Formal verification and analysis of primary authentication based on 5G-AKA protocol

Edris, Ed Kamya Kiyemba, Aiash, Mahdi ORCID: https://orcid.org/0000-0002-3984-6244 and Loo, Jonathan (2020) Formal verification and analysis of primary authentication based on 5G-AKA protocol. 2020 Seventh International Conference on Software Defined Systems (SDS), Paris, France, 2020. In: Third International Symposium on 5G Emerging Technologies (5GET 2020) in conjunction with the Fourth International Conference on Fog and Mobile Edge Computing (FMEC 2020), 30 Jun - 03 Jul 2020, Paris, France. e-ISBN 9781728172194, pbk-ISBN 9781728172200. [Conference or Workshop Item] (doi:10.1109/SDS49854.2020.9143899)

[img]
Preview
PDF - Final accepted version (with author's formatting)
Download (264kB) | Preview

Abstract

Fifth generation mobile network (5G) is intended to solve future constraints for accessing network services. The user and network operator depend on security assurances provided by the Authentication and Key Agreement protocols (AKA) used. For 5G network, the AKA has been standardized and 5GAKA protocol is one of the primary authentication methods that have been defined. This paper models the protocol and provides comprehensive formal analysis on 5G-AKA protocol as specified by The Third Generation Partnership Project (3GPP) standard. Using ProVerif a security protocol verification tool, we perform a full systematic evaluation of the 5G-AKA protocol based on the latest 5G specifications. We present security assumptions and properties that assists on the analysis based on two taxonomies, we find out that some important security properties are not achieved and related work ignored some crucial protocol flaws. Finally, we make some recommendations to address the issues found by our security analysis.

Item Type: Conference or Workshop Item (Paper)
Research Areas: A. > School of Science and Technology > Computer Science
Item ID: 30233
Notes on copyright: © 2020 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Useful Links:
Depositing User: Mahdi Aiash
Date Deposited: 22 May 2020 15:36
Last Modified: 28 Aug 2020 17:22
URI: https://eprints.mdx.ac.uk/id/eprint/30233

Actions (login required)

View Item View Item

Full text downloads (NB count will be zero if no full text documents are attached to the record)

Downloads per month over the past year