Performance analysis of 5GMAKA: lightweight mutual authentication and key agreement scheme for 5G network

Abstract

In this paper, we have proposed a lightweight mutual authentication and key agreement scheme for 5G (5GMAKA) using the symmetric-key cryptographic framework. The proposed 5GMAKA protocol has been implemented to overcome the problem associated with the 5G authentication and key agreement (5G AKA) protocol suggested by the 3rd generation partnership project (3GPP). 5G AKA is exposed to various sorts of fatal network security attacks and takes excessive time to execute (\(\sim ~685.62\,{\rm milliseconds}\)) compared to other related authentication and key agreement schemes as per the literature survey. The stability and robustness of the proposed 5GMAKA under safety issues are ensured by the results obtained from the security analysis of the scheme using the well-known rubin logic and automatic validation of internet security protocol applications (AVISPA) simulation tool. The performance analysis of the proposed 5GMAKA shows that this scheme is superior compared to 5G AKA of 3GPP and other standard protocols with respect to enhanced security features, five communication rounds, and shorter execution time (\(\sim 0.72\,{\rm milliseconds}\)) which is the lowest among all other related schemes.

Appendix A: The framework of Rubin logic

In Rubin logic, the analysis of protocol is achieved utilizing global set, local set, actions, and inference rules. The details of each component are clarified as follows:

1. 1.

   Global Set: This set is a composition of four distinct collections: Principal set, rule set, secret set, and observer set. As the protocol starts to run, the content of each set changes. The details of these four sets are given below.

   • Principal set: This set represents the different participants present in the scheme.

   • Rule set: This set contains the rules which can be applied to the existing set to derive some new facts. The different rules used are:

     Message meaning rule,

     Origin rule,

     Sub message origin rule,

     Linkage rule.

   • Secret set: This set represents the set of secret parameters stored by the different participants during the run of the protocol.

   • Observer set: This set contains the observer participants of different parameters used in the scheme during the run of the protocol.

2. 2.

   Local Set: A local set is a combination of five different sets and is maintained by each participant in the networks. This set consists of the following set:

   • Possession set (POSS(Pi) = (poss1, poss2, ... , possn)): This set contains all the secret keys, public keys, random numbers, and parameters poss1, poss2, ....possn computed by the participants.

   • Belief set (BEL(Pi) = (bel1, bel2, ..., beln)): This set consists of all the beliefs detained by the participants. This contains beliefs correlated to freshness, possessions of linkage variables, etc.

   • Seen set (SEEN(Pi)): This set contains plaintext message fragments that the participant Pi sees from the messages communicated in the network and that qualify the establishment of the secrets.

   • Behaviour list (BL(Pi) = (al1, al2, .., bhv1, bhv2, ... bhvn)): This set contains a list of activities that appeared in order as per the actual execution of the algorithm denoted here as al1, al2, etc. Apart from this set of actions, send, receive, and update operations of the algorithm are represented here in bhv1, bhv2, etc. Whenever the update operation executes, an update of the local set of a participant concerning POSS (), BEL (), and global set like observer set may be changed. However, an automatic call of receive () operation by a different participant also takes place after the execution of send () operation by any participant.

   • Haskeys set (HK(Pi)): This set consists of the keys that a participant Pi can acquire. Initially, possession set POSS () contains these keys, and this set updates over time whenever the set SEEN ( ) is updated.

3. 3.

   Actions:

   • \(X \leftarrow Y\): The value of Y is assigned to X.

   • Enc({X}Y): Symmetric encryption of information X using key Y.

   • Dec({X}Y): Symmetric decryption of information X using key Y.

   • H(K,X): One-way hash operation of the message X using a secret value K.

   • H(X): One-way hash operation of the message X

   • \(X \bigoplus Y\): Exclusive or operation between the message X and Y.

   • \(X ||Y:\) Concatenation of Y after X.

   • Send (Pi, par1, par2, .. ): send the parameters par1, par2, ... to the participant Pi.

   • Update (par1, par2, ..): Update the parameters par1, par2, ... in possession set POSS(), Believe set BEL(), and observation set.

   • Receive (Pi, par1, par2, .. ): Received the parameters par1, par2, ...from the participant Pi.

   • Check: check whether the condition is true or false.

   • X &&Y: Logical AND of X and Y, i.e. if both X and Y are TRUE then output is TRUE, otherwise, the output is FALSE.

4. 4.

   Inference Rules: We described the set of inference rules as per our requirements, which are directly taken from [39].The notations that are presumed to comprehend the inference rules are given in Table 12.

   • Message meaning rule:\(\dfrac{\{x\}_{k} \text { from } P_{i}\in {\rm POSS}(P_{i}), \{P_{i},P_{j}\}\subseteq {\rm POSS} (P_{i})}{{\rm BEL}(P_{i})={\rm BEL}(P_{i})\bigcup \{x \in {\rm POSS}(P_{i})\}}\)

   • Origin rule:\(\dfrac{x\in {\rm POSS}(P_{i}),\text {x contains x1}, P_{j}\in observers(x1)}{\text {x1 from } P_{j}\in {\rm POSS}(P_{i})}\)

   • Sub message origin rule: \(\dfrac{x \in {\rm POSS}(P_{i}), \text {x contains }\{x1,x2\} from P_{j}}{x2 \text { from } E_{j} \in {\rm POSS}(P_{i})}\)

   • Linkage rule: \(\#(k)\in {\rm BEL}(P),P \in Observers(k),Link(N_{a}) \in {\rm BEL}(P),\)

     \(X \text { contains } f(N_{a})\)

     \(\dfrac{X \text {contains } x_{1}, \{X\}_{k} \text { from } Q \in {\rm POSS}(P)}{{\rm BEL}(P) :=({\rm BEL}(P)-{\rm LINK}(N_{a}))\bigcup \{\#(x_{1})\}}\)

Table 12 Notations used in the inference rules