A survey on authentication and access control for mobile networks: from 4G to 5G

Abstract

The next generation of mobile networks, 5G, is expected to support a set of multiple requirements and use cases that will create an improved user experience. 5G will also be able to provide a high level of security by considering a variety of security aspects, such as authentication and access control mechanisms. The current protocol in 4G designed to address security is 4G AKA. It presents some weaknesses and vulnerabilities that negatively affect operators’ networks and their subscribers’ security. In designing an authentication and access control mechanism for 5G, it is crucial to evaluate both 4G AKA’s weaknesses and the new requirements of 5G. In this paper, we survey the vulnerabilities of the 4G AKA protocol, as well as the current 5G architectural answers brought by the 3GPP.

References

1. 1.

   3GPP (2017) Security Architecture, TS 33.102, Tech. Spec. 14.1.0

2. 2.

   3GPP (2017) Security Architecture, TS 33.401, Tech. Spec. 15.1.0

3. 3.

   3GPP (2017) Network Architecture, TS 23.002, Tech. Spec. 14.1.0

4. 4.

   Cao J, Ma M, Li H, Zhang Y, Luo Z (2014) A survey on security aspects for LTE and LTE-A networks. IEEE Commun Surv Tutorials 16(1):283–302

5. 5.

   3GPP (2017) Security Architecture and Procedures for 5G System, TS 33.501, Tech. Spec. 995985

6. 6.

   3GPP (2018) Numbering, Addressing and Identification, TS 23.003, Tech. Spec. 15.6.0

7. 7.

   Forsberg D, Horn G, Moeller W-D, Niemi V (2012) LTE security. Wiley

8. 8.

   Tsay J-K, Mjølsnes SF (2012) A vulnerability in the umts and lte authentication and key agreement protocols. In: International Conference on Mathematical Methods, Models, and Architectures for Computer Network Security, pp 65–76

9. 9.

   Abdrabou MA, Elbayoumy ADE, El-Wanis EA (2015) LTE authentication protocol (EPS-AKA) weaknesses solution. In: Intelligent Computing and Information Systems (ICICIS), 2015 IEEE Seventh International Conference on, pp 434–441

10. 10.

    Park Y, Park T (2007) A survey of security threats on 4G networks. In: Globecom Workshops, 2007 IEEE, pp 1–6

11. 11.

    Abdo JB, Demerjian J, Ahmad K, Chaouchi H, Pujolle G (2013) EPS mutual authentication and crypt-analyzing SPAKA. In: Computing, Management and Telecommunications (ComManTel), 2013 International Conference on, pp 303–308

12. 12.

    Haddad ZJ, Taha S, Saroit IA (2017) Anonymous authentication and location privacy preserving schemes for LTE-A networks. Egypt Inform J 18:193–203

13. 13.

    Li X, Wang Y (2011) Security enhanced authentication and key agreement protocol for LTE/SAE network. In: Wireless Communications, Networking and Mobile Computing (WiCOM), 2011 7th International Conference on, pp 1–4

14. 14.

    Franklin JV, Paramasivam K (2011) Enhanced authentication protocol for improving security in 3GPP LTE networks. In: Proc. International Conference on Information and Network Technology (ICINT 2011)

15. 15.

    Abdo JBB, Chaouchi H, Aoude M (2012) Ensured confidentiality authentication and key agreement protocol for EPS. In: Broadband Networks and Fast Internet (RELABIRA), 2012 Symposium on, pp 73–77

16. 16.

    Fouque P-A, Onete C, Richard B (2016) Achieving better privacy for the 3GPP AKA protocol, IACR Cryptology ePrint Archive, vol 2016, p 480

17. 17.

    Shaik A, Borgaonkar R, Asokan N, Niemi V, Seifert J-P (2015) Practical attacks against privacy and availability in 4G/LTE mobile communication systems, arXiv preprint arXiv:1510.07563

18. 18.

    Bhasker D (2013) 4G LTE security for mobile network operators. Cyber Secur Inf Sys Inf Anal Cent(CSIAC) 1(4):20–29

19. 19.

    Cichonski J, Franklin JM, Bartock M (2016) LTE architecture overview and security analysis. NIST Draft NISTIR, vol 8071

20. 20.

    Hamandi K, Sarji I, Chehab A, Elhajj IH, Kayssi A (2013) Privacy enhanced and computationally efficient HSK-AKA LTE scheme. In: Advanced Information Networking and Applications Workshops (WAINA), 2013 27th International Conference on, pp 929–934

21. 21.

    Khan MSA, Mitchell CJ (2014) Another look at privacy threats in 3G mobile telephony. In: Australasian Conference on Information Security and Privacy, pp. 386–396

22. 22.

    Degefa FB, Lee D, Kim J, Choi Y, Won D (2016) Performance and security enhanced authentication and key agreement protocol for SAE/LTE network. Comput Netw 94:145–163

23. 23.

    Mavoungou S, Kaddoum G, Taha M, Matar G (2016) Survey on threats and attacks on mobile networks. IEEE Access 4:4543–4572

24. 24.

    Choudhury H, Roychoudhury B, Saikia DK (2012) Enhancing user identity privacy in LTE,” in Trust, Security and Privacy in Computing and Communications (TrustCom), 2012 IEEE 11th International Conference on, pp 949–957

25. 25.

