Design of authentication protocols and message security algorithms in cellular networks

Abstract

Various security and performance issues of authentication and key agreement (AKA) protocols exist in the cellular networks. We examine the security and performance issues of the authentication protocols present in second-generation (2G) Global System for Mobile Communications (GSM), 3G Universal Mobile Telecommunication System (UMTS), and 4G Long Term Evolution (LTE) cellular networks.The e cient and secure AKA protocols for the cellular networks are proposed and analyzed. We propose SAKA protocol for the GSM network that overcomes the basic limitation of GSM-AKA protocol by providing bidirectional authentication. It reduces the storage space, overheads, and the required bandwidth by adopting a scheme of generating a delegation key. Similarly, the delegation key concept is used in the proposed ES-AKA and Secure-AKA protocols for the UMTS network, which lowers the bandwidth consumption and overheads during the mutual authentication. A puzzle-based solution scheme is introduced in the proposed Secure-AKA protocol that prevents the UMTS network from denial of service (DoS) attack. The proposed protocol for LTE network computes more functions at user and the server in order to protect the actual identity of user and key set identi er over the network without increasing the total number of bits to be transmitted as compared to the original LTE authentication protocol. Moreover, improved secure algorithms namely NewA3, NewA8, and NewA5 for the GSM network and MAES-128 algorithm for the UMTS network are proposed and implemented to enhance the security system of GSM and UMTS network architecture. In order to develop secure Short Message Service (SMS)-based applications in the cellular networks, the short messages are provided with endto- end secure delivery of message information from the sender to the recipient. A secure and e cient SecureSMS protocol for secure delivery of value added services using SMS are proposed and analyzed, which provides the security services like authentication, con dentiality, integrity, and non-repudiation. Another, the EasySMS protocol is proposed that enables end-to-end secure transmission of SMS between the mobile users. The ciphering process of EasySMS is implemented by a modi ed AES algorithm (MAES with 256 bits block size and key size), where SubByte and ShiftRow of AES are swapped, and an alternative matrix is used (MixColumns) that is same as its inverse.Furthermore, in various mobile services, it is always a challenge for the server to handle maximum number of authentication requests simultaneously based on its capacity to handle requests. The AKA protocols for SMS-based applications are extended to provide secure delivery of value added services and end-to-end SMS security to multiple recipients simultaneously, where the authentication server is able to handle multiple requests in a batch. These protocols maintain integrity during the transmission of messages and propose one time activation code in order to protect the actual identity of mobile user over the network. We have used a probability model to determine the number of malicious authentication requests in a batch. Further, an algorithm is also used to identify such users that are removed from the batch in order to perform re-batch authentication.