Skip to main content
Log in

Experimental Analysis of an SSL-Based AKA Mechanism in 3G-and-Beyond Wireless Networks

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

The SSL/TLS protocol is a de-facto standard that has proved its effectiveness in the wired Internet and it will probably be the most promising candidate for future heterogeneous wireless environments. In this paper, we propose potential solutions that this protocol can offer to future “all-IP” heterogeneous mobile networks with particular emphasis on the user's side. Our approach takes into consideration the necessary underlying public key infrastructure (PKI) to be incorporated in future 3G core network versions and is under investigation by 3GPP. We focus on the standard 3G+ authentication and key agreement (AKA), as well as the recently standardized extensible authentication protocol (EAP)-AKA procedures and claim that SSL-based AKA mechanisms can provide for an alternative, more robust, flexible and scalable security framework. In this 3G+ environment, we perceive authentication as a service, which has to be performed at the higher protocol layers irrespectively of the underlying network technology. We conducted a plethora of experiments concentrating on the SSL's handshake protocol performance, as this protocol contains demanding public key operations, which are considered heavy for mobile devices. We gathered measurements over the GPRS and IEEE802.11b networks, using prototype implementations, different test beds and considering battery consumption. The results showed that the expected high data rates on one hand, and protocol optimisations on the other hand, can make SSL-based authentication a realistic solution in terms of service time for future mobile systems.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. A. Frier, P. Karlton and P. Kocher, “The SSL 3.0 Protocol Version 3.0”, http://home.netscape.com/eng /ssl3/draft302.txt.

  2. T. Dierks and C. Allen, “The TLS Protocol Version 1.0”, IETF RFC 2246, January 1999.

  3. E. Rescorla, SSL and TLS Designing and Building Secure Systems, Addison-Wesley, 2001.

  4. WAP forum WAP-217-WPKI, “Wireless Application Protocol Public Key Infrastructure Definition”, www.wapforum.org/what/technical.htm.

  5. R. Khare, “W Effect Considered Harmful”, IEEE Internet Computing,Vol. 3, No. 4, pp. 82–92, July/August 1999.

    Google Scholar 

  6. V. Gupta and S. Gupta, “Experiments in Wireless Internet Security”, in Proceedings of IEEE Wireless Communications and Networking Conference (WCNC 2002), No. 1, pp. 859–863, March 2002.

    Google Scholar 

  7. G. Kambourakis, A. Rouskas and S. Gritzalis, “Using SSL in Authentication and Key Agreement Procedures of Future Mobile Networks”, in Proceedings of the 4th IEEE International Conference On Mobile and Wireless Communication Networks (MWCN 2002), pp. 152–156, September 2002.

  8. S. Dixit and R. Prasad (eds.), Wireless IP and Building the Mobile Internet, Artech House, 2003.

  9. D. Wisely, P. Eardlay and L. Burness, IP for 3G, Wiley, 2002.

  10. N. Duane and J. Brink, PKI Implementing and Managing E-Security, Berkeley, RSA press, 2001.

    Google Scholar 

  11. ASPeCT Project, “Securing the Future of Mobile Communications”, http://www.esat.kuleuven.ac.be /cosic/aspect, 1999.

  12. M. Burnside, D. Clarke, T. Mills, S. Maywah, S. Devadas and R. Rivest, “Proxy-based Security Protocols in Networked Mobile Devices”, in Proceedings of ACM SAC 2002 Conference, Madrid, Spain, pp. 265–272, 2002.

  13. 3GPP TSG, “Using PKI to Provide Network Domain Security”, Discussion Document, (S3-010622 SA WG3 Security-S3#15bis), November 2000.

  14. USECA Project, “UMTS Security Architecture: Intermidiate Report on a PKI Architecture for UMTS”, Public Report, July 1999.

  15. 3GPP TSG, “Architecture Proposal to Support Subscriber Certificates”, Discussion and Approval Document, Tdoc S2-022854, October 2002.

  16. G. Kambourakis, A. Rouskas and S. Gritzalis, “Introducing PKI to Enhance Security in Future Mobile Networks”, in Proceedings of the IFIPSEC'2003 18th IFIP International Information Security Conference, pp. 109–120, Athens, Greece, May 2003.

