Skip to main content
SpringerLink
Log in

A Security Extension Providing User Anonymity and Relaxed Trust Requirement in Non-3GPP Access to the EPS

  • Conference paper
Information Systems Security (ICISS 2014)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8880))

Included in the following conference series:

Abstract

Third Generation Partnership Project (3GPP) has standardized the Evolved Packet System (EPS) as a part of their Long Term Evolution System Architecture Evolution (LTE/SAE) initiative. In order to provide ubiquitous services to the subscribers and to facilitate interoperability, EPS supports multiple access technologies where both 3GPP and Non-3GPP defined access networks are allowed to connect to a common All-IP core network called the Evolved Packet Core (EPC). However, a factor that continues to limit this endeavor is the trust requirement with respect to the subscriber’s identity privacy. There are occasions during Non-3GPP access to the EPS when intermediary network elements like the access networks that may even belong to third party operators have to be confided with the subscriber’s permanent identity. In this paper, we propose a security extension that relaxes this requirement. Contrary to several other solutions proposed recently in this area, our solution can be adopted as an extension to the existing security mechanism. Moreover, it has to be implemented only at the operators level without imposing any change in the intermediary network elements. We also show that the extension meets its security goals through a formal analysis carried out using AUTLOG.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 3GPP: Formal Analysis of the 3G Authentication Protocol. TR 33.902, 3rd Generation Partnership Project (3GPP) (2001), http://www.3gpp.org/ftp/Specs/html-info/33902.htm

  2. 3GPP: Numbering, addressing and identification. TS 23.003, 3rd Generation Partnership Project (3GPP) (2011), http://www.3gpp.org/ftp/Specs/html-info/23003.htm

  3. 3GPP: 3G Security; Security architecture. TS 33.102, 3rd Generation Partnership Project (3GPP) (2012), http://www.3gpp.org/ftp/Specs/html-info/33102.htm

  4. 3GPP: 3GPP System Architecture Evolution (SAE);Security aspects of non-3GPP accesses. TS 33.402, 3rd Generation Partnership Project (3GPP) (2012), http://www.3gpp.org/ftp/Specs/html-info/33402.htm

  5. 3GPP: Architecture enhancements for non-3GPP accesses. TS 23.402, 3rd Generation Partnership Project (3GPP) (2012), http://www.3gpp.org/ftp/Specs/html-info/23402.htm

  6. Burrows, M., Abadi, M., Needham, R.M.: A logic of authentication. Proceedings of the Royal Society of London. A. Mathematical and Physical Sciences 426(1871), 233–271 (1989)

    Article  MATH  MathSciNet  Google Scholar 

  7. Chang, C., Lee, C., Chiu, Y.: Enhanced authentication scheme with anonymity for roaming service in global mobility networks. Computer Communications 32(4), 611–618 (2009)

    Article  Google Scholar 

  8. Chen, C., He, D., Chan, S., Bu, J., Gao, Y., Fan, R.: Lightweight and provably secure user authentication with anonymity for the global mobility network. International Journal of Communication Systems 24(3), 347–362 (2011)

    Article  Google Scholar 

  9. Choudhury, H., Roychoudhury, B., Saikia, D.K.: End-to-end user identity confidentiality for umts networks. In: 2010 3rd IEEE International Conference on Computer Science and Information Technology (ICCSIT), vol. 2, pp. 46–50. IEEE (2010)

    Google Scholar 

  10. Choudhury, H., Roychoudhury, B., Saikia, D.: Umts user identity confidentiality: An end-to-end solution. In: 2011 Eighth International Conference on Wireless and Optical Communications Networks (WOCN), pp. 1–6. IEEE (2011)

    Google Scholar 

  11. Choudhury, H., Roychoudhury, B., Saikia, D.: Enhancing user identity privacy in lte. In: 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 949–957. IEEE (2012)

