Seokhie Hong - Information security and cryptology - ICISC 2016: 19th international conference, Seoul, South Korea, November 30 - December 2, 2016: revised selected papers

Information security and cryptology - ICISC 2016: 19th international conference, Seoul, South Korea, November 30 - December 2, 2016: revised selected papers — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Information security and cryptology - ICISC 2016: 19th international conference, Seoul, South Korea, November 30 - December 2, 2016: revised selected papers" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

↓

↑

Georgia Tahoma Arial Verdana

Reset

Interval:

↓

↑

Bookmark:

Make

1234567...256

Protocols

Springer International Publishing AG 2017

Seokhie Hong and Jong Hwan Park (eds.) Information Security and Cryptology ICISC 2016 Lecture Notes in Computer Science 10157 10.1007/978-3-319-53177-9_1

A Secure Group-Based AKA Protocol for Machine-Type Communications

Rosario Giustolisi 1 , Christian Gehrmann 1, Markus Ahlstrm 1 and Simon Holmberg 1

(1)

Swedish Institute of Computer Science, Stockholm, Sweden

Rosario Giustolisi

Email:

Abstract

The fifth generation wireless system (5G) is expected to handle with an unpredictable number of heterogeneous connected devices while guaranteeing a high level of security. This paper advances a group-based Authentication and Key Agreement (AKA) protocol that contributes to reduce latency and bandwidth consumption, and scales up to a very large number of devices. A central feature of the proposed protocol is that it provides a way to dynamically customize the trade-off between security and efficiency. The protocol is lightweight as it resorts on symmetric key encryption only, hence it supports low-end devices and can be already adopted in current standards with little effort. Using ProVerif, we prove that the protocol meets mutual authentication, key confidentiality, and device privacy also in presence of corrupted devices, a threat model not being addressed in the state-of-the-art group-based AKA proposals. We evaluate the protocol performances in terms of latency and bandwidth consumption, and obtain promising results.

Introduction

The evolution of mobile networks has made a key achievement in each of its generations: 1G established the foundation of mobile networks; 2G increased the voice connectivity capacity to support more users per radio channel; 3G introduced high-speed internet access; 4G provided more data capacity. One of the key achievement for 5G is to be the reference network for the Internet of Things (IoT) connectivity. Analysts forecast more than 25 billion of devices to be interconnected in 2020 []. An increased level of signaling would affect speed and data capacity of 5G. Thus, to fully support IoT connectivity, the contemporary architecture of the mobile network should be revisited, including the aspects related to security.

The Authentication and Key Agreement protocol (AKA) has a central role in the security of mobile networks as it bootstraps the parameters needed to form a security context that is agreed by the parties. The protocol provides mutual authentication between device and serving network, and establishes session keys. The state-of-the-art protocol used in 4G (EPS-AKA) [] is almost identical to its predecessor used in 3G, which was introduced in the late 90s. A limitation of EPS-AKA is that, for each device that requires network access, the protocol requires signaling among the device, the local serving network and the devices remote home network. In particular, the signaling between serving network and home network may introduce a major delay when they are distant, which is the case when users are roaming. This represents a bottleneck for the development of 5G as a low delay and reliable network for IoT devices.

From this situation emerged the need of a group-based AKA, which allows the serving network to authenticate a group of devices reducing the signaling and communication latency with the home network. Groups may consist of devices sharing similar features such as functions, locations, or ownership. In the scenario of IoT, devices often operate in groups and some use cases have been recently advanced []. This results to a more powerful intruder than one historically considered in the current AKA protocol. Thus, it seems to be an open challenge to design a group-based AKA secure against the extended threats. This paper addresses this very challenge. In particular, the contributions of this paper includes:

• A novel mechanism based on the inverted hash tree that allows the network operator to balance dynamically the requirements of security and efficiency of the designed protocol.
• The formal security analysis of the protocol in ProVerif.
• A prototype implementation of the protocol in the OpenAirInterface platform.
• A performance analysis of the protocol in terms of latency and bandwidth consumption.

Outline. The paper is organized as follows. Section draws some conclusions.

Background

The three main roles that concern the AKA protocol are the User Equipment (UE) or device, the Mobility Management Entity (MME) or serving network, and the Home Subscriber Server (HSS) or authentication server. The UE role concerns the tasks of the terminal device and USIM. A subscriber identity ( imsi ) is permanently stored on the USIM so the network can identify the UE. The USIM also stores a long-term secret key k that is shared with the HSS. With the introduction of machine-type communication (MTC), the 3GPP consortium released a dedicated specification for MTC devices to enhance the LTE suitability for the IoT market []. Thus, we refer to the UE also using the term MTC.