  17. eNorge 2005, Naerings-og handelsdepartmentet, 2002.

  18. 3GPP Technical Specs, “Bootstrapping of Application Security Using AKA and Support of Subscriber Certificates”, System Descriptio n,TS ab.cde v.3.0, September 2003.

  19. 3GPP Technical Specs, Security Architecture,TS33.102 v.5.1.0, December 2002.

  20. 3GPP Technical Specs, Access Security for IP-Based Services,TS33.203 v.6.0.0, September 2003.

  21. Y. Lin and A. Pang, “An All-IP Approach for UMTS Third-Generation Mobile Networks”, IEEE Network, pp. 8–19, September/October 2002.

  22. 3GPP Technical Specs, 3GPP System to WLAN Interworking,TS24.234 v.0.2.0 Release 6, November 2003.

  23. 3GPP Technical Specs, WLAN Interworking Security,TS33.cde v0.1.0, July 2002.

  24. J. Arkko and H. Haverinen, “EAP-AKA Authentication”, draft-arkko-pppext-eap-aka-11.txt, October 2003.

  25. 3GPP Technical Specification, A guide to 3rd Generation Security,TR33.900 v.1.2.0, January 2000.

  26. T. Aamodt, T. Friiso, G. Koien and O. Eilertsen, Security in UMTS-Integrity,Telenor R&D, February 2001.

  27. V. Niemi and K. Nyberg, UMTS Security,Wiley, 2003.

  28. IETF RFC 2716, “PPP EAP-TLS Authentication Protocol”, October 1999.

  29. N. Asokan, N. Valtteri and K. Nyberg, “Man-in-the-Middle in Tunnelled Authentication”, Nokia Research Center, October 2002.

  30. R. Chakravorty and I. Pratt, “Performance Issues with General Packet Radio Service",Journal of Communication and Networks, 2002, submitted.

  31. R. Chakravorty, J. Cartwright and I. Pratt, “Practical Experience with TCP over GPRS”, in Proceedings of IEEE GLOBECOM 2002,Taipei, November 2002.

  32. J. Korhonen, O. Aalto, A. Gurtov and H. Laamanen, “Measured Performance of GSM HSCSD and GPRS”, in Proceedings of the IEEE International Conference On Communications (ICC'01), Helsinki, June 2001.

  33. The OpenSSL project web page, http://www.openssl.org.

  34. J. Viega, M. Messier and P. Chandra, Network Security with OpenSSL, O'Reilly, 2002.

  35. G. Apostolopoulos, V. Peris, P. Pradhan and D. Saha, “Securing Electronic Commerce: Reducing the SSL Overhead”, IEEE Network Magazine,No 4,pp. 8–16, July/August 2000.

  36. P. Nachiketh, R. Srivaths, R. Anand and L. Ganesh, “Optimizing Public-Key Encryption for Wireless Clients”, in Proceedings of the IEEE International Conference on Communications (ICC 2002), No 1, pp. 1050–1056, April 2002.

  37. R. Karri and P. Mishra, “Minimization of Energy Consumption of Secure Wireless Session with QOS Constraints”, in Proceedings of IEEE International Conference on Communications, New York city, NY, April 2002.

  38. R. Nachiketh, R. Srivaths, A. Raghunatan and J. Niraj, “Analysing the Energy Consumption of Secu-rity Protocols”, in Proceedings of ACM ISLPED 2003 Conference, Seoul, August 25–27, 2003, pp. 30–35.

Download references

Author information

Authors and Affiliations

Authors

Rights and permissions

Reprints and permissions

About this article

Cite this article

Kambourakis, G., Rouskas, A. & Gritzalis, S. Experimental Analysis of an SSL-Based AKA Mechanism in 3G-and-Beyond Wireless Networks. Wireless Personal Communications 29, 303–321 (2004). https://doi.org/10.1023/B:WIRE.0000047068.20203.57

Download citation

  • Issue Date:

  • DOI: https://doi.org/10.1023/B:WIRE.0000047068.20203.57

Navigation