Security Analysis of 5G Network EAP-AKA′ Protocol Based on Lowe’s Taxonomy

Caixia LIU; Xinxin HU; Shuxin LIU; Wei YOU; Yu ZHAO

doi:10.11999/JEIT190063

Volume 41 Issue 8

Aug. 2019

Turn off MathJax

Article Contents

Article Navigation > Journal of Electronics & Information Technology > 2019 > 41(8): 1800-1807

Caixia LIU, Xinxin HU, Shuxin LIU, Wei YOU, Yu ZHAO. Security Analysis of 5G Network EAP-AKA′ Protocol Based on Lowe’s Taxonomy[J]. Journal of Electronics & Information Technology, 2019, 41(8): 1800-1807. doi: 10.11999/JEIT190063

Citation:

Caixia LIU, Xinxin HU, Shuxin LIU, Wei YOU, Yu ZHAO. Security Analysis of 5G Network EAP-AKA′ Protocol Based on Lowe’s Taxonomy[J]. Journal of Electronics & Information Technology, 2019, 41(8): 1800-1807. doi: 10.11999/JEIT190063

Citation:

PDF( 1819 KB)

Security Analysis of 5G Network EAP-AKA′ Protocol Based on Lowe’s Taxonomy

doi: 10.11999/JEIT190063

National Digital Switching System Engineering & Technological R&D Center, Zhengzhou 450002, China

Funds: The National Natural Science Fund for Innovative Research Groups (61521003), The National Natural Science Foundation of China (61801515)

Received Date: 2019-01-23
Rev Recd Date: 2019-05-19

Available Online: 2019-05-27

Publish Date: 2019-08-01

Abstract

Abstract

Mobile network authentication protocol attacks continue to emerge. For the new 5G network protocol EAP-AKA', an EAP-AKA' security analysis method based on Lowe’s taxonomy is proposed. Firstly, 5G network, EAP-AKA', communication channel and adversary are formally modeled. Then Lowe authentication property is formally modeled. Using the TAMARIN prover, objectives of the security anchor key K_SEAF are analyzed, such as Lowe’s taxonomy, perfect forward secrecy, confidentiality, etc. Four attack paths under 3GPP implicit authentication mode are discovered. Two improved schemes are proposed for the discovered security problems and their security is verified. Finally, the security of the two authentication protocols EAP-AKA’ and 5G AKA of the 5G network is compared, and it is found that the former is safer in terms of Lowe authentication property.
- Network security,
- Security anchor key,
- \begin{document}$ '$\end{document}')">EAP-AKA\begin{document}$ '$\end{document},
- Lowe’s taxonomy,
- Dolev-Yao adversary model,
- TAMARIN

FullText(HTML)

References(17)

References

ARAPINIS M, MANCINI L, RITTER E, et al. New privacy issues in mobile telephony: Fix and verification[C]. Proceedings of 2012 ACM Conference on Computer and Communications Security, Raleigh, North Carolina, USA, 2012: 205–216.

HUSSAIN S R, CHOWDHURY O, MEHNAZ S, et al. LTEInspector: A systematic approach for adversarial testing of 4G LTE[C]. Network and Distributed Systems Security (NDSS), San Diego, California, USA, 2018.

BORGAONKAR R, HIRSHI L, PARK S, et al. New adventures in spying 3G & 4G users: Locate, track, monitor[EB/OL]. https://www.blackhat.com/docs/us-17/wednesday/us-17-Borgaonkar-New-Adventures-In-Spying-3G-And-4G-Users-Locate-Track-And-Monitor.pdf, 2017.

ZHANG Muxiang and FANG Yuguang. Security analysis and enhancements of 3GPP authentication and key agreement protocol[J]. IEEE Transactions on Wireless Communications, 2005, 4(2): 734–742. doi: 10.1109/twc.2004.842941

RUPPRECHT D, KOHLS K, HOLZ T, et al. Breaking LTE on layer two[C]. The 40th IEEE Symposium on Security and Privacy, San Francisco, USA, 2019.

SHAIK A, BORGAONKAR R, SEIFERT J P, et al. Practical attacks against privacy and availability in 4G/LTE[C]. The 23nd Annual Network and Distributed System Security (NDSS), San Diego‚ California, USA, 2016.

HUSSAIN S R, ECHEVERRIA M, CHOWDHURY O, et al. Privacy attacks to the 4G and 5G cellular paging protocols using side channel information[C]. The 23nd Annual Network and Distributed System Security (NDSS), San Diego‚ California, USA, 2019.

RAVISHANKAR B, LUCCA H, SHINJO P, et al. New privacy threat on 3G, 4G, and upcoming 5G AKA protocols[C]. Privacy Enhancing Technologies, Stockholm, Sweden, 2019.

BASIN D, DREIER J, HIRSCHI L, et al. A formal analysis of 5G authentication[C]. 2018 ACM SIGSAC Conference on Computer and Communications Security, Toronto, Canada, 2018: 1383–1396.

KOUTSOS A. The 5G-AKA authentication protocol privacy[EB/OL]. https://arxiv.org/pdf/1811.06922.pdf, 2019.

FERRAG M A, MAGLARAS L, ARGYRIOU A, et al. Security for 4G and 5G cellular networks: A survey of existing authentication and privacy-preserving schemes[J]. Journal of Network and Computer Applications, 2018, 101: 55–82. doi: 10.1016/j.jnca.2017.10.017

RUPPRECHT D, DABROWSKI A, HOLZ T, et al. On security research towards future mobile network generations[J]. IEEE Communications Surveys & Tutorials, 2018, 20(3): 2518–2542. doi: 10.1109/COMST.2018.2820728

JI Xinsheng, HUANG Kaizhi, JIN Liang, et al. Overview of 5G security technology[J]. Science China Information Sciences, 2018, 61(8): 081301. doi: 10.1007/s11432-017-9426-4

刘彩霞, 李凌书, 汤红波, 等. 基于子图同构的vEPC虚拟网络分层协同映射算法[J]. 电子与信息学报, 2017, 39(5): 1170–1177. doi: 10.11999/JEIT160642

LIU Caixia, LI Lingshu, TANG Hongbo, et al. Hierarchical coordination strategy for vEPC virtual network embedding based on subgraph isomorphism[J]. Journal of Electronics &Information Technology, 2017, 39(5): 1170–1177. doi: 10.11999/JEIT160642

DOLEV D and YAO A. On the security of public key protocols[J]. IEEE Transactions on Information Theory, 1983, 29(2): 198–208. doi: 10.1109/TIT.1983.1056650

LOWE G. A hierarchy of authentication specifications[C]. The 10th Computer Security Foundations Workshop, Rockport, USA, 1997: 31–43.

3GPP. 3GPP TS 33.501 Security architecture and procedures for 5G system (Release 15)[S].Nice: 3GPP, 2018.

Relative Articles

Supplements(0)

Cited By

Proportional views