Sage Journals: Discover world-class research

Abstract

The fast development of mobile networks and compact mobile devices bring attention to the users for wireless mobile communication. But providing security and protecting the privacy of users are the main challenges of wireless mobile communication. Recently, Authenticated Key Agreement protocols are used for secure and reliable communication in wireless mobile communication. However, the User-to-User Mutual Authentication and Key Agreement scheme is based on bilinear pairings, which involves relatively high computation cost when compared to elliptic curve scalar point multiplication. Hence, in this paper, we propose a Pairing-Free Identity-Based Mutual Authentication and Key Agreement protocol for wireless mobile communications. It consists of the following phases: Setup and Key generation, Mobility Management Entity authentication and Proxy Signature generation, Proxy Signature verification and User-to-User authentication. Experimental results show that Pairing-Free Identity-Based Mutual Authentication and Key Agreement attains significantly less computational and communication cost when compared to User-to-User Mutual Authentication and Key Agreement scheme.

Keywords

Wireless mobile communications authenticated key agreement mutual authentication computational cost bilinear pairings

Introduction

Wireless device-to-device communication has been used in many recent applications such as mobile social networks. Wireless mobile communications (WMNs) are subjected to various security threats, which involve identity spoofing, eavesdropping, and man-in-middle attacks.¹ Due to seamless mobility, providing security to the mobile station (MS) is challenging in WMN.

Authentication is used to authorize an MS for secret communication. Each MS that is outside the range of its home network requires authentication in the visited network.² In the absence of powerful authentication techniques, a mobile network is said to be unprotected so that the message contents may be exposed or modified by a malicious attacker.³

Recently, the Authenticated Key Agreement (AKA) protocol has been applied in many WMN applications such as multimedia mobile IP, since it ensures secure and reliable communications. The two types of AKA protocols are Authenticated Group Key Agreement protocol (AGKA) and two-party AKA (2PAKA) protocol. The AGKA protocols provide a common secret session key for two or more users, whereas the 2PAKA protocol establishes a common session key between the users. In both of the protocols, the users encrypt their messages using the session key, which is then exchanged between them.^4,5 Apart from its advantages, the EPS-AKA protocol has many vulnerabilities.⁶ To provide confidentiality to the transmitted messages, encryption is used. Though encryption protects the messages effectively, it is inefficient due to high computations particularly for mobile devices.⁷

In User-to-User Mutual Authentication and Key Agreement (UUMAKA),⁶ the relative computation cost of the bilinear pairing is significantly higher than that of elliptic curve scalar point multiplication.⁴ Hence, a pairing-free AKA protocol is necessary, which uses both ECC and IBC for two-party communication.

In this paper, Pairing-Free Identity-Based Mutual Authentication and Key Agreement (PIMAKA) scheme for WMN is proposed.

Related works

Xi et al.¹ have designed an AKA protocol for mobile devices. It utilizes channel state information as the common secret between the honest devices. It ensures that any device beyond the range is not able to access the keys. It supports group key agreement and protects channel attacks.

Hafizul Islam and Biswas⁴ have proposed a pairing-free ID-2PAKA protocol based on ECC. It establishes a common session key between two users. It solves the security issues of previous AKA protocols and thus suitable for efficient P2P communications.

Shrestha et al.⁸ have proposed a secure protocol, which applies the features of Kerberos-based ticket authentication. It distributes tokens to the mobile users to access the roaming users of home and foreign networks. It, thus, provides mutual authentication and session key establishment.

Farhat et al.⁹ have proposed private identification, authentication, and key agreement protocol for mobile network. It mixes identification and AKA protocol to enhance the AKA protocol of UMTS network. It reduces the interrelated cycles of UMTS AKA and provides user privacy.

Jiang et al.¹⁰ have proposed a privacy-preserving authentication protocol based on homomorphic encryption. It achieves anonymity for the mobile users by randomly generating the authenticated identities. Thus, it prevents the user’s identities from other users and service providers.

Roychoudhury et al.¹¹ have designed Hierarchical Group-based Mutual Authentication and Key Agreement (HGMAKA) protocol for 5G networks. The MAC used in HGMAKA results in effective resource utilization and resists authentication failures. It is also applicable in heterogeneous network architectures.

