A secure blockchain-based authentication and key agreement scheme for 3GPP 5G networks
The futuristic fifth-generation cellular network (5G) not only supports high-speed internet, but must also connect a multitude of devices simultaneously without compromising network security. To ensure the security of the network, the Third Generation Partnership Project (3GPP) has standardized the...
Saved in:
Main Authors: | , |
---|---|
Other Authors: | |
Format: | Article |
Language: | English |
Published: |
2022
|
Subjects: | |
Online Access: | https://hdl.handle.net/10356/161311 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Nanyang Technological University |
Language: | English |
id |
sg-ntu-dr.10356-161311 |
---|---|
record_format |
dspace |
spelling |
sg-ntu-dr.10356-1613112022-08-24T07:11:18Z A secure blockchain-based authentication and key agreement scheme for 3GPP 5G networks Chow, Man Chun Ma, Maode School of Electrical and Electronic Engineering Engineering::Electrical and electronic engineering 5G Blockchain The futuristic fifth-generation cellular network (5G) not only supports high-speed internet, but must also connect a multitude of devices simultaneously without compromising network security. To ensure the security of the network, the Third Generation Partnership Project (3GPP) has standardized the 5G Authentication and Key Agreement (AKA) protocol for mutually authenticating user equipment (UE), base stations, and the core network. However, it has been found that 5G-AKA is vulnerable to many attacks, including linkability attacks, denial-of-service (DoS) attacks, and distributed denial-of-service (DDoS) attacks. To address these security issues and improve the robustness of the 5G network, in this paper, we introduce the Secure Blockchain-based Authentication and Key Agreement for 5G Networks (5GSBA). Using blockchain as a distributed database, our 5GSBA decentralizes authentication functions from a centralized server to all base stations. It can prevent single-point-of-failure and increase the difficulty of DDoS attacks. Moreover, to ensure the data in the blockchain cannot be used for device impersonation, our scheme employs the one-time secret hash function as the device secret key. Furthermore, our 5GSBA can protect device anonymity by mandating the encryption of device identities with Subscription Concealed Identifiers (SUCI). Linkability attacks are also prevented by deprecating the sequence number with Elliptic Curve Diffie-Hellman (ECDH). We use Burrows-Abadi-Needham (BAN) logic and the Scyther tool to formally verify our protocol. The security analysis shows that 5GSBA is superior to 5G-AKA in terms of perfect forward secrecy, device anonymity, and mutual Authentication and Key Agreement (AKA). Additionally, it effectively deters linkability attacks, replay attacks, and most importantly, DoS and DDoS attacks. Finally, the performance evaluation shows that 5GSBA is efficient for both UEs and base stations with reasonably low computational costs and energy consumption. Published version 2022-08-24T07:11:18Z 2022-08-24T07:11:18Z 2022 Journal Article Chow, M. C. & Ma, M. (2022). A secure blockchain-based authentication and key agreement scheme for 3GPP 5G networks. Sensors, 22(12), 4525-. https://dx.doi.org/10.3390/s22124525 1424-8220 https://hdl.handle.net/10356/161311 10.3390/s22124525 35746307 2-s2.0-85132070081 12 22 4525 en Sensors © 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https:// creativecommons.org/licenses/by/ 4.0/). application/pdf |
institution |
Nanyang Technological University |
building |
NTU Library |
continent |
Asia |
country |
Singapore Singapore |
content_provider |
NTU Library |
collection |
DR-NTU |
language |
English |
topic |
Engineering::Electrical and electronic engineering 5G Blockchain |
spellingShingle |
Engineering::Electrical and electronic engineering 5G Blockchain Chow, Man Chun Ma, Maode A secure blockchain-based authentication and key agreement scheme for 3GPP 5G networks |
description |
The futuristic fifth-generation cellular network (5G) not only supports high-speed internet, but must also connect a multitude of devices simultaneously without compromising network security. To ensure the security of the network, the Third Generation Partnership Project (3GPP) has standardized the 5G Authentication and Key Agreement (AKA) protocol for mutually authenticating user equipment (UE), base stations, and the core network. However, it has been found that 5G-AKA is vulnerable to many attacks, including linkability attacks, denial-of-service (DoS) attacks, and distributed denial-of-service (DDoS) attacks. To address these security issues and improve the robustness of the 5G network, in this paper, we introduce the Secure Blockchain-based Authentication and Key Agreement for 5G Networks (5GSBA). Using blockchain as a distributed database, our 5GSBA decentralizes authentication functions from a centralized server to all base stations. It can prevent single-point-of-failure and increase the difficulty of DDoS attacks. Moreover, to ensure the data in the blockchain cannot be used for device impersonation, our scheme employs the one-time secret hash function as the device secret key. Furthermore, our 5GSBA can protect device anonymity by mandating the encryption of device identities with Subscription Concealed Identifiers (SUCI). Linkability attacks are also prevented by deprecating the sequence number with Elliptic Curve Diffie-Hellman (ECDH). We use Burrows-Abadi-Needham (BAN) logic and the Scyther tool to formally verify our protocol. The security analysis shows that 5GSBA is superior to 5G-AKA in terms of perfect forward secrecy, device anonymity, and mutual Authentication and Key Agreement (AKA). Additionally, it effectively deters linkability attacks, replay attacks, and most importantly, DoS and DDoS attacks. Finally, the performance evaluation shows that 5GSBA is efficient for both UEs and base stations with reasonably low computational costs and energy consumption. |
author2 |
School of Electrical and Electronic Engineering |
author_facet |
School of Electrical and Electronic Engineering Chow, Man Chun Ma, Maode |
format |
Article |
author |
Chow, Man Chun Ma, Maode |
author_sort |
Chow, Man Chun |
title |
A secure blockchain-based authentication and key agreement scheme for 3GPP 5G networks |
title_short |
A secure blockchain-based authentication and key agreement scheme for 3GPP 5G networks |
title_full |
A secure blockchain-based authentication and key agreement scheme for 3GPP 5G networks |
title_fullStr |
A secure blockchain-based authentication and key agreement scheme for 3GPP 5G networks |
title_full_unstemmed |
A secure blockchain-based authentication and key agreement scheme for 3GPP 5G networks |
title_sort |
secure blockchain-based authentication and key agreement scheme for 3gpp 5g networks |
publishDate |
2022 |
url |
https://hdl.handle.net/10356/161311 |
_version_ |
1743119473385144320 |