Analysis of authentication and key establishment in inter-generational mobile telephony

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

10 Scopus citations

Abstract

Second (GSM), third (UMTS), and fourth-generation (LTE) mobile telephony protocols are all in active use, giving rise to a number of interoperation situations. Although the standards address roaming by specifying switching and mapping of established security context, there is not a comprehensive specification of which are the possible interoperation cases. Nor is there comprehensive specification of the procedures to establish security context (authentication and short-term keys) in the various interoperation scenarios. This paper systematically enumerates the cases, classifying them as allowed, disallowed, or uncertain with rationale based on detailed analysis of the specifications. We identify the authentication and key agreement procedure for each of the possible cases. We formally model these scenarios and analyze their security, in the symbolic model, using the tool Prove if. We find two scenarios that inherit a known false base station attack. We find an attack on the CMC message of another scenario.

Original languageEnglish
Title of host publicationProceedings - 2013 IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 2013 IEEE International Conference on Embedded and Ubiquitous Computing, EUC 2013
Pages1605-1614
Number of pages10
DOIs
StatePublished - 2014
Event15th IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 11th IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, EUC 2013 - Zhangjiajie, Hunan, China
Duration: 13 Nov 201315 Nov 2013

Publication series

NameProceedings - 2013 IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 2013 IEEE International Conference on Embedded and Ubiquitous Computing, EUC 2013

Conference

Conference15th IEEE International Conference on High Performance Computing and Communications, HPCC 2013 and 11th IEEE/IFIP International Conference on Embedded and Ubiquitous Computing, EUC 2013
Country/TerritoryChina
CityZhangjiajie, Hunan
Period13/11/1315/11/13

Fingerprint

Dive into the research topics of 'Analysis of authentication and key establishment in inter-generational mobile telephony'. Together they form a unique fingerprint.

Cite this