Elsevier

Computer Networks

Volume 218, 9 December 2022, 109400
Computer Networks

An improved and provably secure symmetric-key based 5G-AKA Protocol

https://doi.org/10.1016/j.comnet.2022.109400Get rights and content

Abstract

One of the primary authentication mechanisms defined for the 5G system is the 5G-Authentication and Key Agreement (5G-AKA) protocol. It is set to be used in the next generation of mobile communications but has several serious flaws such as privacy issues, vulnerability to traceability attacks, and has de-synchronization problem. To deal with these issues, An Braeken presented a lightweight authentication mechanism that provides security features not present in 5G-AKA, but the scheme fails to provide perfect forward secrecy. Later Munilla et al. introduced an improved version of the Braeken authentication scheme that claims to provide perfect forward secrecy but is computationally expensive and prone to DoS attacks if the size of the server database is large. Taking this in view, we propose a cost-effective scheme that provides all the security features, including perfect forward secrecy. We do the informal (non-mathematical) and formal analysis (using the ROR, GNY, and Scyther tool) of the security properties of the proposed protocol and show that the proposed protocol provides all the security features. Furthermore, we measure the performance of the proposed protocol in terms of energy consumption and computational, communication and storage costs. The evaluation results show that the proposed protocol takes significantly less cost than most of its competitors. In addition to this, we also compute the performance of the proposed protocol under unknown attacks in terms of computational, communication, and energy consumption costs. The outcome of analysis shows that the proposed protocol takes very less overhead under unknown attacks compared to its competitors.

Introduction

Due to recent advancements in wireless and mobile technology, mobile services have exploded significantly. More than 5.2 billion individuals, or 67% of the global population, had subscribed to mobile services by the end of 2019. Although 4th Generation (4G) mobile technology is now prevalent, 5th Generation (5G) technology is rapidly evolving and is predicted to account for more than 20% of worldwide connections by 2025 [1]. The new mMTC (massive Machine Type Communications) service, which improves on the existing NB-IoT (Narrow Band-Internet of Things) and LTE-M (Long Term Progression Cat-M1) services released in 2015, will make IoT networks an integral component of the 5G evolution. With the number of worldwide IoT connections estimated to nearly double between 2019 and 2025, mMTC is designed to handle connection densities of up to one million devices/ and ultra-low-cost devices, with ultra-low-cost operation and maintenance (battery life of 10–15 years) [2]. However, Mobile technology security has been revealed as a critical issue that may derail or at least postpone large-scale implementation due to privacy issues discovered in previous mobile network generations. The 3GPP consortium (3rd Generation Partnership Project), which created the 3G and 4G standards and is now working on 5G, has already established a security architecture for 5G systems [3] that is 5G-AKA(Authentication and Key Agreement). However, 5G-AKA fails to provide the session-unlinkability, perfect forward secrecy, protection from malicious SN, and de-synchronization attack [4], [5], [6]. Several symmetric or asymmetric encryption-based solutions have been proposed to address these issues. However, they all contain security flaws that make them unsuitable for practical deployment. As a result, there is an urgent need to provide an authentication mechanism that meets all security requirements, as current protocols fail to meet.

Authentication and key agreement (AKA) protocols such as 5G-AKA, 5G-EAP-TLS, and EAP-AKA’ which mutually authenticate subscribers, and operator networks are principally used to offer security and privacy for 5G communication. These protocols have been modified and standardized to safeguard subscribers’ identities using randomized public-key encryption. Unfortunately, despite these improvements, these protocols are vulnerable to a variety of privacy attacks [6], [7], including a replay attack that violates the unlinkability [8] initially devised for previous mobile telephony networks. As a result, several modifications of the 5G-AKA protocol have been suggested in the literature. Some of these variants [6], [7], [8], [9], [10], [11] use public-key encryption and are computationally expensive for ultra-low-cost IoT devices. Others [4], [5], [12], [13], [14] use symmetric encryption for authentication to reduce the computational cost. Though these protocols are lightweight and ideal for ultra-low-cost IoT devices but have some serious vulnerability issues such as violation of perfect forward secrecy and session-unlinkability. To address these issues, An Braeken [15] introduced a lightweight authentication protocol that includes security characteristics not available in 5G-AKA. Later, Munilla et al. [16] offered an upgraded version of [15], since [15] did not offer perfect forward secrecy. While his proposed authentication technique assures perfect forward secrecy, it does have some drawbacks, such as being prone to DoS attacks if the database is large and high computational cost. Our study reveals that all existing protocols are inappropriate for realistic deployment in 5G communication, driving us to develop a secure and cost-effective protocol against the above-stated attacks.

Our contributions are as follows:

  • 1.

    We propose an improved version of the protocol given in [15], which provides all the security features, especially perfect forward secrecy, session-unlinkability, session temporary key material leakage protection, non-repudiation, and is very cost-effective.

