Skip to main content

ESAP: Efficient and secure authentication protocol for roaming user in mobile communication networks

Abstract

The Global System for Mobile communication (GSM) network is proposed to mitigate the security problems and vulnerabilities observed in the mobile telecommunication system. However, the GSM network is vulnerable to different kinds of attacks such as redirection attack, impersonation attack and Man in-the Middle (MiTM) attack. The possibility of these attacks makes the wireless mobile system vulnerable to fraudulent access and eavesdropping. Different authentication protocols of GSM were proposed to overcome the drawbacks but many of them lead to network signalling overload and increases the call set-up time. In this paper, an efficient and secure authentication and key agreement protocol (ESAP-AKA) is proposed to overcome the flaws of existing authentication protocol for roaming users in the GSM network. The formal verification of the proposed protocol is presented by BAN logic and the security analysis is shown using the AVISPA tool. The security analysis shows that the proposed protocol avoids the different possible attacks on the communication network. The performance analysis based on the fluid flow mobility model shows that the proposed protocol reduces the communication overhead of the network by reducing a number of messages. On an average, the protocol reduces 60% of network signalling congestion overhead as compared with other existing GSM-AKA protocols. Moreover, the protocol not only removes the drawbacks of existing protocols but also accomplishes the needs of roaming users.

This is a preview of subscription content, access via your institution.

Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6
Figure 7
Figure 8
Figure 9
Figure 10
Figure 11
Figure 12

References

  1. 1

    Al-Tawil K, Akrami A and Youssef H 1998 A new authentication protocol for gsm networks. In: Proceedings of the 23rd Annual Conference on Local Computer Networks, LCN’98, IEEE, pp. 21–30

  2. 2

    Ammayappan K, Saxena A and Negi A 2006 Mutual authentication and key agreement based on elliptic curve cryptography for gsm. In: Proceedings of the International Conference on Advanced Computing and Communications

  3. 3

    William S and Stallings W 2006 Cryptography and network security, 4th ed. Pearson Education India

    Google Scholar 

  4. 4

    Chaudhry S A, Naqvi H, Sher M, Farash M S and Hassan M U 2017 An improved and provably secure privacy preserving authentication protocol for SIP. Peer-to-Peer Netw. Appl. 10(1): 1–15

    Article  Google Scholar 

  5. 5

    Saxena N and Chaudhari N S 2013 SAKA: a secure authentication and key agreement protocol for gsm networks, CSI Trans. ICT 1(4): 331–341

    Article  Google Scholar 

  6. 6

    Hwang T and Gope P 2014 Provably secure mutual authentication and key exchange scheme for expeditious mobile communication through synchronously one-time secrets. Wireless Pers. Commun. 77(1): 197–224

    Article  Google Scholar 

  7. 7

    Degefa F B, Lee D, Kim J, Choi Y and Won D 2016 Performance and security enhanced authentication and key agreement protocol for sae/lte network. Comput. Netw. 94: 145–163

    Article  Google Scholar 

  8. 8

    Tan H R, Lee C and Mok V 2007 Automatic power meter reading system using GSM network. In: Proceedings of the International Power Engineering Conference, IPEC 2007, IEEE, pp. 465–469

  9. 9

    Nugra H, Abad A, Fuertes W, Galarraga F, Aules H, Villacis C and Toulkeridis T 2016 A low-cost IoT application for the urban traffic of vehicles, based on wireless sensors using GSM technology. In: Proceedings of the 20th IEEE–ACM International Symposium on Distributed Simulation and Real Time Applications (DS-RT), IEEE, pp. 161–169

  10. 10

    Wightwick A and Halak B 2016 Secure communication interface design for IoT applications using the GSM network. In: Proceedings of the 59th IEEE International Midwest Symposium on Circuits and Systems (MWSCAS), IEEE, pp. 1–4

  11. 11

    Rahman A M, Hossain S, Tuku I J, Hossam-E-Haider M and Amin M S 2016 Feasibility study of GSM network for tracking low altitude helicopter. In: Proceedings of the 3rd International Conference on Electrical Engineering and Information Communication Technology (ICEEICT), IEEE, pp. 1–5

  12. 12

    Lee C H, Hwang M S and Yang W P 1999 Enhanced privacy and authentication for the global system for mobile communications. Wireless Netw. 5(4): 231–243

    Article  Google Scholar 

  13. 13

    Lo C C and Chen Y J 1999 A secure communication architecture for GSM networks. In: Proceedings of the IEEE Pacific Rim Conference on Communications, Computers and Signal Processing, IEEE, pp. 221–224

