Ultra lightweight post-quantum resistant 5G-AKA protocol

IF 4.6 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Networks Pub Date : 2025-07-10 DOI:10.1016/j.comnet.2025.111444

An Braeken

{"title":"Ultra lightweight post-quantum resistant 5G-AKA protocol","authors":"An Braeken","doi":"10.1016/j.comnet.2025.111444","DOIUrl":null,"url":null,"abstract":"<div><div>As constrained devices like Internet of Things (IoT) devices become increasingly integrated with 5G networks, efficient and secure authentication and key management mechanisms are essential to ensure seamless and protected communication with the core 5G infrastructure. However, the current 5G-AKA (Authentication and Key Agreement) protocol lacks resistance against perfect forward secrecy (PFS) and post-quantum security, making it vulnerable to future adversarial threats, particularly quantum-enabled attacks. Most existing research provides partial solutions addressing either PFS or post-quantum security, no approach fully resolves both issues simultaneously in an efficient manner. This paper presents a novel authentication mechanism that relies solely on symmetric key cryptography, ensuring both high performance and robust security. Our innovation lies in replacing the conventional use of identical key material with a hybrid setup, where the user and 5G core each hold both common and distinct key components . By eliminating the computational overhead associated with asymmetric cryptography, our proposed solution offers an extremely efficient and scalable security solution, having almost 5 times lower energy consumption as the current 5G-AKA standard and requiring almost three times less security material to be sent during the protocol. As a consequence, this protocol offers a sustainable solution both with respect to energy and security aspects.</div></div>","PeriodicalId":50637,"journal":{"name":"Computer Networks","volume":"270 ","pages":"Article 111444"},"PeriodicalIF":4.6000,"publicationDate":"2025-07-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Networks","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1389128625004116","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

As constrained devices like Internet of Things (IoT) devices become increasingly integrated with 5G networks, efficient and secure authentication and key management mechanisms are essential to ensure seamless and protected communication with the core 5G infrastructure. However, the current 5G-AKA (Authentication and Key Agreement) protocol lacks resistance against perfect forward secrecy (PFS) and post-quantum security, making it vulnerable to future adversarial threats, particularly quantum-enabled attacks. Most existing research provides partial solutions addressing either PFS or post-quantum security, no approach fully resolves both issues simultaneously in an efficient manner. This paper presents a novel authentication mechanism that relies solely on symmetric key cryptography, ensuring both high performance and robust security. Our innovation lies in replacing the conventional use of identical key material with a hybrid setup, where the user and 5G core each hold both common and distinct key components . By eliminating the computational overhead associated with asymmetric cryptography, our proposed solution offers an extremely efficient and scalable security solution, having almost 5 times lower energy consumption as the current 5G-AKA standard and requiring almost three times less security material to be sent during the protocol. As a consequence, this protocol offers a sustainable solution both with respect to energy and security aspects.

查看原文本刊更多论文

超轻量级后量子抵抗5G-AKA协议

随着物联网（IoT）设备等受限设备越来越多地与5G网络集成，高效、安全的身份验证和密钥管理机制对于确保与核心5G基础设施的无缝、受保护的通信至关重要。然而，目前的5G-AKA（身份验证和密钥协议）协议缺乏对完美前向保密（PFS）和后量子安全的抵抗力，使其容易受到未来的对抗性威胁，特别是量子攻击。大多数现有研究提供了解决PFS或后量子安全的部分解决方案，没有一种方法可以同时有效地完全解决这两个问题。本文提出了一种完全依赖对称密钥加密的新型身份验证机制，保证了高性能和鲁棒安全性。我们的创新在于用混合设置取代相同密钥材料的传统使用，用户和5G核心都拥有共同和独特的关键组件。通过消除与非对称加密相关的计算开销，我们提出的解决方案提供了一个非常高效和可扩展的安全解决方案，与目前的5G-AKA标准相比，能耗几乎降低了5倍，在协议期间发送的安全材料几乎减少了3倍。因此，该议定书在能源和安全方面都提供了一个可持续的解决方案。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computer Networks 工程技术-电信学

CiteScore

10.80

自引率

3.60%

发文量

434

审稿时长

8.6 months

期刊介绍： Computer Networks is an international, archival journal providing a publication vehicle for complete coverage of all topics of interest to those involved in the computer communications networking area. The audience includes researchers, managers and operators of networks as well as designers and implementors. The Editorial Board will consider any material for publication that is of interest to those groups.