  • 2.

    We do the informal (non-mathematical) and formal analysis (mathematical) of the security properties of the proposed protocol using the ROR logic, GNY logic, and Scyther tool. The comparison of the security properties of the proposed protocol with the existing protocols show that the proposed protocol meets all those security requirements which are missing in the other schemes.

  • 3.

    The test-bed experiments on various cryptographic primitives have been performed under two scenarios that are server and Raspberry PI settings using the broadly accepted “Multiprecision Integer and Rational Arithmetic Cryptographic Library (MIRACL) [17]”.

  • 4.

    We compute the costs of the proposed protocol in terms of energy consumption, computational, communication, and storage costs. The cost comparison of the proposed protocol with the existing schemes shows that the proposed protocol is the least costly.

  • 5.

    We evaluate the performance of the proposed protocol and its counterparts under unknown attacks, revealing that the proposed protocol takes significantly less overhead when unknown attacks happen as compared to most of its counterparts.

In Section 2, we summarize the existing literature of 5G authentication, including the research gaps. Preliminaries and background used in the paper are provided in Section 3. Section 4 presents the security analysis of Braeaken’s protocol [15] and Section 5 describes the proposed protocol. Further, informal and formal security analysis of the proposed protocols are discussed in Section 6 and in Section 7, respectively. The performance of the proposed protocol along with existing protocols are demonstrated in Section 8 followed by the conclusion in Section 9.

Section snippets

Related work

This section examines the current state-of-the-art solutions for 5G authentication, which are classified into two types.

Preliminaries and background

This section introduces the preliminaries and provides background information.

Analysis of Braeken scheme [15]

An Braeken designed a lightweight authentication mechanism to overcome the security flaws of 5G-AKA. The authentication mechanism uses the hash function and x-or operation to secure the authentication. There are two phases in the authentication scheme namely: (1) registration phase and (2) authentication phase.

Proposed protocol

In this section, we present a improved version of Braeken [15] authentication scheme. We update the long term key K and certain hash functions in order to be able to offer resistance against session temporary key material leakage and non-repudiation in addition to perfect forward secrecy. At the same time, the proposed scheme is also more cost-effective as compared to protocols proposed in [15], [16]. There are two phases in the proposed protocol outlined below.

  • Registration phase: In this

Informal analysis of the proposed protocol

In this section, we do an informal assessment (non-mathematical) of the proposed protocol to confirm that it satisfies the security requirements stated in Section 3.3.

Proposition 1

The proposed protocol provides mutual authentication.

Proof

When HN receives A,B,F1,f,I,J, it extracts R2 and n to compute the F1. After that, HN compares {F1==F1}, if they match, HN believes that UE is authentic because only UE knows secret K1 included in F1. On the other side, when UE receives the authentication response D1,D2,D3,

Formal security analysis

This section demonstrate the formal verification of the proposed protocol using Real-Or-Random (ROR) logic, GNY logic, and Scyther tool to depict that proposed protocol offer all the security feature as mentioned in Section 3.3.

Performance measurements

In this section, we conduct a series of tests such as security characteristic examination and overhead analysis to assess the effectiveness of the proposed protocol.

Conclusion

In this work, we investigate the security of two recently proposed papers [15], [16] and find that [15] is vulnerable to perfect forward secrecy, while [16] is prone to DoS attack if the server database size is large and has a high cost. In light of this, we designed an improved authentication protocol that is superior in terms of security features and cost-effective to most of its competitors. We informally (non-mathematical) verify the proposed protocol’s security properties, demonstrating

CRediT authorship contribution statement

Awaneesh Kumar Yadav: Designing of authentication mechanisms, Formal analysis, Informal analysis, Practical implementation. Manoj Misra: Authentication mechanism, Problem formulation, Writing – original draft, Overall organization of the draft. Pradumn Kumar Pandey: Writing – original draft, Grammar checking, Overall organization of the draft. An Braeken: Authentication mechanism, Problem formulation, Writing – original draft, Overall organization of the draft. Madhusanka Liyange: Writing –

Declaration of Competing Interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Awaneesh Kumar Yadav is doing Ph.D. in the Department of Computer Science and Engineering, Indian Institute of Technology Roorkee, India. His research area includes Network security, 5G security, Network Slice, formal verification, IoT & Cloud Security. He did his M.Tech in the Department of Computer Science and Engineering, National Institute of Technology Rourkela, India, in 2019.

References (40)

  • GharsallahIkram et al.

    A secure efficient and lightweight authentication protocol for 5g cellular networks: Sel-aka

  • BraekenAn et al.

