Paper 2016/480

Achieving Better Privacy for the 3GPP AKA Protocol

Pierre-Alain Fouque, Cristina Onete, and Benjamin Richard

Abstract

Proposed by the 3rd Generation Partnership Project (3GPP) as a standard for 3G and 4G mobile-network communications, the AKA protocol is meant to provide a mutually-authenticated key-exchange between clients and associated network servers. As a result AKA must guarantee the indistinguishability from random of the session keys (key-indistinguishability), as well as client- and server-impersonation resistance. A paramount requirement is also that of client privacy, which 3GPP defines in terms of: user identity confidentiality,service untraceability,and location untraceability. Moreover, since servers are sometimes untrusted (in the case of roaming),the AKA protocol must also protect clients with respect to these third parties. Following the description of client-tracking attacks e.g. by using error messages or IMSI catchers, van den Broek et al. and respectively Arapinis et al. each proposed a new variant of AKA, addressing such problems. In this paper we use the approach of provable security to show that these variants still fail to guarantee the privacy of mobile clients. We propose an improvement of AKA, which retains most of its structure and respects practical necessities such as key management, but which provably attains security with respect to servers and Man-in-the-Middle (MiM) adversaries. Moreover, it is impossible to link client sessions in the absence of client-corruptions. Finally, we prove that any variant of AKA retaining its mutual authentication specificities cannot achieve client-unlinkability in the presence of corruptions. In this sense, our proposed variant is optimal.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. MAJOR revision.PoPETS 2016.4
Contact author(s)
benjaminrichard913 @ gmail com
History
2016-08-05: last of 2 revisions
2016-05-20: received
See all versions
Short URL
https://ia.cr/2016/480
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/480,
      author = {Pierre-Alain Fouque and Cristina Onete and Benjamin Richard},
      title = {Achieving Better Privacy for the 3GPP AKA Protocol},
      howpublished = {Cryptology ePrint Archive, Paper 2016/480},
      year = {2016},
      note = {\url{https://eprint.iacr.org/2016/480}},
      url = {https://eprint.iacr.org/2016/480}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.