    Google Scholar 

  12. Feng, T., Zhou, W., Li, X.: Anonymous identity authentication scheme in wireless roaming communication. In: 2012 8th International Conference on Computing Technology and Information Management (ICCM), vol. 1, pp. 124–129. IEEE (2012)

    Google Scholar 

  13. He, D., Bu, J., Chan, S., Chen, C., Yin, M.: Privacy-preserving universal authentication protocol for wireless communications. IEEE Transactions on Wireless Communications 10(2), 431–436 (2011)

    Article  Google Scholar 

  14. He, D., Chan, S., Chen, C., Bu, J., Fan, R.: Design and validation of an efficient authentication scheme with anonymity for roaming service in global mobility networks. Wireless Personal Communications 61(2), 465–476 (2011)

    Article  Google Scholar 

  15. He, D., Chen, C., Chan, S., Bu, J.: Analysis and improvement of a secure and efficient handover authentication for wireless networks. IEEE Communications Letters 16(8), 1270–1273 (2012)

    Article  Google Scholar 

  16. He, D., Chen, C., Chan, S., Bu, J.: Secure and efficient handover authentication based on bilinear pairing functions. IEEE Transactions on Wireless Communications 11(1), 48–53 (2012)

    Article  Google Scholar 

  17. He, D., Ma, M., Zhang, Y., Chen, C., Bu, J.: A strong user authentication scheme with smart cards for wireless communications. Computer Communications 34(3), 367–374 (2011)

    Article  Google Scholar 

  18. He, Q., Wu, D., Khosla, P.: The quest for personal control over mobile location privacy. IEEE Communications Magazine 42(5), 130–136 (2004)

    Article  Google Scholar 

  19. Herzberg, A., Krawczyk, H., Tsudik, G.: On travelling incognito. In: First Workshop on Mobile Computing Systems and Applications, WMCSA 1994, pp. 205–211. IEEE (1994)

    Google Scholar 

  20. Horn, G., Preneel, B.: Authentication and payment in future mobile systems. In: Quisquater, J.-J., Deswarte, Y., Meadows, C., Gollmann, D. (eds.) ESORICS 1998. LNCS, vol. 1485, pp. 277–293. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  21. Jiang, Q., Ma, J., Li, G., Yang, L.: An enhanced authentication scheme with privacy preservation for roaming service in global mobility networks. In: Wireless Personal Communications, pp. 1–15 (2012)

    Google Scholar 

  22. Kaufman, C., Hoffman, P., Nir, Y., Eronen, P.: Internet key exchange protocol version 2 (ikev2). The Internet Engineering Task Force Request for Comments (IETF RFC) 5996 (2010)

    Google Scholar 

  23. Kuo, W.C., Wei, H.J., Cheng, J.C.: An efficient and secure anonymous mobility network authentication scheme. Journal of Information Security and Applications (2014)

    Google Scholar 

  24. Lee, C., Chen, C., Ou, H., Chen, L.: Extension of an efficient 3gpp authentication and key agreement protocol. Wireless Personal Communications, 1–12 (2011)

    Google Scholar 

  25. Lee, C., Hwang, M., Liao, I.: Security enhancement on a new authentication scheme with anonymity for wireless environments. IEEE Transactions on Industrial Electronics 53(5), 1683–1687 (2006)

    Article  Google Scholar 

  26. Lin, H., Harn, L.: Authentication protocols for personal communication systems. ACM SIGCOMM Computer Communication Review 25(4), 256–261 (1995)

    Article  Google Scholar 

  27. Liu, H., Liang, M.: Privacy-preserving registration protocol for mobile network. International Journal of Communication Systems (2012)

    Google Scholar 

  28. Park, J., Go, J., Kim, K.: Wireless authentication protocol preserving user anonymity. In: Proceedings of the 2001 Symposium on Cryptography and Information Security (SCIS 2001), vol. 26, pp. 159–164. Citeseer (2001)

