A novel authentication scheme for long-term evolution mobility management: A security investigation

Abstract

Long-term evolution in wireless broadband communication aims to provide secure communication for users and a high data rate for a fourth-generation network. Even though the fourth-generation network provides security, some loopholes lead to several attacks on the fourth-generation network attacks. The denial-of-service attack occurs when the user communicates with a rogue base station, and the radio base station in fourth-generation long-term evolution networks ensures that the user is attached to the rogue node assigned network. The location leak attack occurs when the packets are sniffed to find any user’s location using its temporary mobile subscriber identity. Prevention of rogue base station and location leak attacks helps the system achieve secure communication between the participating entities. Earlier works in long-term evolution mobility management do not address preventing attacks such as denial-of-service, rogue base stations and location leaks and suffer from computational costs while providing security features. Hence, the present paper addresses the vulnerability of these attacks. It also investigates how these attacks occur and exposes communication in the fourth-generation network. To mitigate these vulnerabilities, the paper proposes a novel authentication scheme. The proposed scheme is simulated using Network Simulator 3, and the security analysis of the proposed scheme is shown using AVISPA –a security tool. Numerical analysis demonstrates that the proposed scheme significantly reduces communication overhead and computational costs associated with the fourth-generation long-term evolution authentication mechanism.

Keywords

Authentication long-term evolution denial-of-service attack location leak confidentiality

1 Introduction

Long-Term Evolution (LTE) is the fourth-generation technology used in modern telecommunication for its tremendous growth in mobile communication [1]. It has a faster data rate for downloads and uploads, and traffic communication is decreased while sending the data. LTE allows many users to use the same frequency, increasing mobile broadband users. In addition, it supports a larger data capacity. It performs better than previous technologies, such as the Universal Mobile Telecommunications System (UMTS) and Global System for Mobile Communication (GSM). The core objective of LTE is to offer a high data rate, low latency, and radio access technology for flexible bandwidth deployments. Its architecture supports a packet-switched network [2, 3]. The LTE network is called an Evolved Packet System (EPS). The EPS is divided into the Evolved UMTS Terrestrial Radio Access Network (E-UTRAN) and the core network as Evolved Packet Core (EPC).

The entities of EPS are user (UE), evolved node for denoting base station (eNodeB), Mobility Management Entity (MME), Home Subscriber Server (HSS), Serving Gateway (S-GW), and packet data network (PDN) Gateway (P-GW), as shown in Fig. 1. The UE connects to eNodeB over the LTE-Uu interface. It consists of the Universal Subscriber Identity Module (USIM), International mobile subscriber identity (IMSI), and the master key, authenticating itself with the network. E-UTRAN consists of eNodeB, responsible for the radio communication between the UE and EPC. The eNodeB performs radio resource management functions. The eNodeB uses the S1-AP protocol with MME to control plane traffic and the GTP-U protocol on the same interface as the S-GW for user plane traffic. The S1 interface connects the eNodeB to the EPC.

Fig. 1

EPS architecture.

The MME is the major control node of the network [4]. It holds the location information of each user. The HSS acts as the main database that gives the information about the user to MME during user authentication [5]. The user information contains user identification and addressing. It corresponds to the IMSI. The HSS does Home Location Register (HLR) and Authentication Centre (AuC), where the HLR stores and updates the database. The AuC generates security information from the user’s identity key. These security keys are given to HLR for further communication and mutual authentication of the user and the network [6].

The UE is forced into using 2 G/3 G rather than LTE, making it possible to mount 2 G/3 G attacks [7]. The attacker can selectively limit UE to some types of services. When the UE is attached to a genuine base station, their communication is integrity-protected. At the same time, the denial-of-service (DoS) is performed when the UE is attached to the rogue base station. UE sends a Target Area Update (TAU) request message to the rogue node, which is not encrypted since the node is rogue. Therefore, the rogue node decodes the message and responds with TAU reject the message, including “LTE services are denied.” As a result, UE updates its status, forcing it to get attached to 2 G/3 G. Despite this, there is another way in which DoS is performed. After TAU rejects the message received by UE, it updates its status and moves to UE’s deregistered state. So that MME does not identify the UE’s location. Thus, UE does not attach itself to any network, such as 2 G, 3 G, or LTE, until deregistered.

