Abstract
In this work, we consider Authentication and Key Agreement (AKA), a popular client-server Key Exchange (KE) protocol, commonly used in wireless standards (e.g., UMTS), and widely considered for new applications. We discuss natural potential usage scenarios for AKA, attract attention to subtle vulnerabilities, propose a simple and efficient AKA enhancement, and provide its formal proof of security.
The vulnerabilities arise due to the fact that AKA is not a secure KE in the standard cryptographic sense, since Client \(\mathcal{C}\) does not contribute randomness to the session key. We argue that AKA remains secure in current deployments where \(\mathcal{C}\) is an entity controlled by a single tamper-resistant User Identity Module (UIM). However, we also show that AKA is insecure if several Client’s devices/UIMs share his identity and key.
We show practical applicability and efficiency benefits of such multi-UIM scenarios. As our main contribution, we adapt AKA for this setting, with only the minimal changes, while adhering to AKA design goals, and preserving its advantages and features. Our protocol involves one extra PRFG evaluation and no extra messages. We formally prove security of the resulting protocol. We discuss how our security improvement allows simplification of some of AKA security heuristics, which may make our protocol more efficient and robust than AKA even for the current deployment scenarios.
Full version of this paper appears in ePrint archive [8].
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
WiMAX Forum, http://www.wimaxforum.org/
3rd Generation Partnership Project. 3GPP Technical Specification 3GPP TS 33.102 V7.1.0: Technical Specification Group Services and System Aspects; 3G Security; Security Architecture (Release 7) (December 2006)
3rd Generation Partnership Project. 3GPP Techical Report TR 33.902: Formal Analysis of the 3G Authentication Protocol (March 2001), http://www.3gpp.org/ftp/Specs/html-info/33902.htm
Arkko, J., Haverinen, H.: IETF Network Working Group: Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA). RFC 4187 (January 2006), http://tools.ietf.org/html/rfc4187
Burrows, M., Abadi, M., Needham, R.: A logic of authentication. ACM Trans. Comput. Syst. 8(1), 18–36 (1990)
Canetti, R., Krawczyk, H.: Analysis of key-exchange protocols and their use for building secure channels. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 453–474. Springer, Heidelberg (2001)
Canetti, R., Krawczyk, H.: Universally composable notions of key exchange and secure channels. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 337–351. Springer, Heidelberg (2002)
Kolesnikov, V.: A security enhancement and proof for Authentication and Key Agreement (AKA). Cryptology ePrint Archive, Report 2010/350 (2010), http://eprint.iacr.org/
Kolesnikov, V., Rackoff, C.: Key exchange using passwords and long keys. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 100–119. Springer, Heidelberg (2006)
Kolesnikov, V., Rackoff, C.: Password mistyping in two-factor-authenticated key exchange. In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M.M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008, Part II. LNCS, vol. 5126, pp. 702–714. Springer, Heidelberg (2008)
Shoup, V.: On formal models for secure key exchange. Technical Report RZ 3120 (#93166), IBM (1999)
Vaudenay, S.: Secure communications over insecure channels based on short authenticated strings. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 309–326. Springer, Heidelberg (2005)
Zhang, M., Fang, Y.: Security analysis and enhancements of 3gpp authentication and key agreement protocol. IEEE Transactions on Wireless Communications 4, 734–742 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kolesnikov, V. (2010). A Security Enhancement and Proof for Authentication and Key Agreement (AKA). In: Garay, J.A., De Prisco, R. (eds) Security and Cryptography for Networks. SCN 2010. Lecture Notes in Computer Science, vol 6280. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-15317-4_16
Download citation
DOI: https://doi.org/10.1007/978-3-642-15317-4_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-15316-7
Online ISBN: 978-3-642-15317-4
eBook Packages: Computer ScienceComputer Science (R0)