Home   >   CSC-OpenAccess Library   >    Manuscript Information
Full Text Available

(191.14KB)
This is an Open Access publication published under CSC-OpenAccess Policy.
An Enhancement of Authentication Protocol and Key Agreement (AKA) For 3G Mobile Networks
Mustafa Fayomi, Jaafer AL-Saraireh
Pages - 35 - 51     |    Revised - 01-05-2011     |    Published - 31-05-2011
Volume - 5   Issue - 1    |    Publication Date - May / June 2011  Table of Contents
MORE INFORMATION
KEYWORDS
Mobile Security, 3G Mobile Network Security, Authentication
ABSTRACT
This paper proposes a secure authentication mechanism by integrating the public key with the hash-chaining technique. The propose protocol satisfies the security requirements of third generation (3G) mobile networks. Also provide the protection of the international mobile subscriber identity (IMSI) to ensure subscriber un-traceability, key refreshment periodically, strong key management and a new non-repudiation service in a simple and elegant way. The proposed protocol is more secure protocol than the other available authentication protocols. To avoid the complicated synchronization as in universal mobile telecommunications system (UMTS) the proposed protocol does not use sequence number (SEQ), the management of a hash chain is simple and elegant compared to that of SEQ. This proposed protocol is secure against network attacks, such as replay attacks, guessing attacks, and other attacks.
CITED BY (7)  
1 Vegh, L., & Miclea, L. (2014, May). A new approach towards increased security in cyber-physical systems. In Systems, Signals and Image Processing (IWSSIP), 2014 International Conference on (pp. 175-178). IEEE.
2 Vegh, L., & Miclea, L. (2014, May). Enhancing security in cyber-physical systems through cryptographic and steganographic techniques. In Automation, Quality and Testing, Robotics, 2014 IEEE International Conference on (pp. 1-6). IEEE.
3 Vegh, L., & Miclea, L. (2014, October). A framework for verifying the integrity of the components of a secure cyber-physical system. In System Theory, Control and Computing (ICSTCC), 2014 18th International Conference (pp. 763-768). IEEE.
4 Nashwan, S., & Alshammari, B. (2014). Mutual Chain Authentication Protocol for SPAN Transactions in Saudi Arabian Banking. International Journal of Computer and Communication Engineering, 3(5), 326.
5 WANG, D. (2013). Malicious Node Detection Mechanism for Wireless Ad Hoc Network. International Journal of Security (IJS), 7(1), 1.
6 Mobarhan, M. A., Mobarhan, M. A., & Shahbahrami, A. (2012). Evaluation of security attacks on UMTS authentication mechanism. International Journal of Network Security & Its Applications, 4(4), 37-52.
7 Mobarhan, M. A., Mobarhan, M. A., & Shahbahrami, A. Evaluation of Security Attacks on Different Mobile Communication Systems.
1 Directory of Open Access Journals (DOAJ)
2 Google Scholar
3 CiteSeerX
4 refSeek
5 iSEEK
6 Scribd
7 slideshare
8 PdfSR
1 Al-Saraireh J., and Yousef S., "A New Authentication Protocol for UMTS Mobile Networks", EURASIP Journal on wireless communications and networking, vol. 2006, pp. 1-10, Article ID 98107, 2006.
2 Salgarelli L., Buddhikot M., Garay J., Patel S., and Miller S.. "The Evaluation of wireless LANs and PANs – Efficient Authentication and Key Distribution in Wireless IP Networks". IEEE Personal Communication on Wireless Communication, vol. 10, no. 6, pp. 52-61, 2003.
3 Al-Saraireh J., and Yousef S., "Analytical Model: Authentication Transmission Overhead Between Entities in Mobile Networks", Elsevier, Computer Communications Journal, vol. 30, no. 9, pp. 1713-1720, 2007.
4 Zhang M., and Fang Y., "Security Analysis and Enhancements of 3GPP Authentication and Key Agreement Protocol", IEEE Transactions on wireless communications, vol. 4, no. 2, pp. 734 – 742, 2005.
5 3GPP, "3G Security, Specification of the MILENAGE Algorithm Set: An Example Algorithm Set for the 3GPP Authentication and Key Generation Functions f1, f1*, f2, f3, f4, f5 and f5*, document 1: General", 3rd Generation Partnership Projec, 2001.
6 Cheng S., Shieh S., Yang W., Lee F., and Luo J., "Designing Authentication Protocols for Third Generation Mobile Communication Systems", Journal of Information Science and Engineering, vol. 21, pp. 361-378, 2005.
7 Brutch T., and Brutch P., "Mutual authentication, confidentiality, and key Management (MACKMAN) system for mobile computing and wireless communication", Proceedings of the 14th Annual Computer Security Applications Conference, pp. 308-317, 1998.
8 Dell'Uommo S., and Scarrone E., "The mobility management and authentication authorization mechanisms in mobile networks beyond 3G", Proceedings of the 12th IEEE International Symposium on Personal, Indoor and Mobile Radio Communications, pp. 44- 49, 2001,
9 Horn G., Martin K., and Mitchell C., "Authentication Protocols for Mobile Network Environment Value-Added Services", IEEE Transactions on Vehicular Technology, vol. 51, no. 2, pp. 383-392, 2002.
10 Lee C., Hwang M., and Yang W., "Enhanced Privacy and Authentication for the Global System for Mobile Communications", Wireless network Journal, Kluwer Academic Publishers, vol. 5, no. 3, pp. 231-234, 1999.
11 Lee C., Hwang M., and Yang W., "Extension of Authentication Protocol for GSM", IEE Proceeding Communication, vol. 150, no. 2, pp. 91-95, 2003.
