SUALPPA Scheme: Enhanced Solution for User Authentication in the GSM System
The Global System for Mobile Communications (GSM) is the most popular standard for mobile phones in the world. GSM phones are used by over the billion people across more than 200 countries. In spite of the tremendous market growth, however, there are major security drawbacks in the GSM system. In this paper, we introduce the secure user authentication scheme to solve the problem: user authentication and location privacy. Also the proposed scheme provides partial anonymity, because of the usage of temporary identity and the new mechanism that the only authenticated VLR can use the MS’s IMSI. Besides, we introduce the modified scheme to reduce user authentication procedure without changing of the architecture of the original GSM system.
KeywordsUser Authentication Authentication Protocol Mutual Authentication Location Privacy Bandwidth Consumption
Unable to display preview. Download preview PDF.
- 2.Broron, D.: Techniques for privacy and authentication in personal communication systems. IEEE Personal communications, 6–10 (August 1995)Google Scholar
- 3.Willas, J.E.: Privacy and authentication needs of PCS. IEEE personal communications, 11–15 (August 1995)Google Scholar
- 4.Shieh, S.P., Lin, C.T., Hsueh, J.T.: Secure communication in Global Systems for Mobile Telecommunications. In: Proc. 1st Workshop on Mobile Computing, ROC, pp. 136–142 (1995)Google Scholar
- 5.Harn, L., Lin, H.Y.: Modification to enhance the security of the GSM protocol. In: Proceedings of the 5th National Conference on Information security, Taipei, Taiwan, May 1995, pp. 416–420 (1995)Google Scholar
- 7.Al-Tawil, K., Akrami, A., Youssef, H.: A new authentication protocol for GSM networks. In: Proceedings of IEEE 23rd Annual Conference on Local Computer Networks (LCN 1998), pp. 21–30 (1998)Google Scholar
- 8.Stach, J.F., Park, E.K., Makki, K.: Performance of an enhanced GSM protocol supporting non-repudiayion of service. Comput. Commun., 675–680 (1999)Google Scholar
- 10.Molva, R., Tsudik, G., Herreweghen, E.V., Zatti, S.: KryptoKnight: Authentication and key distribution system. In: Proceedings on 1992 European Symposium on Research in Computer Security, pp. 155–174 (1992)Google Scholar