Research On LTE Network Access Authentication Protocol

LTE is a project to upgrade the UMTS(universal mobile communication system) made by 3GPP, which is usually known as the 4G standard. As LTE network has higher data transmission rate and higher security, it attracts more and more users. So the security problem of LTE network has been the focus of research. The goals of LTE network access authentication protocol are to make sure that users can access the LTE network and negotiate a session key. At the same time, the protocol should protect users' information during the authentication. However, EPS-AKA which is the standard protocol of LTE authentication leak the users' identity during the authentication process and cannot resist denial of service attack. These will threaten the users' information security.At present, many LTE network access authentication protocols proposed by researchers are based on asymmetric cryptography algorithms. But these protocols need to consume a large amount of computing resources. So they cannot meet the needs of users. Some scholars proposed the schemes that can't protect the users' identity information or can't resist various kinds of attacks effectively. This paper proposes an improved EPS-AKA protocol. It takes into account the efficiency and security to meet the needs of LTE network applications. The main works of this paper are as follows:Firstly, this paper describes the structure, the secure framework and the key hierarchy of the EPS network, and conclude the security acquirements of LTE network. And then, this paper introduces the cryptography knowledge that LTE network authentication may refer to, such as asymmetric cryptography, hash functions and message authentication code. This paper also describes the EPS-AKA protocol.Secondly, this paper analyzes the global mobile network authentication protocol which is proposed by Prosanta Gope. It is found that the protocol cannot achieve the strict mutual authentication process, and can consume a lot of smart card storage space. Drawing on the method of using the transaction sequence number to authenticate user's identity, we propose an improved EPS-AKA protocol. After the security analysis, we found that the new protocol is able to resist replay message attack, denial of service attack, Man-in-middle attack, asynchronous attack and known session key attack. The new protocol can save the system resources of computing and storage, and can improve the efficiency of authentication.Thirdly, we analyze various authentication scenarios during registered authentication process and calling authentication process in LTE network. In these scenarios, the status of user's equipment changed. These scenarios can be classified into three categories: full authentication scenario, re-authentication scenario and roaming handoff authentication scenario. This paper take advantage of authentication vectors existed to design re-authentication protocol and roaming handover authentication protocol for re-authentication scenario and roaming handover authentication scenario respectively. These new protocols can reduce the computing and communications cost, and increase the system authentication efficiency.