Skip to main content
SpringerLink
Log in

Making HeNB More Secure with Improved Secure Access Protocol and Analyzing It

  • Conference paper
  • First Online:
Book cover Mobile Networks and Management (MONAMI 2015)

Included in the following conference series:

  • 560 Accesses

Abstract

The 3rd Generation Partnership Project (3GPP) defined a new architecture, called Home eNode B (HeNB). HeNB is able to provide new services with higher data rate in a low cost. Security is a critical aspect of HeNB. In order to have HeNB secure access to core network, 3GPP defines an authentication protocol based on IKEv2. A number of security vulnerabilities such as HeNB masquerading have not been addressed and solved by 3GPP technical specification yet. In this paper an improved HeNB authentication protocol is introduced which does not allow an attacker to connect unauthorized network users using a mask. Finally, we evaluate our protocol performance and verify it by Automated Validation of Internet Security Protocols and Applications (AVISPA). Through our security analysis, we conclude that not only the proposed protocol prevents the various security threats but also it has no significant effect on authentication delay and cost.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 72.00
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Forsberg, D., Horn, G., Moeller, W., Niemi, V.: LTE Security. Wiley Publishing, New York (2010)

    Book  Google Scholar 

  2. Ali-Yahiya, T.: Understanding LTE and its Performance. Springer, Berlin (2011)

    Book  Google Scholar 

  3. Doraswamy, N., Harkins, D.: IPSec: The New Security Standard for the Internet, Intranets, and Virtual Private Networks, 2nd edn. Prentice Hall PTR, Upper Saddle River (2003)

    Google Scholar 

  4. 3rd Generation Partnership Project: Technical Specification Group Services and System Aspects; Security of H(e)NB (Rel. 8). 3GPP TR 33.820 v1.3.0 (January 2009)

    Google Scholar 

  5. Chengzhe, L., Hui, L., Yueyu, Z., Jin, C.: Simple and Low-cost re-authentication protocol for HeNB. IEEE J. Mag. Chin. Commun. 10, 105–115 (2013)

    Article  Google Scholar 

  6. Zong, Z., Zhou, X., Zhu, L.: HNB or HeNB security access method and system and core network element. U.S. Patent No. 355, 299, Shenzhen City (2014)

    Google Scholar 

  7. Han, C.K., Choi, H.K., Kim, I.H.: Building femtocell more secure with improved proxy signature. In: Global Telecommunications Conference, pp. 1–6 (2009)

    Google Scholar 

  8. Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., Levkowetz, H.: Extensible authentication protocol (EAP). RFC3748 (2004)

    Google Scholar 

  9. Arkko, J., Haverinen, H.: Authentication and key agreement (EAP-AKA). RFC4187 (2006)

    Google Scholar 

  10. Narayanan, V., Dondeti, L.: EAP extensions for EAP re-authentication protocol (ERP). RFC5296 (2008)

    Google Scholar 

  11. Kent, S., Atkinson, R.: Security architecture for the internet protocol. RFC2401 (1998)

    Google Scholar 

  12. Kent, S., Atkinson, R.: IP authentication header. RFC2402 (1998)

    Google Scholar 

  13. Kent, S., Atkinson, R.: IP encapsulating security payload (ESP). RFC2406 (1998)

    Google Scholar 

  14. Piper, D.: The internet IP security domain of interpretation for ISAKMP. RFC2407 (1998)

    Google Scholar 

  15. Clancy, T., Nakhjiri, M., Narayanan, V., Dondeti, L.: Handover key management and re-authentication problem statement. RFC5169 (2008)

    Google Scholar 

  16. 3rd generation partnership project: technical specification group services and system aspects; 3GPP system architecture evolution (SAE); security architecture (Release 10). 3GPP TS 33.401 V10.2.0 (September 2011)

    Google Scholar 

  17. 3rd generation partnership project: technical specification group services and system aspects; rationale and track of security decisions in long term evolved (LTE) RAN/3GPP System Architecture Evolution (SAE) (Release 8). 3GPP TR 33.821 V8.0.0 (March 2009)

    Google Scholar 

  18. Han, C.K.: Security analysis and enhancements in LTE-advanced networks. Ph.D. Thesis, Sungkyunkwan University (2011)

    Google Scholar 

  19. Cao, J., Ma, M., Li, H., Zhang, Y., Luo, Z.: A survey on security aspects for LTE and LTE-A networks. IEEE J. Mag. Commun. Surv. Tutorials 16, 283–302 (2014)

    Article  Google Scholar 

  20. Smaoui, S., Zarai, F., Kamoun, L.: IPSec tunnel establishment for 3GPP-WLAN interworking. In: 8th International Conference on Informatics and Systems (INFOS), pp 74–80 (2012)

    Google Scholar 

  21. Raza, H.: A brief survey of radio access network backhaul evolution, Part I. IEEE J. Mag. Commun. Mag. 49, 164–171 (2011)

    Article  Google Scholar 

  22. Raza, H.: A brief survey of radio access network backhaul evolution, Part II. IEEE J. Mag. Commun. Mag. 51, 170–177 (2013)

    Article  Google Scholar 

  23. Ntantogian, C., Xenakis, C.: One-pass EAP-AKA authentication in 3G-WLAN integrated networks. Wireless Pers. Commu. 48, 569–584 (2009)

    Article  Google Scholar 

  24. OPENSSL[EB/OL] (2012). http://www.openssl.org/

  25. AVISPA—Automated Validation of Internet Security Protocols [EB/OL] (2012). http://www.avispa-project.org

Download references

Author information

Authors and Affiliations

  1. Informatics Services Corporation (ISC), Network Support Building, Tehran, Iran

    Fariba Ghasemi Najm

  2. Faculty of Information, Communication and Security Technology, Malek Ashtar University of Technology (MUT), Tehran, Iran

    Ali Payandeh

  3. Faculty of Computer Engineering, Sharif University of Technology, Tehran, Iran

    Hashem Habibi

Authors
  1. Fariba Ghasemi Najm
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ali Payandeh
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hashem Habibi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Fariba Ghasemi Najm .

Editor information

Editors and Affiliations

  1. Dpto. Ingeniería de Comunicaciones, Universidad de Cantabria, Santander, Spain

    Ramón Agüero

  2. Lehrstuhl für Informatik III, University of Würzburg, Würzburg, Germany

    Thomas Zinner

  3. Dpt. de Teoria del Senyal i Comunicacions, Universitat Politècnica de Catalunya - BarcelonaTech, Castelldefels, Spain

    Mario García-Lozano

  4. Cork Institute of Technology, Cork, Ireland

    Bernd-Ludwig Wenning

  5. Institute of Communication Networks, Hamburg University of Technology, Hamburg, Germany

    Andreas Timm-Giel

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Institute for Computer Sciences, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Ghasemi Najm, F., Payandeh, A., Habibi, H. (2015). Making HeNB More Secure with Improved Secure Access Protocol and Analyzing It. In: Agüero, R., Zinner, T., García-Lozano, M., Wenning, BL., Timm-Giel, A. (eds) Mobile Networks and Management. MONAMI 2015. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 158. Springer, Cham. https://doi.org/10.1007/978-3-319-26925-2_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-26925-2_9

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-26924-5

  • Online ISBN: 978-3-319-26925-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation