Adaptive Protocol for Entity Authentication and Key Agreement in Mobile Networks

Abstract

This paper investigates authentication and key agreement protocols running in the dynamic environment in mobile networks. Following the multi-party simulatability approach, we present a formal security model for symmetric-key based authentication and key agreement protocols in the mobile setting. Within this model, we unveil the vulnerability of the authentication and key agreement protocol adopted by Universal Mobile Telecommunication System (UMTS), an emerging standard for third generation (3G) mobile communications. The vulnerability allows an adversary to re-direct user traffic to an unintended network. It also allows an adversary to use authentication data obtained from a corrupted network to impersonate all other networks. In this paper, we present an authentication and key agreement protocol which addresses both security and operational issues involved with UMTS authentication and key agreement. The protocol, called AP-AKA, retains the framework of UMTS authentication and key agreement but eliminates synchronization between a mobile station and its home network. Within our formal model, we prove the security of AP-AKA under the assumption of secure message authentication code and pseudorandom function family. For AP-AKA, we also show that the corruption of one operator’s network will not jeopardize other operators’ networks.