[Resource Topic] 2003/092: Provably-Secure Enhancement on 3GPP Authentication and Key Agreement Protocol

Welcome to the resource topic for 2003/092

Title:
Provably-Secure Enhancement on 3GPP Authentication and Key Agreement Protocol

Authors: Muxiang Zhang

Abstract:

This paper analyses the authentication and key agreement protocol adopted by
Universal Mobile Telecommunication System (UMTS), an emerging standard for
third generation (3G) wireless communications. The protocol, known as
{\em 3GPP AKA}, is based on the security framework of GSM and provides significant enhancement to address and correct real and perceived weaknesses in GSM and other wireless communication systems. In this paper, we show that 3GPP AKA is vulnerable to a variant of false base station attack. The vulnerability allows an adversary to re-direct user traffic to an unintended network. It also allows an adversary to use authentication vectors obtained from a corrupted network to impersonate all other networks. In addition, we show that the need of synchronization between a mobile station and its home network incurs considerable difficulty for the normal operation of 3GPP AKA. To provide further enhancement on 3GPP AKA, we
present an authentication and key agreement protocol which defeats
re-direction attack and drastically lowers the impact of network corruption. The proposed protocol also eliminates synchronization between a mobile station and its home network. Following the multi-party simulatability approach, we have developed a formal model of security for symmetric-key based authentication and key agreement protocols in the mobile setting. Within this model, we have analyzed the security of our protocol against a powerful adversary having full control of the communication channels between a user and a network.

ePrint: https://eprint.iacr.org/2003/092

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .