A secure blockchain-based authentication and key agreement scheme for 3GPP 5G networks

The futuristic fifth-generation cellular network (5G) not only supports high-speed internet, but must also connect a multitude of devices simultaneously without compromising network security. To ensure the security of the network, the Third Generation Partnership Project (3GPP) has standardized the...

Full description

Saved in:
Bibliographic Details
Main Authors: Chow, Man Chun, Ma, Maode
Other Authors: School of Electrical and Electronic Engineering
Format: Article
Language:English
Published: 2022
Subjects:
5G
Online Access:https://hdl.handle.net/10356/161311
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-161311
record_format dspace
spelling sg-ntu-dr.10356-1613112022-08-24T07:11:18Z A secure blockchain-based authentication and key agreement scheme for 3GPP 5G networks Chow, Man Chun Ma, Maode School of Electrical and Electronic Engineering Engineering::Electrical and electronic engineering 5G Blockchain The futuristic fifth-generation cellular network (5G) not only supports high-speed internet, but must also connect a multitude of devices simultaneously without compromising network security. To ensure the security of the network, the Third Generation Partnership Project (3GPP) has standardized the 5G Authentication and Key Agreement (AKA) protocol for mutually authenticating user equipment (UE), base stations, and the core network. However, it has been found that 5G-AKA is vulnerable to many attacks, including linkability attacks, denial-of-service (DoS) attacks, and distributed denial-of-service (DDoS) attacks. To address these security issues and improve the robustness of the 5G network, in this paper, we introduce the Secure Blockchain-based Authentication and Key Agreement for 5G Networks (5GSBA). Using blockchain as a distributed database, our 5GSBA decentralizes authentication functions from a centralized server to all base stations. It can prevent single-point-of-failure and increase the difficulty of DDoS attacks. Moreover, to ensure the data in the blockchain cannot be used for device impersonation, our scheme employs the one-time secret hash function as the device secret key. Furthermore, our 5GSBA can protect device anonymity by mandating the encryption of device identities with Subscription Concealed Identifiers (SUCI). Linkability attacks are also prevented by deprecating the sequence number with Elliptic Curve Diffie-Hellman (ECDH). We use Burrows-Abadi-Needham (BAN) logic and the Scyther tool to formally verify our protocol. The security analysis shows that 5GSBA is superior to 5G-AKA in terms of perfect forward secrecy, device anonymity, and mutual Authentication and Key Agreement (AKA). Additionally, it effectively deters linkability attacks, replay attacks, and most importantly, DoS and DDoS attacks. Finally, the performance evaluation shows that 5GSBA is efficient for both UEs and base stations with reasonably low computational costs and energy consumption. Published version 2022-08-24T07:11:18Z 2022-08-24T07:11:18Z 2022 Journal Article Chow, M. C. & Ma, M. (2022). A secure blockchain-based authentication and key agreement scheme for 3GPP 5G networks. Sensors, 22(12), 4525-. https://dx.doi.org/10.3390/s22124525 1424-8220 https://hdl.handle.net/10356/161311 10.3390/s22124525 35746307 2-s2.0-85132070081 12 22 4525 en Sensors © 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https:// creativecommons.org/licenses/by/ 4.0/). application/pdf
institution Nanyang Technological University
building NTU Library
continent Asia
country Singapore
Singapore
content_provider NTU Library
collection DR-NTU
language English
topic Engineering::Electrical and electronic engineering
5G
Blockchain
spellingShingle Engineering::Electrical and electronic engineering
5G
Blockchain
Chow, Man Chun
Ma, Maode
A secure blockchain-based authentication and key agreement scheme for 3GPP 5G networks
description The futuristic fifth-generation cellular network (5G) not only supports high-speed internet, but must also connect a multitude of devices simultaneously without compromising network security. To ensure the security of the network, the Third Generation Partnership Project (3GPP) has standardized the 5G Authentication and Key Agreement (AKA) protocol for mutually authenticating user equipment (UE), base stations, and the core network. However, it has been found that 5G-AKA is vulnerable to many attacks, including linkability attacks, denial-of-service (DoS) attacks, and distributed denial-of-service (DDoS) attacks. To address these security issues and improve the robustness of the 5G network, in this paper, we introduce the Secure Blockchain-based Authentication and Key Agreement for 5G Networks (5GSBA). Using blockchain as a distributed database, our 5GSBA decentralizes authentication functions from a centralized server to all base stations. It can prevent single-point-of-failure and increase the difficulty of DDoS attacks. Moreover, to ensure the data in the blockchain cannot be used for device impersonation, our scheme employs the one-time secret hash function as the device secret key. Furthermore, our 5GSBA can protect device anonymity by mandating the encryption of device identities with Subscription Concealed Identifiers (SUCI). Linkability attacks are also prevented by deprecating the sequence number with Elliptic Curve Diffie-Hellman (ECDH). We use Burrows-Abadi-Needham (BAN) logic and the Scyther tool to formally verify our protocol. The security analysis shows that 5GSBA is superior to 5G-AKA in terms of perfect forward secrecy, device anonymity, and mutual Authentication and Key Agreement (AKA). Additionally, it effectively deters linkability attacks, replay attacks, and most importantly, DoS and DDoS attacks. Finally, the performance evaluation shows that 5GSBA is efficient for both UEs and base stations with reasonably low computational costs and energy consumption.
author2 School of Electrical and Electronic Engineering
author_facet School of Electrical and Electronic Engineering
Chow, Man Chun
Ma, Maode
format Article
author Chow, Man Chun
Ma, Maode
author_sort Chow, Man Chun
title A secure blockchain-based authentication and key agreement scheme for 3GPP 5G networks
title_short A secure blockchain-based authentication and key agreement scheme for 3GPP 5G networks
title_full A secure blockchain-based authentication and key agreement scheme for 3GPP 5G networks
title_fullStr A secure blockchain-based authentication and key agreement scheme for 3GPP 5G networks
title_full_unstemmed A secure blockchain-based authentication and key agreement scheme for 3GPP 5G networks
title_sort secure blockchain-based authentication and key agreement scheme for 3gpp 5g networks
publishDate 2022
url https://hdl.handle.net/10356/161311
_version_ 1743119473385144320