oalib
Search Results: 1 - 10 of 100 matches for " "
All listed articles are free for downloading (OA Articles)
Page 1 /100
Display every page Item
Computational Security Analysis of the UMTS and LTE Authentication and Key Agreement Protocols  [PDF]
Joe-Kai Tsay,Stig Mj?lsnes
Computer Science , 2012,
Abstract: We present a computational security analysis of the Authentication and Key Agreement (AKA) protocols for both Long-Term Evolution (LTE) and Universal Mobile Telecommunications System (UMTS). This work constitutes the first security analysis of LTE AKA to date and the first computationally sound analysis of UMTS AKA. Our work is the first formal analysis to consider messages that are sent in the core network, where we take into account details of the carrying protocol (i.e., MAP or Diameter) and of the mechanism for secure transport (i.e., MAPsec/TCAPsec or IPsec ESP). Moreover, we report on a deficiency in the protocol specifications of UMTS AKA and LTE AKA and the specifications of the core network security (called network domain security), which may enable efficient attacks. The vulnerability allows an inside attacker not only to impersonate an honest protocol participant during a run of the protocol but also to subsequently use wireless services on his behalf. UMTS AKA run over MAP with MAPsec seems vulnerable in the most straight-forward application of the attack. On the other hand, our analysis shows that UMTS and LTE AKA over Diameter/IPsec and UMTS AKA over MAP/TCAPsec (with sufficiently long session identifiers) computationally satisfy intended authentication properties as well as some key secrecy properties, assuming that the used primitives meet standard cryptographic assumptions.
Security Enhancement With Optimal QOS Using EAP-AKA In Hybrid Coupled 3G-WLAN Convergence Network  [PDF]
R. Shankar,Timothy Rajkumar. K,P. Dananjayan
Computer Science , 2010, DOI: 10.5121/iju.2010.1303
Abstract: The third generation partnership project (3GPP) has addressed the feasibility of interworking and specified the interworking architecture and security architecture for third generation (3G)-wireless local area network (WLAN), it is developing, system architecture evolution (SAE)/ long term evolution (LTE) architecture, for the next generation mobile communication system. To provide a secure 3G-WLAN interworking in the SAE/LTE architecture, Extensible authentication protocol-authentication and key agreement (EAP-AKA) is used. However, EAP-AKA have several vulnerabilities. Therefore, this paper not only analyses the threats and attacks in 3G-WLAN interworking but also proposes a new authentication and key agreement protocol based on EAP-AKA. The proposed protocol combines elliptic curve Diffie-Hellman (ECDH) with symmetric key cryptosystem to overcome the vulnerabilities. The proposed protocol is used in hybrid coupled 3G-WLAN convergence network to analyse its efficiency in terms of QoS metrics, the results obtained using OPNET 14.5 shows that the proposed protocol outperforms existing interworking protocols both in security and QoS.
Security Enhancement With Optimal QOS Using EAP-AKA In Hybrid Coupled 3G-WLAN Convergence Network  [PDF]
R. Shankar,Timothy Rajkumar.K,P.Dananjayan
International Journal of UbiComp , 2010,
Abstract: The third generation partnership project (3GPP) has addressed the feasibility of interworking andspecified the interworking architecture and security architecture for third generation (3G)-wireless localarea network (WLAN), it is developing, system architecture evolution (SAE)/ long term evolution (LTE)architecture, for the next generation mobile communication system. To provide a secure 3G-WLANinterworking in the SAE/LTE architecture, Extensible authentication protocol-authentication and keyagreement (EAP-AKA) is used. However, EAP-AKA have several vulnerabilities. Therefore, this papernot only analyses the threats and attacks in 3G-WLAN interworking but also proposes a newauthentication and key agreement protocol based on EAP-AKA. The proposed protocol combines ellipticcurve Diffie-Hellman (ECDH) with symmetric key cryptosystem to overcome the vulnerabilities. Theproposed protocol is used in hybrid coupled 3G-WLAN convergence network to analyse its efficiency interms of QoS metrics, the results obtained using OPNET 14.5 shows that the proposed protocoloutperforms existing interworking protocols both in security and QoS.
PERFORMANCE OF MULTI SERVER AUTHENTICATION AND KEY AGREEMENT WITH USER PROTECTION IN NETWORK SECURITY
NAGAMALLESWARA RAO.DASARI,,VUDA SREENIVASARAO
International Journal on Computer Science and Engineering , 2010,
Abstract: Using smart cards, remote user authentication and key agreement can be simplified, flexible, and efficient for creating a secure distributed computers environment. Addition to user authenticationand key distribution, it is very useful for providing identity privacy for users. In this paper, we propose novel multi server authentication and key agreement schemes with user protection in network security. We first propose a single-server scheme and then apply this scheme to a multi-server environment. The main meritsinclude: (1) The privacy of users can be ensured; (2) a user canfreely choose his own password; (3) the computation and communication cost is very low; (4) servers and users can authenticate each other; (5) it generates a session key agreed by the server and the user; (6) our proposed schemes are Nonce-based schemes which does not have aserious time synchronization problem.
Security Analysis of 3GPP Authentication and Key Agreement Protocol
3GPP认证与密钥协商协议安全性分析

LU Feng,LU Feng,ZHENG Kang-Feng,NIU Xin-Xin,YANG Yi-Xian,LI Zhong-Xian,
陆 峰
,陆 峰,郑康锋,钮心忻,杨义先,李忠献