    Novel 5G authentication protocol to improve the resistance against active attacks and malicious serving networks

    IEEE Access

    (2019)
  • Yuchen Wang, Zhenfeng Zhang, Yongquan Xie, Privacy-Preserving and Standard-Compatible {AKA} Protocol for 5G, in: 30th...
  • RamadanMohammed et al.

    Identity-based signature with server-aided verification scheme for 5g mobile systems

    IEEE Access

    (2020)
  • KoutsosAdrien

    The 5G-AKA authentication protocol privacy

  • LiuTian et al.

    A new authentication and key agreement protocol for 5G wireless networks

    Telecommun. Syst.

    (2021)
  • HojjatiMaede et al.

    A blockchain-based authentication and key agreement (AKA) protocol for 5G networks

    IEEE Access

    (2020)
  • ParneBalu L et al.

    PPSE: Privacy preservation and security efficient AKA protocol for 5G communication networks

  • CaoJin et al.

    LSAA: a lightweight and secure access authentication scheme for both UE and mMTC devices in 5G networks

    IEEE Internet Things J.

    (2020)
  • MIRACL cryptographic SDK: Multiprecision integer and rational arithmetic cryptographic library

    (2022)
  • Cited by (0)

    Awaneesh Kumar Yadav is doing Ph.D. in the Department of Computer Science and Engineering, Indian Institute of Technology Roorkee, India. His research area includes Network security, 5G security, Network Slice, formal verification, IoT & Cloud Security. He did his M.Tech in the Department of Computer Science and Engineering, National Institute of Technology Rourkela, India, in 2019.

    Manoj Misra is a Professor in Department of Computer Science and Engineering at IIT Roorkee. Dr. Misra got his Ph.D. from University of New Castle upon Tyne and has past experience of working as an Engineer at CMC Limited Noida, Assistant Engineer at Hindustan Aeronautic Limited at Kanpur India, Assistant Professor at HBTI Kanpur. His research interests include Distributed Computing, Performance Evaluation, Computer Networks, Network Security and Cyber frauds.

    Pradumn Kumar Pandey received the Bachelor of Technology and Ph.D. degrees in computer science and engineering from IIT Jodhpur, Jheepasani, India, in 2012 and 2018, respectively. He was an Institute Post-Doctoral Fellow with the Department of Computer Science and Engineering, IIT Kharagpur, Kharagpur, India, from May to September 2018. He worked as a DST INSPIRE Faculty Member with the Department of Computer Science and Engineering, IIT Roorkee, Roorkee, India, from October 2018 to October 2019, where he has been working as an Assistant Professor since November 2019. His research areas include modelling of complex networks, information diffusion on real networks, social security on online social networks, and network representation learning

    An Braeken is full time professor at VUB-INDI. Her interests include lightweight security and privacy protocols for IoT, cloud and fog, blockchain and 5G security. She has developed several lightweight security solutions in the healthcare domain in collaboration with University of Oulu, University College Dublin and University of Oxford. She is (co-)author of over 200 publications. She has been member of the program committee for numerous conferences and workshops and member of the editorial board for Security and Communications magazine. In addition, she is since 2015 expert reviewer for several EU calls. She has cooperated and coordinated more than 15 national and international projects.

    Madhusanka Liyanage is an Assistant Professor/Ad Astra Fellow and Director of Graduate Research at the School of Computer Science, University College Dublin, Ireland. He is also acting as a Docent/Adjunct Professor at the Center for Wireless Communications, University of Oulu, Finland, and Honorary Adjunct Professor at the Department of Electrical and Information Engineering, University of Ruhuna, Sri Lanka. He received his Doctor of Technology degree in communication engineering from the University of Oulu, Oulu, Finland, in 2016. From 2011 to 2012, he worked as a Research Scientist at the I3S Laboratory and Inria, Sophia Antipolis, France. He was also a recipient of the prestigious Marie Skłodowska-Curie Actions Individual Fellowship and Government of Ireland Postdoctoral Fellowship during 2018–2020. During 2015–2018, he has been a Visiting Research Fellow at the CSIRO, Australia, the Infolabs21, Lancaster University, U.K., Computer Science and Engineering, The University of New South Wales, Australia, School of IT, University of Sydney, Australia, LIP6, Sorbonne University, France and Computer Science and Engineering, The University of Oxford, U.K. He is also a senior member of IEEE. In 2020, he received the “2020 IEEE ComSoc Outstanding Young Researcher” award by IEEE ComSoc EMEA. In 2021, he was ranked among the World’s Top 2% Scientists (2020) in the List prepared by Elsevier BV, Stanford University, USA. Also, he was awarded an Irish Research Council (IRC) Research Ally Prize as part of the IRC Researcher of the Year 2021 awards for the positive impact he has made as a supervisor. Dr. Liyanage’s research interests are 5G/6G, SDN, IoT, Blockchain, MEC, mobile, and virtual network security. More info: www.madhusanka.com

    View full text