An efficient authentication protocol for mobile communications

In this paper, a new Global System of Mobile Communications (GSM) authentication protocol is proposed to improve some drawbacks of the current GSM authentication protocol for roaming users including: (a) communication overhead between VLR; (b) huge bandwidth consumption between VLR and HLR; (c) storage space overhead in VLR; (d) overloaded in HLR with authentication of mobile stations; and (e) not supporting bilateral authentication. The main contribution of this paper is that it does not only improve the drawbacks listed above but also fits the needs of roaming users. In addition, the proposed protocol does not change the existing architecture of GSM, and the robustness of the proposed protocol is the same as that of the original GSM, which is based on security algorithms A3, A5, and A8.     

UMTS鉴权原理及其与GSM鉴权兼容性

介绍了第三代移动通讯系统UMTS的安全体系,重点介绍UMTS的鉴权流程,鉴权原理和相关算法,并且对UMTS和GSM的鉴权兼容性进行了探讨。     

Potential fraudulent usage in mobile telecommunications networks

This paper investigates the fraudulent usage of mobile telecommunications services due to cloned subscriber identity modules (SIMs). In GSM or the Universal Mobile Telecommunication System (UMTS), a mobile phone or mobile station uses its SIM to gain network access through authentication. If the SIM of a legal user is cloned, then the cloned SIM can be used for GSM/UMTS authentication and fraudulent usage may occur. Under the existing GSM/UMTS mobility management and call setup procedures, we show how quickly the fraudulent usage can be detected. We also propose a simple solution to speed up the detection of potential fraudulent usage.     

3G认证和密钥分配协议的形式化分析及改进

介绍了第三代移动通信系统所采用的认证和密钥分配(AKA)协议,网络归属位置寄存器/访问位置寄存器(HLR/VLR)对用户UE(用户设备)的认证过程和用户UE对网络HLR/VLR的认证过程分别采用了两种不同的认证方式,前者采用基于"询问-应答"式的认证过程,后者采用基于"知识证明"式的认证过程.使用BAN形式化逻辑分析方法分别对这两种认证过程进行了分析,指出在假定HLR与VLR之间系统安全的前提下,基于"知识证明"式的认证过程仍然存在安全漏洞.3GPP采取基于顺序号的补充措施;同时,文中指出了另一种改进方案.     

An effective approach to solving large communication overhead issue and strengthening the securities of AKA protocols

Authentication and key agreement (AKA) is a challenge‐response‐like security protocol that uses symmetric‐key cryptography to establish authenticated keys between 2 parties. Its application in the third‐generation mobile system universal mobile telecommunications system (UMTS) is called UMTS‐AKA, and the version applied in the fourth‐generation mobile communication system long‐term evolution (LTE) is called LTE‐AKA. Both UMTS‐AKA and LTE‐AKA share the same weakness: the network operators need to maintain a large space of authentication vectors for visiting stations, and the transmission of the vectors causes lots of overhead. This weakness will be amplified when there are billions of devices accessing the network in the Internet‐of‐things scenarios. In addition, these schemes provide only key distribution (not key agreement) and cannot provide session key forward secrecy. In this paper, we propose a range‐bound key assignment technique to tackle the challenges. The proposed scheme drastically reduces the communication overhead and greatly strengthens the security robustness. The securities are analyzed and are verified using the AVISPA toolset.     

Enhanced privacy and authentication for the global system for mobile communications

The Global System for Mobile Communications (GSM) is widely recognized as the modern digital mobile network architecture. Increasing market demands point toward the relevancy of securityrelated issues in communications. The security requirements of mobile communications for the mobile users include: (1) the authentication of the mobile user and Visitor Location Register/Home Location Register; (2) the data confidentiality between mobile station and Visitor Location Register, and the data confidentiality between Visitor Location Register and Visitor Location Register/Home Location Register (VLR/HLR); (3) the location privacy of mobile user. However, GSM does not provide enough security functions to meet these requirements. We propose three improved methods to enhance the security, to reduce the storage space, to eliminate the sensitive information stored in VLR, and consequently to improve the performance of the system. Proposed methods include an improved authentication protocol for the mobile station, a data confidentiality protocol, and a location privacy protocol. The merit of the proposed methods is to improve but not to alter the existing architecture of the system. Furthermore, this study also performs computational and capacity analyses to evaluate the original GSM system and proposed approaches on a comparative basis.     

A Strong Authentication Scheme with User Privacy for Wireless Sensor Networks

Wireless sensor networks (WSNs) are used for many real‐time applications. User authentication is an important security service for WSNs to ensure only legitimate users can access the sensor data within the network. In 2012, Yoo and others proposed a security‐performance‐balanced user authentication scheme for WSNs, which is an enhancement of existing schemes. In this paper, we show that Yoo and others' scheme has security flaws, and it is not efficient for real WSNs. In addition, this paper proposes a new strong authentication scheme with user privacy for WSNs. The proposed scheme not only achieves end‐party mutual authentication (that is, between the user and the sensor node) but also establishes a dynamic session key. The proposed scheme preserves the security features of Yoo and others' scheme and other existing schemes and provides more practical security services. Additionally, the efficiency of the proposed scheme is more appropriate for real‐world WSNs applications.     

Reduced Overhead Frequent User Authentication in EAP-Dependent Broadband Wireless Networks

The authentication mechanisms in Broadband Wireless Networks (BWN) are predominantly based on Extensible Authentication Protocol (EAP). However, the complexity of EAP causes an impediment in BWN networks which involve high speed mobility. Even though it provides a highly secured mechanism, the current authentication process has high authentication overheads which affect the Quality of Service (QoS) in time sensitive data applications such as VoIP and VoD. The alternative would be to consider re-authentication approach which reduces the number of full EAP authentications but at the same time provides a secure handoff to the mobile users at a lower latency and hence does not impact the QoS of the applications. The proposed Frequency-based Re-authentication Protocol (FRP) is an extension to EAP, aiming to reduce the network access time and in turn reduce the authentication latency, by taking into account the frequency of visits of a particular mobile user to an access domain. In addition, we also propose a frequent – User Authentication Process (f-UAP) which when used with FRP significantly minimizes the EAP authentication overhead. A mathematical model is formulated to illustrate the tradeoff achieved when FRP along with EAP is used in the f-UAP approach. The security evaluation of the proposed FRP is carried out using Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. Furthermore, simulation analysis show that the FRP authentication latency is lower compared to the existing re-authentication mechanisms.     

UMTS security

The Universal Mobile Telecommunications System (UMTS) is one of the new 'third generation' mobile cellular communication systems. UMTS builds on the success of the 'second generation' GSM system. One of the factors in the success of GSM has been its security features. New services introduced in UMTS require new security features to protect them. In addition, certain real and perceived shortcomings of GSM security need to be addressed in UMTS. This paper surveys the major security features that are included in the first releases of the UMTS standards.     

Running cellular/PWLAN services: practical considerations for cellular/PWLAN architecture supporting interoperator roaming

To offer wireless data access services that are more efficient than GPRS or UMTS networks, public WLANs are in a predominant position to embrace the wireless broadband era. Reusing the existing mechanisms for user authentication, access control, billing, and roaming handling procedures in mobile territory to construct a complementary network, public WLAN (PWLAN) has drawn the attention of cellular operators such as Vodafone and T-Mobile. In this article we aim to investigate a practical end-to-end PWLAN architecture capable of using GPRS/UMTS SIM-based authentication for current mobile users and carrying out Web-based authentication for occasional users without SIM modules simultaneously. Additionally, we consider a confederation of various PWLAN service providers by a RADIUS-based roaming mechanism to leverage the existing resources of cellular operators. The proposed considerations and guidelines provide a baseline skeleton to build an extendable environment and successfully construct a flexible cellular/PWLAN hotspot in mobeeLAN service.     

