Security Analysis Of 5G Authentication And Key Agreement Protocol EAP-AKA'

With the development of mobile communication technology,the deployment and implementation of 5G is gradually proceeding,and 5G-related security issues have become the focus of attention of researchers and users.However,because the 5G simulation network has not been implemented,the security research of the communication system is still mainly based on the simulation test of the LTE network,and there are few studies on the security analysis of the 5G network.The authentication and key agreement protocol as the basis of system security,its security is the core issue of 5G security,and there are tools to analyze its security.This article uses the TAMARIN certification procedure to model and analyze the EAP—AKA' protocol.From the perspective of confidentiality attributes and identity authentication attributes,the degree of satisfaction of attributes under different security assumptions is considered.For the violation of security attributes,further analyze the possible attack path and the reason for the attack,and propose a feasible security hardening method.The main work of this article includes the following four points:(1)Analyze the relevant specifications of authentication and key agreement protocols,and summarize the security attributes that should be met at least.The security attributes are classified into two types:confidential attributes and identity authentication attributes.The identity authentication attribute performs different levels of authentication judgment according to the Lowe classification method.The confidentiality attribute is divided into two levels of confidentiality and forward confidentiality.(2)Six different security assumptions were proposed,and a model was built according to the TAMARIN user manual to verify the security attributes under different security assumptions.(3)Observe and analyze the security attribute verification results returned by TAMARIN.For security attributes that are violated,consider the cause of the attribute violation and the type of attack that may result.(4)Propose a feasible security hardening method according to the type of attack,and conduct theoretical analysis or experimental verification.