  14. 14

    Fanian A, Berenjkoub M and Gulliver T A 2009 A new mutual authentication protocol for GSM networks. In: Proceedings of the Canadian Conference on Electrical and Computer Engineering, CCECE’09, IEEE, pp. 798-803

  15. 15

    Lee C C, Hwang M S and Yang W P 2003 Extension of authentication protocol for GSM. IEEE Proc. Commun. 150(2): 91–95

    Article  Google Scholar 

  16. 16

    Lee C C, Liao I E and Hwang M S 2011 An efficient authentication protocol for mobile communications. Telecommun. Syst. 46(1): 31–41

    Article  Google Scholar 

  17. 17

    Rappaport T S, et al 1996 Wireless Communications: principles and practice, vol. 2. New Jersey: Prentice-Hall-PTR

    MATH  Google Scholar 

  18. 18

    Zamzami A A, Devara E P, Pramana J, Sudarsono A and Zainudin A 2015 Reliability analysis of GSM network using software defined radio-based system. In: Proceedings of the International Electronics Symposium (IES), IEEE, pp. 274–279

  19. 19

    Chaudhry S A, Naqvi H, Farash M S, Shon T and Sher M 2015 An improved and robust biometrics-based three factor authentication scheme for multiserver environments. J. Supercomput. 1–17, https://doi.org/10.1007/s11227-015-1601-y

  20. 20

    Ramadan M, Li F, Xu C X, Abdalla A and Abdalla H 2016 An efficient end-to-end mutualauthentication scheme for 2G-GSM system. In: Proceedings of the IEEE International Conference on Big Data Analysis (ICBDA), IEEE, pp. 1–6

  21. 21

    Heydari M, Sadough S M S, Farash M S, Chaudhry S A and Mahmood K 2016 An efficient password-based authenticated key exchange protocol with provable security for mobile client–client networks. Wireless Pers. Commun. 88(2): 337–356

    Article  Google Scholar 

  22. 22

    Memon I, Mohammed M R, Akhtar R, Memon H, Memon M H and Shaikh R A 2014 Design and implementation to authentication over a GSM system using certificate-less public key cryptography (cl-pkc). Wireless Pers. Commun. 79(1): 661–686

    Article  Google Scholar 

  23. 23

    Chouhan A and Singh S 2015 Real time secure end to end communication over GSM network. In: Proceedings of the International Conference on Energy Systems and Applications, IEEE, pp. 663–668

  24. 24

    Anwar N, Riadi I and Luthfi A 2016 Forensic SIM card cloning using authentication algorithm. Int. J. Electron. Inf. Eng. 4(2): 71–81

    Google Scholar 

  25. 25

    Chang C C, Lee J S and Chang Y F 2005 Efficient authentication protocols of GSM. Comput. Commun. 28(8): 921–928

    Article  Google Scholar 

  26. 26

    Stach J F, Park E K and Makki K 1999 Performance of an enhanced GSM protocol supporting non-repudiation of service. Comput. Commun. 22(7): 675–680

    Article  Google Scholar 

  27. 27

    Hahn G, Kwon T, Kim S and Song J 2004 Design and analysis of improved GSM authentication protocol for roaming users. Netw. Parallel Comput. In: Proceedings of NPC 2004, pp. 451–458

  28. 28

    Kumari S, Chaudhry S A, Wu F, Li X, Farash M S and Khan M K 2017 An improved smart card based authentication scheme for session initiation protocol. Peer-to-Peer Netw. Appl. 10(1): 92–105

    Article  Google Scholar 

  29. 29

    Lo C C and Chen Y J 1999 Secure communication mechanisms for GSM networks. IEEE Trans. Consumer Electron. 45(4): 1074–1080

    MathSciNet  Article  Google Scholar 

  30. 30

    Hwang M S, Lee C C and Lee J Z 2004 A new anonymous channel protocol in wireless communications. Int. J. Electron. Commun. 58(3): 218–222

    Article  Google Scholar 

  31. 31

    Kumar K P, Shailaja G, Kavitha A and Saxena A 2006 Mutual authentication and key agreement for GSM. In: Proceedings of the International Conference on Mobile Business, ICMB’06, IEEE, pp. 25–25

  32. 32

    Kalaichelvi V and Chandrasekaran R 2008 Secure authentication protocol for mobile. In: Proceedings of the International Conference on Computing, Communication and Networking

  33. 33

    Southern E, Ouda A and Shami A 2011 Solutions to security issues with legacy integration of GSM into UMTS. In: Proceedings of the International Conference on Internet Technology and Secured Transactions (ICITST), IEEE, pp. 614–619

  34. 34

    Firoozjaei M D and Vahidi J 2012 Implementing geo-encryption in GSM cellular network. In: Proceedings of the 9th International Conference on Communications (COMM), IEEE, pp. 299–302