Naqash et al.¹² have analyzed the Rapid Development Authentication Protocol. It provides mutual authentication between User Equipment (UE) and femtocell for improved security. It protects from various attacks such as Sybil attack, DoS, eavesdropping, false data injection, and packet sniffing.

Bhattacharjee and Pal¹³ have developed a mutual authentication technique for circuit and packet switching networks. It authenticates the subscribers and the network by means of passwords, identifiers, and biometric features of the subscribers.

Alezabi et al.¹⁴ have proposed an Efficient EPS-AKA (EEPS-AKA) protocol, which is based on Simple Password Exponential Key Exchange protocol. It uses a secret key with smaller sized messages thereby reducing the authentication delay and storage cost.

PIMAKA scheme for WMNs

Overview

In this paper, PIMAKA scheme for WMNs is proposed, which consists of the following phases:

Setup and Key generation

Mobility Management Entity (MME) authentication and Proxy Signature generation

Proxy Signature verification and User-to-User authentication

System model and components

The various components involved in the LTE cellular system are as follows:

Home Service Server (HSS). It is the fundamental subscriber database located at the home network. It stores mobile subscriber information for a wireless carrier’s network.

MME. It is situated in the visited network. It is also the host for the Access Security Management Entity, which is responsible for access security.

UE. The user/subscriber equipment consists of mobile equipment (ME) and the subscriber module.

Serving Network Identity. It refers to the network accessed by the user and it is composed of PLMN ID (MCC + MNC).

International Mobile Station Equipment Identity (IMEI). It is the serial number that mainly recognizes the ME internationally.

International Mobile Subscriber Identity. It is a permanent identity that is saved in the subscriber identity module.

Globally Unique Temporary UE Identity. It is a temporary identity that is transferred between UE and the network. It is randomly allotted by the MME to every mobile in the region, when it is switched on.

Figure 1 shows the system model. It consists of two UEs connected to a MME, which in turn is connected to a HSS. In this model, HSS generates the system parameters and exchanged with MME. The UEs send their authentication request and get authentication reply from MME, which are illustrated in the next section.

Figure 1.

System model.

PIMAKA scheme

Phase 1: setup and key generation

The setup phase of pairing-free ID-2PAKA⁴ protocol is used.

In Key generation phase, the public and private key of UE_A is computed by PKG as follows:

The PKG chooses $r_{A} \in Z_{R}^{*}$ and computes

$R_{A} = r_{A} . P$

and $h_{A} = H_{0} (I D_{A,} R_{A})$

where $I D_{A} = IMS I_{A} + GUT I_{A}$ .

Then the private key of UE_A is computed as

$D_{A} = (r_{A} + h_{A, X}) mod p$ (1)

where x is the master key.

2. Similarly, public and private key of UE_B is computed as follows:

The PKG chooses $r_{B} \in Z_{R}^{*}$ and computes

$R_{B} = r_{B} . P$

and $h_{B} = H_{0} (I D_{B,} R_{B})$ ,

where $I D_{B} = IMS I_{B} + GUT I_{B}$ .

Then the private key of UE_B is computed as follows

$D_{A} = (r_{B} + h_{B . X}) mod p$ (2)

where x is the master key.

3. For MME

The PKG chooses $r_{M} \in Z_{R}^{*}$ and computes

$R_{M} = r_{M} . P$

and $Q_{M} = H_{0} (I D_{MME,} R_{M})$ ,

where $I D_{MME} = SNID$ .

