Advanced Search
Volume 41 Issue 8
Aug.  2019
Turn off MathJax
Article Contents
Caixia LIU, Xinxin HU, Shuxin LIU, Wei YOU, Yu ZHAO. Security Analysis of 5G Network EAP-AKA′ Protocol Based on Lowe’s Taxonomy[J]. Journal of Electronics & Information Technology, 2019, 41(8): 1800-1807. doi: 10.11999/JEIT190063
Citation: Caixia LIU, Xinxin HU, Shuxin LIU, Wei YOU, Yu ZHAO. Security Analysis of 5G Network EAP-AKA′ Protocol Based on Lowe’s Taxonomy[J]. Journal of Electronics & Information Technology, 2019, 41(8): 1800-1807. doi: 10.11999/JEIT190063

Security Analysis of 5G Network EAP-AKA′ Protocol Based on Lowe’s Taxonomy

doi: 10.11999/JEIT190063
Funds:  The National Natural Science Fund for Innovative Research Groups (61521003), The National Natural Science Foundation of China (61801515)
  • Received Date: 2019-01-23
  • Rev Recd Date: 2019-05-19
  • Available Online: 2019-05-27
  • Publish Date: 2019-08-01
  • Mobile network authentication protocol attacks continue to emerge. For the new 5G network protocol EAP-AKA', an EAP-AKA' security analysis method based on Lowe’s taxonomy is proposed. Firstly, 5G network, EAP-AKA', communication channel and adversary are formally modeled. Then Lowe authentication property is formally modeled. Using the TAMARIN prover, objectives of the security anchor key KSEAF are analyzed, such as Lowe’s taxonomy, perfect forward secrecy, confidentiality, etc. Four attack paths under 3GPP implicit authentication mode are discovered. Two improved schemes are proposed for the discovered security problems and their security is verified. Finally, the security of the two authentication protocols EAP-AKA’ and 5G AKA of the 5G network is compared, and it is found that the former is safer in terms of Lowe authentication property.
  • loading
  • ARAPINIS M, MANCINI L, RITTER E, et al. New privacy issues in mobile telephony: Fix and verification[C]. Proceedings of 2012 ACM Conference on Computer and Communications Security, Raleigh, North Carolina, USA, 2012: 205–216.
    HUSSAIN S R, CHOWDHURY O, MEHNAZ S, et al. LTEInspector: A systematic approach for adversarial testing of 4G LTE[C]. Network and Distributed Systems Security (NDSS), San Diego, California, USA, 2018.
    BORGAONKAR R, HIRSHI L, PARK S, et al. New adventures in spying 3G & 4G users: Locate, track, monitor[EB/OL]. https://www.blackhat.com/docs/us-17/wednesday/us-17-Borgaonkar-New-Adventures-In-Spying-3G-And-4G-Users-Locate-Track-And-Monitor.pdf, 2017.
    ZHANG Muxiang and FANG Yuguang. Security analysis and enhancements of 3GPP authentication and key agreement protocol[J]. IEEE Transactions on Wireless Communications, 2005, 4(2): 734–742. doi: 10.1109/twc.2004.842941
    RUPPRECHT D, KOHLS K, HOLZ T, et al. Breaking LTE on layer two[C]. The 40th IEEE Symposium on Security and Privacy, San Francisco, USA, 2019.
    SHAIK A, BORGAONKAR R, SEIFERT J P, et al. Practical attacks against privacy and availability in 4G/LTE[C]. The 23nd Annual Network and Distributed System Security (NDSS), San Diego‚ California, USA, 2016.
    HUSSAIN S R, ECHEVERRIA M, CHOWDHURY O, et al. Privacy attacks to the 4G and 5G cellular paging protocols using side channel information[C]. The 23nd Annual Network and Distributed System Security (NDSS), San Diego‚ California, USA, 2019.
    RAVISHANKAR B, LUCCA H, SHINJO P, et al. New privacy threat on 3G, 4G, and upcoming 5G AKA protocols[C]. Privacy Enhancing Technologies, Stockholm, Sweden, 2019.
    BASIN D, DREIER J, HIRSCHI L, et al. A formal analysis of 5G authentication[C]. 2018 ACM SIGSAC Conference on Computer and Communications Security, Toronto, Canada, 2018: 1383–1396.
    KOUTSOS A. The 5G-AKA authentication protocol privacy[EB/OL]. https://arxiv.org/pdf/1811.06922.pdf, 2019.
    FERRAG M A, MAGLARAS L, ARGYRIOU A, et al. Security for 4G and 5G cellular networks: A survey of existing authentication and privacy-preserving schemes[J]. Journal of Network and Computer Applications, 2018, 101: 55–82. doi: 10.1016/j.jnca.2017.10.017
    RUPPRECHT D, DABROWSKI A, HOLZ T, et al. On security research towards future mobile network generations[J]. IEEE Communications Surveys & Tutorials, 2018, 20(3): 2518–2542. doi: 10.1109/COMST.2018.2820728
    JI Xinsheng, HUANG Kaizhi, JIN Liang, et al. Overview of 5G security technology[J]. Science China Information Sciences, 2018, 61(8): 081301. doi: 10.1007/s11432-017-9426-4
    刘彩霞, 李凌书, 汤红波, 等. 基于子图同构的vEPC虚拟网络分层协同映射算法[J]. 电子与信息学报, 2017, 39(5): 1170–1177. doi: 10.11999/JEIT160642

    LIU Caixia, LI Lingshu, TANG Hongbo, et al. Hierarchical coordination strategy for vEPC virtual network embedding based on subgraph isomorphism[J]. Journal of Electronics &Information Technology, 2017, 39(5): 1170–1177. doi: 10.11999/JEIT160642
    DOLEV D and YAO A. On the security of public key protocols[J]. IEEE Transactions on Information Theory, 1983, 29(2): 198–208. doi: 10.1109/TIT.1983.1056650
    LOWE G. A hierarchy of authentication specifications[C]. The 10th Computer Security Foundations Workshop, Rockport, USA, 1997: 31–43.
    3GPP. 3GPP TS 33.501 Security architecture and procedures for 5G system (Release 15)[S].Nice: 3GPP, 2018.
  • 加载中

Catalog

    通讯作者: 陈斌, bchen63@163.com
    • 1. 

      沈阳化工大学材料科学与工程学院 沈阳 110142

    1. 本站搜索
    2. 百度学术搜索
    3. 万方数据库搜索
    4. CNKI搜索

    Figures(6)  / Tables(6)

    Article Metrics

    Article views (3562) PDF downloads(138) Cited by()
    Proportional views
    Related

    /

    DownLoad:  Full-Size Img  PowerPoint
    Return
    Return