Paper 2023/1851

Quantum Security of the UMTS-AKA Protocol and its Primitives, Milenage and TUAK

Paul Frixons, French Institute for Research in Computer Science and Automation
Sébastien Canard, Télécom ParisTech
Loïc Ferreira, Orange (France)
Abstract

The existence of a quantum computer is one of the most significant threats cryptography has ever faced. However, it seems that real world protocols received little attention so far with respect to their future security. Indeed merely relying upon post-quantum primitives may not suffice in order for a security protocol to be resistant in a full quantum world. In this paper, we consider the fundamental UMTS key agreement used in 3G but also in 4G (LTE), and in the (recently deployed) 5G technology. We analyze the protocol in a quantum setting, with quantum communications (allowing superposition queries by the involved parties), and where quantum computation is granted to the adversary. We prove that, assuming the underlying symmetric-key primitive is quantum-secure, the UMTS key agreement is also quantum-secure. We also give a quantum security analysis of the underlying primitives, namely Milenage and TUAK. To the best of our knowledge this paper provides the first rigorous proof of the UMTS key agreement in a strong quantum setting. Our result shows that in the quantum world to come, the UMTS technology remains a valid scheme in order to secure the communications of billions of users.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Keywords
Quantum cryptographyAKA protocol3G/4G/5GSecurity proofs
Contact author(s)
paul frixons @ inria fr
sebastien canard @ telecom-paris fr
loic ferreira @ orange com
History
2023-12-04: approved
2023-12-01: received
See all versions
Short URL
https://ia.cr/2023/1851
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2023/1851,
      author = {Paul Frixons and Sébastien Canard and Loïc Ferreira},
      title = {Quantum Security of the UMTS-AKA Protocol and its Primitives, Milenage and TUAK},
      howpublished = {Cryptology ePrint Archive, Paper 2023/1851},
      year = {2023},
      note = {\url{https://eprint.iacr.org/2023/1851}},
      url = {https://eprint.iacr.org/2023/1851}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.