Location leak attack is performed by sniffing the LTE over the air later. It decodes the message and reads the information [8]. As shown in Fig. 2, a paging request is sent to provide necessary services to the target user. MME sends the paging request to the eNodeB base station, broadcasts with a Radio Resource Control (RRC) signal, and the target user responds with an RRC response. The RRC signals are not encrypted. Thus, an attacker can sniff the packets to perform a location leak attack.

Fig. 2

Location leak attack.

The main contributions of the paper are as follows: 1) avoiding DoS attacks by recognizing the existence of rogue base stations, 2) preventing location leak attacks by generating multiple Temporary Mobile Subscriber Identity (TMSI), 3) The message flow of the proposed scheme is validated using Automated Validation of Internet Security Protocols and Applications (AVISPA) –a security tool and 4) It provides authentication and confidentiality among the communicating entities and also accomplishes a significant decrease in computational cost and communication cost.

The paper is organized into five sections. Section 2 discusses the related works in which further developments are made to prevent location leaks and DoS attacks. Section 3 explains the proposed scheme to prevent location leaks and DoS attacks. Section 4 includes the proposed scheme’s formal and informal security analysis, and Section 5 discusses the performance evaluation. Section 6 concludes the paper.

2 Related works

Several types of research have been carried out in LTE’s authentication and key agreement protocol. These types of research and the solutions provided in LTE make the protocol more secure to use in the future. The attacks are possible due to backward incompatibility, resulting in DoS, man-in-the-middle, and redirection attacks. Each user’s identity recognizes the UE in a secure and efficient authentication and key agreement (SE-AKA) scheme [9]. In addition, this scheme investigates group-based communication. To overcome these attacks, they provided a solution by adopting asymmetric key cryptosystem and elliptic curve cryptography. Though this technique provides security to the system, computational overhead occurs during handover and roaming. The elliptic curve cryptography takes more time to generate and distribute the keys [10].

Zaher et al. introduced a technique called secure evolved packet system authentication and key agreement (SEPS-AKA) to improve the security of authentication and key agreement (AKA) protocol [11]. Asymmetric key cryptography is used to provide confidentiality in the system; rather, symmetric-key cryptography consumes less computation cost when compared with asymmetric. The RSA algorithm is prone to a man-in-the-middle attack. Thus, the SEPS-AKA fails to secure the system with a man-in-the-middle attack.

Furthermore, the investigation in [12] suggested improving the security issues. The scheme named with author names as HSK-AKA modifies the AKA. Initially, IMSI is sent encrypted. The service to a particular user is received by identifying the user’s identity, namely IMSI or TMSI. When encrypted, the broadcast signals sent during paging may not receive the RRC response for the genuine user. A new sequence number (SQN) is generated and sent to calculate the authentication vector (AV). The message communication between the entities is increased in this work.

A side-channel attack violates the LTE system’s security. It trusts the relationship between the information from the side channel and the secret data that is liable for information gained from a cryptosystem [13]. The trusted model is a third-party system with the public key infrastructure that creates the public/private keys. However, a trust system must be considered to display and represent identity information.

The EPS-AKA protocol in LTE is used for user authentication [14]. This scheme provides mutual authentication. Despite mutual authentication, this scheme is prone to an attack that greatly threatens the communication field. The robust authentication and key agreement protocol (REPS-AKA3) offers security attributes such as mutual authentication and confidentiality [15]. Similarly, other related works investigate the LTE network node authentication [16–24].

The exploration has emphasized that preventing security threats from the rogue base station lacks authentication, resulting in the DoS and location leak attacks between the communicant’s EPS architecture. This investigation has paved the way to propose a scheme to overcome DoS and location leak attacks in LTE.

3 Proposed scheme

The proposed scheme describes the prevention of location leaks and DoS attacks and is discussed in the following sub-sections.

3.1 Prevention of location leak attack

The sniffing of LTE packets over the air leads to location leaks, as described in Fig. 2. The prevention of location leak attacks is as follows. This attack occurs because the user uses the same TMSI identity MME sends. When a user wants to communicate with another user, it sends a message to a particular user mentioning their TMSI identity. The network identifies the user corresponding to the identity to communicate with the specified user. During packet sniffing, the attacker can track the messages sent or received for a specific identity. Thus, the location of a particular user can be tracked. A temporary identity is changed for each user communication to prevent location leaks, as depicted in Fig. 3. After the mutual authentication, MME sends the TMSI to the user for further communication. The user uses the TMSI given by MME for its first communication.

