DOI QR코드

DOI QR Code

An Efficient Authentication Mechanism Strengthen the Privacy Protection in 3G Network

3G 네트워크에서 프라이버시 보호를 강화한 효율적인 인증 메커니즘

  • Received : 2010.09.28
  • Accepted : 2010.12.17
  • Published : 2010.12.31

Abstract

As communication technologies are developed and variety of services to mobile devices are provided, mobile users is rapidly increasing every year. However, mobile services running on wireless network environment are exposed to various security threats, such as illegal tampering, eavesdropping, and disguising identity. Accordingly, the secure mobile communications services to 3GPP were established that the standard for 3GPP-AKA specified authentication and key agreement. But in the standard, sequence number synchronization problem using false base station attack and privacy problem were discovered through related researches. In this paper, we propose an efficient authentication mechanism for enhanced privacy protection in the 3G network. We solve the sequence number synchronization existing 3GPP authentication scheme using timestamp and strengthen a privacy problem using secret token. In addition, the proposed scheme can improve the bandwidth consumption between serving network and home network and the problem of authentication data overhead for the serving network because it uses only one authentication vector.

Keywords

3GPP-AKA;Authentication;Privacy;IMSI;Security token

References

  1. 3rd Generation Partnership Project; "Technical Specification Group Services and System Aspects; 3G Security; Security architecture(Release 8)," 3GPP TS 33.102 V8.1.0(2008-12)
  2. 3rd Generation Partnership Project; "Technical Specification Group Services and System Aspects; 3G Security; Formal Analysis of the 3G Authentication Protocol(Release 4)," 3GPP TR 33.902 V4.0.0(2001-09)
  3. 3rd Generation Partnership Project; "Technical Specification Group Services and System Aspects; Report on the Evaluation of 3GPP Standard Confidentiality and Integrity Algorithms (Release 1999)," 3GPP TR 33.909 V1.0.0(2000-12)
  4. 3rd Generation Partnership Project; "Technical Specification Group Services and System Aspects; 3G Security; Specification of the MILENAGE Algorithm Set; An example algorithm set for the 3GPP authentication and key generation functions f1, f1$^{*}$, f2,f3,f4,f5 and f5$^{*}$; Document 1: generan(Release 8)," 3GPP TS 35.205 v8.0.0(2008-12)
  5. M. Zhang and Y. Fang, "Security Analysis and Enhancements of 3GPP Authentication and Key Agreement Protocol," IEEE Transactions on Wireless Communication, Vol. 4, no. 2, pp. 734-742 Mar. 2005. https://doi.org/10.1109/TWC.2004.842941
  6. Chris J.Mitchell, "The Security of the GSM air interface protocol", Univ. of London, Royal Holloway, Technical Report, RHUL-MA-2001244-250, Nov. 1993.
  7. W. Juang and J. Wu, "Efficient 3GPP authentication and key agreement with robust user privacy protection," Proceedings of the 2007 IEEE on Wireless communications and Networking Conference, pp. 2720-2725, Mar. 2007.
  8. C. Huang and J. Li. "Authentication and Key Agreement protocol for UMTS with low bandwidth consumption." Preoceedings of the 19th International Conference on Advanced Information Networking and Application 2005, pp. 392-397, Mar. 2005.
  9. 이옥연, "무선통신 보안", 물리학과 첨단기술 제16권 3호, pp. 22-26, 2007. 3.
  10. 박정현, 임선배, 이경준, "이동통신 보호를 위한 인증 방식 분석", 전자통신동향분석 제13권4호, pp1-20,1998. 8.
  11. 김두환, 정수환, "3GPP 네트워크에서 효율적인 인증데이터 관리를 위한 개선된 AKA 프로토콜", 정보보호학회 논문지 제19권2호, pp. 93-103, 2009. 4.
  12. 김대영, 최용강, 김상진, 오희국, "프라이버시와 완전한 전방향 안전성을 제공하는 UMTS 키 동의 프로토콜", 정보보호학회논문지 제17권 3호, pp81-90., 2007. 6.