The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.02 - March-April (2013 vol.11)
pp: 55-62
Anastasios N. Bikos , University of Patras
Nicolas Sklavos , Technological Educational Institute of Patras
ABSTRACT
The authors give an overview on the state of the art of potential security issues that occur in the deployment of the LTE/SAE (Long-Term Evolution/System Architecture Evolution) protocol in emerging 4G wireless technologies. Although security concerns and challenges in wireless networks will remain a hot topic in the future, the LTE/SAE standard could adapt to these rising challenges, becoming more robust and secure. By looking at the authentication and ciphering algorithms, such as EAP-AKA (Extensible Authentication Protocol for Authentication and Key Agreement), currently operating within the LTE protocol, the authors analyze several vulnerabilities in LTE/SAE security architecture—specifically, insecure AKA key derivation procedures and the lack of fast reauthentications during handovers.
INDEX TERMS
Authentication, Protocols, Algorithm design and analysis, Encryption, Computer security, Mobile communication, Long Term Evolution, Computer architecture, Extensible Authentication Protocol for Authentication and Key Agreement, 4G wireless networks, LTE, LTE/SAE, standards, 3GPP, 3G, EAP-AKA, Long-Term Evolution/System Architecture Evolution, Long-Term Evolution
CITATION
Anastasios N. Bikos, Nicolas Sklavos, "LTE/SAE Security Issues on 4G Wireless Networks", IEEE Security & Privacy, vol.11, no. 2, pp. 55-62, March-April 2013, doi:10.1109/MSP.2012.136
REFERENCES
1. I.S. Comsa et al., "Reinforcement Learning Based Radio Resource Scheduling in LTE-Advanced," Proc. 17th Int'l Conf. Automation and Computing (ICAC 11), IEEE, 2011, pp. 219–224.
2. J. Berkmann et al., "On 3G LTE Terminal Implementation—Standard, Algorithms, Complexities and Challenges," Proc. Int'l Wireless Communications and Mobile Computing Conf. (IWCMC 08), IEEE, 2008; doi:10.1109/IWCMC.2008.168.
3. Z. Shi et al., "Layered Security Approach in LTE and Simulation," Proc. 3rd Int'l Conf. Anti-counterfeiting, Security, and Identification in Communication (ASID 09), IEEE, 2009; doi:10.1109/ICASID.2009.5276930.
4. C. Vintil˘, V. Patriciu, and I. Bica, "Security Analysis of LTE Access Network," Proc. 10th Int'l Conf. Networks (ICN 11), Int'l Academy, Research, and Industry Assoc., 2011, pp. 29–34.
5. Network Architecture, tech. specification 3GPP TS 23.002 V9.1.0, 3GPP, 2009.
6. D. Forsberg, LTE Security, John Wiley, 2010.
7. H. Mun, K. Han, and K. Kim, "3G-WLAN Interworking: Security Analysis and New Authentication and Key Agreement Based on EAP-AKA," Wireless Telecommunications Symp. (WTS 2009), IEEE, 2009; doi:10.1109/WTS.2009.5068983.
8. N. Seddigh et al., "Security Advances and Challenges in 4G Wireless Networks," Proc. 8th Conf. Privacy Security and Trust (PST 10), 2010, IEEE; doi:10.1109/PST.2010.5593244.
9. L. Huang et al., "Performance of Authentication Protocols in LTE Environments," Proc. Int'l Conf. Computational Intelligence and Security (CIS 09), IEEE, 2009; doi:10.1109/CIS.2009.50.
10. L. Hui and B. Shuo, "Research and Implementation of LTE NAS Security," Proc. Int'l Conf. Educational and Information Technology (ICEIT 10), IEEE, 2010; doi:10.1109/ICEIT.2010.5607551.
11. 3G Security: Security Threats and Requirements, tech. specification TS 21.133, 3GPP, 2001.
12. 3G Security: Security Principles and Objectives, tech. specification TS 33.120, 3GPP, 2001.
13. Y. Park and T. Park, "A Survey of Security Threats on 4G Networks," Proc. Globecom Workshops, IEEE, 2007; doi:10.1109/GLOCOMW.2007.4437813.
14. N. Sklavos and X. Zhang eds., Wireless Security &, Cryptography: Specifications and Implementations, CRC Press, 2007.
21 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool