於UMTS行動網路上的安全可證之金鑰委任協定

Abstract

於本論文中，我們提出了一個名為S-AKA的協定，此協定在解決兩個UMTS認證與金鑰交換協定(UMTS AKA)上的安全性問題的同時，亦大幅提升其效能。 UMTS解決了許多其前一代系統，GSM系統上的安全性問題，然而，在近期的研究中指出，UMTS系統上至少還存在兩個安全性上的嚴重問題。這兩個問題就是重導攻擊(Redirection Attack)與中間人攻擊(Man-in-the-middle Attack)。 攻擊者可藉由這兩個攻擊來竊取資料和導致計費上的問題。 同時，原本UMTS認證與金鑰交換協定的效率亦是一個問題。 我們在這篇論文中提出S-AKA協定以解決上述的問題。S-AKA在解決重導攻擊與中間人攻擊之餘，亦節省了30%的頻寬與25%的訊息數量。

In this paper, a new authentication protocol, S-AKA, is proposed to solve two security problems while enhancing the efficiency of the authentication and key exchange protocol for Universal Mobile Telecommunication System (UMTS AKA). The predecessor of UMTS, Global System of Mobile (GSM) has been shown that it is vulnerable to various attacks. Based on the security framework of GSM, UMTS provides substantial enhancements to solving real and perceived vulnerabilities in GSM and other wireless communication systems. However, two security vulnerabilities of UMTS AKA have been recently discovered, that is, redirection attack and man-in-the-middle attack. An adversary can mount these two attacks to eavesdrop the communication or cause billing problems. On the other hand, the efficiency of UMTS AKA is still worth improving. If a mobile station stays within a SGSN for a long time, the transmission overhead of authentication vectors may incur a huge amount of bandwidth consumption. To solve these problems, S-AKA is proposed in this paper which enhances the security and efficiency of UMTS mobile networks. It defeats redirection attack and man-in-the-middle attack while providing better efficiency than UMTS AKA. Our analysis showed that S-AKA reduced 30% of bandwidth consumption and 25% of message numbers compared with conventional schemes. The security proof of S-AKA is also given to show its security strength.