LSAA: A Lightweight and Secure Access Authentication Scheme for Both UE and mMTC Devices in 5G Networks

Abstract

As a development of the next generation of mobile communication networks and systems (5G), the Third-Generation Partnership Project (3GPP) committee has standardized a new 5G authentication and key-agreement (5G-AKA) protocol to ensure the access security of a mobile equipment. However, there are still some security vulnerabilities in the 5G-AKA protocol, and there is no authentication protocol proposed for massive device concurrent connection by the 3GPP working groups. In this article, we propose a novel lightweight and secure access authentication scheme named lightweight secure access authentication (LSAA) that contains two lightweight extended Chebyshev chaotic maps-based access authentication protocols for two types of 3GPP standard mobile devices: 1) common user equipment (UE) and 2) massive machine-type communication (mMTC) devices. Our proposed protocols can achieve several security functionalities, including mutual authentication, session-key establishment, identity privacy protection, and perfect forward/backward secrecy (PFS/PBS). In addition, the proposed protocols are lightweight in nature compared with the 5G-AKA. In order to comprehensively and accurately evaluate LSAA, we carry out formal security analysis by employing two formal verification tools Proverif and Scyther, and informal security analysis on the proposed protocols. We further evaluate the performance of the proposed protocols with regard to authentication signaling cost, authentication communication cost, authentication computational cost, and authentication storage cost. The security evaluation and performance analysis results show that our proposed protocols can provide advanced security and high efficiency.