For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
A Vulnerability in 5G Authentication Protocols and Its Countermeasure
Xinxin HU Caixia LIU Shuxin LIU Jinsong LI Xiaotao CHENG
IEICE TRANSACTIONS on Information and Systems
Publication Date: 2020/08/01
Online ISSN: 1745-1361
Type of Manuscript: Special Section LETTER (Special Section on Formal Approaches)
Category: Formal Approaches
5G network, authentication protocols, security, formal methods,
Full Text: PDF(699.3KB)>>
5G network will serve billions of people worldwide in the near future and protecting human privacy from being violated is one of its most important goals. In this paper, we carefully studied the 5G authentication protocols (namely 5G AKA and EAP-AKA') and a location sniffing attack exploiting 5G authentication protocols vulnerability is found. The attack can be implemented by an attacker through inexpensive devices. To cover this vulnerability, a fix scheme based on the existing PKI mechanism of 5G is proposed to enhance the authentication protocols. The proposed scheme is successfully verified with formal methods and automatic verification tool TAMARIN. Finally, the communication overhead, computational cost and storage overhead of the scheme are analyzed. The results show that the security of the fixed authentication protocol is greatly improved by just adding a little calculation and communication overhead.