Skip to main content
SpringerLink
Log in

PSEH: A provably secure and efficient handover AKA protocol in LTE/LTE-A network

  • Published:
Peer-to-Peer Networking and Applications Aims and scope Submit manuscript

Abstract

In order to accomplish the increasing security demands of handover-based applications such as mobile multimedia services and transportation system, various handover Authentication and Key Agreement (AKA) protocols were proposed by the researchers in Long Term Evolution-Advanced (LTE-A) network. However, these AKA protocols fail to preserve the privacy of communication entities and suffer from numerous attacks. In addition, these protocols incur high network overhead which doesn’t suit for the resource-constrained mobile devices in LTE/LTE-A network. Also, the protocols can’t establish the key forward/backward secrecy (KFS/KBS) and overcome the key escrow problem. To avoid the above-mentioned security issues, we propose the provably secure and efficient handover (PSEH)-AKA protocol based on double-trapdoor chameleon hash function. The PSEH-AKA protocol is proven secure under random oracle model to obtain the mutual authentication, session key secrecy, integrity and resistance from malicious attacks. The proposed handover protocol accommodates all the security demands such as KFS/KBS, privacy-preservation and establishes the secure session key between the communication entities. Furthermore, the formal verification using Automated Validation of Internet Security Protocols and Applications (AVISPA) tool shows the correctness and informal analysis shows the security properties of the protocol. The performance evaluation of the PSEH-AKA protocol is carried out with existing handover AKA protocols in terms of storage, communication, and computation overhead. The evaluation results show that the protocol achieves substantial efficiency and secure against the identified attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9

Similar content being viewed by others

References

  1. 3GPP (2009) 3rd generation partnership project; Technical specification group service and system aspects; Security of HeNB. Tech. Rep., 3GPP TR 33.820 V8.3.0

  2. Zhang K, Ni J, Yang K, Liang X, Ren J, Shen XS (2017) Security and privacy in smart city applications: challenges and solutions. IEEE Commun Mag 55(1):122–129

    Article  Google Scholar 

  3. Astély D, Dahlman E, Furuskär A, Jading Y, Lindström M, Parkvall S (2009) LTE: the evolution of mobile broadband. IEEE Commun Mag 47(4):44–51

    Article  Google Scholar 

  4. Zhang X, Kunz A, Schröder S (2017) Overview of 5G security in 3GPP. In: IEEE Conference on Standards for Communications and Networking (CSCN), pp 181–186

  5. Ferrag MA, Maglaras L, Argyriou A, Kosmanos D, Janicke H (2018) Security for 4G and 5G cellular networks: a survey of existing authentication and privacy-preserving schemes. J Netw Comput Appl 101:55–82

    Article  Google Scholar 

  6. Yang T, Lai C, Lu R, Jiang R (2015) EAPSG: Efficient Authentication protocol for secure group communications in maritime wideband communication networks. Peer-to-Peer Networking and Applications 8(2):216–228

    Article  Google Scholar 

  7. Shin S, Shon T, Yeh H, Kim K (2014) An effective authentication mechanism for ubiquitous collaboration in heterogeneous computing environment. Peer-to-Peer Networking and Applications 7(4):612–619

    Article  Google Scholar 

  8. Mishra D, Das AK, Mukhopadhyay S (2016) A secure and efficient ECC-based user anonymity-preserving session initiation authentication protocol using smart card. Peer-to-peer networking and applications 9(1):171–192

    Article  Google Scholar 

  9. 3GPP (2012) 3rd generation partnership project; Technical specification group services and system aspects; Telecommunication management; Self-organizing networks (SON) policy Network Resource Model (NRM) Integration Reference Point (IRP); Information Service (IS). Tech. Rep., 3GPP TS 32.522 V11.2.0

  10. 3GPP (2009) 3rd generation partnership project; Technical specification group core network and terminals; Access to the 3GPP Evolved Packet Core (EPC) via non-3GPP access networks. Tech. Rep., 3GPP TS 24.302 V8.8.0

  11. Sesia S, Baker M, Toufik I (2009) LTE- The UMTS Long term evolution: from theory to practice. John Wiley & Sons 9780470742891:1–792

    Google Scholar 

  12. Cao J, Ma M, Li H, Zhang Y, Luo Z (2014) A survey on security aspects for LTE and LTE-a networks. IEEE Commun Surv Tutorials 16(1):283–302

