA, and LTE cellular systems using PKI. Firstly, we present the security issues for each generation of mobile communication systems, then we study and analyze the latest proposed schemes and give some comparisons. Finally, we introduce some new directions for the future scope. This paper classifies the mobile communication security schemes according to the techniques used for each cellular system and covers some of the PKI-based security techniques such as authentication, key agreement, and privacy preserving.

[1]  Alberto Peinado,et al.  Privacy and authentication protocol providing anonymous channels in GSM , 2004, Comput. Commun..

[2]  Chun Chen,et al.  A strong user authentication scheme with smart cards for wireless communications , 2011, Comput. Commun..

[3]  Fagen Li,et al.  EEE-GSM: End-to-End Encryption Scheme over GSM System , 2016 .

[4]  Dapeng Wu,et al.  An Efficient Mobile Authentication Scheme for Wireless Networks , 2008, IEEE Transactions on Wireless Communications.

[5]  William Millan Cryptanalysis of the alleged CAVE algorithm , 1998, ICISC.

[6]  G. Pujolle,et al.  EC-AKA2 a revolutionary AKA protocol , 2013, 2013 International Conference on Computer Applications Technology (ICCAT).

[7]  Prosanta Gope,et al.  Lightweight and Energy-Efficient Mutual Authentication and Key Agreement Scheme With User Anonymity for Secure Communication in Global Mobility Networks , 2016, IEEE Systems Journal.

[8]  Xiaohui Liang,et al.  PEC: A privacy-preserving emergency call scheme for mobile healthcare social networks , 2011, Journal of Communications and Networks.

[9]  Bruce Schneier,et al.  Cryptanalysis of the cellular message encryption algorithm , 1997 .

[10]  Kwangjo Kim,et al.  3G-WLAN interworking: security analysis and new authentication and key agreement based on EAP-AKA , 2009, 2009 Wireless Telecommunications Symposium.

[11]  Jin Cao,et al.  A simple and robust handover authentication between HeNB and eNB in LTE networks , 2012, Comput. Networks.

[12]  Jin Li,et al.  Generic construction for secure and efficient handoff authentication schemes in EAP-based wireless networks , 2014, Comput. Networks.

[13]  Sanaa Taha,et al.  SEPS-AKA: A SECURE EVOLVED PACKET SYSTEM AUTHENTICATION AND KEY AGREEMENT SCHEME FOR LTE-A NETWORKS , 2014 .

[14]  Fagen Li,et al.  An efficient end-to-end mutual authentication scheme for 2G-GSM system , 2016, 2016 IEEE International Conference on Big Data Analysis (ICBDA).

[15]  Chih-Ya Shen,et al.  S-AKA: A Provable and Secure Authentication Key Agreement Protocol for UMTS Networks , 2011, IEEE Transactions on Vehicular Technology.

[16]  Prosanta Gope,et al.  Provably Secure Mutual Authentication and Key Exchange Scheme for Expeditious Mobile Communication Through Synchronously One-Time Secrets , 2014, Wirel. Pers. Commun..

[17]  Jianhua Chen,et al.  An efficient certificateless designated verifier signature scheme , 2013, Int. Arab J. Inf. Technol..

[18]  Chin-Chen Chang,et al.  Enhanced authentication scheme with anonymity for roaming service in global mobility networks , 2009, Comput. Commun..

[19]  Prosanta Gope,et al.  An efficient mutual authentication and key agreement scheme preserving strong anonymity of the mobile user in global mobility networks , 2016, J. Netw. Comput. Appl..

[20]  Cheng-Chi Lee,et al.  Security Enhancement on a New Authentication Scheme With Anonymity for Wireless Environments , 2006, IEEE Transactions on Industrial Electronics.

[21]  Souhwan Jung,et al.  A handover authentication using credentials based on chameleon hashing , 2010, IEEE Communications Letters.

[22]  Xuemin Shen,et al.  SE-AKA: A secure and efficient group authentication and key agreement protocol for LTE networks , 2013, Comput. Networks.

[23]  Kim-Kwang Raymond Choo,et al.  A Forensically Sound Adversary Model for Mobile Devices , 2015, PloS one.

[24]  Wei Ren,et al.  SFRIC: A Secure Fast Roaming Scheme in Wireless LAN Using ID-Based Cryptography , 2007, 2007 IEEE International Conference on Communications.

[25]  K. Ammayappan,et al.  Mutual Authentication and Key Agreement based on Elliptic Curve Cryptography for GSM , 2006, 2006 International Conference on Advanced Computing and Communications.

[26]  Cheng-Chi Lee,et al.  Extension of authentication protocol for GSM , 2003 .

