Ensured confidentiality authentication and key agreement protocol for EPS

Abstract

The revenue from Security v/s its financial and performance cost debate has its fingerprints shown in EPS's 3GPP Technical specification, where some contradiction between the security philosophy v/s design caught the attention of the research community. Example of these contradictions is the shown in 3GPP's technical specification where the user's identity must be confidential to third parties, while in the design, the user's permanent Identifier is sent in plaintext over radio channel. Radio channels is susceptible to eavesdropping thus Users can be tracked for a short period before the temporary identifier is used, but this time is more than enough for a terrorist attack. Most of the papers published related to this topic, are proposing solutions for the above contradiction. In our work, some of these papers' security robustness will be evaluated by exploiting its vulnerabilities, and simulating newly proposed attack (Intelligent Brute Force), thus sizing the confidence in its proposals. A new mechanism, Ensured confidentiality Authentication and Key agreement (EC-AKA), is proposed to enhance the user's confidentiality and cover the identified AKA's vulnerabilities, thus fulfilling the market's long term needs, which LTE was developed for.