Improving security level of LTE access procedure by using short-life shared key

College

College of Computer Studies

Department/Unit

Computer Technology

Document Type

Article

Source Title

IEICE Transactions on Communications

Volume

E100B

Issue

5

First Page

738

Last Page

748

Publication Date

5-1-2017

Abstract

To ensure secure mobile communication, the communicating entities must know their mutual identities. The entities which need to be identified in a mobile communication system are mobile devices and the network. Third Generation Partnership Project (3GPP) has specified Evolved Packet System Authentication and Key Agreement (EPS AKA) procedure for the mutual authentication of user and the Long Term Evolution (LTE) network. EPS AKA certainly overcomes most of the vulnerabilities in the Global System for Mobile Communications (GSM) and Universal Mobile Telecommunication System (UMTS) access procedures. However, the LTE access procedure still has security weaknesses against some of the sophisticated security threats, such as, Denial-of-Service (DoS) attacks, Man-in-the-Middle (MitM) attacks, rogue base station attacks and fails to ensure privacy protection for some of the important parameters. This paper proposes an improved security framework for the LTE access procedure by ensuring the confidentiality protection of International Mobile Subscriber Identity (IMSI) and random-challenge RAND. Also, our proposed system is designed to reduce the impact of DoS attacks which try to overwhelm the network with useless computations. We use a onetime shared key with a short lifetime between the UE and MME to protect IMSI and RAND privacy. Finally, we explore the parameters design for the proposed system which leads to satisfy the requirements imposed on computational load and latency as well as security strength. Copyright © 2017 The Institute of Electronics, Information and Communication Engineers.

html

Digitial Object Identifier (DOI)

10.1587/transcom.2016EBP3267

Disciplines

Computer Sciences

Keywords

Long-Term Evolution (Telecommunications)—Security measures; Mobile communication systems—Security measures

Upload File

wf_no

This document is currently not available here.

Share

COinS