Fig. 3

Prevention of location leak attack.

Services that are specific to a particular TMSI reach the user. On receiving the service, the user generates a new TMSI and sends it to MME, where the MME updates the new TMSI. It continues for all the communication between the users. It ensures the prevention of location leaks. During sniffing, the packets have different TMSI for a particular user. It further becomes difficult for the attacker to track the user’s location. A new TMSI (NTMSI) is generated and encrypted with the old TMSI, KEY, and NTMSI. NEWID = Encrypt(TMSI+KEY+NTMSI). NTMSI is the new TMSI generated by the user and sent to MME. MME decrypts it and updates the user’s identity. It decrypts the received key to get the new identity of the user as Decrypt(NEWID)=TMSI+KEY+NTMSI.

3.2 Prevention of DoS attack

When a UE gets attached to a rogue base station, DoS occurs. As the UE moves, it gets attached to the rogue base station. The UE sends a TAU request to the rogue node. Since the TAU message is not encrypted, the rogue node changes the TAU response message. Thus, the UE is denied receiving LTE services, resulting in a DoS attack. The proposed scheme provides an efficient scheme to prevent DoS. To avoid an UE getting attached to a rogue node, the eNodeB should be authenticated before UE communicates with the node. The UE has a long-term key known only to USIM and HSS. The mobile communication world is under great threat if the attacker compromises the master key of UE. Therefore, it is mandatory to keep the master key very secure. As UE has a master key, the proposed scheme sets a secret key to all eNodeB authenticated by the network. When UE attaches with eNodeB, the user requests a key from eNodeB before sharing its information. The rogue node can’t set a secret key since there is a secret key for all eNodeB. The UE receives an encrypted key if attached to a genuine node.

Further, the UE sends the encrypted key to MME to check whether the node is genuine. If the key matches, the MME sends the response to attach itself to the node. If the key does not match, the UE does not attach to the node but moves to the next higher frequency, eNodeB.

The prevention of DoS is depicted in Fig. 4. When UE is powered on, it gets attached to eNodeB. The UE initially checks whether eNodeB is genuine. Assume eNodeB has a secret key that is known only to HSS. The UE requests for eNodeB’s key. The base station generates the key and sends it encrypted using the eNodeB secret key and identity to UE. UE then sends the encrypted key to MME. Since only the HSS has the key to verify, the MME forwards the encrypted key to the HSS. The key is then decrypted and checked with the key in the database. If the key matches, HSS sends a response to establish a connection with a particular node. Thus, eNodeB is verified by the user.

Fig. 4

Prevention of DoS.

Similarly, the network should verify the user. The MME requests for users IMSI. The user sends the IMSI to MME. The HSS generates the AV for a particular IMSI received from MME. The AV includes the generation of an authentication token (AUTN), message authentication code (MAC), an expected response (XRES), cipher key (CK), integrity key (IK), authenticated key (AK), and key for access security management entity (K_ASME). The HSS generates all these vectors and sends them to MME. The MME forwards only random number (RAND) and AUTN to UE.

Further, the user generates MAC and sends it encrypted using its secret key to MME. The MME has received MAC (XMAC) from the HSS. It checks whether MAC = XMAC; if they are equal, UE is authenticated. Thus, b oth the network and the user are authenticated in the proposed scheme without the intervention of a DoS attack. The HSS generates the RAND. The MAC, XRES, CK, IK, and AK involve functions determined by the network.

4 Results and analysis

This section discusses the security issues of the proposed scheme and the existing schemes.

4.1 Authentication

Authentication is identifying an authorized user to grant access to credentials [25]. The comparative analysis of authentication between the entities is shown in Table 1. The proposed scheme ensures mutual authentication for both the user and the network. The user initially authenticates the eNodeB to communicate itself with a genuine node that prevents the DoS attack. Though EPS-AKA provides mutual authentication, DoS location leak attacks are possible. The proposed fast authentication scheme overcomes these attacks.

Table 1
Comparative analysis of authentication

Scheme UE-eNodeB eNodeB-MME MME-HSS

SE-AKA No Yes Yes

HSK-AKA No Yes Yes

SEPS-AKA No Yes Yes

EPS-AKA No Yes Yes

Proposed Yes Yes Yes

Scheme	UE-eNodeB	eNodeB-MME	MME-HSS
SE-AKA	No	Yes	Yes
HSK-AKA	No	Yes	Yes
SEPS-AKA	No	Yes	Yes
EPS-AKA	No	Yes	Yes
Proposed	Yes	Yes	Yes

4.2 Confidentiality

Confidentiality ensures the protection of the information, and the data reaches authorized users [26]. The comparative analysis of confidentiality between the entities is shown in Table 2. The vectors needed for the entities in mobility management are encrypted. The intruders cannot modify or decrypt the message sent between the entities. Thus, the scheme provides confidentiality.

