TY - JOUR
T1 - Improving security level of LTE access procedure by using short-life shared key
AU - Ahmad, Fawad
AU - Peradilla, Marnel
AU - Saini, Akanksha
AU - Jung, Younchan
PY - 2017/5/1
Y1 - 2017/5/1
N2 - To ensure secure mobile communication, the communicating entities must know their mutual identities. The entities which need to be identified in a mobile communication system are mobile devices and the network. Third Generation Partnership Project (3GPP) has specified Evolved Packet System Authentication and Key Agreement (EPS AKA) procedure for the mutual authentication of user and the Long Term Evolution (LTE) network. EPS AKA certainly overcomes most of the vulnerabilities in the Global System for Mobile Communications (GSM) and Universal Mobile Telecommunication System (UMTS) access procedures. However, the LTE access procedure still has security weaknesses against some of the sophisticated security threats, such as, Denial-of-Service (DoS) attacks, Man-in-the-Middle (MitM) attacks, rogue base station attacks and fails to ensure privacy protection for some of the important parameters. This paper proposes an improved security framework for the LTE access procedure by ensuring the confidentiality protection of International Mobile Subscriber Identity (IMSI) and random-challenge RAND. Also, our proposed system is designed to reduce the impact of DoS attacks which try to overwhelm the network with useless computations. We use a onetime shared key with a short lifetime between the UE and MME to protect IMSI and RAND privacy. Finally, we explore the parameters design for the proposed system which leads to satisfy the requirements imposed on computational load and latency as well as security strength.
AB - To ensure secure mobile communication, the communicating entities must know their mutual identities. The entities which need to be identified in a mobile communication system are mobile devices and the network. Third Generation Partnership Project (3GPP) has specified Evolved Packet System Authentication and Key Agreement (EPS AKA) procedure for the mutual authentication of user and the Long Term Evolution (LTE) network. EPS AKA certainly overcomes most of the vulnerabilities in the Global System for Mobile Communications (GSM) and Universal Mobile Telecommunication System (UMTS) access procedures. However, the LTE access procedure still has security weaknesses against some of the sophisticated security threats, such as, Denial-of-Service (DoS) attacks, Man-in-the-Middle (MitM) attacks, rogue base station attacks and fails to ensure privacy protection for some of the important parameters. This paper proposes an improved security framework for the LTE access procedure by ensuring the confidentiality protection of International Mobile Subscriber Identity (IMSI) and random-challenge RAND. Also, our proposed system is designed to reduce the impact of DoS attacks which try to overwhelm the network with useless computations. We use a onetime shared key with a short lifetime between the UE and MME to protect IMSI and RAND privacy. Finally, we explore the parameters design for the proposed system which leads to satisfy the requirements imposed on computational load and latency as well as security strength.
KW - Authentication and Key Agreement
KW - Denial-of-Service (DoS) attack
KW - IMSI and RAND privacy
KW - LTE access procedure
KW - One-time shared key
UR - http://www.scopus.com/inward/record.url?scp=85018978001&partnerID=8YFLogxK
UR - https://www.scopus.com/record/pubmetrics.uri?eid=2-s2.0-85018978001&origin=recordpage
U2 - 10.1587/transcom.2016EBP3267
DO - 10.1587/transcom.2016EBP3267
M3 - RGC 21 - Publication in refereed journal
SN - 0916-8516
VL - E100B
SP - 738
EP - 748
JO - IEICE Transactions on Communications
JF - IEICE Transactions on Communications
IS - 5
ER -