Anonymity guarantees of the UMTS/LTE authentication and connection protocol

Lee, Ming-Feng; Smart, Nigel P.; Warinschi, Bogdan; Watson, Gaven J.

doi:10.1007/s10207-014-0231-3

Cited by 17 publications

(5 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…However, we discovered a linkability attack against the protocol, which falsifies the authors claim. In [21], the authors study the 4G-AKA protocol without its first message. They show that this reduced protocol satisfies a form of anonymity (which is weaker than unlinkability).…”

Section: Introductionmentioning

confidence: 99%

The 5G-AKA Authentication Protocol Privacy

Koutsos

2019

2019 IEEE European Symposium on Security and Privacy (EuroS&P)

View full text Add to dashboard Cite

We study the 5G-AKA authentication protocol described in the 5G mobile communication standards. This version of AKA tries to achieve a better privacy than the 3G and 4G versions through the use of asymmetric randomized encryption. Nonetheless, we show that except for the IMSI-catcher attack, all known attacks against 5G-AKA privacy still apply.Next, we modify the 5G-AKA protocol to prevent these attacks, while satisfying 5G-AKA efficiency constraints as much as possible. We then formally prove that our protocol is σunlinkable. This is a new security notion, which allows for a fine-grained quantification of a protocol privacy. Our security proof is carried out in the Bana-Comon indistinguishability logic. We also prove mutual authentication as a secondary result.

show abstract

Section: Introductionmentioning

confidence: 99%

The 5G-AKA Authentication Protocol Privacy

Koutsos

2019

2019 IEEE European Symposium on Security and Privacy (EuroS&P)

View full text Add to dashboard Cite

show abstract

“…Lee et al [18] consider the untraceability of the 4G LTE (Long-term Evolution) protocol (similar to AKA, but with a different identifier-and key-management), but do not focus on the handshake itself. Their main result is that in the absence of server corruptions, LTE is (weakly) untraceable against an active MiM adversary.…”

Section: Introductionmentioning

confidence: 99%

Achieving Better Privacy for the 3GPP AKA Protocol

Fouque

Onete

Richard

2016

Proceedings on Privacy Enhancing Technologies

View full text Add to dashboard Cite

International audienceProposed by the 3rd Generation Partnership Project (3GPP) as a standard for 3G and 4G mobile-network communications, the AKA protocol is meant to provide a mutually-authenticated key-exchange between clients and associated network servers. As a result AKA must guarantee the indistinguishability from random of the session keys (key-indistinguishability), as well as client- and server-impersonation resistance. A paramount requirement is also that of client privacy, which 3GPP defines in terms of: user identity confidentiality, service untraceability, and location untraceability. Moreover, since servers are sometimes untrusted (in the case of roaming), the AKA protocol must also protect clients with respect to these third parties. Following the description of client-tracking attacks e.g. by using error messages or IMSI catchers, van den Broek et al. and respectively Arapinis et al. each proposed a new variant of AKA, addressing such problems. In this paper we use the approach of provable security to show that these variants still fail to guarantee the privacy of mobile clients. We propose an improvement of AKA, which retains most of its structure and respects practical necessities such as key-management, but which provably attains security with respect to servers and Man-in-the- Middle (MiM) adversaries. Moreover, it is impossible to link client sessions in the absence of client-corruptions. Finally, we prove that any variant of AKA retaining its mutual authentication specificities cannot achieve client-unlinkability in the presence of corruptions. In this sense, our proposed variant is optimal

show abstract

“…Finally observe that the security properties of the AKA protocol itself have been proven to hold [4] -the problems we consider here arise from exchanges not actually part of the AKA protocol. This makes clear the necessity to consider the entirety of a system if robust results about security and privacy are to be achieved.…”

Section: The Aka Protocolmentioning

confidence: 99%

Another Look at Privacy Threats in 3G Mobile Telephony

Khan

Mitchell

2014

Information Security and Privacy

View full text Add to dashboard Cite

Abstract. Arapinis et al. [1] have recently proposed modifications to the operation of 3G mobile phone security in order to address newly identified threats to user privacy. In this paper we critically examine these modifications. This analysis reveals that the proposed modifications are impractical in a variety of ways; not only are there security and implementation issues, but the necessary changes to the operation of the system are very significant and much greater than is envisaged. In fact, some of the privacy issues appear almost impossible to address without a complete redesign of the security system. The shortcomings of the proposed 'fixes' exist despite the fact that the modifications have been verified using a logic-based modeling tool, suggesting that such tools need to be used with great care.

show abstract

Anonymity guarantees of the UMTS/LTE authentication and connection protocol

Cited by 17 publications

References 17 publications

The 5G-AKA Authentication Protocol Privacy

The 5G-AKA Authentication Protocol Privacy

Achieving Better Privacy for the 3GPP AKA Protocol

Another Look at Privacy Threats in 3G Mobile Telephony

Contact Info

Product

Resources

About