Table 2
Comparative analysis of confidentiality

Scheme UE-eNodeB eNodeB-MME MME-HSS

SE-AKA No No Yes

HSK-AKA Yes No Yes

SEPS-AKA No No Yes

EPS-AKA No Yes Yes

Proposed Yes Yes Yes

Scheme	UE-eNodeB	eNodeB-MME	MME-HSS
SE-AKA	No	No	Yes
HSK-AKA	Yes	No	Yes
SEPS-AKA	No	No	Yes
EPS-AKA	No	Yes	Yes
Proposed	Yes	Yes	Yes

4.3 DoS attack prevention

The fast authentication mechanism is designed in such a way as to prevent the network from a DoS attack [27]. When a user gets attached to the rogue node, this node denies services requested from the user. The rogue node, in turn, forces UE to attach with other services. It results in a DoS attack. To prevent this attack, the user should authenticate the eNodeB before communicating with the node. As the user has a secret key, the proposed scheme sets a secret key for each eNodeB. The model’s secret key is known only to the HSS. During base station authentication, the eNodeB generates a new key using its secret key and sends it encrypted to the user. The UE authenticates by sending the encrypted key to the HSS. If the keys are equal, the node is assumed to be genuine, and the user ensures a connection with the node. Thus, authenticating the eNodeB prevents the network from a DoS attack. The comparative analysis of attacks for several schemes is shown in Table 3.

Table 3
Comparative analysis of attacks

Scheme DoS Location leak

SE-AKA Yes No

HSK-AKA Yes No

SEPS-AKA No No

EPS-AKA Yes No

Proposed Yes Yes

Scheme	DoS	Location leak
SE-AKA	Yes	No
HSK-AKA	Yes	No
SEPS-AKA	No	No
EPS-AKA	Yes	No
Proposed	Yes	Yes

4.4 Location leak attack prevention

The proposed scheme prevents the system from location leak attacks. There are many tools to sniff the packets in the air. This sniffing gives attackers information about the location, and decrypting the data gives them all the information about the user. The proposed scheme changes the TMSI identity of the user for every communication, making it difficult to track the data of a particular user.

4.5 Formal analysis using AVISPA

AVISPA verifies the security properties of any protocol. The protocol description is coded in High-Level Protocol Specification Language (HLPSL). A low-level format, Intermediate Format (IF), is generated from the HLPSL using a translator called hlpslif. Finally, the IF is given to the backends of the AVISPA model checker for attack trace with an on-the-fly model (OFMC) and constraint logic-based attack searcher (CL-AtSe). The validation results of HLPSL of OFMC and CL-AtSe summarize the safe result for the proposed protocol, shown in Figs. 5 and 6.

Fig. 5

Protocol verification –OFMC backend results.

Fig. 6

Protocol verification –CL-AtSe backend results.

5 Performance evaluation

The proposed scheme provides prevention for the users from location leak attacks. It prevents the user from location leak attacks. TMSI is generated for each communication by the user. Hence, the user has a different TMSI for every communication. Sniffing the packets to find the users’ location is impossible if the user is represented using any TMSI.

IPsec protects the LTE system. Since IPsec is cost-effective, few network providers ensure IPsec in LTE. Therefore, the LTE system is prone to DoS and location leak attacks. One of the main reasons for these attacks is the presence of a rogue base station. EPS-AKA fails to authenticate the base station before the user communicates with them. It provides the prevention technique for the DoS attack.

The existing techniques’ loopholes have been overcome in the proposed, and the scheme provides an efficient mechanism to authenticate the user, eNodeB, and the network in the absence of IPsec. The data are encrypted on both ends during the communication. The proposed scheme ensures authentication and confidentiality with less communication and computational cost.

5.1 Total communication cost

The communication cost for network authentication is less for the proposed scheme when compared with the existing schemes, as shown in Fig. 7. The network authentication cost is comparatively more than other schemes. The proposed scheme is designed in such a way as to achieve fast authentication. The computations of total communication cost are as follows.

