• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.22 no.1
• /
• pp.25-31
• /
• 2012

LTE/SAE has presented the handover key management to revoke the compromised keys and to isolate corrupted network devices. In this paper, we identify that the handover key management is vulnerable to de-synchronization attacks, which is jeopardizing the forward secrecy of handover key management. Also, an adversary could prevent the UE from creating the secure link with eNodeB, which is delaying the handover procedure. In this paper, we present a counrermeasure to prevent above attacks, and analyze the performance issues of the proposed protocol.

• The KIPS Transactions:PartC
• /
• v.18C no.4
• /
• pp.237-242
• /
• 2011

LTE/SAE has presented the handover key management to revoke the compromised keys and to isolate corrupted network devices. In this paper, we identify that the handover key management is vulnerable to so-called de-synchronization attacks, which is jeopardizing the forward secrecy of handover key management. We place an emphasis on periodic root key update to minimize the effect of the de-synchronization attacks. An optimal value for the root key update interval is suggested in order to minimize signaling load and ensure security of user traffic.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.9
• /
• pp.4609-4623
• /
• 2017

The commercialization of LTE/SAE technologies has begun a new era in which data can be transmitted at remarkably high rates. The security of the LTE/SAE network, however, remains problematic. The forward security in LTE/SAE X2 handover key management can be threatened by key compromise and de-synchronization attacks as base station in public spaces can be compromised. This study was conducted to address the lack of forward key security in X2 handover key management in scenarios in which an adversary controls a legal base station. We developed the proposed X2 handover key management by changing the parameter in the renewing step and adding a verification step. We compare the security and performance of our proposal with other similar schemes. Our enhancement scheme ensures forward separation security accompanied by favorable signal and computation load performance.

• International Journal of Computer Science & Network Security
• /
• v.22 no.4
• /
• pp.139-146
• /
• 2022

Wireless access technologies are emerging to enable high data rates for mobile users and novel applications that encompass both human and machine-type interactions. An essential approach to meet the rising demands on network capacity and offer high coverage for wireless users on upcoming fifth generation (5G) networks is heterogeneous networks (HetNets), which are generated by combining the installation of macro cells with a large number of densely distributed small cells Deployment in 5G architecture has several issues because to the rising complexity of network topology in 5G HetNets with many distinct base station types. Aside from the numerous benefits that dense small cell deployment delivers, it also introduces key mobility management issues such as frequent handover (HO), failures, delays and pingpong HO. This article investigates 5G HetNet mobility management in terms of radio resource control. This article also discusses the key challenges for 5G mobility management.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.2
• /
• pp.103-114
• /
• 2007

The existing handover authentication schemes have authentication delay and overhead of the authentication server since they have been separately studied handover authentication at the link layer and the network layer. This paper proposes a handover authentication scheme initiated by Mobile Node on FMIPv6 based mobile access networks. The main idea of the paper is to generate a session key at the mobile node side, and transfer it to the next Access Router through the authentication server. Also, the scheme has a hierarchical key management at access router. There are two advantages of the scheme. First, the generated session key can be utilized for protecting the binding update messages and also for access authentication. Second, hierarchical key management at the access router reduced the handover delay time. The security aspects on the against PFS, PBS, and DoS attack of proposed scheme are discussed.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.5 no.11
• /
• pp.2204-2220
• /
• 2011

Without providing a proper security measure to the handover procedure in Mobile WiMAX, several security attacks can be mounted. Even though security schemes have been previously proposed for this purpose, they are still vulnerable to several security attacks due to fatal design flaws. A newly proposed security scheme in this paper is based on the framework of authentication domain and concept of handover ticket. A method of establishing security associations within the authentication domain is proposed, and a lightweight security measure to protect the management messages associated with the handover is also proposed. Especially, using the handover ticket, the new security scheme can defend against a Redirection Attack arising from a compromised base station. The new security scheme is comparatively analyzed with the previous security schemes in terms of Replay, Session Hijacking, Man-In-The-Middle, and Redirection attacks.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.5B
• /
• pp.741-752
• /
• 2010

The ability to seamlessly switch between the macro networks and femtocell networks is a key driver for femtocell network deployment. The handover procedures for the integrated femtocell/macrocell networks differ from the existing handovers. Some modifications of existing network and protocol architecture for the integration of femtocell networks with the existing macrocell networks are also essential. These modifications change the signal flow for handover procedures due to different 2-tier cell (macrocell and femtocell) environment. The handover between two networks should be performed with minimum signaling. A frequent and unnecessary handover is another problem for hierarchical femtocell/macrocell network environment that must be minimized. This work studies the details mobility management schemes for small and medium scale femtocell network deployment. To do that, firstly we present two different network architectures for small scale and medium scale WCDMA femtocell deployment. The details handover call flow for these two network architectures and CAC scheme to minimize the unnecessary handovers are proposed for the integrated femtocell/macrocell networks. The numerical analysis for the proposed M/M/N/N queuing scheme and the simulation results of the proposed CAC scheme demonstrate the handover call control performances for femtocell environment.

• Journal of Communications and Networks
• /
• v.6 no.3
• /
• pp.245-257
• /
• 2004

Driven by the growing number of the mobile subscribers, efficient channel resource management plays a key role for provisioning multimedia service in the next generation personal communication systems. To reuse limited channel resources, diminishing the coverage areas of cells seems to be the ultimate solution. Thus, however, causes more handover events. To provide seamless connection environment for mobile terminals and applications, this article presents a novel handover scheme called the intelligent channel reservation (ICR) scheme, which exploits the location prediction technologies to accurately reserve channel resources for handover connections. Considering the fact that each mobile terminal has its individual mobility characteristic, the ICR scheme utilizes a channel reserving notification procedure (CRNP) to collect adequate parameters for predicting the future location of individual mobile terminals. These parameters will be utilized by the handover prediction function to estimate the expected handover blocking rate and the expected number of idle channels. Based on the handover prediction estimations, a cost function for calculating the damages from blocking the handover connections and idling channel resources, and a corresponding algorithm for minimizing the cost function are proposed. In addition, a guard channel decision maker (GCDM) determines the appropriate number of guard channels. The experimental results show that the ICR scheme does reduce the handover-blocking rate while keeping the number of idle channels small.

• Journal of Korea Multimedia Society
• /
• v.13 no.2
• /
• pp.205-215
• /
• 2010

It is necessary to provide a fast and secure handover for seamless real-time multimedia services based on IEEE 802.11. In this paper, we propose FMIPv6 handoff protocol integrating L2/L3 layer based on IEEE 802.11 WLAN environment. In that, we propose a hierarchical key management scheme and authentication mechanism for protecting the handover signaling messages. The number of connections with AAA server is minimized for the fast handover. It is also compared and analyzed the handover cost with previous method.

• Journal of KIISE:Information Networking
• /
• v.36 no.3
• /
• pp.163-172
• /
• 2009

Various terminals equipped with multiple interfaces may receive services from wireless networks when they pass through the overlaid heterogeneous networks, and thus the vertical handovers across the wireless networks increases, which will become a big problem in the network resource management. This problem can be efficiently solved by common radio resource management (CRRM). In this paper, we propose two operation algorithms based on network selection jointly with vertical handover as the key CRRM strategies. When a new user tries to get services, the CRRM can choose the best target network according to the proposed Integrated Network Selection Algorithm. When the network cannot satisfy the request from the new users, the proposed Integrated Vertical Handover Algorithm moves existing users to neighborhood networks to accommodate new users. The performance of the proposed algorithms has been validated through extensive simulations.