It is a universally stated design requirement that next generation mobile systems will be compatible and inter-operable with IPv6 and with various access technologies such as 802.11x. The current ...growth of WLANs worldwide has yielded a demand to integrate with existing 3G mobile technologies. Interworking incorporates all of the best features of an individual network into a single integrated system thus providing ubiquitous data services with high data rates in WLAN hotspots. The attempt to build hybrid networks has been linked with many technical challenges such as seamless vertical handovers across WLAN/3G radio technologies, security, common authentication, unified accounting & billing, etc. This paper evaluates the performance of two 3G/WLAN integration schemes: Tight and Loose Coupling. Mobile IP is used as a mobility management scheme and EAP-AKA for common authentication.
An analysis of the improved EAP-AKA protocol Liu Wenju; Shang Yuzhen; Zhang Yan ...
2010 2nd International Conference on Computer Engineering and Technology,
2010-April, Letnik:
1
Conference Proceeding
An improved method is proposed in order to solve problems of EAP-AKA protocol. It implements mutual authentication between 3G networks and WLAN access networks by adding shared keys, which can be ...proved through strand space model and authentication test, the protection to IMSI by transmitting the encrypted NAI and the secure updating of shared keys between users and 3G networks by introducing key updating strategy.
EAP-AKA is a secure access protocol in the 3GPP WLAN-3G interconnecting scheme in which 3G user and 3G network are bidirectional authenticated, however the middle-positioned WLAN access network is ...not authenticated and the 3G-UE master key updating strategy is not proposed. A new protocol which utilizes ID-based encryption and ticket technology to implement master key updating and access network authentication is proposed. A fast authenticated roaming method without participation of 3G network is designed.
In the 3G mobile networks, EAP-AKA is the extensible authentication protocol (EAP) mechanism for authentication and key distribution using the authentication and key agreement (AKA) mechanism. The ...improved authentication tests model is a formal method for authentication protocol verification, which enhances the original authentication tests model in proving symmetric key protocol and succeeds in finding flaws of security protocols. This paper formally analyzes and verifies the security properties of EAP-AKA authentication process with the improved authentication tests. The proof result shows that the authentication process of EAP-AKA can guarantee the security of wireless communication.
Interworking 3rd generation (3G) mobile systems and IEEE 802.11 wireless local area networks (WLANs) introduces new challenges including the design of secured fast handover protocols. Handover ...operations must not compromise the security of the network. In addition, handovers must be instantaneous to sustain the quality of service (QoS) of the applications running on the WLAN-User Equipment (WLAN-UE). Existing handover protocols are not suitable for 3G-WLAN interworking because they are limited to Intra Extended Service Set (ESS) roaming and lack the support of mutual authentication between the WLAN-UE and the authentication server. This paper proposes novel secured fast handover protocols for 3G-WLAN interworking architectures, which overcome the limitations of existing handover protocols. The functionality of Extensible Authentication Protocol with Authentication and Key Agreement (EAP-AKA) is extended to support Intra and Inter ESS secured handover messaging. Modifications to the standard EAP-AKA authentication and the standard EAP-AKA key hierarchy are proposed to achieve the security goals of the proposed protocols. The proposed protocols are more suitable for 3G-WLAN interworking handovers than existing handover protocols because they support Inter ESS handover, achieve mutual authentication service and adopts an efficient key management scheme.
EAP-AKA is a secure access protocol in the 3GPP WLAN-3G interworking scheme which can realize bi-directional authentication between 3G users and 3G networks, however WLAN access networks in the ...middle position are not authenticated, and the 3G-UE master key updating strategy is not proposed, and the cost of the 3G user roaming between WLANs is high. The new protocol implements the authentication for WLAN access networks, and designs the master key updating strategy through ID-based encryption and ticket technology, and proposes a fast-roaming authentication method without the participation of 3G networks.
EAP-AKA is the extensible authentication protocol (EAP) mechanism for authentication and key distribution using the authentication and key agreement (AKA) mechanism used in the 3 rd generation mobile ...networks. The improved authentication tests model is a formal verification method for security protocol analysis, which enhances the original authentication tests model in proving symmetric key protocol and succeeds in finding flaws of security protocols. This paper formally analyzes and verifies the security properties of EAP-AKA authentication process with the improved authentication tests. The proof result shows that the authentication process of EAP-AKA can guarantee the security of wireless communication
The authors give an overview on the state of the art of potential security issues that occur in the deployment of the LTE/SAE (Long-Term Evolution/System Architecture Evolution) protocol in emerging ...4G wireless technologies. Although security concerns and challenges in wireless networks will remain a hot topic in the future, the LTE/SAE standard could adapt to these rising challenges, becoming more robust and secure. By looking at the authentication and ciphering algorithms, such as EAP-AKA (Extensible Authentication Protocol for Authentication and Key Agreement), currently operating within the LTE protocol, the authors analyze several vulnerabilities in LTE/SAE security architecture - specifically, insecure AKA key derivation procedures and the lack of fast reauthentications during handovers.