Fig. 7

Communication cost for network authentication.

SE-AKA = UE-MME+MME-HSS+HSS-MME+MME-UE+UE-MME

= 768 bits

EPS-AKA = UE-MME+MME-HSS+HSS-MME+MME-UE

= 640 bits

HSK-AKA = MME-UE+UE-MME+MME-HSS+HSS-MME+MME-UE

= 1184 bits

SEPS-AKA = UE-MME+MME-HSS+UE-MME+MME-HSS+HSS-MME+MME-UE

= 2688 bits

PROPOSED = eNodeB-UE+UE-HSS

= 256 bits.

5.2 Total computational cost

The computational cost for the proposed scheme is compared with the existing schemes in Fig. 8. The calculation of computational cost for all schemes is as follows.

Fig. 8

Computational cost analysis.

SE - AKA = Operations performed in UE + HSS + MME = 896 bits

Similarly, the computational cost for other schemes is EPS-AKA = 928 bits, HSK-AKA = 1536 bits, SEPS-AKA = 2976 bits, and the proposed scheme costs 752 bits, which is less when compared with other schemes.

5.3 Total computational time

The proposed scheme ensures fast authentication for mobility management. Compared with other schemes, the proposed scheme provides fast authentication, as shown in Fig. 9. The computational times for existing and proposed schemes are as follows.

1
SE-AKA = 3T_AUTN + 2T_MAC + 2_PKT
2
= 3(1.0) + 2(1.02) + 2(0.95)
3
= 6.94 sec
4
EPS-AKA = 2T_SQN + T_RAND + T_MAC + T_AK
5
+ 2T_RES + 2T_AUTN
6
= 2(0.89) + 0.94 + 1.02 + 0.95
7
+ 2(0.98) + 2(1.0)
8
= 8.65 sec
9
HSK-AKA = 2T_RAND + T_V1 ₊ T_V0 ₊ T_AUTN
10
+ 2T_AK + 2T_MAC + TK_ASME + 2T_RES
11
= 2(0.94) + 0.95 + 0.95 + 1.0 + 2(0.95)
12
+ 2(1.02) + 1.05 + 2(0.98) = 11.73 sec
13
SEPS-AKA = T_MSG1 ₊ T_MSG2 ₊ 2T_SQN + T_RAND
14
+ T_MAC + T_AK + 2T_RES + 2T_AUTN
15
= 1.05 + 1.05 + 2(0.89) + 0.94 + 1.02
16
+ 0.95 + 2(0.98) + 2(1.0)
17
= 10.75 sec
18
PROPOSED = 2T_MAC + T_RAND + T_AUTN
19
+ T_SQN + T_KEY
20
= 2(1.02) + 0.94 + 1.0 + 0.89 + 1.05
21
= 5.92 sec

The computational time for the proposed scheme is less even when the number of nodes increases, as shown in Fig. 10

Fig. 9
Computational time analysis.

Fig. 10
Computation time vs. number of nodes.
5.4 Communication overhead –Bandwidth consumption

The bandwidth consumption for the AKA protocols is shown in Fig. 11. The bandwidth for each scheme is calculated for the number of UE. The proposed scheme consumes less bandwidth when compared with other schemes. Figures 12 and 13 depict the bandwidth consumption when AV = 5 and AV = 10. In both cases, bandwidth consumption is less for the proposed work, showing that the proposed scheme provides fast authentication.

Fig. 11

Bandwidth consumption analysis.

Fig. 12

Bandwidth consumption when AV = 5.

Fig. 13

Bandwidth consumption when AV = 10.

6 Conclusion

The present paper proposes a new scheme to protect the network from several attacks. This scheme overcomes the problem of the rogue base station, which is one of the causes of the DoS attack. The eNodeB is not authenticated before the user communicates with the node. Therefore, the rogue base station communicates with the user to receive all information about a particular user and its destination. A secret key is used to authenticate the node to prevent the network from rogue base station attacks. This secret key is known only to HSS. If these attacks persist, confidentiality and integrity in communication will not exist, leading to a greater threat to mobile communication. Thus, the proposed scheme avoids location leak attacks and DoS attacks and provides a fast authentication mechanism for 4 G/LTE. A few more attacks, like desynchronization, replay, and man-in-the-middle attacks, are possible in LTE. These attacks need to be addressed in the future and implemented in a real-time hardware platform.