[27]  Chang-Seop Park,et al.  Authentication protocol providing user anonymity and untraceability in wireless mobile communication systems , 2004, Comput. Networks.

[28]  G. Pujolle,et al.  EPS mutual authentication and crypt-analyzing SPAKA , 2013, 2013 International Conference on Computing, Management and Telecommunications (ComManTel).

[29]  Lei Han,et al.  A Threat Analysis of The Extensible Authentication Protocol , 2006 .

[30]  Khalid Al-Tawil,et al.  A new authentication protocol for GSM networks , 1998, Proceedings 23rd Annual Conference on Local Computer Networks. LCN'98 (Cat. No.98TB100260).

[31]  Xiaohu Tang,et al.  AKA and Authorization Scheme for 4G Mobile Networks Based on Trusted Mobile Platform , 2005, 2005 5th International Conference on Information Communications & Signal Processing.

[32]  Chen Yang,et al.  Batch Attribute-Based Encryption for Secure Clouds , 2015, Inf..

[33]  Laurence T. Yang,et al.  Data Exfiltration From Internet of Things Devices: iOS Devices as Case Studies , 2017, IEEE Internet of Things Journal.

[34]  Feng Zhu,et al.  Password Authenticated Key Exchange Based on RSA for Imbalanced Wireless Networks , 2002, ISC.

[35]  Chin-Chen Chang,et al.  Efficient authentication protocols of GSM , 2005, Comput. Commun..

[36]  Jong Wook Han,et al.  Protection Method for Data Communication between ADS-B Sensor and Next-Generation Air Traffic Control Systems , 2014, Inf..

[37]  Rui Zhang,et al.  An efficient identity-based blind signature scheme without bilinear pairings , 2011, Comput. Electr. Eng..

[38]  Georgios Kambourakis,et al.  Performance Evaluation of Public Key-Based Authentication in Future Mobile Communication Systems , 2004, EURASIP J. Wirel. Commun. Netw..

[39]  Jerome H. Saltzer,et al.  Protecting Poorly Chosen Secrets from Guessing Attacks , 1993, IEEE J. Sel. Areas Commun..

[40]  Fagen Li,et al.  User-to-User Mutual Authentication and Key Agreement Scheme for LTE Cellular System , 2016, Int. J. Netw. Secur..

[41]  Dengguo Feng,et al.  An efficient mutual authentication and key agreement protocol preserving user anonymity in mobile networks , 2011, Comput. Commun..

[42]  H. A. E. Zouka PROVIDING END-TO-END SECURE COMMUNICATIONSIN GSM NETWORKS , 2015 .

[43]  Kim-Kwang Raymond Choo,et al.  Is the data on your wearable device secure? An Android Wear smartwatch case study , 2017, Softw. Pract. Exp..

[44]  Jinn-ke Jan,et al.  A wireless-based authentication and anonymous channels for large scale area , 2001, Proceedings. Sixth IEEE Symposium on Computers and Communications.

[45]  Fagen Li,et al.  Authentication and key agreement scheme for CDMA cellular system , 2015, 2015 IEEE International Conference on Communication Software and Networks (ICCSN).

[46]  Glen Zorn,et al.  Protected EAP Protocol (PEAP) Version 2 , 2004 .

[47]  Jianfeng Ma,et al.  A new authentication scheme with anonymity for wireless environments , 2004, IEEE Trans. Consumer Electron..

[48]  Kim-Kwang Raymond Choo,et al.  iOS Anti-forensics: How Can We Securely Conceal, Delete and Insert Data? , 2014, 2014 47th Hawaii International Conference on System Sciences.

[49]  Kim-Kwang Raymond Choo,et al.  Android mobile VoIP apps: a survey and examination of their security and privacy , 2016, Electron. Commer. Res..

[50]  Rune B. Lyngsø,et al.  Lecture Notes I , 2008 .

[51]  Ulrike Meyer,et al.  A man-in-the-middle attack on UMTS , 2004, WiSe '04.

[52]  Anmin Fu,et al.  A Privacy Preserving Handover Authentication Scheme for EAP-Based Wireless Networks , 2011, 2011 IEEE Global Telecommunications Conference - GLOBECOM 2011.

[53]  Thierry Lucidarme,et al.  Evolved Packet System (EPS): The LTE and SAE Evolution of 3G UMTS , 2008 .

[54]  Ali Aydin Selçuk,et al.  A strong user authentication protocol for GSM , 2005, 14th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprise (WETICE'05).

[55]  Muxiang Zhang,et al.  Security analysis and enhancements of 3GPP authentication and key agreement protocol , 2005, IEEE Transactions on Wireless Communications.

[56]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .