×

ESAP: efficient and secure authentication protocol for roaming user in mobile communication networks. (English) Zbl 1397.94116

Summary: The global system for mobile communication (GSM) network is proposed to mitigate the security problems and vulnerabilities observed in the mobile telecommunication system. However, the GSM network is vulnerable to different kinds of attacks such as redirection attack, impersonation attack and man in-the middle (MiTM) attack. The possibility of these attacks makes the wireless mobile system vulnerable to fraudulent access and eavesdropping. Different authentication protocols of GSM were proposed to overcome the drawbacks but many of them lead to network signalling overload and increases the call set-up time. In this paper, an efficient and secure authentication and key agreement protocol (ESAP-AKA) is proposed to overcome the flaws of existing authentication protocol for roaming users in the GSM network. The formal verification of the proposed protocol is presented by BAN logic and the security analysis is shown using the AVISPA tool. The security analysis shows that the proposed protocol avoids the different possible attacks on the communication network. The performance analysis based on the fluid flow mobility model shows that the proposed protocol reduces the communication overhead of the network by reducing a number of messages. On an average, the protocol reduces 60% of network signalling congestion overhead as compared with other existing GSM-AKA protocols. Moreover, the protocol not only removes the drawbacks of existing protocols but also accomplishes the needs of roaming users.

MSC:

94A62 Authentication, digital signatures and secret sharing
68M14 Distributed systems

Software:

CMQV+; AVISPA
PDFBibTeX XMLCite
Full Text: DOI Link

References:

[1] Al-Tawil K, Akrami A and Youssef H 1998 A new authentication protocol for gsm networks. In: Proceedings of the 23rd Annual Conference on Local Computer Networks, LCN’98, IEEE, pp. 21-30
[2] Ammayappan K, Saxena A and Negi A 2006 Mutual authentication and key agreement based on elliptic curve cryptography for gsm. In: Proceedings of the International Conference on Advanced Computing and Communications
[3] William S and Stallings W 2006 Cryptography and network security, 4th ed. Pearson Education India
[4] Chaudhry, SA; Naqvi, H; Sher, M; Farash, MS; Hassan, MU, An improved and provably secure privacy preserving authentication protocol for SIP, Peer-to-Peer Netw. Appl., 10, 1-15, (2017) · doi:10.1007/s12083-015-0400-9
[5] Saxena, N; Chaudhari, NS, SAKA: a secure authentication and key agreement protocol for gsm networks, CSI Trans. ICT, 1, 331-341, (2013) · doi:10.1007/s40012-013-0030-4
[6] Hwang, T; Gope, P, Provably secure mutual authentication and key exchange scheme for expeditious mobile communication through synchronously one-time secrets, Wireless Pers. Commun., 77, 197-224, (2014) · doi:10.1007/s11277-013-1501-5
[7] Degefa, FB; Lee, D; Kim, J; Choi, Y; Won, D, Performance and security enhanced authentication and key agreement protocol for sae/lte network, Comput. Netw., 94, 145-163, (2016) · doi:10.1016/j.comnet.2015.11.014
[8] Tan H R, Lee C and Mok V 2007 Automatic power meter reading system using GSM network. In: Proceedings of the International Power Engineering Conference, IPEC 2007, IEEE, pp. 465-469
[9] Nugra H, Abad A, Fuertes W, Galarraga F, Aules H, Villacis C and Toulkeridis T 2016 A low-cost IoT application for the urban traffic of vehicles, based on wireless sensors using GSM technology. In: Proceedings of the 20th IEEE-ACM International Symposium on Distributed Simulation and Real Time Applications (DS-RT), IEEE, pp. 161-169
[10] Wightwick A and Halak B 2016 Secure communication interface design for IoT applications using the GSM network. In: Proceedings of the 59th IEEE International Midwest Symposium on Circuits and Systems (MWSCAS), IEEE, pp. 1-4
[11] Rahman A M, Hossain S, Tuku I J, Hossam-E-Haider M and Amin M S 2016 Feasibility study of GSM network for tracking low altitude helicopter. In: Proceedings of the 3rd International Conference on Electrical Engineering and Information Communication Technology (ICEEICT), IEEE, pp. 1-5
[12] Lee, CH; Hwang, MS; Yang, WP, Enhanced privacy and authentication for the global system for mobile communications, Wireless Netw., 5, 231-243, (1999) · doi:10.1023/A:1019103228471
[13] Lo C C and Chen Y J 1999 A secure communication architecture for GSM networks. In: Proceedings of the IEEE Pacific Rim Conference on Communications, Computers and Signal Processing, IEEE, pp. 221-224
[14] Fanian A, Berenjkoub M and Gulliver T A 2009 A new mutual authentication protocol for GSM networks. In: Proceedings of the Canadian Conference on Electrical and Computer Engineering, CCECE’09, IEEE, pp. 798-803
[15] Lee, CC; Hwang, MS; Yang, WP, Extension of authentication protocol for GSM, IEEE Proc. Commun., 150, 91-95, (2003) · doi:10.1049/ip-com:20030290
[16] Lee, CC; Liao, IE; Hwang, MS, An efficient authentication protocol for mobile communications, Telecommun. Syst., 46, 31-41, (2011) · doi:10.1007/s11235-009-9276-4
[17] Rappaport T S, et al 1996 Wireless Communications: principles and practice, vol. 2. New Jersey: Prentice-Hall-PTR · Zbl 1229.94005
[18] Zamzami A A, Devara E P, Pramana J, Sudarsono A and Zainudin A 2015 Reliability analysis of GSM network using software defined radio-based system. In: Proceedings of the International Electronics Symposium (IES), IEEE, pp. 274-279
[19] Chaudhry S A, Naqvi H, Farash M S, Shon T and Sher M 2015 An improved and robust biometrics-based three factor authentication scheme for multiserver environments. J. Supercomput. 1-17, https://doi.org/10.1007/s11227-015-1601-y
[20] Ramadan M, Li F, Xu C X, Abdalla A and Abdalla H 2016 An efficient end-to-end mutualauthentication scheme for 2G-GSM system. In: Proceedings of the IEEE International Conference on Big Data Analysis (ICBDA), IEEE, pp. 1-6
[21] Heydari, M; Sadough, SMS; Farash, MS; Chaudhry, SA; Mahmood, K, An efficient password-based authenticated key exchange protocol with provable security for mobile client-client networks, Wireless Pers. Commun., 88, 337-356, (2016) · doi:10.1007/s11277-015-3123-6
[22] Memon, I; Mohammed, MR; Akhtar, R; Memon, H; Memon, MH; Shaikh, RA, Design and implementation to authentication over a GSM system using certificate-less public key cryptography (cl-PKC), Wireless Pers. Commun., 79, 661-686, (2014) · doi:10.1007/s11277-014-1879-8
[23] Chouhan A and Singh S 2015 Real time secure end to end communication over GSM network. In: Proceedings of the International Conference on Energy Systems and Applications, IEEE, pp. 663-668
[24] Anwar, N; Riadi, I; Luthfi, A, Forensic SIM card cloning using authentication algorithm, Int. J. Electron. Inf. Eng., 4, 71-81, (2016)
[25] Chang, CC; Lee, JS; Chang, YF, Efficient authentication protocols of GSM, Comput. Commun., 28, 921-928, (2005) · doi:10.1016/j.comcom.2005.01.015
[26] Stach, JF; Park, EK; Makki, K, Performance of an enhanced GSM protocol supporting non-repudiation of service, Comput. Commun., 22, 675-680, (1999) · doi:10.1016/S0140-3664(99)00010-9
[27] Hahn G, Kwon T, Kim S and Song J 2004 Design and analysis of improved GSM authentication protocol for roaming users. Netw. Parallel Comput. In: Proceedings of NPC 2004, pp. 451-458
[28] Kumari, S; Chaudhry, SA; Wu, F; Li, X; Farash, MS; Khan, MK, An improved smart card based authentication scheme for session initiation protocol, Peer-to-Peer Netw. Appl., 10, 92-105, (2017) · doi:10.1007/s12083-015-0409-0
[29] Lo, CC; Chen, YJ, Secure communication mechanisms for GSM networks, IEEE Trans. Consumer Electron., 45, 1074-1080, (1999) · doi:10.1109/30.809184
[30] Hwang, MS; Lee, CC; Lee, JZ, A new anonymous channel protocol in wireless communications, Int. J. Electron. Commun., 58, 218-222, (2004) · doi:10.1078/1434-8411-54100232
[31] Kumar K P, Shailaja G, Kavitha A and Saxena A 2006 Mutual authentication and key agreement for GSM. In: Proceedings of the International Conference on Mobile Business, ICMB’06, IEEE, pp. 25-25
[32] Kalaichelvi V and Chandrasekaran R 2008 Secure authentication protocol for mobile. In: Proceedings of the International Conference on Computing, Communication and Networking
[33] Southern E, Ouda A and Shami A 2011 Solutions to security issues with legacy integration of GSM into UMTS. In: Proceedings of the International Conference on Internet Technology and Secured Transactions (ICITST), IEEE, pp. 614-619
[34] Firoozjaei M D and Vahidi J 2012 Implementing geo-encryption in GSM cellular network. In: Proceedings of the 9th International Conference on Communications (COMM), IEEE, pp. 299-302
[35] Fanian, A; Berenjkoub, M; Gulliver, TA, A symmetric polynomial-based mutual authentication protocol for GSM networks, Int. J. Security Netw., 7, 161-173, (2012) · doi:10.1504/IJSN.2012.052530
[36] Mehrotra, A; Golding, LS, Mobility and security management in the GSM system and some proposed future improvements, Proc. IEEE, 86, 1480-1497, (1998) · doi:10.1109/5.681375
[37] Ghosh R 2017 Wireless networking and mobile data management, pp. 1-546
[38] Huang, JL; Yeh, LY; Chien, HY, ABAKA: an anonymous batch authenticated and key agreement scheme for value-added services in vehicular ad hoc networks, IEEE Trans. Veh. Technol., 60, 248-262, (2011) · doi:10.1109/TVT.2010.2089544
[39] Lin, X; Sun, X; Ho, PH; Shen, X, GSIS: a secure and privacy-preserving protocol for vehicular communications, IEEE Trans Veh. Technol., 56, 3442-3456, (2007) · doi:10.1109/TVT.2007.906878
[40] Burrows, M; Abadi, M; Needham, RM, A logic of authentication, Proc. R. Soc. London A: Math. Phys. Eng. Sci., 426, 233-271, (1989) · Zbl 0687.68007 · doi:10.1098/rspa.1989.0125
[41] Burrows M, Abadi M and Needham R 1988 Authentication: a practical study in belief and action. In: Proceedings of the 2nd Conference on Theoretical Aspects of Reasoning About Knowledge, Morgan Kaufmann Publishers Inc., pp. 325-342 · Zbl 0725.68094
[42] Gaarder, K; Snekkenes, E, On the formal analysis of PKCS authentication protocols, 105-121, (1990), Berlin, Heidelberg · Zbl 0724.68009 · doi:10.1007/BFb0030355
[43] Kyntaja T 1995 A logic of authentication by Burrows, Abadi and Needham. Tehran: Helsinki University of Technology, http://www.tml.tkk.fi/Opinnot/Tik-110.501/1995/ban.html
[44] Ou, HH; Hwang, MS; Jan, JK, A cocktail protocol with the authentication and key agreement on the UMTS, J. Syst. Softw., 83, 316-325, (2010) · doi:10.1016/j.jss.2009.08.019
[45] Saxena, N; Thomas, J; Chaudhari, NS, ES-AKA: an efficient and secure authentication and key agreement protocol for UMTS networks, Wireless Pers. Commun., 84, 1981-2012, (2015) · doi:10.1007/s11277-015-2551-7
[46] Armando, A; Basin, D; Boichut, Y; Chevalier, Y; Compagna, L; Cuéllar, J; Drielsma, PH; Héam, PC; Kouchnarenko, O; Mantovani, J; etal., The AVISPA tool for the automated validation of Internet security protocols and applications, 281-285, (2005), Berlin, Heidelberg · Zbl 1081.68523 · doi:10.1007/11513988_27
[47] AVISPA 2003 Automated validation of internet security protocols, http://www.avispa-project.org · Zbl 1081.68523
[48] Lai, C; Li, H; Li, X; Cao, J, A novel group access authentication and key agreement protocol for machine-type communication, Trans. Emerg. Telecommun. Technol., 26, 414-431, (2015) · doi:10.1002/ett.2635
[49] Jiang R, Lai C, Luo J, Wang X and Wang H 2013 EAP-based group authentication and key agreement protocol for machine-type communications. Int J. Distrib. Sens. Netw. 2013: https://doi.org/10.1155/2013/304601
[50] Lai, C; Li, H; Lu, R; Shen, XS, SE-AKA: a secure and efficient group authentication and key agreement protocol for LTE networks, Comput. Netw., 57, 3492-3510, (2013) · doi:10.1016/j.comnet.2013.08.003
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. In some cases that data have been complemented/enhanced by data from zbMATH Open. This attempts to reflect the references listed in the original paper as accurately as possible without claiming completeness or a perfect matching.