References

Degefa Fikadu

Donghoon Lee Jiye Kim Younsung Choi Dongho Won , Performance and security-enhanced authentication and key agreement protocol for SAE/LTE network, Computer Networks 94 (2016), 145–163.

Mohapatra Sumant Ku Biswa Ranjan Swain Pravanjan Das , Comprehensive survey of possible security issues on 4G networks, International Journal of Network Security & its Applications 7.2 (2015), 61.

Han Chan-Kyu Hyoung-Kee Choi , Security analysis of hankey management in 4G LTE/SAE networks, IEEE Transactions on Mobile Computing 13.2 (2014), 457–468.

Sagar

Saidi Reddy

A brief review on security issues and counter measure techniques for future generation communication system (LTE/LTE-A), Multimedia Tools and Applications 2023, 1–42.

Choudhary Anilmit Randhir Bhandari , Analysis of UMTS (3G) Authentication and Key Agreement Protocol (AKA) for LTE (4G) Network,ISSN:, International Journal on Recent and Innovation Trends in Computing and Communication 3(4) (2015), ISSN:2321–8169.

Sagar

Saidireddy

, Security measurement in LTE/LTE-A network based on zs-lr feature selection technique and um-tgan attack detection technique, Expert Systems with Applications 2023, 120703.

Faye

Camino

Rziga

Sarvari

P.A.

Al-Naffakh

Estrada-Jiménez

J.C.

Pardo

Khadraoui

, A Survey on EMF-Aware Mobile Network Planning, IEEE Access, 2023.

Kumar Mathi

Kalyaan

Kanimozhi

Bhuvaneshwari

, Integrating non-linear and linear diffusion techniques to prevent fault attacks in advanced encryption standard to enhance security of 4G-LTE networks, Defence Science Journal 67(3) (2017), 276.

Lai Chengzhe Hui Li Rongxing Lu Xuemin Sherman Shen , SE-AKA: A secure and efficient group authentication and key agreement protocol for LTE networks,–, Computer Networks 57(17) (2013), 3492–3510.

10.

Alhayani

B.S.

Hamid

Almukhtar

F.H.

Alkawak

O.A.

Mahajan

H.B.

Kwekha-Rashid

A.S.

İlhan

Marhoon

H.A.

Mohammed

H.J.

Chaloob

I.Z.

Alkhayyat

, Optimized video internet of things usingelliptic curve cryptography-based encryption and decryption, Computers and Electrical Engineering 101 (2022), 108022.

11.

Haddad Zaher Jabr Sanaa Taha Imane Aly Saroit Ismail , SEPS-AKA: A Secure Evolved Packet System Authentication and Key Agreement Scheme for LTE-A Networks, Computer Science and Information Technology 4(12) (2014), 57–70.

12.

Hamandi Khodor Imad Sarji Ali Chehab Imad Elhajj

Ayman Kayssi , Privacy enhanced and computationally efficient HSK-AKA LTE scheme, in: Advanced Information Networking and ApplicationsWorkshops, 27th International Conference on, IEEE, 2013, pp. 929–934.

13.

Nassiri Abrishamchi

M.A.

Zainal

Ghaleb

F.A

Qasem

S.N.

Albarrak

A.M.

, Smart Home Privacy Protection Methods against a Passive Wireless Snooping Side-Channel Attack, Sensors 22(21) (2022), 8564.

14.

Moussa

K.H.

El-Sakka

A.H.

Shaaban

Kheirallah

H.N.

, Group Security Authentication and Key Agreement Protocol Built by Elliptic Curve Diffie Hellman Key Exchange for LTE Military Grade Communication, IEEE Access, 2022.

15.

Mobarhan

M.A.

Salamah

, REPS-AKA3 A secure authentication and re-authentication protocol for LTE networks, Journal of Network and Computer Applications 201 (2022), 103345.

16.

Kaur Kuljit Ajay Shiv Sharma Harwinder Singh Sohal Arpandeep Kaur , Adaptive Random Key Scheme for Authentication and Key Agreement (ARKS-AKA) for efficient LTE security, in: 2015 2nd International Conference on Recent Advances in Engineering & Computational Sciences (RAECS), IEEE, 2015, pp. 1–6.

17.

Hoang

V.T.

, A secure authentication protocol with performance enhancements for 4G LTE/LTE-A wireless network, 3rd International Electronics Communication Conference 2021, 28–36.

