Get 20M+ Full-Text Papers For Less Than $1.50/day. Start a 14-Day Trial for You or Your Team.

Learn More →

Achieving Better Privacy for the 3GPP AKA Protocol

Achieving Better Privacy for the 3GPP AKA Protocol Abstract Proposed by the 3rd Generation Partnership Project (3GPP) as a standard for 3G and 4G mobile-network communications, the AKA protocol is meant to provide a mutually-authenticated key-exchange between clients and associated network servers. As a result AKA must guarantee the indistinguishability from random of the session keys (key-indistinguishability), as well as client- and server-impersonation resistance. A paramount requirement is also that of client privacy, which 3GPP defines in terms of: user identity confidentiality, service untraceability, and location untraceability. Moreover, since servers are sometimes untrusted (in the case of roaming), the AKA protocol must also protect clients with respect to these third parties. Following the description of client-tracking attacks e.g. by using error messages or IMSI catchers, van den Broek et al. and respectively Arapinis et al. each proposed a new variant of AKA, addressing such problems. In this paper we use the approach of provable security to show that these variants still fail to guarantee the privacy of mobile clients. We propose an improvement of AKA, which retains most of its structure and respects practical necessities such as key-management, but which provably attains security with respect to servers and Man-in-the- Middle (MiM) adversaries. Moreover, it is impossible to link client sessions in the absence of client-corruptions. Finally, we prove that any variant of AKA retaining its mutual authentication specificities cannot achieve client-unlinkability in the presence of corruptions. In this sense, our proposed variant is optimal. http://www.deepdyve.com/assets/images/DeepDyve-Logo-lg.png Proceedings on Privacy Enhancing Technologies de Gruyter

Achieving Better Privacy for the 3GPP AKA Protocol

Download PDF
21 pages

Loading next page...
 
/lp/de-gruyter/achieving-better-privacy-for-the-3gpp-aka-protocol-LnIeVvRyi6
Publisher
de Gruyter
Copyright
Copyright © 2016 by the
ISSN
2299-0984
eISSN
2299-0984
DOI
10.1515/popets-2016-0039
Publisher site
See Article on Publisher Site

Abstract

Abstract Proposed by the 3rd Generation Partnership Project (3GPP) as a standard for 3G and 4G mobile-network communications, the AKA protocol is meant to provide a mutually-authenticated key-exchange between clients and associated network servers. As a result AKA must guarantee the indistinguishability from random of the session keys (key-indistinguishability), as well as client- and server-impersonation resistance. A paramount requirement is also that of client privacy, which 3GPP defines in terms of: user identity confidentiality, service untraceability, and location untraceability. Moreover, since servers are sometimes untrusted (in the case of roaming), the AKA protocol must also protect clients with respect to these third parties. Following the description of client-tracking attacks e.g. by using error messages or IMSI catchers, van den Broek et al. and respectively Arapinis et al. each proposed a new variant of AKA, addressing such problems. In this paper we use the approach of provable security to show that these variants still fail to guarantee the privacy of mobile clients. We propose an improvement of AKA, which retains most of its structure and respects practical necessities such as key-management, but which provably attains security with respect to servers and Man-in-the- Middle (MiM) adversaries. Moreover, it is impossible to link client sessions in the absence of client-corruptions. Finally, we prove that any variant of AKA retaining its mutual authentication specificities cannot achieve client-unlinkability in the presence of corruptions. In this sense, our proposed variant is optimal.

