A Vulnerability in the UMTS and LTE Authentication and Key Agreement Protocols
نویسندگان
چکیده
We report on a deficiency in the specifications of the Authentication and Key Agreement (AKA) protocols of the Universal Mobile Telecommunications System (UMTS) and Long-Term Evolution (LTE) as well as the specification of the GSM Subscriber Identity Authentication protocol, which are all maintained by the 3rd Generation Partnership Program (3GPP), an international consortium of telecommunications standards bodies. The flaw, although found using the computational prover CryptoVerif, is of symbolic nature and can be exploited by both an outside and an inside attacker in order to violate entity authentication properties. An inside attacker may impersonate an honest user during a run of the protocol and apply the session key to use subsequent wireless services on behalf of the honest user.
منابع مشابه
Computational Security Analysis of the UMTS and LTE Authentication and Key Agreement Protocols
One of the forerunners and main candidates for the fourth generation (4G) generation mobile communication system is commonly known under the name Long-Term Evolution (LTE) and its standard is produced and maintained by the international 3rd Generation Partnership Program (3GPP) consortium. The LTE Authentication and Key Agreement (AKA) protocol design is based on the Universal Mobile Telecommun...
متن کاملEnhanced Adaptive Security Protocol in Lte Aka
A Telecommunication systems trust and privacy is as good as its security mechanism. Its security design keep evolving over time as new treats and technology evolve. LTE/SAE is 3GPP’s wireless Communication new DNA, a move away from a hybrid of packet switched and circuit switched network which 3G networks possess, though with room for backward compatibility. LTE/SAE’s new architecture is a flat...
متن کاملSE-AKA: A secure and efficient group authentication and key agreement protocol for LTE networks
To support Evolved Packet System (EPS) in the Long Term Evolution (LTE) networks, the 3rd Generation Partnership Project (3GPP) has proposed an authentication and key agreement (AKA) protocol, named EPS-AKA, which has become an emerging standard for fourth-generation (4G) wireless communications. However, due to the requirement of backward compatibility, EPS-AKA inevitably inherits some defects...
متن کاملConcealing IMSI in 5G Network Using Identity Based Encryption
Subscription privacy of a user has been a historical concern with all the previous generation mobile networks, namely, GSM, UMTS, and LTE. While a little improvement have been achieved in securing the privacy of the long-term identity of a subscriber, the so called IMSI catchers are still in existence even in the LTE and advanced LTE networks. Proposals have been published to tackle this proble...
متن کاملGSLHA: Group-based Secure Lightweight Handover Authentication Protocol for M2M Communication
Machine to machine (M2M) communication, which is also known as machine type communication (MTC), is one of the most fascinating parts of mobile communication technology and also an important practical application of the Internet of Things. The main objective of this type of communication, is handling massive heterogeneous devices with low network overheads and high security guarantees. Hence, v...
متن کامل