Access control in 5G communication networks using simple PKI certificates

Boubakri, Wided; Abdallah, Walid; Boudriga, Noureddine

doi:10.1109/iwcmc.2017.7986606

Cited by 11 publications

(9 citation statements)

References 6 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Attacks of movement tracking: An attacker can collect a huge number of packets in a specific region based on user's actual locations and route schedule by analysing the captured packets; an attacker can collect a huge number of packets in a specific region and try to track users [39]. Attacks of identity revealing: To guess the identities, routine schedule, and actual location of a specific group of users, an adversary may collect user's private data or traffic schedule packets [40]. Attacks of collusion: To capture more data about specific users than what it can obtain by itself, such as retrieving secured data and information or identifiers of specific users, attackers can cooperate with other attackers [41].…”

Section: Types Of Privacy Attacks In 5gmentioning

confidence: 99%

See 1 more Smart Citation

A comprehensive review on the users’ identity privacy for 5G networks

et al. 2022

View full text Add to dashboard Cite

Fifth Generation (5G) is the final generation in mobile communications, with minimum latency, high data throughput, and extra coverage. The 5G network must guarantee very good security and privacy levels for all users for these features. Therefore, researchers have deliberated the privacy and security solution of 5G users. The 5G wireless network offers a futuristic concept that helps to solve challenges affecting previous communications generations. The key concern to many scholars in the field of mobile networking is user privacy, which is long‐term subscription identifier as International Mobiles Subscribers Identifiers (IMSIs) and short‐term subscription identifier as Temporary Mobiles Subscribers Identifiers and Cell‐Radio Networks Temporary Identifiers (TMSIs and C‐RNTIs), which are used for permanent identifying, paging, and location update. This article investigates the existing literature survey about user privacy for 5G networks, which continues the identity and location privacy. Also, it discusses most of the studies that handle user identifications in authentication, paging, and location update. This article discusses the various privacy issues in the 5G network that use IMSI in clear text or temporary identities such as TMSI & C‐RNTI with IMSI to disclose user identity privacy. This article also investigates the existing literature on user identity and location privacy and highlights the key parameters, issues, challenges, and future recommendations with potential solutions.

show abstract

Section: Types Of Privacy Attacks In 5gmentioning

confidence: 99%

“…Attacks of identity revealing: To guess the identities, routine schedule, and actual location of a specific group of users, an adversary may collect user's private data or traffic schedule packets [40].…”

Section: Types Of Privacy Attacks In 5gmentioning

confidence: 99%

A comprehensive review on the users’ identity privacy for 5G networks

et al. 2022

View full text Add to dashboard Cite

show abstract

“…Cryptography operations with high computational and energy consumption have been used in the research. In [30], the researchers have used the PKI certificate to authenticate. This will need a data center Certificate Authority (CA), which is different from 3GPP architecture.…”

Section: Discussionmentioning

confidence: 99%

“…W. Boubakri et al [30] proposed an access control scheme using PKI for 5G networks, which can be used on a multi-layer communication architecture. In addition, the author has designed scalable authentication and handover schemes, which can guarantee security within the network.…”

