Abstract
This paper investigates authentication and key agreement protocols running in the dynamic environment in mobile networks. Following the multi-party simulatability approach, we present a formal security model for symmetric-key based authentication and key agreement protocols in the mobile setting. Within this model, we unveil the vulnerability of the authentication and key agreement protocol adopted by Universal Mobile Telecommunication System (UMTS), an emerging standard for third generation (3G) mobile communications. The vulnerability allows an adversary to re-direct user traffic to an unintended network. It also allows an adversary to use authentication data obtained from a corrupted network to impersonate all other networks. In this paper, we present an authentication and key agreement protocol which addresses both security and operational issues involved with UMTS authentication and key agreement. The protocol, called AP-AKA, retains the framework of UMTS authentication and key agreement but eliminates synchronization between a mobile station and its home network. Within our formal model, we prove the security of AP-AKA under the assumption of secure message authentication code and pseudorandom function family. For AP-AKA, we also show that the corruption of one operator’s network will not jeopardize other operators’ networks.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
3GPP TS 21.102, 3rd Generation Partnership Project (3GPP); Technical Specification Group (TSG) SA; 3G Security;Security Architecture, version 4.2.0, Release 4 (2001)
3GPP TR 33.902, 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3G Security; Formal Analysis of the 3G Authentication Protocol, version 3.1.0 (Release 1999)
3GPP TS 21.102, 3rd Generation Partnership Project (3GPP); Technical Specification Group (TSG) SA; 3G Security; Specification of the MILENAGE algorithm set: An example algorithm set for the 3GPP authentication and key generation functions f1, f1 ∗ , f2, f3, f4, f5 and f5 ∗ ; Document 1: General, version 4.2.0, Release 4 (2001)
Aziz, A., Diffie, W.: Privacy and authentication for wireless local area networks. IEEE Personal Communications 1, 25–31 (1994)
Beaver, D.: Secure multiparty protocols and zero-knowledge proof systems tolerating a faulty minority. Journal of Cryptology 4, 75–122 (1991)
Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)
Bellare, M., Rogaway, P.: Provably secure session key distribution–The three party case. In: Proc. 27th ACM Symp. on Theory of Computing, Las Vegas, NV, USA, May 1995, pp. 57–66 (1995)
Bellare, M., Canetti, R., Krawczyk, H.: A modular approach to the design and analysis of authentication and key exchange protocols. In: Proceedings of 30th Annual ACM Symposium on Theory of Computing, ACM Press, New York (1998)
Beller, M.J., Chang, L.-F., Yacobi, Y.: Privacy and authentication on a portable communication system. IEEE Journal on Selected Areas in Communications 11, 821–829 (1993)
Beller, M., Yacobi, Y.: Fully-fledged two-way public key authentication and key agreement for low-cost terminals. Electronics Letters 29, 999–1001 (1993)
Bird, R., Gopal, I., Herzberg, A., Janson, P., Kutten, S., Molva, R., Yung, M.: The Kryptoknight family of light-weight protocols for authentication and key distribution. IEEE/ACM Trans. on Networking 3, 31–41 (1995)
Biryukov, A., Shamir, A., Wagner, D.: Real time cryptanalysis of the alleged A5/1 on a PC. In: Proceedings of Fast Software Encryption Workshop, New York (April 2000)
Blake-Wilson, S., Johnson, D., Menezes, A.: Key agreement protocols and their security analysis. In: Darnell, M.J. (ed.) Cryptography and Coding 1997. LNCS, vol. 1355, pp. 30–45. Springer, Heidelberg (1997)
Blake-Wilson, S., Menezes, A.: Entity authentication and key transport protocols employing asymmetric techniques. In: Lomas, M. (ed.) Security Protocols 1996. LNCS, vol. 1189. Springer, Heidelberg (1997)
Boyd, C., Mathuria, A.: Key establishment protocols for secure mobile communications: A selective survey. In: Boyd, C., Dawson, E. (eds.) ACISP 1998. LNCS, vol. 1438, pp. 344–355. Springer, Heidelberg (1998)