    Google Scholar 

  29. Samfat, D., Molva, R., Asokan, N.: Untraceability in mobile networks. In: Proceedings of the 1st Annual International Conference on Mobile Computing and Networking, pp. 26–36. ACM (1995)

    Google Scholar 

  30. Trai: Highlights on telecom subscription data as on 07 july 2014. Press release, Telecom Regulatory Authority of India (2014)

    Google Scholar 

  31. Varadharajan, V., Mu, Y.: Preserving privacy in mobile communications: a hybrid method. In: 1997 IEEE International Conference on Personal Wireless Communications, pp. 532–536. IEEE (1997)

    Google Scholar 

  32. Wedel, G., Kessler, V.: Formal semantics for authentication logics. In: Martella, G., Kurth, H., Montolivo, E., Bertino, E. (eds.) ESORICS 1996. LNCS, vol. 1146, pp. 219–241. Springer, Heidelberg (1996)

    Chapter  Google Scholar 

  33. Wong, D.: Security analysis of two anonymous authentication protocols for distributed wireless networks. In: Third IEEE International Conference on Pervasive Computing and Communications Workshops, PerCom 2005 Workshops, pp. 284–288. IEEE (2005)

    Google Scholar 

  34. Wu, C., Lee, W., Tsaur, W.: A secure authentication scheme with anonymity for wireless communications. IEEE Communications Letters 12(10), 722–723 (2008)

    Article  Google Scholar 

  35. Xie, Q., Hu, B., Tan, X., Bao, M., Yu, X.: Robust anonymous two-factor authentication scheme for roaming service in global mobility network. Wireless Personal Communications 74(2), 601–614 (2014)

    Article  Google Scholar 

  36. Yang, G., Wong, D., Deng, X.: Anonymous and authenticated key exchange for roaming networks. IEEE Transactions on Wireless Communications 6(9), 3461–3472 (2007)

    Article  Google Scholar 

  37. Youn, T., Park, Y., Lim, J.: Weaknesses in an anonymous authentication scheme for roaming service in global mobility networks. IEEE Communications Letters 13(7), 471–473 (2009)

    Article  Google Scholar 

  38. Zeng, P., Cao, Z., Choo, K., Wang, S.: On the anonymity of some authentication schemes for wireless communications. IEEE Communications Letters 13(3), 170–171 (2009)

    Article  Google Scholar 

  39. Zhou, T., Xu, J.: Provable secure authentication protocol with anonymity for roaming service in global mobility networks. Computer Networks 55(1), 205–213 (2011)

    Article  MATH  Google Scholar 

  40. Zhu, J., Ma, J.: A new authentication scheme with anonymity for wireless environments. IEEE Transactions on Consumer Electronics 50(1), 231–235 (2004)

    Article  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Computer Science, St. Edmund’s College, Shillong, India

    Hiten Choudhury

  2. Indian Institute of Management, Shillong, India

    Basav Roychoudhury

  3. National Institute of Technology Meghalaya, Shillong, India

    Dilip kr. Saikia

Authors
  1. Hiten Choudhury
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Basav Roychoudhury
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dilip kr. Saikia
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of EECS, University of Michigan, 48109-2121, Ann Arbor, MI, USA

    Atul Prakash

  2. Faculty of Technology and Computer Science, Tata Institute of Fundamental Research, Homi Bhabha Road, 400005, Mumbai, India

    Rudrapatna Shyamasundar

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Choudhury, H., Roychoudhury, B., Saikia, D.k. (2014). A Security Extension Providing User Anonymity and Relaxed Trust Requirement in Non-3GPP Access to the EPS. In: Prakash, A., Shyamasundar, R. (eds) Information Systems Security. ICISS 2014. Lecture Notes in Computer Science, vol 8880. Springer, Cham. https://doi.org/10.1007/978-3-319-13841-1_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-13841-1_13

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-13840-4

  • Online ISBN: 978-3-319-13841-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation