After analyzing the long-term evolution (LTE) authentication and key agreement process (EPS-AKA), its existing security vulnerabilities are pointed out. Based on elliptic curve cryptography (ECC) self-certified public keys, this paper proposes an ECC self-certified authentication key agreement scheme (ESC-AKA). This scheme includes the addition of a trusted center (TC), which generates the public keys for the home subscriber server (HSS), the mobility management entity (MME), and the user equipment (UE). Three communication protocols are designed, including MME/HSS registration, UE registration, and UE access. A strand space model is used to carry out the formal analysis, and performance and security analyses are carried out. The results show that this scheme can compensate for the security vulnerabilities of the original EPS-AKA scheme. It implements the encrypted transmission of the international mobile subscriber identity (IMSI), and realizes the mutual authentication between the HSS and MME, the MME and UE, and the HSS and UE. Because the self-certified public key cryptosystem is adopted in this scheme, communication encryption is ensured, and the risk of the TC simultaneously mastering the public and private keys is avoided. This scheme is proven to be effective in protecting the communication security of the LTE network.
An LTE Authentication and Key Agreement Protocol Based on the ECC Self-Certified Public Key / Lu, X.; Yang, F.; Zou, L.; Lio, P.; Hui, P.. - In: IEEE-ACM TRANSACTIONS ON NETWORKING. - ISSN 1063-6692. - 31:3(2023), pp. 1101-1116. [10.1109/TNET.2022.3207360]
An LTE Authentication and Key Agreement Protocol Based on the ECC Self-Certified Public Key
Lio P.;
2023
Abstract
After analyzing the long-term evolution (LTE) authentication and key agreement process (EPS-AKA), its existing security vulnerabilities are pointed out. Based on elliptic curve cryptography (ECC) self-certified public keys, this paper proposes an ECC self-certified authentication key agreement scheme (ESC-AKA). This scheme includes the addition of a trusted center (TC), which generates the public keys for the home subscriber server (HSS), the mobility management entity (MME), and the user equipment (UE). Three communication protocols are designed, including MME/HSS registration, UE registration, and UE access. A strand space model is used to carry out the formal analysis, and performance and security analyses are carried out. The results show that this scheme can compensate for the security vulnerabilities of the original EPS-AKA scheme. It implements the encrypted transmission of the international mobile subscriber identity (IMSI), and realizes the mutual authentication between the HSS and MME, the MME and UE, and the HSS and UE. Because the self-certified public key cryptosystem is adopted in this scheme, communication encryption is ensured, and the risk of the TC simultaneously mastering the public and private keys is avoided. This scheme is proven to be effective in protecting the communication security of the LTE network.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