Phase 2: MME authentication and Proxy Signature generation

At UE_A

UE_A computes the request Req_A and send it to MME as follows

$Re q_{A} = (I D_{A}, T_{A}, R_{A}, S_{A}),$ (3)

where $I D_{A} = IME I_{A}$

$T_{A} = {(a + D_{A})}^{2} . P, where a \in Z_{P}^{*}$

$S_{A} = {(a + D_{A})}^{2} . {(D_{A} + H_{1} (T_{A}, R_{A}))}^{- 1}$

2. At UE_B

Similarly, UE_B computes the request Req_B and send it to MME as follows

$Re q_{B} = (I D_{B}, T_{B}, R_{B}, S_{B})$ (4)

where ID_B = IMEI_B

$T_{B} = (b + D_{B})^{2} . P, where b \in Z_{P}^{*}$

$S_{B} = {(b + D_{B})}^{2} . {(D_{B} + H_{1} (T_{B}, R_{B}))}^{- 1}$

3. Proxy Signature generation at MME

When MME receives Req_A and Req_B, then it will start to authenticate UE_A and UE_B as follows:

For UE_A, MME computes

$P_{A} = R_{A} + H_{0} (I D_{A}, R_{A}) . P_{pub}$

where P_pub is the public key of UE_A.

MME then checks the following condition is true

$S_{A} (P_{A} + H_{1} (T_{A,} R_{A}) . P) = T_{A}$

If the above condition is true, then MME computes and sends Rep_A to UE_A as

$Re p_{A} = {(a + D_{A})}^{2} . T_{B}$ (5)

Similarly, for UE_B, MME computes

$P_{B} = R_{B} + H_{0} (I D_{B}, R_{B}) . P_{pub}$

where P_pub is the public key of UE_B.

MME then checks the following condition is true

$S_{B} (P_{B} + H_{1} (T_{B,} R_{B}) . P) = T_{B}$

If the above condition is true, then MME computes and sends Rep_B to UE_A as

$Re p_{B} = {(a + D_{B})}^{2} . T_{A}$ (6)

Phase 3: Proxy Signature verification and User-to-User authentication

Here MME acts as a proxy, and UE_A and UE_B as designated verifiers.

At UE_A:

When UE_A receives Rep_A from MME, then

UE_A computes the shared session key

$SK = H_{2} (I D_{A}, I A_{B}, T_{A}, T_{B}, Re p_{A})$ (7)

For UE_B:

When UE_B receives Rep_B from MME, then

UE_B computes the shared session key

$SK = H_{2} (I D_{A}, I A_{B}, T_{A}, T_{B}, Re p_{B})$ (8)

Figure 2 shows the basic operations involved in the proposed PIMAKA scheme.

Figure 2.

Basic operations of the PIMAKA scheme.

Simulation results

Simulation parameters

The proposed PIMAKA scheme is simulated using NS2 and compared with the UUMAKA scheme.⁶ The simulation topology is shown in Figure 3. In Figure 3, there are 18 cells, each cell consisting of 6 wireless mobile users. The BS is deployed in the middle of each cell. The six service providers correspond to each row of the cell. The user 92 in cell 10 has been marked as an attacker.

Figure 3.

Simulation topology.

The simulation parameters are given in Table 1.

Table 1.

Simulation parameters.

Number of cells	18
Number of users per cell	6
Number of service providers	6
Area size	1000 × 1000 m
Simulation time	50 s
Traffic model	Constant bit rate
Propagation model	Two-ray ground
Antenna model	Omni antenna
Number of attackers per cell	1

Performance metrics

Authentication delay

The total authentication delay (D_auth) is composed of three delay elements: the processing (D_proc), transmission (D_trans), and propagation delays (D_prop)

$D_{auth} = D_{proc} + D_{trans} + D_{prop}$ (9)

where D_trans is the delay involved in transmission of EAP message, D_proc is the delay involved in processing a message, and D_prop is the propagation delay between UE and AP.

Computational cost

To evaluate the bandwidth consumption of the reauthentication, all transaction message size between different network entity sections in one round of authentication session are calculated.

Authentication success ratio

Authentication success ratio (ASR) is given by

$ASR = \frac{aut h_{suc}}{aut h_{att}}$ (10)

where auth_suc and auth_att are the number of successful authentications performed and the total number of authentication attempts, respectively.

Results and analysis

In the simulation experiment, the mutual authentication is performed between the users of different cells by varying the number of user cells from 3 to 18. The number of attacker per cell is kept as 1.

Figure 4 shows the authentication delay involved in both the schemes. As seen in the figure, the delay increases linearly for both the schemes. Since PIMAKA does not involve the computations of bilinear pairings, the authentication delay of PIMAKA is 41% less, when compared to UUMAKA.

