Improving security level of LTE access procedure by using short-life shared key

To ensure secure mobile communication, the communicating entities must know their mutual identities. The entities which need to be identified in a mobile communication system are mobile devices and the network. Third Generation Partnership Project (3GPP) has specified Evolved Packet System Authentication and Key Agreement (EPS AKA) procedure for the mutual authentication of user and the Long Term Evolution (LTE) network. EPS AKA certainly overcomes most of the vulnerabilities in the Global System for Mobile Communications (GSM) and Universal Mobile Telecommunication System (UMTS) access procedures. However, the LTE access procedure still has security weaknesses against some of the sophisticated security threats, such as, Denial-of-Service (DoS) attacks, Man-in-the-Middle (MitM) attacks, rogue base station attacks and fails to ensure privacy protection for some of the important parameters. This paper proposes an improved security framework for the LTE access procedure by ensuring the confidentiality protection of International Mobile Subscriber Identity (IMSI) and random-challenge RAND. Also, our proposed system is designed to reduce the impact of DoS attacks which try to overwhelm the network with useless computations. We use a onetime shared key with a short lifetime between the UE and MME to protect IMSI and RAND privacy. Finally, we explore the parameters design for the proposed system which leads to satisfy the requirements imposed on computational load and latency as well as security strength.