A Formal Analysis of 5G Authentication

@article{Basin2018AFA,
  title={A Formal Analysis of 5G Authentication},
  author={David A. Basin and Jannik Dreier and Lucca Hirschi and Sasa Radomirovic and Ralf Sasse and Vincent Stettler},
  journal={Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security},
  year={2018}
}
Mobile communication networks connect much of the world's population. [] Key Method We also extract precise requirements from the 3GPP standards defining 5G and we identify missing security goals. Using the security protocol verification tool Tamarin, we conduct a full, systematic, security evaluation of the model with respect to the 5G security goals. Our automated analysis identifies the minimal security assumptions required for each security goal and we find that some critical security goals are not met…

Figures and Tables from this paper

A Formal Analysis of 5 G Authentication
TLDR
This work provides the first comprehensive formal model of a protocol from the AKA family: 5GAKA, and identifies critical security goals that are not met, except under additional assumptions missing from the standard.
Formal Verification and Analysis of Primary Authentication based on 5G-AKA Protocol
TLDR
This paper models the protocol and provides comprehensive formal analysis on 5G-AKA protocol as specified by The Third Generation Partnership Project (3GPP) standard and finds out that some important security properties are not achieved, and related work ignored some crucial protocol flaws.
Formal Analysis of 5G AKMA
TLDR
A formal model of AKMA is constructed in the Tamarin verification tool, and security properties extracted from informal descriptions given in the Technical Specifications of 5G AKMA are specified.
Formal Verification of 5G-EAP-TLS Authentication Protocol
TLDR
This work provides the first formal model of 5G-EAP-TLS protocol and conducts a thorough analysis based on Scyther model checker, which identifies several design flaws in the protocol which may jeopardize the security goals and result in severe security vulnerabilities when implemented in real systems.
Component-Based Formal Analysis of 5G-AKA: Channel Assumptions and Session Confusion
TLDR
Fine-grained formal analysis of 5G’s main authentication and key agreement protocol (AKA) is performed, and the first models to explicitly consider all parties defined by the protocol specification are provided, demonstrating the fragility and subtle trust assumptions of the 5G-AKA protocol.
A Secure Efficient and Lightweight authentication protocol for 5G cellular networks: SEL-AKA
TLDR
This paper proposes a Secure Efficient and Lightweight authentication and Key Agreement protocol SEL-AKA of 5G cellular network taken into account the different limitations relieved in 5G- AKA and without relying on a Global Public Key Infrastructure.
Formalizing and Verifying Generations of AKA Protocols Master Thesis
TLDR
The analysis shows that newer AKA protocol variants improve security guarantees compared to older variants, however, the newest standard is still unable to satisfy certain security properties without extra assumptions that are not part of the actual protocol specification.
Formal Analysis of 5G EAP-TLS Authentication Protocol Using Proverif
TLDR
This work builds the first formal model of the 5G EAP-TLS authentication protocol in the applied pi calculus, and performs an automated security analysis of the formal protocol model by using the ProVerif model checker.
Novel 5G Authentication Protocol to Improve the Resistance Against Active Attacks and Malicious Serving Networks
TLDR
This work proposes a new version of the 5G AKA protocol to overcome all the currently identified weaknesses in the protocol, and replaces the sequence numbers with random numbers, making it possible to drastically reduce the number of required communication phases and steps in the Protocol.
A Vulnerability in 5G Authentication Protocols and Its Countermeasure
TLDR
A scheme based on the existing PKI mechanism of 5G and successfully verified with formal methods and automatic veri- fication tool TAMARIN shows that the security of the 5G authentication protocol is greatly proved by just adding a little calculation and communication overhead.
...
...

References

SHOWING 1-10 OF 40 REFERENCES
A Comprehensive Symbolic Analysis of TLS 1.3
TLDR
The most comprehensive, faithful, and modular symbolic model of the TLS~1.3 draft 21 release candidate is constructed, and an unexpected behaviour is revealed, which is expected to inhibit strong authentication guarantees in some implementations of the protocol.
Achieving Better Privacy for the 3GPP AKA Protocol
TLDR
An improvement of AKA is proposed, which retains most of its structure and respects practical necessities such as key-management, but which provably attains security with respect to servers and Man-in-the- Middle (MiM) adversaries.
On Post-compromise Security
TLDR
This work provides the first informal and formal definitions for post-compromise security, and shows that it can be achieved in several scenarios and develops two new strong security models for two different threat models.
Practical Attacks Against Privacy and Availability in 4G/LTE Mobile Communication Systems
TLDR
This work constitutes the first publicly reported practical attacks against LTE access network protocols and recommends that safety margins introduced into future specifications to address such trade-offs should incorporate greater agility to accommodate subsequent changes in the trade-off equilibrium.
Automated Analysis and Verification of TLS 1.3: 0-RTT, Resumption and Delayed Authentication
TLDR
This work model and analyse revision 10 of the TLS 1.3 specification using the Tamarin prover, a tool for the automated analysis of security protocols, and shows the strict necessity of recent suggestions to include more information in the protocol's signature contents.
Defeating IMSI Catchers
TLDR
This work proposes a solution, which essentially replaces the IMSIs with changing pseudonyms that are only identifiable by the home network of the SIM's own network provider, and therefore mitigate both passive and active attacks.
New privacy issues in mobile telephony: fix and verification
TLDR
This work exposes two novel threats to the user privacy in 3G telephony systems, which make it possible to trace and identify mobile telephony subscribers, and proposes fixes to these privacy issues which also take into account and solve other privacy attacks known from the literature.
Advancing automated security protocol verification
TLDR
This thesis proposes fixes and uses scyther-proof to generate machine-checked proofs of the correctness of the authors' repaired protocols, and provides an answer to the question of how to improve the trustworthiness of a result obtained by an automatic security protocol verification tool.
LTEInspector: A Systematic Approach for Adversarial Testing of 4G LTE
TLDR
A modelbased testing approach LTEInspector is proposed which lazily combines a symbolic model checker and a cryptographic protocol verifier in the symbolic attacker model for exposing vulnerabilities in the 4G LTE protocol.
On Security Research Towards Future Mobile Network Generations
TLDR
This paper develops a methodology that categorizes known attacks by their aim, proposed defenses, underlying causes, and root causes for attacks, and applies this methodology to existing literature on attacks and defenses in all three network generations.
...
...