Advertisement

A Vulnerability in the UMTS and LTE Authentication and Key Agreement Protocols

  • Joe-Kai Tsay
  • Stig F. Mjølsnes
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7531)

Abstract

We report on a deficiency in the specifications of the Authentication and Key Agreement (AKA) protocols of the Universal Mobile Telecommunications System (UMTS) and Long-Term Evolution (LTE) as well as the specification of the GSM Subscriber Identity Authentication protocol, which are all maintained by the 3rd Generation Partnership Program (3GPP), an international consortium of telecommunications standards bodies. The flaw, although found using the computational prover CryptoVerif, is of symbolic nature and could be exploited by both an outside and an inside attacker in order to violate entity authentication properties. An inside attacker may impersonate an honest user during a run of the protocol and apply the session key to use subsequent wireless services on behalf of the honest user.

Keywords

Applied Cryptography Vulnerability Assessment Security Protocols Authentication Mobile Network Security LTE UMTS 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    3GPP TS 33.102. 3G Security; Formal Analysis of the 3G Authentication Protocol, http://www.3gpp.org/ftp/Specs/html-info/33902.html
  2. 2.
    3GPP TS 29.002. Digital cellular telecommunications system (Phase 2+); Universal Mobile Telecommunications System (UMTS); Mobile Application Part (MAP) specification, http://www.3gpp.org/ftp/Specs/html-info/29002.html
  3. 3.
    3GPP TS 33.102. LTE; 3G Security; Security Architecture, http://www.3gpp.org/ftp/Specs/html-info/33102.html
  4. 4.
    3GPP TS 33.200. 3G Security; Network Domain Security (NDS); Mobile Application Part (MAP) application layer security, http://www.3gpp.org/ftp/Specs/html-info/33200.html
  5. 5.
    3GPP TS 33.210. LTE; 3G Security; Network Domain Security (NDS); IP network layer security, http://www.3gpp.org/ftp/Specs/html-info/33210.html
  6. 6.
    3GPP TS 33.310. LTE; Network Domain Security (NDS); Authentication Framework (AF), http://www.3gpp.org/ftp/Specs/html-info/33310.html
  7. 7.
    3GPP TS 33.401. LTE; 3GPP System Architecture Evolution (SAE); Security Architecture, http://www.3gpp.org/ftp/Specs/html-info/33401.html
  8. 8.
    3GPP TS 42.009. Digital cellular telecommunications system (Phase 2+); Security Aspects, http://www.3gpp.org/ftp/Specs/html-info/42009.html
  9. 9.
    3GPP TS 43.020. Digital cellular telecommunications system (Phase 2+); Security related network functions, http://www.3gpp.org/ftp/Specs/html-info/43020.html
  10. 10.
    Arapinis, M., Mancini, L.I., Ritter, E., Ryan, M.: Formal Analysis of UMTS Privacy. CoRR, abs/1109.2066 (2011), http://arxiv.org/abs/1109.2066
  11. 11.
    Blanchet, B.: An Efficient Cryptographic Protocol Verifier Based on Prolog Rules. In: 14th IEEE Computer Security Foundations Workshop (CSFW-14), Cape Breton, Nova Scotia, Canada, pp. 82–96. IEEE Computer Society (June 2001)Google Scholar
  12. 12.
    Blanchet, B.: An Efficient Cryptographic Protocol Verifier Based on Prolog Rules. In: 14th IEEE Computer Security Foundations Workshop (CSFW-14), Cape Breton, Nova Scotia, Canada, pp. 82–96. IEEE Computer Society (June 2001)Google Scholar
  13. 13.
    Blanchet, B.: A Computationally Sound Mechanized Prover for Security Protocols. In: IEEE Symposium on Security and Privacy, Oakland, California, pp. 140–154 (May 2006)Google Scholar
  14. 14.
    Blanchet, B.: A Computationally Sound Mechanized Prover for Security Protocols. IEEE Transactions on Dependable and Secure Computing 5(4), 193–207 (2006); Special issue IEEE Symposium on Security and Privacy 2006MathSciNetCrossRefGoogle Scholar
  15. 15.
    Dolev, D., Yao, A.: On the security of public-key protocols. IEEE Transactions on Information Theory 2(29), 198–208 (1983)MathSciNetCrossRefGoogle Scholar
  16. 16.
    IETF. Diameter Base Protocol RFC 3588 (September 2003), http://www.ietf.org/rfc/rfc3588.txt
  17. 17.
    International Telecom Union. ICT Indication Database (2011), http://www.itu.int/ITU-D/ict/statistics/
  18. 18.
    Meyer, U., Wetzel, S.: A man-in-the-middle attack on UMTS. In: Proceedings of the 3rd ACM Workshop on Wireless Security (WiSe 2004), Philadelphia, PA, USA, pp. 90–97 (2004)Google Scholar
  19. 19.
    Mjølsnes, S.F., Tsay, J.-K.: Compuational Security Analysis of the UMTS and LTE Authentication and Key Agreement Protocols. CoRR, abs/1203.3866 (2012)Google Scholar
  20. 20.
    Zhang, M., Fang, Y.: Security analysis and enhancements of 3GPP authentication and key agreement protocol. IEEE Transactions on Wireless Communications 4(2), 734–742 (2005)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Joe-Kai Tsay
    • 1
  • Stig F. Mjølsnes
    • 1
  1. 1.Department of TelematicsNorwegian University of Sciences and Technology, NTNUNorway

Personalised recommendations