Journal

Proceedings on Privacy Enhancing Technologiesde Gruyter

Published: Oct 1, 2016

References

  • Another look at privacy threats in mobile In Proceedings of volume of in pages
    Khan
  • New attacks on UMTS network access In Republic pages
    Zahra Ahmadian
  • Logic of Authentication
    Michael Burrows
  • Ran Universally Composable Notions of Key Exchange and Secure In Advances in Cryptology - volume of pages
    Canetti
  • Jens New Privacy Model In editors volume pages
    Hermans
  • Jens New Privacy Model In - th on in September pages
    Hermans
  • - Secure Enhancement on Authentication and Key Agreement Protocol Cryptology ePrint Archive
    Muxiang Zhang
  • New privacy issues in mobile telephony fix verification In the ACM Conference on Computer and Communications pages
    Myrto Arapinis
  • Technical Specification Group rd Generation Partnership Project
    June
  • Ran Modular Approach to the Design and Analysis of Authentication and Key Exchange Protocols In Proceedings of the ACM Symposium on the Theory of pages
    Mihir Bellare
  • Serge Mutual Authentication in Privacy In on the rd on Communications pages
    Radu
  • Practical attacks against privacy and availability in lte mobile communication systems In Proceedings of NDSS Internet
    Shaik
  • rd Generation Partnership Project Technical Specification Group Services ans System Aspects Security related network functions Release rd Generation Partnership Project
    June
  • Ran Universally Composable Notions of Key Exchange and Secure In Advances in Cryptology - volume of pages
    Canetti
  • Ulrike Susanne man - in - the - middle attack on UMTS In Proceedings of the Workshop on Wireless pages
    Meyer
  • Untraceable mobility or how to travel incognito In volume pages
    Ateniese
  • Privacy through Pseudonymity in Mobile Systems In st Annual Network and Distributed System
    Myrto Arapinis
  • den and and de Defeating Catchers In Proceedings of the nd Conference on and Communications pages
    Fabian van
  • rd Generation Partnership Project Technical Specification Group Services ans System Aspects Security related network functions Release rd Generation Partnership Project
    June
  • practical public key cryptosystem provably secure against adaptive chosen ciphertext attacks In Advances in Cryptology - volume of pages
    Cramer
  • Jens New Privacy Model In - th on in September pages
    Hermans
  • Technical Specification Group rd Generation Partnership Project
    June
  • practical public key cryptosystem provably secure against adaptive chosen ciphertext attacks In Advances in Cryptology - volume of pages
    Cramer
  • analysis and enhancements of gpp authentication and key agreement protocol on
    Muxiang Zhang
  • provider Personal communication with one of europe s largest service providers
  • The and Performance of the Counter Mode of Operation Full Version Cryptology ePrint Archive
    David
  • Another look at privacy threats in mobile In Proceedings of volume of in pages
    Khan
  • Authenticated Key Exchange Secure against Dictionary Attacks In Advances in Cryptology - International Conference on the Theory and Application of Cryptographic Techniques pages
    Mihir Bellare
  • provider Personal communication with one of europe s largest service providers
  • Jens New Privacy Model In editors volume pages
    Hermans
  • Anonymous authentication with shared secrets In Proceedings of volume of pages Verlag
    Alwen
  • Ulrike Susanne man - in - the - middle attack on UMTS In Proceedings of the Workshop on Wireless pages
    Meyer
  • Anonymous authentication with shared secrets In Proceedings of volume of pages Verlag
    Alwen
  • Logic of Authentication
    Michael Burrows
  • analysis and enhancements of gpp authentication and key agreement protocol on
    Muxiang Zhang
  • Anonymity guarantees of the UMTS authentication and connection protocol Sec
    Ming
  • Practical attacks against privacy and availability in lte mobile communication systems In Proceedings of NDSS Internet
    Shaik
  • New attacks on UMTS network access In Republic pages
    Zahra Ahmadian
  • Serge Mutual Authentication in Privacy In on the rd on Communications pages
    Radu
  • Untraceable mobility or how to travel incognito In volume pages
    Ateniese
  • Anonymity guarantees of the UMTS authentication and connection protocol Sec
    Ming
  • Entity Authentication Key Distribution In editor Advances in - volume of pages
    Mihir Bellare
  • den and and de Defeating Catchers In Proceedings of the nd Conference on and Communications pages
    Fabian van
  • The and Performance of the Counter Mode of Operation Full Version Cryptology ePrint Archive
    David
  • Authenticated Key Exchange Secure against Dictionary Attacks In Advances in Cryptology - International Conference on the Theory and Application of Cryptographic Techniques pages
    Mihir Bellare
  • - Secure Enhancement on Authentication and Key Agreement Protocol Cryptology ePrint Archive
    Muxiang Zhang
  • New privacy issues in mobile telephony fix verification In the ACM Conference on Computer and Communications pages
    Myrto Arapinis
  • Entity Authentication Key Distribution In editor Advances in - volume of pages
    Mihir Bellare
  • Privacy through Pseudonymity in Mobile Systems In st Annual Network and Distributed System
    Myrto Arapinis
  • Ran Modular Approach to the Design and Analysis of Authentication and Key Exchange Protocols In Proceedings of the ACM Symposium on the Theory of pages
    Mihir Bellare