Improving security level of LTE access procedure by using short-life shared key
College
College of Computer Studies
Department/Unit
Computer Technology
Document Type
Article
Source Title
IEICE Transactions on Communications
Volume
E100B
Issue
5
First Page
738
Last Page
748
Publication Date
5-1-2017
Abstract
To ensure secure mobile communication, the communicating entities must know their mutual identities. The entities which need to be identified in a mobile communication system are mobile devices and the network. Third Generation Partnership Project (3GPP) has specified Evolved Packet System Authentication and Key Agreement (EPS AKA) procedure for the mutual authentication of user and the Long Term Evolution (LTE) network. EPS AKA certainly overcomes most of the vulnerabilities in the Global System for Mobile Communications (GSM) and Universal Mobile Telecommunication System (UMTS) access procedures. However, the LTE access procedure still has security weaknesses against some of the sophisticated security threats, such as, Denial-of-Service (DoS) attacks, Man-in-the-Middle (MitM) attacks, rogue base station attacks and fails to ensure privacy protection for some of the important parameters. This paper proposes an improved security framework for the LTE access procedure by ensuring the confidentiality protection of International Mobile Subscriber Identity (IMSI) and random-challenge RAND. Also, our proposed system is designed to reduce the impact of DoS attacks which try to overwhelm the network with useless computations. We use a onetime shared key with a short lifetime between the UE and MME to protect IMSI and RAND privacy. Finally, we explore the parameters design for the proposed system which leads to satisfy the requirements imposed on computational load and latency as well as security strength. Copyright © 2017 The Institute of Electronics, Information and Communication Engineers.
html
Digitial Object Identifier (DOI)
10.1587/transcom.2016EBP3267
Recommended Citation
Ahmad, F., Peradilla, M., Saini, A., & Jung, Y. (2017). Improving security level of LTE access procedure by using short-life shared key. IEICE Transactions on Communications, E100B (5), 738-748. https://doi.org/10.1587/transcom.2016EBP3267
Disciplines
Computer Sciences
Keywords
Long-Term Evolution (Telecommunications)—Security measures; Mobile communication systems—Security measures
Upload File
wf_no