    Article  Google Scholar 

  13. 3GPP (2018) 3rd generation partnership project; Technical Specification Group Services and System Aspects; Security Architecture and Procedures for 5G System. Tech. Rep., 3GPP TS 33.501 V15.0.0

  14. 3GPP (2011) 3rd generation partnership project; Technical specification group radio access network; Evolved Universal Terrestrial Radio Access Network (E-UTRAN); Architecture description. Tech. Rep., 3GPP TS 36.401, V10.2.0

  15. 3GPP (2011) 3rd generation partnership project; Technical specification group radio access network; Evolved Universal Terrestrial Radio Access Network (E-UTRAN); S1 general aspects and principles. Tech. Rep., 3GPP TS 36.410, V10.1.0

  16. Forsberg D (2010) LTE Key management analysis with session keys context. Comput Commun 33(16):1907–1915

    Article  Google Scholar 

  17. Bohák A, Buttyán L, Dóra L (2007) An authentication scheme for fast handover between WiFi access points. In: Proc of ACM wireless internet conference (WICON), pp 1–9

  18. Cai L, Machiraju S, Chen H (2010) Capauth: a capability-based handover scheme. In: Proceedings IEEE INFOCOM, pp 1–5

  19. Hong K, Jung S, Wu SF (2005) A hash-chain based authentication scheme for fast handover in wireless network. In: International workshop on information security applications, Springer, pp 96–107

  20. Zhang C, Lu R, Ho PH, Chen A (2008) A location privacy preserving authentication scheme in vehicular networks. In: Wireless communications and networking conference, IEEE, pp 2543–2548

  21. Fu A, Zhang Y, Zhu Z, Jing Q, Feng J (2012) An efficient handover authentication scheme with privacy preservation for IEEE 802.16m network. Comput Secur 31(6):741–749

    Article  Google Scholar 

  22. Kim Y, Ren W, Jo JY, Jiang Y, Zheng J (2007) SFRIC: A secure fast roaming scheme in wireless LAN using ID-based cryptography. In: IEEE international conference on communications, pp 1570–1575

  23. He D, Chen C, Chan S, Bu J (2012) Secure and efficient handover authentication based on bilinear pairing functions. IEEE Trans Wirel Commun 11(1):48–53

    Article  Google Scholar 

  24. He D, Chen C, Chan S, Bu J (2012) Analysis and improvement of a secure and efficient handover authentication for wireless networks. IEEE Commun Lett 16(8):1270–1273

    Article  Google Scholar 

  25. Li G, Jiang Q, Wei F, Ma C (2015) A new privacy-aware handover authentication scheme for wireless networks. Wirel Pers Commun 80(2):581–589

    Article  Google Scholar 

  26. Xie Y, Wu L, Kumar N, Shen J (2017) Analysis and improvement of a privacy-aware handover authentication scheme for wireless network. Wirel Pers Commun 93(2):523–541

    Article  Google Scholar 

  27. He D, Wang D, Xie Q, Chen K (2017) Anonymous handover authentication protocol for mobile wireless networks with conditional privacy preservation. Science China Information Sciences 60(5):1–17

    Article  Google Scholar 

  28. Fu A, Qin N, Wang Y, Li Q, Zhang G (2017) A privacy-preserving with non-frameability handover authentication protocol based on (t, n) secret sharing for LTE/LTE-A networks. Wirel Netw 23(7):2165–2176

    Article  Google Scholar 

  29. Fu A, Song J, Li S, Zhang G, Zhang Y (2016) A privacy-preserving group authentication protocol for machine-type communication in LTE/LTE-A networks. Security and Communication Networks 9(13):2002–2014

    Google Scholar 

  30. Krawczyk H, Rabin T (1997) Chameleon hashing and signatures. Internet-http://wwwresearch.ibm.com/security/projects.html

  31. Chen X, Zhang F, Kim K (2004) Chameleon hashing without key exposure. In: International conference on information security, Springer, pp 87–98

  32. Choi J, Jung S (2010) A handover authentication using credentials based on chameleon hashing. IEEE Commun Lett 14(1):54–56

    Article  Google Scholar 

  33. Han Q, Zhang Y, Chen X, Li H, Quan J (2014) Efficient and robust identity-based handoff authentication for EAP-based wireless networks. Concurrency and Computation: Practice and Experience 26(8):1561–1573

