Facing a rise in security threats for new mobile networks, the 3rd-Generation Partnership Project (3GPP) developed 5G-AKA to ensure secure access to 5G services. However, 5G networks are vulnerable to fake base station attacks, where a malicious actor impersonates a legitimate serving network to intercept or tamper with data transmissions between a user and the network. Fake base stations can exploit vulnerabilities in network protocols, intercept sensitive data, disrupt user privacy by tracking their movements, and force connection downgrades to weaker protocols with known vulnerabilities. To combat fake base stations, we introduce a Digital Signature-based Authentication and Key Agreement (DS-AKA) protocol to verify the serving network’s identity. This not only protects against fake base stations but also strengthens overall security. The results from the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool confirm that the proposed protocol is secure and reliable. To ensure the robustness of the proposed authentication protocol, a comprehensive security evaluation was performed. The protocol’s ability to establish a secure session key was formally verified through BAN logic analysis. DS-AKA achieves a better balance between computational overhead and communication costs compared to other existing protocols.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

DS-AKA: Digital Signature-Based Authentication and Key Agreement Protocol to Mitigate Fake Serving Network for 5G Communication Networks

  • Jignesh B. Joshi,
  • Sankita J. Patel,
  • Balu L. Parne,
  • Vivaksha J. Jariwala,
  • Vishruti V. Desai

摘要

Facing a rise in security threats for new mobile networks, the 3rd-Generation Partnership Project (3GPP) developed 5G-AKA to ensure secure access to 5G services. However, 5G networks are vulnerable to fake base station attacks, where a malicious actor impersonates a legitimate serving network to intercept or tamper with data transmissions between a user and the network. Fake base stations can exploit vulnerabilities in network protocols, intercept sensitive data, disrupt user privacy by tracking their movements, and force connection downgrades to weaker protocols with known vulnerabilities. To combat fake base stations, we introduce a Digital Signature-based Authentication and Key Agreement (DS-AKA) protocol to verify the serving network’s identity. This not only protects against fake base stations but also strengthens overall security. The results from the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool confirm that the proposed protocol is secure and reliable. To ensure the robustness of the proposed authentication protocol, a comprehensive security evaluation was performed. The protocol’s ability to establish a secure session key was formally verified through BAN logic analysis. DS-AKA achieves a better balance between computational overhead and communication costs compared to other existing protocols.