Journal of the Korea Institute of Information Security & Cryptology (정보보호학회논문지)

Korea Institute of Information Security and Cryptology (한국정보보호학회)
권호 표지
DOI QR코드

DOI QR Code

A UMTS Key Agreement Protocol Providing Privacy and Perfect Forward Secrecy

프라이버시와 완전한 전방향 안전성을 제공하는 UMTS 키 동의 프로토콜

  • Published : 2007.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

In the UMTS (Universal Mobile Telecommunication System), which is one of 3G mobile communication standards, the protocol called UMTS AKA (Authentication and Key Agreement) is used to authenticate mobile stations. However, the UMTS AKA protocol has some weakness, including network bandwidth consumption between a SN (Serving Network) and a HN (Home Network) and SQN (SeQuence Number) synchronization. In this paper, we propose a new improved protocol for UMTS that overcomes UMTS AKA weakness. Our protocol solves the privacy problem caused by IMSI (International Mobile Subscriber Identity)'s disclosure and provides perfect forward secrecy using ECDH (Elliptic Curve Diffie Hellman).

3G 이동 통신 기술 중 하나인 UMTS(Universal Mobile Telecommunications System)에서는 무선 구간의 안전한 통신을 위해 UMTS AKA(Authentication and Key Agreement) 프로토콜을 사용한다. 그러나 이 프로토콜은 SN(Serving Network)과 HN(Home Network)의 네트워크 대역폭 소모 문제, SQN(SeQuence Number) 동기화 문제 등 여러 가지 문제점이 제기되었다. 본 논문에서는 UMTS AKA 프로토콜의 문제점을 개선한 새로운 타원곡선 기반 UMTS AKA 프로토콜을 제안한다. 제안하는 프로토콜은 IMSI(International Mobile Subscriber Identity)의 노출로 인한 문제점으로부터 프라이버시 보호를 강화하고, ECDH(Elliptic Curve Diffie Hellman) 기법을 통해 완전한 전방향 안전성을 제공한다.

Keywords

References

  1. 3GPP TS 33.102 (v7.0.0), Security architecture, Release 7, 2005
  2. M. Zhang and Y. Fang, 'Security Analysis and Enhancement of 3GPP Authentication and Key Agreement Protocol,' IEEE Trans. on Wireless Communications, Vol. 4, No. 2, pp.734-742, 2005 https://doi.org/10.1109/TWC.2004.842941
  3. L. Harn and W.J. HSin, 'On the Security of Wireless Network Access with Enhancements,' Proc. of the ACM Workshop on Wireless Security, pp.88-95, 2003
  4. C. Huang and J. Li, 'Authentication and Key Agreement Protocol for UMTS with Low Bandwidth,' Proc. of the 19th IEEE Conf. on AINA, pp.392-397, 2005
  5. U. Meyer and J. Li, 'A Man-in-the-Middle Attack on UMTS,' Proc. of the ACM Workshop on Wireless Security, pp. 90-97, 2004
  6. G. Kambourakis, A. Roukas, and S. Gritzalis, 'Performance Evaluation of Public key based Authentication in Future Mobile Communication System,' EURASIP J. on Wireless Communications and Networking, Vol. 2004, No. 1, pp. 184-1997, 2004 https://doi.org/10.1155/S1687147204403016