A Secure Group-Based AKA Protocol for Machine-Type Communications

  • Rosario GiustolisiEmail author
  • Christian Gehrmann
  • Markus Ahlström
  • Simon Holmberg
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10157)


The fifth generation wireless system (5G) is expected to handle with an unpredictable number of heterogeneous connected devices while guaranteeing a high level of security. This paper advances a group-based Authentication and Key Agreement (AKA) protocol that contributes to reduce latency and bandwidth consumption, and scales up to a very large number of devices. A central feature of the proposed protocol is that it provides a way to dynamically customize the trade-off between security and efficiency. The protocol is lightweight as it resorts on symmetric key encryption only, hence it supports low-end devices and can be already adopted in current standards with little effort. Using ProVerif, we prove that the protocol meets mutual authentication, key confidentiality, and device privacy also in presence of corrupted devices, a threat model not being addressed in the state-of-the-art group-based AKA proposals. We evaluate the protocol performances in terms of latency and bandwidth consumption, and obtain promising results.

Supplementary material


  1. 1.
    3GPP: Formal analysis of the 3G authentication protocol. Technical report 33.902 (2001)Google Scholar
  2. 2.
    3GPP: Specification of the MILENAGE algorithm set. Technical specification 35.205 (2001)Google Scholar
  3. 3.
    3GPP: 3GPP System Architecture Evolution (SAE); Security architecture. Technical specification 33.401 (2008)Google Scholar
  4. 4.
    3GPP: MME related interfaces based on diameter protocol. Technical specification 29.272 (2008)Google Scholar
  5. 5.
    3GPP: Service requirements for Machine-Type Communications (MTC); Stage 1. Technical report 22.368 (2011)Google Scholar
  6. 6.
    Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: POPL2001, pp. 104–115. ACM, New York (2001)Google Scholar
  7. 7.
    Alliance, O.S.: Openairinterface.
  8. 8.
    Alt, S., Fouque, P.-A., Macario-rat, G., Onete, C., Richard, B.: A cryptographic analysis of UMTS/LTE AKA. In: Manulis, M., Sadeghi, A.-R., Schneider, S. (eds.) ACNS 2016. LNCS, vol. 9696, pp. 18–35. Springer, Heidelberg (2016). doi: 10.1007/978-3-319-39555-5_2 CrossRefGoogle Scholar
  9. 9.
    Blanchet, B.: An efficient cryptographic protocol verifier based on prolog rules. In: CSFW, pp. 82–96. IEEE Computer Society, Cape Breton, Canada (2001)Google Scholar
  10. 10.
    van den Broek, F., Verdult, R., de Ruiter, J.: Defeating IMSI catchers. In: 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015, pp. 340–351. ACM (2015)Google Scholar
  11. 11.
    Broustis, I., Sundaram, G.S., Viswanathan, H.: Group authentication: a new paradigm for emerging applications. Bell Labs Tech. J. 17(3), 157–173 (2012)CrossRefGoogle Scholar
  12. 12.
    Cao, J., Ma, M., Li, H.: GBAAM: group-based access authentication for MTC in LTE networks. Secur. Commun. Netw. 8(17), 3282–3299 (2015)CrossRefGoogle Scholar
  13. 13.
    Choi, D., Choi, H.K., Lee, S.Y.: A group-based security protocol for machine-type communications in LTE-advanced. Wirel. Netw. 21(2), 405–419 (2014)CrossRefGoogle Scholar
  14. 14.
    Dolev, D., Yao, A.C.: On the security of public key protocols. IEEE Trans. Inf. Theor. 29(2), 198–208 (1983)MathSciNetCrossRefzbMATHGoogle Scholar
  15. 15.
    Emura, K., Hayashi, T.: A light-weight group signature scheme with time-token dependent linking. In: Güneysu, T., Leander, G., Moradi, A. (eds.) LightSec 2015. LNCS, vol. 9542, pp. 37–57. Springer, Heidelberg (2016). doi: 10.1007/978-3-319-29078-2_3 CrossRefGoogle Scholar
  16. 16.
    Ericsson: Ericsson mobility report. Technical report (2015)Google Scholar
  17. 17.
    Fouque, P.A., Onete, C., Richard, B.: Achieving better privacy for the 3GPP AKA protocol. IACR Cryptology ePrint Archive 2016, p. 480 (2016)Google Scholar
  18. 18.
    Giustolisi, R., Gehrmann, C.: Threats to 5G group-based authentication. In: SECRYPT 2016 - Proceedings of the 13th International Conference on Security and Cryptography. SciTePress (2016)Google Scholar
  19. 19.
    Hwang, J.Y., Eom, S., Chang, K.Y., Lee, P.J., Nyang, D.: Anonymity-based authenticated key agreement with full binding property. J. Commun. Netw. 18(2), 190–200 (2016)Google Scholar
  20. 20.
    Hwang, J.Y., Lee, S., Chung, B.H., Cho, H.S., Nyang, D.: Group signatures with controllable linkability for dynamic membership. Inf. Sci. 222, 761–778 (2013)MathSciNetCrossRefzbMATHGoogle Scholar
  21. 21.
    Lai, C., Li, H., Lu, R., Shen, X.S.: SE-AKA: a secure and efficient group authentication and key agreement protocol for LTE networks. Comput. Netw. 57, 17 (2013)CrossRefGoogle Scholar
  22. 22.
    Nokia Siemens Networks: Signaling is growing 50% faster than data traffic. Technical Report (2012)Google Scholar
  23. 23.
    Oracle: Oracle communications LTE diameter signaling index, 4th edn. White Paper (2015)Google Scholar
  24. 24.
    Ryan, M.D., Smyth, B.: Applied pi calculus. In: Formal Models and Techniques for Analyzing Security Protocols, chap. 6. IOS Press (2011)Google Scholar
  25. 25.
    Sun, H.M., He, B.Z., Chen, C.M., Wu, T.Y., Lin, C.H., Wang, H.: A provable authenticated group key agreement protocol for mobile environment. Inf. Sci. 321, 224–237 (2015)MathSciNetCrossRefGoogle Scholar
  26. 26.
    Tang, C., Naumann, D.A., Wetzel, S.: Analysis of authentication and key establishment in inter-generational mobile telephony. In: IEEE 10th International Conference on Embedded and Ubiquitous Computing (HPCC_EUC). pp. 1605–1614 (2013)Google Scholar
  27. 27.
    WonderNetwork: Wonderproxy servers. (August 2016)
  28. 28.
    Woo, T.Y., Lam, S.S.: A semantic model for authentication protocols. In: 1993 IEEE Computer Society Symposium on Research in Security and Privacy, Proceedings, pp. 178–194 (1993)Google Scholar
  29. 29.
    Yang, X., Huang, X., Liu, J.K.: Efficient handover authentication with user anonymity and untraceability for mobile cloud computing. Future Gener. Comput. Syst. 62, 190–195 (2016)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Rosario Giustolisi
    • 1
    Email author
  • Christian Gehrmann
    • 1
  • Markus Ahlström
    • 1
  • Simon Holmberg
    • 1
  1. 1.Swedish Institute of Computer ScienceStockholmSweden

Personalised recommendations