A Formal Analysis of 5G Authentication

Abstract : Mobile communication networks connect much of the world's population. The security of users' calls, SMSs, and mobile data depends on the guarantees provided by the Authenticated Key Exchange protocols used. For the next-generation network (5G), the 3GPP group has standardized the 5G AKA protocol for this purpose. We provide the first comprehensive formal model of a protocol from the AKA family: 5G AKA. We also extract precise requirements from the 3GPP standards defining 5G and we identify missing security goals. Using the security protocol verification tool Tamarin, we conduct a full, systematic, security evaluation of the model with respect to the 5G security goals. Our automated analysis identifies the minimal security assumptions required for each security goal and we find that some critical security goals are not met, except under additional assumptions missing from the standard. Finally, we make explicit recommendations with provably secure fixes for the attacks and weaknesses we found.
Document type :
Conference papers
Liste complète des métadonnées

https://hal.archives-ouvertes.fr/hal-01898050
Contributor : Jannik Dreier <>
Submitted on : Wednesday, October 17, 2018 - 10:46:27 PM
Last modification on : Wednesday, April 3, 2019 - 1:22:57 AM
Document(s) archivé(s) le : Friday, January 18, 2019 - 4:23:39 PM

File

CCS18_finalcrc2_Fixed-Typo.pdf
Files produced by the author(s)

Identifiers

Collections

Citation

David Basin, Jannik Dreier, Lucca Hirschi, Saša Radomirovic, Ralf Sasse, et al.. A Formal Analysis of 5G Authentication. ACM CCS 2018 - 25th ACM Conference on Computer and Communications Security, Oct 2018, Toronto, Canada. ⟨10.1145/3243734.3243846⟩. ⟨hal-01898050⟩

Share

Metrics

Record views

137

Files downloads

147