The MME role concerns the tasks of covering the mobility of the MTC. The MME serves a number of MTCs according to its geographical area. Each MTCis connected to a base station (eNodeB), which in turn is directly connected to an MME. In the context of AKA, the MME authenticates the MTCand agree on a session master key from which they can derive further keys to protect the signaling data.

The HSS role concerns the tasks of assisting the MME for the mutual authentication. The signaling between HSS and MME is secured with Diameter []. The HSS shares with the MTC imsi , k , and a sequence number ( sqn ) to support authentication.

Fig. 1.

EPS-AKA message sequence chart

2.1 EPS-AKA

The state-of-the-art AKA protocol is EPS-AKA, which is the standard for LTE. The protocol is described in Fig. and consists of five main messages:

• The Attach request message bootstraps the protocol. It normally includes the imsi of the MTC, when the device visits the MME for the first time. Future attach requests will include the Globally Unique Temporary Identity ( guti ), which is generated by the MME and assigned to the MTC. In doing so, the MME can translate the guti to the corresponding imsi , preserving the privacy of the MTC.
• The Authentication data request message, sent by MME with identity , requires the HSS to generate an authentication vector consisting of:

  • a random value rand that provides freshness to the session;
  • the expected response xres , based on rand and k , that allows the MME to authenticate the MTC;
  • the session master key , to encrypt the signaling between MTC and serving network;
  • the authentication token autn , based on rand , k , and sqn , that allows the MTC to authenticate the serving network.
• The Authentication response message contains the authentication vector and is transmitted to the MME.
• The Authentication information request message consists of rand and autn , which the MME forwards to the MTC. The MTC checks that the sqn matches a valid one and if so, it successfully authenticates the serving network. The MTC computes the session master key

Next page

1234567...256

Light

Font size:

↓

↑

Georgia Tahoma Arial Verdana

Reset

Interval:

↓

↑

Bookmark:

Make

Similar books «Information security and cryptology - ICISC 2016: 19th international conference, Seoul, South Korea, November 30 - December 2, 2016: revised selected papers»

Look at similar books to Information security and cryptology - ICISC 2016: 19th international conference, Seoul, South Korea, November 30 - December 2, 2016: revised selected papers. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.

Satish Kumar Singh

Computer Vision and Image Processing: 5th International Conference, CVIP 2020, Prayagraj, India, December 4-6, 2020, Revised Selected Papers, Part III

Hein Venter

Information and Cyber Security: 19th International Conference, ISSA 2020, Pretoria, South Africa, August 25–26, 2020, Revised Selected Papers

David Gerber

Computer-Aided Architectural Design. Design Imperatives: The Future is Now: 19th International Conference, CAAD Futures 2021, Los Angeles, CA, USA, July16-18, 2021 Selected Papers

Gabriela Nicolescu (editor)

Foundations and Practice of Security: 13th International Symposium, FPS 2020, Montreal, QC, Canada, December 1–3, 2020, Revised Selected Papers (Lecture Notes in Computer Science, 12637)

Yuqing Sun

Computer Supported Cooperative Work and Social Computing: 15th CCF Conference, ChineseCSCW 2020, Shenzhen, China, November 7–9, 2020, Revised Selected ... in Computer and Information Science, 1330)

Qiaohong Zu

Human Centered Computing: 6th International Conference, HCC 2020, Virtual Event, December 14–15, 2020, Revised Selected Papers

Younghee Park

First Conference, SVCC 2020, San Jose, CA, USA, December 17–19, 2020, Revised Selected Papers

Éric Renault (editor)

Machine Learning for Networking: Third International Conference, MLN 2020, Paris, France, November 24–26, 2020, Revised Selected Papers

Loia Vincenzo

Fuzzy Logic and Soft Computing Applications: 11th International Workshop, WILF 2016, Naples, Italy, December 19-21, 2016, Revised Selected Papers

Filipe Joaquim

Agents and Artificial Intelligence 8th International Conference, ICAART 2016, Rome, Italy, February 24-26, 2016, Revised Selected Papers

Choi Dooho

Information Security Applications 17th International Workshop, WISA 2016, Jeju Island, Korea, August 25-27, 2016, Revised Selected Papers

Abraham Ajith.

Intelligent Systems Design and Applications: 16th International Conference on Intelligent Systems Design and Applications (ISDA 2016) held in Porto, Portugal, December 16-18, 2016

Discussion, reviews of the book Information security and cryptology - ICISC 2016: 19th international conference, Seoul, South Korea, November 30 - December 2, 2016: revised selected papers and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.