A formal analysis of 5g authentication

David Basin, Jannik Dreier, Lucca Hirschi, Saša Radomirovic, Ralf Sasse, Vincent Stettler

Research output: Chapter in Book/Report/Conference proceedingConference contribution

41 Citations (Scopus)
2 Downloads (Pure)

Abstract

Mobile communication networks connect much of the world’s population. The security of users’ calls, SMSs, and mobile data depends on the guarantees provided by the Authenticated Key Exchange protocols used. For the next-generation network (5G), the 3GPP group has standardized the 5G AKA protocol for this purpose. We provide the first comprehensive formal model of a protocol from the AKA family: 5G AKA. We also extract precise requirements from the 3GPP standards defining 5G and we identify missing security goals. Using the security protocol verification tool Tamarin, we conduct a full, systematic, security evaluation of the model with respect to the 5G security goals. Our automated analysis identifies the minimal security assumptions required for each security goal and we find that some critical security goals are not met, except under additional assumptions missing from the standard. Finally, we make explicit recommendations with provably secure fixes for the attacks and weaknesses we found.

Original languageEnglish
Title of host publicationCCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security
PublisherAssociation for Computing Machinery
Pages1383-1396
Number of pages14
ISBN (Electronic)9781450356930
DOIs
Publication statusPublished - Oct 2018
Event25th ACM Conference on Computer and Communications Security 2018 - Toronto, Canada
Duration: 15 Oct 201815 Oct 2018

Conference

Conference25th ACM Conference on Computer and Communications Security 2018
Abbreviated titleCCS 2018
CountryCanada
CityToronto
Period15/10/1815/10/18

Keywords

  • 5G standard
  • AKA protocol
  • Authentication protocols
  • Formal analysis
  • Symbolic verification

ASJC Scopus subject areas

  • Software
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'A formal analysis of 5g authentication'. Together they form a unique fingerprint.

  • Profiles

    Cite this

    Basin, D., Dreier, J., Hirschi, L., Radomirovic, S., Sasse, R., & Stettler, V. (2018). A formal analysis of 5g authentication. In CCS '18: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (pp. 1383-1396). Association for Computing Machinery. https://doi.org/10.1145/3243734.3243846