    Mjølsnes S, Tsay J-K (2012) Computational security analysis of the UMTS and LTE authentication and key agreement protocols

26. 26.

    Qiang L, Zhou W, Cui B, Na L (2014) Security analysis of TAU procedure in LTE network,” in P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), 2014 Ninth International Conference on, pp 372–376

27. 27.

    Escudero-Andreu G, Raphael CP, Parish DJ (2012) Analysis and design of security for next generation 4G cellular networks. In: The 13th annual post graduate symposium on the convergence of telecommunications, networking and broad-casting (PGNET)

28. 28.

    3GPP (2009) Rationale and Track of Security Decisions in Long Term Evolved (LTE) RAN / 3GPP System Architecture Evolution, TR 33.821, Tech. Report. 1031871

29. 29.

    Hamandi K, Sarji I, Elhajj IH, Chehab A, Kayssi A (2013) W-AKA: privacy-enhanced LTE-AKA using secured channel over Wi-Fi. In: Wireless Telecommunications Symposium (WTS), 2013, pp 1–6

30. 30.

    Bikos AN, Sklavos N (2013) LTE/SAE security issues on 4G wireless networks. IEEE Secur Priv 11(2):55–62

31. 31.

    Alt S, Fouque P-A, Macario-Rat G, Onete C, Richard B (2016) A cryptographic analysis of UMTS/LTE AKA. In: International Conference on Applied Cryptography and Network Security, pp 18–35

32. 32.

    Arapinis M et al (2012) New privacy issues in mobile telephony: fix and verification. In: Proceedings of the 2012 ACM conference on computer and communications security, pp 205–216

33. 33.

    Lee M-F, Smart NP, Warinschi B, Watson GJ (2014) Anonymity guarantees of the UMTS/LTE authentication and connection protocol. Int J Inf Secur 13(6):513–527

34. 34.

    Othmen S, Zarai F, Obaidat MS, Belghith A (2013) Re-authentication protocol from WLAN to LTE (ReP WLAN-LTE) In: Global Communications Conference (GLOBECOM), 2013 IEEE, pp 1446–1451

35. 35.

    El Idrissi YEH, Zahid N, Jedra M (2012) Security analysis of 3GPP (LTE)—WLAN interworking and a new local authentication method based on EAP-AKA. In: Future Generation Communication Technology (FGCT), 2012 International Conference on, pp 137–142

36. 36.

    Mun H, Han K, Kim K (2009) 3G-WLAN interworking: security analysis and new authentication and key agreement based on EAP-AKA. In: Wireless Telecommunications Symposium, WTS 2009, 2009, pp 1–8

37. 37.

    Alliance N (2015) 5G white paper, Next generation mobile networks, white paper

38. 38.

    Schneider P, Horn G (2015) Towards 5G security. In: Trustcom/BigDataSE/ISPA, 2015 IEEE, vol 1, pp 1165–1170

39. 39.

    5G Ensure Project (2016) Deliverable D2.4 Security Architecture (draft)

40. 40.

    Li J, Wen M, Zhang T (2016) Group-based authentication and key agreement with dynamic policy updating for MTC in LTE-A networks. IEEE Internet Things J 3(3):408–417

41. 41.

    Su W-T, Wong W-M, Chen W-C (2016) A survey of performance improvement by group-based authentication in IoT. In: Applied System Innovation (ICASI), 2016 International Conference on, pp 1–4

42. 42.

    Giustolisi R, Gerhmann C (2016) Threats to 5G group-based authentication. In: 13th International Conference on Security and Cryptography (SECRYPT 2016), 26–28 July 2016, Madrid, Spain

43. 43.

    Foukas X, Patounas G, Elmokashfi A, Marina MK (2017) Network slicing in 5G: survey and challenges. IEEE Commun Mag 55(5):94–100

44. 44.

    Chatras B, Kwong UST, Bihannic N (2017) NFV enabling network slicing for 5G. In: Innovations in Clouds, Internet and Networks (ICIN), 2017 20th Conference on, pp 219–225

45. 45.

    Ordonez-Lucena J, Ameigeiras P, Lopez D, Ramos-Munoz JJ, Lorca J, Folgueira J (2017) Network slicing for 5G with SDN/NFV: concepts, architectures, and challenges. IEEE Commun Mag 55(5):80–87

46. 46.

    Katsalis K, Nikaein N, Schiller E, Ksentini A, Braun T (2017) Network slices toward 5G communications: slicing the LTE network. IEEE Commun Mag 55(8):146–154

47. 47.

    Rost P, Mannweiler C, Michalopoulos DS, Sartori C, Sciancalepore V, Sastry N, Holland O, Tayade S, Han B, Bega D, Aziz D, Bakker H (2017) Network slicing to enable scalability and flexibility in 5G mobile networks. IEEE Commun Mag 55(5):72–79

48. 48.

    5G Ensure Project (2016) Deliverable D2.1 Use Cases

49. 49.

    5GPP (2017) 5G PPP Phase1 Security Landscape, white paper

50. 50.

    3GPP (2017) System Architecture for the 5G System, TS 23.501, Tech. Spec. 4356743

51. 51.

    3GPP (2017) Study of Security Aspects of the Next Generation System, TR 33.899, Tech. Report. 19482209

52. 52.

    Han C-K, Choi H-K (2014) Security analysis of handover key management in 4G LTE/SAE networks. IEEE Trans Mob Comput 13(2):457–468