LTE系统中接入层加密和完整性保护研究

随着移动通信的发展,通信网络中安全问题也日益严重。LTE与UMTS和GSM一同提供了一种相似的安全性。本文首先介绍了安全性中的认证和密钥协商进程,然后对LTE系统中的密钥产生体系和使用流程进行了分析,着重对接人层的安全模式命令进行阐述,最后总结了LTE中两大安全性功能的实现方案。     

移动通信网络安全发展前景分析

移动通信技术的飞速发展,日益丰富的数据增值业务诸如微博邮件、数据传输、手机支付、多媒体业务等得以应用。而用户更多的个人信息将在移动通信网络中传送,移动通信网络的安全也随之成为移动通信行业界重要的课题。笔者针对移动通信网络中所面临的各种安全威胁和攻击,重点从鉴权认证、用户身份保护、数据加密等方面对移动通信安全现有解决措施的发展情况进行了阐述,并结合移动通信技术的发展分析了其安全措施并提出一些改进方向,最后对移动通信网络安全的前景进行了展望。     

Transport of mobile application part signaling over Internetprotocol

The convergence of voice, data, and video networks is creating a new environment for telecommunications. In response to the changes, telecommunications equipment manufacturers and service providers are competing fiercely to bring an optimum solution to customers. The evolution of GSM to GPRS and to UMTS is a cellular wireless industry endeavour to meet this demand. This evolution will see the core wireless network infrastructure change from circuit-switched to packet-switched where voice and data are transported using IP as the common protocol. However, this poses a number of challenges, one of which is how to run the key mobile application part signaling protocols over IP. MAP defines the application protocols between switches and databases (e.g., MSC, VLR, SGSN, HLR) for supporting mobility management, security management, radio resource management, and mobile equipment management. UMTS supports both circuit-switched and packet-switched services     

A mutual authentication and privacy mechanism for WLAN security

IEEE 802.11 wireless local area networks (WLAN) has been increasingly deployed in various locations because of the convenience of wireless communication and decreasing costs of the underlying technology. However, the existing security mechanisms in wireless communication are vulnerable to be attacked and seriously threat the data authentication and confidentiality. In this paper, we mainly focus on two issues. First, the vulnerabilities of security protocols specified in IEEE 802.11 and 802.1X standards are analyzed in detail. Second, a new mutual authentication and privacy scheme for WLAN is proposed to address these security issues. The proposed scheme improves the security mechanisms of IEEE 802.11 and 802.1X by providing a mandatory mutual authentication mechanism between mobile station and access point (AP) based on public key infrastructure (PKI), offering data integrity check and improving data confidentiality with symmetric cipher block chain (CBC) encryption. In addition, this scheme also provides some other new security mechanisms, such as dynamic session key negotiation and multicast key notification. Hence, with these new security mechanisms, it should be much more secure than the original security scheme. Copyright © 2006 John Wiley & Sons, Ltd.     

Double Delegation-Based Authentication and Key Agreement Protocol for PCSs

Many protocols have been proposed for solving the user authentication in portable communication system. One of the schemes is based on the delegation concept. Home Location Register (HLR) delegates Mobile Station (MS) to be authenticated by Visitor Location Register (VLR). The main drawback of the scheme is that the HLR is required during the online authentication phase between VLR and MS. In this paper, a double delegation-based authentication and key agreement protocol is proposed. The main advantage of our protocol is that this scheme requires only MS and VLR online. This protocol will thoroughly utilize the proxy signature features to facilitate the operation of this protocol while only requires two members (MS, VLR) to be online at the same time.     

