Mohammed Abdrabou, A. Elbayoumy, Essam Abd El-Wanis
{"title":"LTE Authentication Protocol (EPS-AKA) weaknesses solution","authors":"Mohammed Abdrabou, A. Elbayoumy, Essam Abd El-Wanis","doi":"10.1109/IntelCIS.2015.7397256","DOIUrl":null,"url":null,"abstract":"Extensible Authentication Protocol (EAP) is an authentication framework in Long Term Evolution (LTE) networks. EAP-AKA is one of the methods of EAP which uses the Authentication and Key Agreement (AKA) mechanism based on challenge-response mechanisms, EAP-AKA is used in the 3rd generation mobile networks then modified and inherited to 4th generation mobile networks (LTE) as Evolved Packet System Authentication and Key Agreement (EPS-AKA) mechanism which is used when the user access the network through EUTRAN. EPS-AKA vulnerabilities are disclosure of the user identity, Man in the Middle attack and Denial of Services (DoS) attacks so a robust authentication mechanism must replace EPSAKA to avoid such attacks. In this paper, Modified Evolved Packet System Authentication and Key Agreement (MEPS-AKA) protocol based on Simple Password Exponential Key Exchange (SPEKE) and symmetric key cryptography is proposed to solve these problems by performing a pre-authentication procedure to generate a dynamic key every time user access to the network, also each message send or received is confidentially protected. Scyther tool is used to verify the efficiency of the proposed protocol. EPS-AKA and MEPS-AKA are simulated using C programming language to calculate the execution time for both algorithms. The proposed protocol is simulated using a client-server application program using C# programming language.","PeriodicalId":6478,"journal":{"name":"2015 IEEE Seventh International Conference on Intelligent Computing and Information Systems (ICICIS)","volume":"1 1","pages":"434-441"},"PeriodicalIF":0.0000,"publicationDate":"2015-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"34","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2015 IEEE Seventh International Conference on Intelligent Computing and Information Systems (ICICIS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/IntelCIS.2015.7397256","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 34
Abstract
Extensible Authentication Protocol (EAP) is an authentication framework in Long Term Evolution (LTE) networks. EAP-AKA is one of the methods of EAP which uses the Authentication and Key Agreement (AKA) mechanism based on challenge-response mechanisms, EAP-AKA is used in the 3rd generation mobile networks then modified and inherited to 4th generation mobile networks (LTE) as Evolved Packet System Authentication and Key Agreement (EPS-AKA) mechanism which is used when the user access the network through EUTRAN. EPS-AKA vulnerabilities are disclosure of the user identity, Man in the Middle attack and Denial of Services (DoS) attacks so a robust authentication mechanism must replace EPSAKA to avoid such attacks. In this paper, Modified Evolved Packet System Authentication and Key Agreement (MEPS-AKA) protocol based on Simple Password Exponential Key Exchange (SPEKE) and symmetric key cryptography is proposed to solve these problems by performing a pre-authentication procedure to generate a dynamic key every time user access to the network, also each message send or received is confidentially protected. Scyther tool is used to verify the efficiency of the proposed protocol. EPS-AKA and MEPS-AKA are simulated using C programming language to calculate the execution time for both algorithms. The proposed protocol is simulated using a client-server application program using C# programming language.