{"title":"确保EPS的机密性认证和密钥协议协议","authors":"J. B. Abdo, H. Chaouchi, M. Aoude","doi":"10.1109/RELABIRA.2012.6235098","DOIUrl":null,"url":null,"abstract":"The revenue from Security v/s its financial and performance cost debate has its fingerprints shown in EPS's 3GPP Technical specification, where some contradiction between the security philosophy v/s design caught the attention of the research community. Example of these contradictions is the shown in 3GPP's technical specification where the user's identity must be confidential to third parties, while in the design, the user's permanent Identifier is sent in plaintext over radio channel. Radio channels is susceptible to eavesdropping thus Users can be tracked for a short period before the temporary identifier is used, but this time is more than enough for a terrorist attack. Most of the papers published related to this topic, are proposing solutions for the above contradiction. In our work, some of these papers' security robustness will be evaluated by exploiting its vulnerabilities, and simulating newly proposed attack (Intelligent Brute Force), thus sizing the confidence in its proposals. A new mechanism, Ensured confidentiality Authentication and Key agreement (EC-AKA), is proposed to enhance the user's confidentiality and cover the identified AKA's vulnerabilities, thus fulfilling the market's long term needs, which LTE was developed for.","PeriodicalId":180400,"journal":{"name":"2012 Symposium on Broadband Networks and Fast Internet (RELABIRA)","volume":"8 7","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-05-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"43","resultStr":"{\"title\":\"Ensured confidentiality authentication and key agreement protocol for EPS\",\"authors\":\"J. B. Abdo, H. Chaouchi, M. Aoude\",\"doi\":\"10.1109/RELABIRA.2012.6235098\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The revenue from Security v/s its financial and performance cost debate has its fingerprints shown in EPS's 3GPP Technical specification, where some contradiction between the security philosophy v/s design caught the attention of the research community. Example of these contradictions is the shown in 3GPP's technical specification where the user's identity must be confidential to third parties, while in the design, the user's permanent Identifier is sent in plaintext over radio channel. Radio channels is susceptible to eavesdropping thus Users can be tracked for a short period before the temporary identifier is used, but this time is more than enough for a terrorist attack. Most of the papers published related to this topic, are proposing solutions for the above contradiction. In our work, some of these papers' security robustness will be evaluated by exploiting its vulnerabilities, and simulating newly proposed attack (Intelligent Brute Force), thus sizing the confidence in its proposals. A new mechanism, Ensured confidentiality Authentication and Key agreement (EC-AKA), is proposed to enhance the user's confidentiality and cover the identified AKA's vulnerabilities, thus fulfilling the market's long term needs, which LTE was developed for.\",\"PeriodicalId\":180400,\"journal\":{\"name\":\"2012 Symposium on Broadband Networks and Fast Internet (RELABIRA)\",\"volume\":\"8 7\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-05-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"43\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 Symposium on Broadband Networks and Fast Internet (RELABIRA)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/RELABIRA.2012.6235098\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 Symposium on Broadband Networks and Fast Internet (RELABIRA)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/RELABIRA.2012.6235098","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Ensured confidentiality authentication and key agreement protocol for EPS
The revenue from Security v/s its financial and performance cost debate has its fingerprints shown in EPS's 3GPP Technical specification, where some contradiction between the security philosophy v/s design caught the attention of the research community. Example of these contradictions is the shown in 3GPP's technical specification where the user's identity must be confidential to third parties, while in the design, the user's permanent Identifier is sent in plaintext over radio channel. Radio channels is susceptible to eavesdropping thus Users can be tracked for a short period before the temporary identifier is used, but this time is more than enough for a terrorist attack. Most of the papers published related to this topic, are proposing solutions for the above contradiction. In our work, some of these papers' security robustness will be evaluated by exploiting its vulnerabilities, and simulating newly proposed attack (Intelligent Brute Force), thus sizing the confidence in its proposals. A new mechanism, Ensured confidentiality Authentication and Key agreement (EC-AKA), is proposed to enhance the user's confidentiality and cover the identified AKA's vulnerabilities, thus fulfilling the market's long term needs, which LTE was developed for.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