12 Lee C., Li L., and Hwang M., "A remote User Authentication Scheme Using Hash Function", ACM Operating Systems Review, vol. 36 no. 4, pp. 23-29, 2002.
13 Lin C., and Shieh S., "Chain authentication in mobile communication systems", Journal of Telecommunication Systems, vol. 13, pp. 213-240, 2000.
14 Looi M.,"Enhanced authentication services for internet systems using mobile networks", IEEE Global Telecommunications Conference, vol. 6, pp. 3468-3472, 2001.
15 Molva R., Samfat D., and Tsudik G., "Authentication of Mobile Users", IEEE Network, vol. 8, no. 2, pp. 26-34, 1994.
16 Putz S., and Schmitz R. (2000), "Secure Interoperation between 2G and 3G Mobile Radio Networks", 3G Mobile Communication Technologies, 2000, First International Conference on (IEE Conference Publication No. 471), London, UK, Pp. 28-32.
17 Putz S., Schmitz R., Tonsing F., "Authentication Schemes for Third Generation. Mobile Radio Systems", Personal, Indoor and Mobile Radio Communication., The 9th IEEE International Symposium on Personal, vol. 1, pp. 126-130, 1998.
18 Park C., "On Certificate-Based Security Protocols for Wireless Mobile Communication Systems", IEEE Network, vol. 11, no. 5, pp. 50-55, 1997.
19 Grecas C., Maniatis S., and Venieris I., "Towards the introduction of the asymmetric cryptography in GSM,GPRS, and UMTS networks", Sixth IEEE Symposium on Computers and Communications, Proceedings, pp. 15-21, 2001.
20 Argyroudis G., Verma R., Tewari H., and Mahony D., "Performance Analysis of Cryptographic Protocols on Handheld Devices", 3rd IEEE International Symposium on Network Computing and Applications (NCA 2004) Proceeding, pp. 169 – 174, 2004.
21 Kambourakis G., Rouskas A., and Gritzalis S., "Using SSL/TLS in Authentication and Key Agreement Procedures of Future Mobile Networks", IEEE 4th International Workshop on Mobile and Wireless Communications Network, vol. 2002 , pp. 152 – 156, 2002.
22 Kambourakis G., Rouskas A., and Gritzalis S., "Advanced SSL/TLS-Based Authentication for Secure WLAN-3G Interworking", IEE Communications, vol. 151, no. 5, pp. 501-506, 2004.
23 Huang C., and Li J., "Authentication and Key Agreement Protocol for UMTS with Low Bandwidth Consumption", AINA2005, 19th International Conference on Advanced Information Networking and Applications (AINA'05), vol. 1, pp. 392-397, 2005.
24 Zhang M., "Provably-Secure Enhancement on 3GPP Authentication and Key Agreement Protocol", Cryptology ePrint Archive, Report 2003/092, 2003. [online]. Last accessed on 10 April 2006 as Available at http://eprint.iacr.org, 2003
25 Zhang Y., and Fujise M., "An Improvement for Authentication Protocol in Third-Generation Wireless Networks", IEEE Transaction on Wireless Communications, vol. 5, no. 9, pp. 2348-2352, 2006.
26 Zhang Y., and Fujise M., "Security Management in the Next Generation Wireless Networks", International Journal of Network Security, vol.3, no.1, pp. 1-7, 2006.
27 Adi W., Dawood A., Mabrouk A., and Musa S. , "Low complexity image authentication for mobile applications", IEEE South East Conference, Richmond, USA, pp. 20-20, 2007.
28 Yijun H., Nan X., and Jie L., "A Secure Key Exchange and Mutual Authentication Protocol for Wireless Mobile Communication", IEEE International Conference on Availability, Reliability and Security, ARES’07, Vienna, Austria, pp. 558 – 563, 2007.
29 Lin Y, and Chen Y., "Reducing Authentication Signaling Traffic in Third-Generation Mobile Network", IEEE Transactions on Wireless Communications, vol. 2, no. 3, pp. 493-501, 2003.
30 Harn L., and Hsin W., "On the Security of Wireless Network Access with Enhancements", Proceedings of the 2003 ACM workshop on Wireless Security, San Diego, USA, pp. 88-95, 2003.
31 Burnett S. and Pause S, "RSA Security's Official Guide to CRYPTOGRAPHY", McGrawn, Hill, 2002.
32 Lamport L., "Password authentication with insecure communication", Communication of ACM, Vol. 24, No. 11, pp. 770-772, 1981.
33 Al-Fayoumi M., Nashwan S., Yousef S. and Alzoubaidi A., "A New Hybrid Approach of Symmetric/Asymmetric Authentication Protocol for Future Mobile Networks", Third IEEE International Conference on Wireless and Mobile Computing, Networking and Communications, WiMob, pp. 29-38, 2007
34 Lacy, J., Mitchell, D. and Schell, W., "CryptoLib: Cryptography in Software." Proc. Fourth USENIX Security Workshop, October 1993.
35 M.J. Belier, L. Chang, and Y. Yacobi, "Privacy and Authentication on a Portable Communications System", Global Telecommunications Conference, pp 1922- 1927, Dec. 2-5, 1991.
36 M. Hwang, S. Chong and H. Ou, “On the security of an enhanced UMTS authentication and key agreement protocol”, European Transactions on Telecommunications, Vol. 22, Issue 3, pp. 99–112, April 2011
Dr. Mustafa Fayomi
- Jordan
Dr. Jaafer AL-Saraireh
- Jordan
sarjaafer@yahoo.com