5G network will serve billions of people worldwide in the near future and protecting human privacy from being violated is one of its most important goals. In this paper, we carefully studied the 5G authentication protocols (namely 5G AKA and EAP-AKA') and a location sniffing attack exploiting 5G authentication protocols vulnerability is found. The attack can be implemented by an attacker through inexpensive devices. To cover this vulnerability, a fix scheme based on the existing PKI mechanism of 5G is proposed to enhance the authentication protocols. The proposed scheme is successfully verified with formal methods and automatic verification tool TAMARIN. Finally, the communication overhead, computational cost and storage overhead of the scheme are analyzed. The results show that the security of the fixed authentication protocol is greatly improved by just adding a little calculation and communication overhead.
Xinxin HU
Information Engineering University
Caixia LIU
Information Engineering University
Shuxin LIU
Information Engineering University
Jinsong LI
Information Engineering University
Xiaotao CHENG
Information Engineering University
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Xinxin HU, Caixia LIU, Shuxin LIU, Jinsong LI, Xiaotao CHENG, "A Vulnerability in 5G Authentication Protocols and Its Countermeasure" in IEICE TRANSACTIONS on Information,
vol. E103-D, no. 8, pp. 1806-1809, August 2020, doi: 10.1587/transinf.2019FOL0001.
Abstract: 5G network will serve billions of people worldwide in the near future and protecting human privacy from being violated is one of its most important goals. In this paper, we carefully studied the 5G authentication protocols (namely 5G AKA and EAP-AKA') and a location sniffing attack exploiting 5G authentication protocols vulnerability is found. The attack can be implemented by an attacker through inexpensive devices. To cover this vulnerability, a fix scheme based on the existing PKI mechanism of 5G is proposed to enhance the authentication protocols. The proposed scheme is successfully verified with formal methods and automatic verification tool TAMARIN. Finally, the communication overhead, computational cost and storage overhead of the scheme are analyzed. The results show that the security of the fixed authentication protocol is greatly improved by just adding a little calculation and communication overhead.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.2019FOL0001/_p
Copy
@ARTICLE{e103-d_8_1806,
author={Xinxin HU, Caixia LIU, Shuxin LIU, Jinsong LI, Xiaotao CHENG, },
journal={IEICE TRANSACTIONS on Information},
title={A Vulnerability in 5G Authentication Protocols and Its Countermeasure},
year={2020},
volume={E103-D},
number={8},
pages={1806-1809},
abstract={5G network will serve billions of people worldwide in the near future and protecting human privacy from being violated is one of its most important goals. In this paper, we carefully studied the 5G authentication protocols (namely 5G AKA and EAP-AKA') and a location sniffing attack exploiting 5G authentication protocols vulnerability is found. The attack can be implemented by an attacker through inexpensive devices. To cover this vulnerability, a fix scheme based on the existing PKI mechanism of 5G is proposed to enhance the authentication protocols. The proposed scheme is successfully verified with formal methods and automatic verification tool TAMARIN. Finally, the communication overhead, computational cost and storage overhead of the scheme are analyzed. The results show that the security of the fixed authentication protocol is greatly improved by just adding a little calculation and communication overhead.},
keywords={},
doi={10.1587/transinf.2019FOL0001},
ISSN={1745-1361},
month={August},}
Copy
TY - JOUR
TI - A Vulnerability in 5G Authentication Protocols and Its Countermeasure
T2 - IEICE TRANSACTIONS on Information
SP - 1806
EP - 1809
AU - Xinxin HU
AU - Caixia LIU
AU - Shuxin LIU
AU - Jinsong LI
AU - Xiaotao CHENG
PY - 2020
DO - 10.1587/transinf.2019FOL0001
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E103-D
IS - 8
JA - IEICE TRANSACTIONS on Information
Y1 - August 2020
AB - 5G network will serve billions of people worldwide in the near future and protecting human privacy from being violated is one of its most important goals. In this paper, we carefully studied the 5G authentication protocols (namely 5G AKA and EAP-AKA') and a location sniffing attack exploiting 5G authentication protocols vulnerability is found. The attack can be implemented by an attacker through inexpensive devices. To cover this vulnerability, a fix scheme based on the existing PKI mechanism of 5G is proposed to enhance the authentication protocols. The proposed scheme is successfully verified with formal methods and automatic verification tool TAMARIN. Finally, the communication overhead, computational cost and storage overhead of the scheme are analyzed. The results show that the security of the fixed authentication protocol is greatly improved by just adding a little calculation and communication overhead.
ER -