Section: D2d Handovermentioning

confidence: 99%

Design of handover authentication protocols for 5G networks

Yan¹

View full text Add to dashboard Cite

The emerge of fifth-generation (5G) wireless networks has started a new era of the development of wireless mobile networks. High requirements such as lower delay and higher speed have been expected for the 5G wireless network. Security of the 5G wireless networks is the major concern when they are deployed for commercial applications. The third-generation partnership project (3GPP) has specified the security functionality of 5G wireless in its standard release 16. It specifies a detailed scheme of 5G Authentication and Key Agreement (AKA) and handover authentication. However, user equipment (UE) is prone to different attacks such as Denial of Service (DoS) attacks and false base-station attacks when it hands over from source gNB (Next Generation Node B, gNodeB) to target gNB within the same Access and Mobility Management Function (AMF). Also, in some scenarios, a large group of Machine Type Communication devices (MTCDs) may enter the communication coverage of a new target base station simultaneously.However, the current handover mechanism specified by the 3GPP incurs high signalling overhead over the access network and the core network for such scenario. Particularly, secure handover becomes a critical issue in the operation of the 5G mobile networks. Even though many solutions have been proposed in the recent research to overcome the security issues mentioned above, these solutions have efficiency or security problems to some extent. Our work focuses on designing 5G handover authentication protocols, which should be secure, efficient, and follow the system architecture specified by the 3GPP standard.In the thesis, we first introduce the background, 5G network architecture, 5G security architecture, and security requirements of a handover authentication scheme. We review the current handover authentication schemes in the literature as well. Then we propose our first Lightweight and Secure Handover Authentication protocol, named as LSHA, using the Chinese remainder theory at neighbor base stations, gNBs for secure handovers. The Next Hop parameter (NH) used in the handover authentication is encrypted by our repurposed encryption algorithm to enhance security, which perfectly solves the failure of the key forward secrecy (KFS) problem in the 3GPP standard. The security of the proposal is formally evaluated by BAN-XI logic and Scyther to demonstrate its ability against various malicious attacks. An analysis of the ability against some specific malicious attacks is also presented. Finally, the performance of the proposed scheme in terms of the delay incurred is evaluated by using JAVA simulation. And energy consumption is calculated by adding up the energy consumption of basic cryptography operations on StrongARM microprocessor and LA-4121 WLAN card. The results obtained show that our first scheme is secure and efficient with relatively low energy consumption, which is suitable for devices in high-speed movements.Then, we propose our second Privacy-Preserving Handover Authentication Protocol, named as PPHAP, for a gr...

show abstract

“…al. [87] proposed a PKI and Zero Knowledge Proof (ZKP) based access control and authentication scheme specifically designed for 5G networks. In the proposal, hierarchical PKI architecture is built to delegate the issuance of certificates from root certification authority (Root CA) to terminal D2D devices.…”

Section: In-coverage Relay-coverage and Out-of-coverage Compatible Sc...mentioning

confidence: 99%

Design of access authentication schemes in 5G wireless networks

Chow¹

View full text Add to dashboard Cite

The futuristic 5G network is designed to accommodate the increasing number of connected devices with higher speed, lower latency, and better security. To achieve these goals, two major strategies have been proposed recently: First, building the cellular network with many tiny base stations, 5G reduces the wireless transmission delays and improves spectral efficacy. Second, by allowing device-to-device (D2D) communication in the cellular network, it offloads the heavy network traffic among mobile devices in a distributed manner. However, due to the wireless nature of 5G communication, there will be many security challenges such as mutual authentication, device anonymity, end-to-end data secrecy, free-riding attack prevention, and so on. Although the Third Generation Partnership Project (3GPP) has recently standardized the 5G-AKA protocol for mutually authenticating user equipment (UE), base stations, and the core network, we found that there are still some security issues yet to resolve in the protocol. Furthermore, 3GPP has not standardized the authentication protocol for 5G-D2D communication, making D2D communication remain vulnerable in the 5G networks. In view of these issues, there is a need to develop authentication protocols that address all these security requirements in the 5G and 5G-D2D networks. The designed protocols should be computationally lightweight, such that all mobile devices including low-end smartphones and 5G-IoT connected devices can also enjoy 5G and 5G-D2D safely.To fill these research gaps, in this thesis, we first provide the background and a comprehensive literature survey to the security in 3GPP 5G and 5G-D2D network. We list out the security architecture of the 5G Core network and 5G D2D network, define their security requirements based on the current architecture, and then discuss the existing solutions by evaluating both their advantages and shortcomings. Next, we propose two security schemes, namely the Secure Blockchain-based Authentication and Key Agreement Scheme (5GSBA), and the Lightweight Traceable D2D authentication and Key Agreement Scheme (LT-AKA). 5GSBA aims to improve security in 5G, and LT-AKA aims to improve 5G-D2D.After that, for each proposal, we evaluate their security and logical correctness using formal verification tools. Performance evaluations for each scheme also show that the proposed schemes are computationally and spatially efficient while maintaining a high level of security.

show abstract

Access control in 5G communication networks using simple PKI certificates

Cited by 11 publications

References 6 publications

A comprehensive review on the users’ identity privacy for 5G networks

A comprehensive review on the users’ identity privacy for 5G networks

Design of handover authentication protocols for 5G networks

Design of access authentication schemes in 5G wireless networks

Contact Info

Product

Resources

About