18.

Vidya

Mathi

, Security Enhancement of Handover Key Management Based on Media Access Control Address in 4G LTE Networks, in: Proceedings of IEEE International Conference on Computational Intelligence and Computing Research (ICCIC-2015), 2015, 868–872.

19.

El-Sakka

A.H.

Shaaban

Moussa

K.H.

, Double Evolved Packet System Authentication and Key Agreement Protocol Based on Elliptic Curve for4G(LTE) Networks, in: 2021 International Telecommunications Conference (ITCEgypt) 2021 Jul 13, IEEE, 1–5.

20.

Lavanya

Mathi

, A Time-invariant Scheme for Handover Key Management Using Identity-based Encryption in 4G Long Term Evolution Networks, in: Proceedings of International Conference on Soft Computing Systems (ICSCS 2016), 2016.

21.

Singh

Shrimankar

, A privacy-preserving authenticationprotocol with secure hans for the LTE/LTE-A networks, Sādhanā 43(8) (2018), 1–8.

22.

Kamil

I.A.

Ogundoyin

S.O.

, A lightweight certificateless authentication scheme and group key agreement with dynamic updating mechanism for LTE-V-based internet of vehicles in smart cities, Journal of Information Security and Applications 63 (2021), 102994.

23.

Mathi

Dharuman

, Prevention of desynchronization attack in 4G LTE networks using double authentication scheme, Procedia Computer Science 89 (2016), 170–179.

24.

Ding

Wang

Jin

Guan

, A real-time related key attack on the WG-16 stream cipher for securing 4G-LTE networks, Journal of Information Security and Applications 63 (2021), 103015.

25.

Mathi Senthilkumar Lingam Srikanth , A New Method for Preventing Man-in-the-Middle Attack in IPv6 Network Mobility, Advances in Electrical and Computer Technologies. Springer, Singapore, 2020, 211–220.

26.

Vignesh Kumar

Lakshmy

K.V.

, Averting paging related attacks in 4G LTE communication system, International Journal of Recent Technology and Engineering 8(2 Special Issue 4) (2019), 160–163.

27.

Krishnan

Duttagupta

Achuthan

, SDNFV based threat monitoring and security framework for multi-access edge computing infrastructure, Mobile Networks and Applications 24 (2019), 1896–923.

28.

Nimmy

Sankaran

Achuthan

, A novel lightweight PUF-based authentication protocol for IoT without explicit CRPs in verifier database,–, Journal of Ambient Intelligence and Humanized Computing 14(5) (2023), 6227–42.

A novel authentication scheme for long-term evolution mobility management: A security investigation

Abstract

Keywords

1 Introduction

3 Proposed scheme

3.1 Prevention of location leak attack

4.1 Authentication

Table 1 Comparative analysis of authentication Scheme UE-eNodeB eNodeB-MME MME-HSS SE-AKA No Yes Yes HSK-AKA No Yes Yes SEPS-AKA No Yes Yes EPS-AKA No Yes Yes Proposed Yes Yes Yes

Table 2 Comparative analysis of confidentiality Scheme UE-eNodeB eNodeB-MME MME-HSS SE-AKA No No Yes HSK-AKA Yes No Yes SEPS-AKA No No Yes EPS-AKA No Yes Yes Proposed Yes Yes Yes

Table 3 Comparative analysis of attacks Scheme DoS Location leak SE-AKA Yes No HSK-AKA Yes No SEPS-AKA No No EPS-AKA Yes No Proposed Yes Yes

4.5 Formal analysis using AVISPA

5.1 Total communication cost

References

Table 1
Comparative analysis of authentication

Scheme UE-eNodeB eNodeB-MME MME-HSS

SE-AKA No Yes Yes

HSK-AKA No Yes Yes

SEPS-AKA No Yes Yes

EPS-AKA No Yes Yes

Proposed Yes Yes Yes

Table 2
Comparative analysis of confidentiality

Scheme UE-eNodeB eNodeB-MME MME-HSS

SE-AKA No No Yes

HSK-AKA Yes No Yes

SEPS-AKA No No Yes

EPS-AKA No Yes Yes

Proposed Yes Yes Yes

Table 3
Comparative analysis of attacks

Scheme DoS Location leak

SE-AKA Yes No

HSK-AKA Yes No

SEPS-AKA No No

EPS-AKA Yes No

Proposed Yes Yes