Figure 4.

Authentication delay for different cells.

Figure 5 shows the ASR measured for PIMAKA and UUMAKA schemes. As the number of cells is increased, the success ratios of both the schemes tend to decrease. But PIMAKA attains 16% higher success ratio when compared to UUMAKA.

Figure 5.

Authentication success ratio for different cells.

Figures 6 and 7 show the computational and communication costs involved in PIMAKA and UUMAKA schemes, respectively. As depicted by the figure, the computational and communication cost of both the schemes increase when the number of cells is increased. Since PIMAKA does not involve the heavy computations of bilinear pairings, it has 72% lesser computational cost and 71% lesser communication cost, than the UUMAKA scheme.

Figure 6.

Computational cost for different cells.

Figure 7.

Communication cost for different cells.

Conclusion

In this paper, we propose a PIMAKA scheme for LTE networks. In consists of Setup and Key generation, MME authentication and Proxy Signature generation, and Proxy Signature verification and User-to-User authentication phases. Simulation results show that PIMAKA attains significantly less computational and communication cost when compared to UUMAKA scheme.

Footnotes

Declaration of conflicting interests

The author(s) declared no potential conflicts of interest with respect to the research,authorship,and/or publication of this article.

Funding

The author(s) received no financial support for the research,authorship,and/or publication of this article.

ORCID iD

T Senthil Kumar

References

Qian

Han

, et al. Instant and robust authentication and key agreement among mobile devices. In: Proceedings of the 2016 ACM SIGSAC conference on computer and communications security, Vienna, 24–28 October 2016.

Tang

Oliver

Wu D.

An efficient mobile authentication scheme for wireless networks. IEEE T Wirel Commun 2007; 7: 1408–1416.

AL-Fayoumi

AL-Saraireh

An enhancement of authentication protocol and key agreement (AKA) for 3G mobile networks. Int J Secur 2011; 5(1): 35–51.

Hafizul Islam

Biswas

. A pairing-free identity-based two-party authenticated key agreement protocol for secure and efficient communication. J King Saud Univ Comput Inf Sci 2017; 29: 63–73.

Saxena

Chaudhari

NS.

SAKA: a secure authentication and key agreement protocol for GSM networks. CSIT 2013; 1(4): 331–341.

Ramadan

, et al. User-to-user mutual authentication and key agreement scheme for LTE cellular system. Int J Netw Secur 2016; 18(4): 769–781.

J-W

Lee

C-C

Hwang

M-S

, et al. A secure and efficient ECC-based AKA protocol for wireless mobile communications. Int J Innov Comput Inf Control 2010; 6(11): 5249–5258.

Shrestha

Choi

D-Y

Kwon

, et al. Kerberos based authentication for inter-domain roaming in wireless heterogeneous network. Comput Math Appl 2010; 60: 245–255.

Farhat

Salimi

Salahi

Private identification, authentication and key agreement protocol with security mode setup. IACR Cryptology, Eprint Archive, January 2011, https://eprint.iacr.org/2011/045.pdf

10.

Jiang

Lin

, et al. Randomized and efficient authentication in mobile environments. West Lafayette, IN: Purdue University, Purdue E-pubs, Cyber Center Publications, 2014.

11.

Roychoudhury

Saikia

DK.

Hierarchical group based mutual authentication and key agreement for machine type communication in LTE and future 5G networks. Hindawi Secur Commun Netw 2017; 2017: 1701243.

12.

Naqash

Amish Hasan

Ishfaq

, et al. Mutual authentication protocol for LTE based mobile networks. In: IEEE international conference on open source systems and technologies (ICOSST), Lahore, Pakistan, 20–22 December 2012.

13.

Bhattacharjee

Pal

RK.

Mutual authentication technique applying three entities in 4-G mobile communications. Int J Comput Theory Eng 2011; 3(6): 732–737.

14.

Alezabi

Hashim

, et al. An efficient authentication and key agreement protocol for 4G (LTE) networks. In: IEEE region 10 symposium, Kuala Lumpur, Malaysia, 14–16 April 2014.