The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
5G 네트워크는 가까운 미래에 전 세계 수십억 명의 사람들에게 서비스를 제공하게 될 것이며 인간의 개인 정보가 침해되지 않도록 보호하는 것이 가장 중요한 목표 중 하나입니다. 본 논문에서는 5G 인증 프로토콜(즉, 5G AKA와 EAP-AKA')에 대해 자세히 연구하였고, 5G 인증 프로토콜 취약점을 이용한 위치 스니핑 공격을 발견하였다. 공격자는 저렴한 장치를 통해 공격을 실행할 수 있습니다. 이 취약점을 해결하기 위해 기존 5G PKI 메커니즘을 기반으로 인증 프로토콜을 강화하는 수정 방식이 제안됩니다. 제안된 기법은 정형적 방법과 자동 검증 도구인 TAMARIN을 사용하여 성공적으로 검증되었다. 마지막으로 체계의 통신 오버헤드, 계산 비용 및 저장 오버헤드가 분석됩니다. 결과는 약간의 계산 및 통신 오버헤드만 추가하면 고정 인증 프로토콜의 보안이 크게 향상된다는 것을 보여줍니다.
Xinxin HU
Information Engineering University
Caixia LIU
Information Engineering University
Shuxin LIU
Information Engineering University
Jinsong LI
Information Engineering University
Xiaotao CHENG
Information Engineering University
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
부
Xinxin HU, Caixia LIU, Shuxin LIU, Jinsong LI, Xiaotao CHENG, "A Vulnerability in 5G Authentication Protocols and Its Countermeasure" in IEICE TRANSACTIONS on Information,
vol. E103-D, no. 8, pp. 1806-1809, August 2020, doi: 10.1587/transinf.2019FOL0001.
Abstract: 5G network will serve billions of people worldwide in the near future and protecting human privacy from being violated is one of its most important goals. In this paper, we carefully studied the 5G authentication protocols (namely 5G AKA and EAP-AKA') and a location sniffing attack exploiting 5G authentication protocols vulnerability is found. The attack can be implemented by an attacker through inexpensive devices. To cover this vulnerability, a fix scheme based on the existing PKI mechanism of 5G is proposed to enhance the authentication protocols. The proposed scheme is successfully verified with formal methods and automatic verification tool TAMARIN. Finally, the communication overhead, computational cost and storage overhead of the scheme are analyzed. The results show that the security of the fixed authentication protocol is greatly improved by just adding a little calculation and communication overhead.
URL: https://global.ieice.org/en_transactions/information/10.1587/transinf.2019FOL0001/_p
부
@ARTICLE{e103-d_8_1806,
author={Xinxin HU, Caixia LIU, Shuxin LIU, Jinsong LI, Xiaotao CHENG, },
journal={IEICE TRANSACTIONS on Information},
title={A Vulnerability in 5G Authentication Protocols and Its Countermeasure},
year={2020},
volume={E103-D},
number={8},
pages={1806-1809},
abstract={5G network will serve billions of people worldwide in the near future and protecting human privacy from being violated is one of its most important goals. In this paper, we carefully studied the 5G authentication protocols (namely 5G AKA and EAP-AKA') and a location sniffing attack exploiting 5G authentication protocols vulnerability is found. The attack can be implemented by an attacker through inexpensive devices. To cover this vulnerability, a fix scheme based on the existing PKI mechanism of 5G is proposed to enhance the authentication protocols. The proposed scheme is successfully verified with formal methods and automatic verification tool TAMARIN. Finally, the communication overhead, computational cost and storage overhead of the scheme are analyzed. The results show that the security of the fixed authentication protocol is greatly improved by just adding a little calculation and communication overhead.},
keywords={},
doi={10.1587/transinf.2019FOL0001},
ISSN={1745-1361},
month={August},}
부
TY - JOUR
TI - A Vulnerability in 5G Authentication Protocols and Its Countermeasure
T2 - IEICE TRANSACTIONS on Information
SP - 1806
EP - 1809
AU - Xinxin HU
AU - Caixia LIU
AU - Shuxin LIU
AU - Jinsong LI
AU - Xiaotao CHENG
PY - 2020
DO - 10.1587/transinf.2019FOL0001
JO - IEICE TRANSACTIONS on Information
SN - 1745-1361
VL - E103-D
IS - 8
JA - IEICE TRANSACTIONS on Information
Y1 - August 2020
AB - 5G network will serve billions of people worldwide in the near future and protecting human privacy from being violated is one of its most important goals. In this paper, we carefully studied the 5G authentication protocols (namely 5G AKA and EAP-AKA') and a location sniffing attack exploiting 5G authentication protocols vulnerability is found. The attack can be implemented by an attacker through inexpensive devices. To cover this vulnerability, a fix scheme based on the existing PKI mechanism of 5G is proposed to enhance the authentication protocols. The proposed scheme is successfully verified with formal methods and automatic verification tool TAMARIN. Finally, the communication overhead, computational cost and storage overhead of the scheme are analyzed. The results show that the security of the fixed authentication protocol is greatly improved by just adding a little calculation and communication overhead.
ER -