  35. 35

    Fanian A, Berenjkoub M and Gulliver T A 2012 A symmetric polynomial-based mutual authentication protocol for GSM networks. Int. J. Security Netw. 7(3): 161–173

    Article  Google Scholar 

  36. 36

    Mehrotra A and Golding L S 1998 Mobility and security management in the GSM system and some proposed future improvements. Proc. IEEE 86(7): 1480–1497

    Article  Google Scholar 

  37. 37

    Ghosh R 2017 Wireless networking and mobile data management, pp. 1–546

  38. 38

    Huang J L, Yeh L Y and Chien H Y 2011 ABAKA: an anonymous batch authenticated and key agreement scheme for value-added services in vehicular ad hoc networks. IEEE Trans. Veh. Technol. 60(1): 248–262

    Article  Google Scholar 

  39. 39

    Lin X, Sun X, Ho P H and Shen X 2007 GSIS: a secure and privacy-preserving protocol for vehicular communications. IEEE Trans Veh. Technol. 56(6): 3442–3456

    Article  Google Scholar 

  40. 40

    Burrows M, Abadi M and Needham R M 1989 A logic of authentication Proc. R. Proc. R. Soc. London A: Math. Phys. Eng. Sci. 426: 233–271

    MathSciNet  Article  MATH  Google Scholar 

  41. 41

    Burrows M, Abadi M and Needham R 1988 Authentication: a practical study in belief and action. In: Proceedings of the 2nd Conference on Theoretical Aspects of Reasoning About Knowledge, Morgan Kaufmann Publishers Inc., pp. 325–342

  42. 42

    Gaarder K and Snekkenes E 1990 On the formal analysis of PKCS authentication protocols. In: Proceedings of the Advances in Cryptology, AUSCRYPT’90. Berlin, Heidelberg: Springer, pp. 105–121

    Chapter  Google Scholar 

  43. 43

    Kyntaja T 1995 A logic of authentication by Burrows, Abadi and Needham. Tehran: Helsinki University of Technology, http://www.tml.tkk.fi/Opinnot/Tik-110.501/1995/ban.html

  44. 44

    Ou H H, Hwang M S and Jan J K 2010 A cocktail protocol with the authentication and key agreement on the UMTS. J. Syst. Softw. 83(2): 316–325

    Article  Google Scholar 

  45. 45

    Saxena N, Thomas J and Chaudhari N S 2015 ES-AKA: an efficient and secure authentication and key agreement protocol for UMTS networks. Wireless Pers. Commun. 84(3): 1981–2012

    Article  Google Scholar 

  46. 46

    Armando A, Basin D, Boichut Y, Chevalier Y, Compagna L, Cuéllar J, Drielsma P H, Héam P C, Kouchnarenko O, Mantovani J, et al 2005 The AVISPA tool for the automated validation of internet security protocols and applications. In: Proceedings of the International Conference on Computer Aided Verification. Berlin, Heidelberg: Springer, pp. 281–285

    Chapter  Google Scholar 

  47. 47

    AVISPA 2003 Automated validation of internet security protocols, http://www.avispa-project.org

  48. 48

    Lai C, Li H, Li X and Cao J 2015 A novel group access authentication and key agreement protocol for machine-type communication. Trans. Emerg. Telecommun. Technol. 26(3): 414–431

    Article  Google Scholar 

  49. 49

    Jiang R, Lai C, Luo J, Wang X and Wang H 2013 EAP-based group authentication and key agreement protocol for machine-type communications. Int J. Distrib. Sens. Netw. 2013: https://doi.org/10.1155/2013/304601

  50. 50

    Lai C, Li H, Lu R and Shen X S 2013 SE-AKA: a secure and efficient group authentication and key agreement protocol for LTE networks. Comput. Netw. 57(17): 3492–3510

    Article  Google Scholar 

Download references

Author information

Affiliations

Authors

Corresponding author

Correspondence to BALU L PARNE.

Appendix I. HLPSL code defining the role of MS, VLR and HLR

Appendix I. HLPSL code defining the role of MS, VLR and HLR

See Figures 13, 14 and 15.

Figure 13
figure13

Role of MS.

Figure 14
figure14

Role of VLR.

Figure 15
figure15

Role of HLR.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

PARNE, B.L., GUPTA, S. & CHAUDHARI, N.S. ESAP: Efficient and secure authentication protocol for roaming user in mobile communication networks. Sādhanā 43, 89 (2018). https://doi.org/10.1007/s12046-018-0879-x

Download citation

Keywords

  • GSM
  • authentication
  • roaming user
  • AVISPA
  • BAN logic