    Article  Google Scholar 

  34. Zhang Y, Chen X, Li J, Li H (2014) Generic construction for secure and efficient handoff authentication schemes in EAP-based wireless networks. Comput Netw 75(Part A):192–211

    Article  Google Scholar 

  35. Yoon EJ, Khan MK, Yoo KY (2010) Cryptanalysis of a handover authentication scheme using credentials based on chameleon hashing. IEICE Trans Inf Syst 93(12):3400–3402

    Article  Google Scholar 

  36. Yeo SL, Yap WS, Liu JK, Henricksen M (2013) Comments on analysis and improvement of a secure and efficient handover authentication based on bilinear pairing functions. IEEE Commun Lett 17(8):1521–1523

    Article  Google Scholar 

  37. MacKenzie P (2001) On the security of the SPEKE password-authenticated key exchange protocol. IACR Cryptology ePrint Archive, pp 1–57

  38. Byun JW (2015) Privacy preserving smartcard-based authentication system with provable security. Security and Communication Networks 8(17):3028–3044

    Article  Google Scholar 

  39. Wu F, Xu L, Kumari S, Li X (2016) An improved and provably secure three-factor user authentication scheme for wireless sensor networks. Peer-to-Peer Networking and Applications 11(1):1–20

    Article  Google Scholar 

  40. Farash MS (2016) Security analysis and enhancements of an improved authentication for session initiation protocol with provable security. Peer-to-Peer Networking and Applications 9(1):82–91

    Article  Google Scholar 

  41. Miller VS (1986) Use of elliptic curves in cryptography. Exploratory Computer Science 218:417–426

    MathSciNet  Google Scholar 

  42. 3GPP (2011) 3rd Generation Partnership Project; Technical Specification Group Service and System Aspects; 3GPP System Architecture Evolution (SAE); Security architecture (Rel 11) 3GPP TS 33.401 V11.0.1

  43. 3GPP (2017) Universal mobile telecommunications system (UMTS); LTE; security of Home NodeB (HNB)/ Home Evolved Node B (heNB), Tech. Rep., 3GPP TS 133.320, V14.0,.0

  44. Johnson D, Menezes A, Vanstone S (2001) The elliptic curve digital signature algorithm (ECDSA). Int J Inf Secur 1(1):36–63

    Article  Google Scholar 

  45. Armando A, Basin D, Boichut Y, Chevalier Y, Compagna L, Cuéllar J, Drielsma PH, Héam P C, Kouchnarenko O, Mantovani J et al (2005) The avispa tool for the automated validation of internet security protocols and applications. In: International conference on computer aided verification, Springer, pp 281–285

  46. AVISPA (2004) EAP: Extensible Authentication Protocol. http://www.avispa-project.org/library/EAP_AKA.html, [Online; accessed 05-April-2018]

  47. He D, Zeadally S, Wu L, Wang H (2017) Analysis of handover authentication protocols for mobile wireless networks using identity-based public key cryptography. Comput Netw 128:154–163

    Article  Google Scholar 

  48. Zheng Y (1997) Digital signcryption or how to achieve cost (signature & encryption) cost (signature) + cost (encryption). In: Annual international cryptology conference, Springer, pp 165–179

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Visvesvaraya National Institute of Technology, Nagpur, Maharashtra, India

    Shubham Gupta, Balu L. Parne & Narendra S. Chaudhari

  2. Department of Computer Science and Engineering, Vellore Institute of Technology (VIT-AP) University, Amaravati, Andhra Pradesh, India

    Balu L. Parne

  3. Department of Computer Science and Engineering, Indian Institute of Technology (IIT), Indore, Madhya Pradesh (M.P.), India

    Narendra S. Chaudhari

Authors
  1. Shubham Gupta
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Balu L. Parne
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Narendra S. Chaudhari
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Shubham Gupta.

Additional information

Publisher’s Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Appendix: Basic role of the communication entities

Appendix: Basic role of the communication entities

figure d
figure e

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Gupta, S., Parne, B.L. & Chaudhari, N.S. PSEH: A provably secure and efficient handover AKA protocol in LTE/LTE-A network. Peer-to-Peer Netw. Appl. 12, 989–1011 (2019). https://doi.org/10.1007/s12083-018-0703-8

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12083-018-0703-8

Keywords

Search

Navigation