Lightweight Secure Roaming Mechanism Between GPRS/UMTS and Wireless LANs

The third generation partner project (3GPP) has standardized general packet radio service (GPRS) and the universal mobile telecommunications system (UMTS) to provide cell phone communications and wireless Internet services. Although the data transmission rate is lower than that of wireless local area networks (WLANs), GPRS/UMTS covers larger areas. Hence, to achieve higher speed ubiquitous access, we propose a lightweight secure roaming mechanism (LSRM) that integrates GPRS/UMTS and WLAN. Taking advantage of these two technologies, LSRM offers anonymous roaming and friendly subscriber management. Besides, we give a formal security analysis to LSRM based on BAN authentication logic.     

移动通信网中端端认证方案的研究

现有的数字移动通信网中提供移动用户与基地地间的保密通信服务,移动用户的间的端端保密通信在移动通信网中还是一个新问题。本文分析了已有端端认证方案的安全性,提出了一种单钥体制域内端端认证方案和一种单钥／双钥混合体制域间端端认证方案。分析结果结果：新方案不仅安全性很高,而且利用于移动端的实现,也便于网络端的密钥管理。     

移动漫游中强安全的两方匿名认证密钥协商方案

由于低功耗的移动设备计算和存储能力较低,设计一种高效且强安全的两方匿名漫游认证与密钥协商方案是一项挑战性的工作.现有方案不仅计算开销较高,而且不能抵抗临时秘密泄露攻击.针对这两点不足,提出一种新的两方匿名漫游认证与密钥协商方案.在新方案中,基于Schnorr签名机制,设计了一种高效的基于身份签密算法,利用签密的特性实现实体的相互认证和不可追踪;利用认证双方的公私钥直接构造了一个计算Diffie-Hellman（Computational Diffie-Hellman,CDH）问题实例,能抵抗临时秘密泄露攻击.新方案实现了可证明安全,在eCK（extended Canetti-Krawczyk）模型基础上,探讨两方漫游认证密钥协商方案安全证明过程中可能出现的情形,进行归纳和拓展,并给出新方案的安全性证明,其安全性被规约为多项式时间敌手求解椭圆曲线上的CDH问题.对比分析表明：新方案安全性更强,需要实现的算法库更少,计算和通信开销较低.新方案可应用于移动通信网络、物联网或泛在网络,为资源约束型移动终端提供漫游接入服务.     

A secure dynamic IP configuration scheme for mobile ad hoc networks

Secure dynamic IP addressing is a prime requirement for unicast communication between authorized hosts in mobile ad hoc networks (MANETs). Recently, several approaches have been proposed for dynamic addressing scheme. However, most of the approaches rely on broadcasting for address solicitation and/or duplicate address detection. As a result, several types of security threats in dynamic IP configuration can be observed. In this paper, we present an ID based dynamic IP configuration scheme that can securely allocate IP addresses to the authorized hosts for a mobile ad hoc network without broadcasting over the entire network. Each host in the MANET can generate an unique IP address from its own IP address for a new host. The proposed scheme provides authentication for address configuration without the help of a trusted third party while taking care of the security-threats associated with dynamic IP configuration. Performance analysis shows that even with added security mechanisms our proposed addressing scheme has fairly good addressing latency and control overhead compared to the similar existing schemes. Moreover, the proposed scheme is able to solve the problem of network partitions and mergers along with the arrival and departure of a host efficiently and securely.     

Authentication of Mobile Users in Third Generation Mobile Systems

The goal of the third-generation mobile systems is to provide worldwide operation, enhance service capabilities, and improve performance over the second-generation mobile systems. In this paper, we propose an authentication procedure for third-generation mobile systems. The authentication procedure is a protocol suite consisting of two subprotocols: a certificate-based authentication (CBA) protocol and a ticket-based authentication (TBA) protocol. Only two parties, MS and VLR, are involved in executing our protocol. Our authentication procedure uses both public- and secret-key cryptosystems. Our authentication procedure not only provides uniform authentication across domains, but also reduces computational costs in the process of repeated authentication. We provide firm proof of our procedure's correctness.