Improving security level of LTE access procedure by using short-life shared key

Research output: Journal Publications and Reviews (RGC: 21, 22, 62)21_Publication in refereed journalpeer-review

4 Scopus Citations
View graph of relations

Author(s)

Related Research Unit(s)

Detail(s)

Original languageEnglish
Pages (from-to)738-748
Number of pages11
Journal / PublicationIEICE Transactions on Communications
VolumeE100B
Issue number5
Publication statusPublished - 1 May 2017

Abstract

To ensure secure mobile communication, the communicating entities must know their mutual identities. The entities which need to be identified in a mobile communication system are mobile devices and the network. Third Generation Partnership Project (3GPP) has specified Evolved Packet System Authentication and Key Agreement (EPS AKA) procedure for the mutual authentication of user and the Long Term Evolution (LTE) network. EPS AKA certainly overcomes most of the vulnerabilities in the Global System for Mobile Communications (GSM) and Universal Mobile Telecommunication System (UMTS) access procedures. However, the LTE access procedure still has security weaknesses against some of the sophisticated security threats, such as, Denial-of-Service (DoS) attacks, Man-in-the-Middle (MitM) attacks, rogue base station attacks and fails to ensure privacy protection for some of the important parameters. This paper proposes an improved security framework for the LTE access procedure by ensuring the confidentiality protection of International Mobile Subscriber Identity (IMSI) and random-challenge RAND. Also, our proposed system is designed to reduce the impact of DoS attacks which try to overwhelm the network with useless computations. We use a onetime shared key with a short lifetime between the UE and MME to protect IMSI and RAND privacy. Finally, we explore the parameters design for the proposed system which leads to satisfy the requirements imposed on computational load and latency as well as security strength.

Research Area(s)

  • Authentication and Key Agreement, Denial-of-Service (DoS) attack, IMSI and RAND privacy, LTE access procedure, One-time shared key

Citation Format(s)

Improving security level of LTE access procedure by using short-life shared key. / Ahmad, Fawad; Peradilla, Marnel; Saini, Akanksha; Jung, Younchan.

In: IEICE Transactions on Communications, Vol. E100B, No. 5, 01.05.2017, p. 738-748.

Research output: Journal Publications and Reviews (RGC: 21, 22, 62)21_Publication in refereed journalpeer-review