Boyd, C., Mao, W.: On a limitation of BAN logic. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 240–247. Springer, Heidelberg (1994)
Boyko, V., MacKenzie, P., Patel, S.: Provably secure password-authenticated key exchange using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000)
Burrows, M., Abadi, M., Needham, R.: A logic of authentication. ACM Transactions on Computer Systems 8, 18–36 (1990)
Buttyan, L., Gbaguidi, C., Sttmann, S., Wilhelm, U.: Extensions to an authentication technique proposed for global mobility network. IEEE Transactions on Communications 48, 373–376 (2000)
Carlsen, U.: Optimal privacy and authentication on a portable communications system. Operating Systems Review 28, 16–23 (1994)
European Telecommunications Standards Institute (ETSI), GSM 02.09: Security Aspects (June 1993)
Gligor, V.D., Gong, L., Kailar, R., Stubblebine, S.: Logics for cryptographic protocols - virtues and limitations. In: Proceedings of the Fourth IEEE Computer Security Foundations Workshop, New Hampshire, pp. 219–226 (1991)
Goldwasser, S., Micali, S., Rivest, R.: A Digital signature scheme secure against adaptive chosen message attacks. SIAM J. Computing 17, 281–308 (1988)
Harn, L., Lin, H.: Modifications to enhance the security of GSM. In: Proceedings of 5th National Conference on Information Security, Taiwan, May 1995, pp. 74–76 (1995)
Lee, C.H., Hwang, M.S., Yang, W.P.: Enhanced privacy and authentication for the global system for mobile communications. Wireless Networks 5, 231–243 (1999)
Lin, H., Harn, L.: Authentication protocols for personal communication system. In: Proceedings of ACM SIGCOMM 1995 (August 1995)
Martin, K.M., Mitchell, C.: Comments on an optimized protocol for mobile network authentication and security. Mobile Computing and Communications Review 3, 37 (1999)
Mitchell, C.: The security of the GSM air interface protocol, Technical Report, RHUL-MA-2001-3, Royal Holloway, University of London (2001)
Molva, R., Samfat, D., Tsudik, G.: Authentication of mobile users. IEEE Network, 26–34 (1994)
Mu, Y., Varadharajan, V.: On the design of security protocols for mobile communications. In: Pieprzyk, J.P., Seberry, J. (eds.) ACISP 1996. LNCS, vol. 1172, pp. 134–145. Springer, Heidelberg (1996)
Nessett, D.: A critique of the Burrows, Abadi and Needham logic. ACM SIGOPS Operating Systems Review 24, 35–38 (1990)
Park, C., Kurosawa, K., Okamoto, T., Tsujii, S.: On key distribution and authentication in mobile radio networks. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 461–465. Springer, Heidelberg (1994)
Shoup, V.: On formal models for secure key exchange. In: Proceedings of the Sixth Annual ACM Conference on Computer and Communications security, invited talk (1999)
Tatebayashi, M., Matsuzaki, N., Newman, D.B.J.: Key distribution protocol for digital mobile communication systems. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 324–334. Springer, Heidelberg (1990)
Tzeng, W., Hu, C.: Inter-protocol interleaving attacks on some authentication and key distribution protocols. Information Processing Letters 69, 297–302 (1999)
Zhang, M.: A robust authentication and key agreement protocol for thirdgeneration wireless networks. In: Proceedings of the IASTED Int. Conf. on Communications and Computer Networks, Cambridge, Massachusetts, November 4-6, pp. 1–6 (2002)
Zhang, M.: Provably-secure enhancement on 3GPP authentication and key agreement protocol, Cryptology ePrint Archive, Report 2003/092
Zhang, M., Fang, Y.: Security analysis and enhancements on 3GPP authentication and key agreement protocol. Submitted to IEEE Trans. Wireless Communications (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhang, M. (2004). Adaptive Protocol for Entity Authentication and Key Agreement in Mobile Networks. In: Lim, JI., Lee, DH. (eds) Information Security and Cryptology - ICISC 2003. ICISC 2003. Lecture Notes in Computer Science, vol 2971. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24691-6_14
Download citation
DOI: https://doi.org/10.1007/978-3-540-24691-6_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-21376-5
Online ISBN: 978-3-540-24691-6
eBook Packages: Springer Book Archive