Novel 5G Authentication Protocol to Improve the Resistance Against Active Attacks and Malicious Serving Networks

The security of mobile communication largely depends on the strength of the authentication key exchange protocol. The 3rd Generation Partnership Project (3GPP) Group has standardized the 5G AKA (Authentication and Key Agreement) protocol for the next generation of mobile communications. It has been recently shown that the current version of this protocol still contains several weaknesses regarding user localization, leakage of activity, active attackers, and in the presence of malicious serving networks, leading to potentially major security leaks. We propose a new version of the 5G AKA protocol to overcome all the currently identified weaknesses in the protocol. In the new protocol, we replace the sequence numbers with random numbers, making it possible to drastically reduce the number of required communication phases and steps in the protocol. The usage of random numbers for the 5G AKA protocol is possible since the current Universal Subscriber Identity Modules (USIMs) are now capable of performing randomized asymmetric encryption operations. Moreover, the proposed protocol provides two additional security features, i.e., post-compromise security and forward security, not present in the current 5G AKA protocol. Finally, we evaluate the performance, both computation and communication efficiency, of the proposed AKA protocol and show its improvements compared to the current 5G AKA protocol.

Braeken An, Liyanage Madhusanka, Kumar Pardeep, Murphy John

Publication type:
A1 Journal article – refereed

Place of publication:

5G, Authentication, Formal verification, key agreement, mobile communication, Security

6 May 2019

Full citation:
A. Braeken, M. Liyanage, P. Kumar and J. Murphy, “Novel 5G Authentication Protocol to Improve the Resistance Against Active Attacks and Malicious Serving Networks,” in IEEE Access, vol. 7, pp. 64040-64052, 2019. doi: 10.1109/ACCESS.2019.2914941


Read the publication here: