Paper 2018/1175

New Privacy Threat on 3G, 4G, and Upcoming 5G AKA Protocols

Ravishankar Borgaonkar, Lucca Hirschi, Shinjo Park, and Altaf Shaik

Abstract

Mobile communications are used by more than two-thirds of the world population who expect security and privacy guarantees. The 3rd Generation Partnership Project (3GPP) responsible for the worldwide standardization of mobile communication has designed and mandated the use of the AKA protocol to protect the subscribers’ mobile services. Even though privacy was a requirement, numerous subscriber location attacks have been demonstrated against AKA, some of which have been fixed or mitigated in the enhanced AKA protocol designed for 5G. In this paper, we reveal a new privacy attack against all variants of the AKA protocol, including 5G AKA, that breaches subscriber privacy more severely than known location privacy attacks do. Our attack exploits a new logical vulnerability we uncovered that would require dedicated fixes. We demonstrate the practical feasibility of our attack using low cost and widely available setups. Finally we conduct a security analysis of the vulnerability and discuss countermeasures to remedy our attack.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. PETS 2019, see https://petsymposium.org/2019/paperlist.php
Keywords
Key AgreementMobile CommunicationPrivacyAttackAKA protocol
Contact author(s)
lucca hirschi @ inria fr
History
2019-03-14: last of 3 revisions
2018-12-03: received
See all versions
Short URL
https://ia.cr/2018/1175
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/1175,
      author = {Ravishankar Borgaonkar and Lucca Hirschi and Shinjo Park and Altaf Shaik},
      title = {New Privacy Threat on {3G}, {4G}, and Upcoming {5G} {AKA} Protocols},
      howpublished = {Cryptology {ePrint} Archive, Paper 2018/1175},
      year = {2018},
      url = {https://eprint.iacr.org/2018/1175}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.