计算机系统应用 , 2010,
Abstract: The Universal Mobile Telecommunication System (UMTS) adopts 3GPP authentication and key agreement (3GPP AKA) protocol as its security framework, and this protocol has made effective improvements on the hidden security problems of GSM (global system for mobile communications). This paper investigates into the security of the 3GPP authentication and key agreement protocol, and analyzes four types of attacks to which it is vulnerable. To solve the security problems mentioned above, it presents an efficient authentication and key agreement protocol, which is based on public key cryptography, under the circumstances of location updating and location immovability, adopts formal analysis to prove the security of two protocols proposed, and compares it with other protocols from the aspect of security. The results show that this proposed protocol can significantly enhance the security of 3GPP AKA protocol.
Security Analysis of 3GPP Authentication and Key Agreement Protocol
3GPP认证与密钥协商协议安全性分析

LU Feng,LU Feng,ZHENG Kang-Feng,NIU Xin-Xin,YANG Yi-Xian,LI Zhong-Xian,
陆 峰
,陆 峰,郑康锋,钮心忻,杨义先,李忠献

软件学报 , 2010,
Abstract: The Universal Mobile Telecommunication System (UMTS) adopts 3GPP authentication and key agreement (3GPP AKA) protocol as its security framework, and this protocol has made effective improvements on the hidden security problems of GSM (global system for mobile communications). This paper investigates into the security of the 3GPP authentication and key agreement protocol, and analyzes four types of attacks to which it is vulnerable. To solve the security problems mentioned above, it presents an efficient authentication and key agreement protocol, which is based on public key cryptography, under the circumstances of location updating and location immovability, adopts formal analysis to prove the security of two protocols proposed, and compares it with other protocols from the aspect of security. The results show that this proposed protocol can significantly enhance the security of 3GPP AKA protocol.
New security and control protocol for VoIP based on steganography and digital watermarking  [PDF]
Wojciech Mazurczyk,Zbigniew Kotulski
Computer Science , 2006,
Abstract: In this paper new security and control protocol for Voice over Internet Protocol (VoIP) service is presented. It is the alternative for the IETF's (Internet Engineering Task Force) RTCP (Real-Time Control Protocol) for real-time application's traffic. Additionally this solution offers authentication and integrity, it is capable of exchanging and verifying QoS and security parameters. It is based on digital watermarking and steganography that is why it does not consume additional bandwidth and the data transmitted is inseparably bound to the voice content.
An Advanced Temporal Credential-Based Security Scheme with Mutual Authentication and Key Agreement for Wireless Sensor Networks  [PDF]
Chun-Ta Li,Chi-Yao Weng,Cheng-Chi Lee
Sensors , 2013, DOI: 10.3390/s130809589
Abstract: Wireless sensor networks (WSNs) can be quickly and randomly deployed in any harsh and unattended environment and only authorized users are allowed to access reliable sensor nodes in WSNs with the aid of gateways (GWNs). Secure authentication models among the users, the sensor nodes and GWN are important research issues for ensuring communication security and data privacy in WSNs. In 2013, Xue et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. However, in this paper, we point out that Xue et al.’s scheme cannot resist stolen-verifier, insider, off-line password guessing, smart card lost problem and many logged-in users’ attacks and these security weaknesses make the scheme inapplicable to practical WSN applications. To tackle these problems, we suggest a simple countermeasure to prevent proposed attacks while the other merits of Xue et al.’s authentication scheme are left unchanged.
Cryptanalysis of An Advanced Temporal Credential-Based Security Scheme with Mutual Authentication and Key Agreement for Wireless Sensor Networks  [PDF]
Chandra Sekhar Vorugunti,Mrudula Sarvabhatla
Computer Science , 2013,
Abstract: With the rapid advancement of wireless network technology, usage of WSN in real time applications like military, forest monitoring etc. found increasing. Generally WSN operate in an unattended environment and handles critical data. Authenticating the user trying to access the sensor memory is one of the critical requirements. Many researchers have proposed remote user authentication schemes focusing on various parameters. In 2013, Li et al. proposed a temporal-credential-based mutual authentication and key agreement scheme for WSNs. Li et al. claimed that their scheme is secure against all major cryptographic attacks and requires less computation cost due to usage of hash function instead encryption operations. Unfortunately, in this paper we will show that their scheme is vulnerable to offline password guessing attack, stolen smart card attack, leakage of password etc. and failure to provide data privacy.
Efficient and Secure Authentication and Key Agreement Protocol  [PDF]
Ja’afer AL-Saraireh
International Journal of UbiComp , 2011,
Abstract: In the UMTS Authentication and Key Agreement (AKA) protocol only the home network can generateauthentication vectors to its subscribers. Therefore; the home location register and authentication centre(HLR/AuC) actually suffers from the traffic bottleneck. AKA protocol has been enhanced by generatingtemporary key to enable visitor location register (VLR/SGSN) to authenticate mobile station (MS) withoutintervention of HLR/AuC. This proposed protocol called Efficient AKA (E-AKA),The proposed protocol satisfies the security requirements of third generation (3G) mobile networks. In thisresearch paper the current AKA has been enhanced by reducing the network traffic, signalling messagebetween entities. This is achieved by reducing a size n array of authentication vector and the number ofmessages between MS and HLR/AuC. Hence, the traffic for the home network to generate authenticationvectors is exponentially decreased, then reducing the authentication times, and setup time as well asimproving authentication efficiency. Additionally, a mutual authentication between MS and its HomeNetwork (HN) and between an MS and the Serving Network (SN) is achieved. A security analysis andcomparison with related work shows that E-AKA is more efficient and a secure authentication is achieved.
Page 1 /100
Display every page Item


Home
Copyright © 2008-2017 Open Access Library. All rights reserved.