An effective approach to solving large communication overhead issue and strengthening the securities of AKA protocols

Abstract: SummaryAuthentication and key agreement (AKA) is a challenge-response-like security protocol that uses symmetric-key cryptography to establish authenticated keys between 2 parties. Its application in the third-generation mobile system universal mobile telecommunications system (UMTS) is called UMTS-AKA, and the version applied in the fourth-generation mobile communication system long-term evolution (LTE) is called LTE-AKA. Both UMTS-AKA and LTE-AKA share the same weakness: the network operators need to maintai… Show more

“…In a short summary of the performance comparison both our proposed schemes, Chien's schemes [11,25], and Fang et al's level-2 D2S authentication [12] demand almost negligible computational cost, compared to other PKC-based schemes. However, Chien's schemes [11,25] do not provide anonymity, Fang et al's level-2 D2S authentication [12] does not consider unlinkability, and the D2S group authentication [12] is vulnerable to the single-compromised-device-impersonation attack.…”

“…In a short summary of the performance comparison both our proposed schemes, Chien's schemes [11,25], and Fang et al's level-2 D2S authentication [12] demand almost negligible computational cost, compared to other PKC-based schemes. However, Chien's schemes [11,25] do not provide anonymity, Fang et al's level-2 D2S authentication [12] does not consider unlinkability, and the D2S group authentication [12] is vulnerable to the single-compromised-device-impersonation attack. Those pseudonym-bound-certificate schemes [29,31,32] and the pseudonym-bound-CLPK schemes [36] demand much larger computational overhead, which make them much less attractive to the resource-limited devices; additionally, they only provide anonymity but not unlinkability; the process of periodically renewing the certificates or the CLPKs is also very costly.…”

“…Potential applications of D2D communications include social network services, gaming, information sharing, advertising, conferencing services, etc. Since then, several works like [7][8][9][10][11][12] aim at proposing IoT authentication schemes and the works like [13][14][15][16][17][18][19][20][21][22] aim at securing D2D authentications in the 5G architecture.…”

“…In Table 3, Column 2 lists the target scenarios. Chien [11] focuses on the D2S authentication only, and Chien [25] addresses both the D2S authentication and the D2S group authentication; our proposed schemes and the schemes [15,16,18] address the D2D authentication, while the schemes [13,20] addressing the D2D group authentication. Sec-D2D [18] proposed a near-field D2D authentication, using accelerator sensors, speakers, and microphones; it fits only the near-field D2D cases where the owner of the device should actively participate the authentication process; it is a special application case, and, therefore, we would not include it in the detailed performance comparison.…”

“…In Table 4 we further differentiated D2D schemes into either D2S2D cases or direct D2D cases. Chein's schemes [11,25] adopt the concept of time zone in which the entities share the same authorized tokens to derive the successive session keys; therefore, the cost per session is amortized and is greatly reduced; for example, Chien's scheme [11] apply pairing operation, but the cost is amortized among m times of accesses within a time zone; so the amortized cost of a device per session is (6 + 2/m)T h + 1T ECCM + 1/m T pair ; when m (the number of requests within one time zone) is large enough, the amortized pairing computation 1/m T pair could be greatly reduced.…”

Two-Level-Composite-Hashing Facilitating Highly Efficient Anonymous IoT and D2D Authentication

“…In a short summary of the performance comparison both our proposed schemes, Chien's schemes [11,25], and Fang et al's level-2 D2S authentication [12] demand almost negligible computational cost, compared to other PKC-based schemes. However, Chien's schemes [11,25] do not provide anonymity, Fang et al's level-2 D2S authentication [12] does not consider unlinkability, and the D2S group authentication [12] is vulnerable to the single-compromised-device-impersonation attack.…”

“…In a short summary of the performance comparison both our proposed schemes, Chien's schemes [11,25], and Fang et al's level-2 D2S authentication [12] demand almost negligible computational cost, compared to other PKC-based schemes. However, Chien's schemes [11,25] do not provide anonymity, Fang et al's level-2 D2S authentication [12] does not consider unlinkability, and the D2S group authentication [12] is vulnerable to the single-compromised-device-impersonation attack. Those pseudonym-bound-certificate schemes [29,31,32] and the pseudonym-bound-CLPK schemes [36] demand much larger computational overhead, which make them much less attractive to the resource-limited devices; additionally, they only provide anonymity but not unlinkability; the process of periodically renewing the certificates or the CLPKs is also very costly.…”

“…Potential applications of D2D communications include social network services, gaming, information sharing, advertising, conferencing services, etc. Since then, several works like [7][8][9][10][11][12] aim at proposing IoT authentication schemes and the works like [13][14][15][16][17][18][19][20][21][22] aim at securing D2D authentications in the 5G architecture.…”

“…In Table 3, Column 2 lists the target scenarios. Chien [11] focuses on the D2S authentication only, and Chien [25] addresses both the D2S authentication and the D2S group authentication; our proposed schemes and the schemes [15,16,18] address the D2D authentication, while the schemes [13,20] addressing the D2D group authentication. Sec-D2D [18] proposed a near-field D2D authentication, using accelerator sensors, speakers, and microphones; it fits only the near-field D2D cases where the owner of the device should actively participate the authentication process; it is a special application case, and, therefore, we would not include it in the detailed performance comparison.…”

“…In Table 4 we further differentiated D2D schemes into either D2S2D cases or direct D2D cases. Chein's schemes [11,25] adopt the concept of time zone in which the entities share the same authorized tokens to derive the successive session keys; therefore, the cost per session is amortized and is greatly reduced; for example, Chien's scheme [11] apply pairing operation, but the cost is amortized among m times of accesses within a time zone; so the amortized cost of a device per session is (6 + 2/m)T h + 1T ECCM + 1/m T pair ; when m (the number of requests within one time zone) is large enough, the amortized pairing computation 1/m T pair could be greatly reduced.…”

Two-Level-Composite-Hashing Facilitating Highly Efficient Anonymous IoT and D2D Authentication

An improved authentication and security scheme for LTE/LTE-A networks

Highly Efficient Anonymous IoT Authentication using Composite Hashing