The SUCI-AKA Authentication Protocol for 5G Systems

Security is a fundamental requirement for all digital systems. In this paper we propose a new entity authentication protocol, which we call the SUCI-AKA protocol. In contrast to the existing 5G-AKA protocol, it will provide online mutual entity authentication. A central design criteria has been to provide a solution which minimizes the system impact and avoids hard breaks with existing schemes. The SUCI-AKA protocol is largely based on the new 5G scheme for subscriber privacy, and integrates it with the existing 5G-AKA entity authentication protocol in a novel way. This provides scope for accommodating both credible subscriber privacy and online mutual entity authentication

The 5G-AKA Authentication Protocol Privacy

We study the 5G-AKA authentication protocol described in the 5G mobile communication standards. This version of AKA tries to achieve a better privacy than the 3G and 4G versions through the use of asymmetric randomized encryption. Nonetheless, we show that except for the IMSI-catcher attack, all known attacks against 5G-AKA privacy still apply. Next, we modify the 5G-AKA protocol to prevent these attacks, while satisfying the cost and efficiency constraints of the 5G-AKA protocol. We then formally prove that our protocol is sigma-unlinkable. This is a new security notion, which allows for a fine-grained quantification of a protocol privacy. Our security proof is carried out in the Bana-Comon indistinguishability logic. We also prove mutual authentication as a secondary result.Comment: Changes: - added details when describing some attacks. - added a constant message in the AKA+ protoco

Formalization and evaluation of EAP-AKA’ protocol for 5G network access security

The end user’s Quality of Experience (QoE) will be improved while accessing services in Fifth Generation Mobile Network (5G), supported by enhanced security and privacy. The security guarantees offered by the Authentication and Key Agreement (AKA) protocols will be depended upon by end users and network operators. The AKA protocols have been standardized for 5G networks, and the Extensible Authentication Protocol (EAP)-AKA’ protocol is one of the main authentication mechanisms that has been specified for User Equipment (UE) and network mutual authentication. This article models the EAP-AKA’ protocol and conducts an extensive formal verification of the EAP-AKA’ protocol as defined in the 5G security standard to determine whether the protocol is verifiably secure for 5G. It provides a security evaluation of the EAP–AKA’ protocol based on the current 5G specifications using ProVerif, a security protocol proof verifier. It also presents security properties that support the security verification, as well as quantitative properties that are used to assess the protocol’s performance. Finally, it compares the EAP-AKA’ and 5G-AKA protocols’ security and performance results

The 5G-AKA Authentication Protocol Privacy

International audienceWe study the 5G-AKA authentication protocol described in the 5G mobile communication standards. This version of AKA tries to achieve a better privacy than the 3G and 4G versions through the use of asymmetric randomized encryption. Nonetheless, we show that except for the IMSI-catcher attack, all known attacks against 5G-AKA privacy still apply. Next, we modify the 5G-AKA protocol to prevent these attacks, while satisfying 5G-AKA efficiency constraints as much as possible. We then formally prove that our protocol is σunlinkable. This is a new security notion, which allows for a fine-grained quantification of a protocol privacy. Our security proof is carried out in the Bana-Comon indistinguishability logic. We also prove mutual authentication as a secondary result

An enhanced symmetric-key based 5G-AKA protocol

5G technology is called to support the next generation of wireless communications and realize the “Internet of Everything” through its mMTC (massive Machine-Type-Communications) service. The recently standardized 5G-AKA protocol is intended to deal with security and privacy issues detected in earlier generations. Nevertheless, several 5G-AKA shortcomings have been reported, including a possibly excessive computational complexity for many IoT devices. To address these, a promising lightweight 2-pass authentication and key agreement (AKA) protocol for 5G mobile communications has recently been proposed by Braeken. Compared to the 5G-AKA protocol, this does not require the use of public key encryption. This paper analyzes the security claims of Braeken’s protocol and shows that it does not provide full unlinkability, but only session unlinkability, and is (still) subject to Linkability of AKA Failure Messages (LFM) attacks. We propose solutions to such problems and prove that symmetric-key based protocols cannot offer higher privacy protection levels without compromising availability. We then describe an enhanced version of this protocol that addresses these vulnerabilities and supports forward secrecy, which is a desirable feature for low-cost IoT devices.This work was supported in part by Funding for open access charge: Universidad de Málaga/CBUA, FEDER funds (Junta de Andalucía-University of Málaga) under Project UMA18-FEDERJA-172 and by Junta de Andalucía and ERDF under Project UMA-CEIATECH-11, and in part by NSF, USA under Grant 1565215